1Where your data lives
Every AI operations engagement gets its own dedicated storage – a separate Cloudflare R2 bucket created only for your project (named cl-client-{your-name}). Your data is never mixed into a shared store with other clients, and never into my own business or personal systems.
This is hard isolation by design, not by configuration. Because each client has a physically separate bucket, there is no shared namespace where one client's data could be reached from another's. The separation is something I can point at, not a rule I have to remember to apply.
Where it physically sits: Cloudflare R2, in the EU (Eastern Europe) storage region. Your data stays within the EU at rest. It does not get copied to storage outside the EU.
2How access is locked down
Access to your bucket uses a credential scoped to that bucket alone. The key that can reach your data cannot reach any other client's data, and cannot reach my own business or personal storage. If a credential were ever exposed, the blast radius is your single engagement – nothing else.
Client work also runs in a separate, isolated workspace with no connection to ConversionLab's own CRM, email, accounting, or analytics systems. The tools I use to run my own business are deliberately not wired into the environment where I handle your data.
3How long it is kept, and how it is deleted
Your data is kept only for as long as the engagement is active. When we finish working together:
- You receive a handover export of your data in an agreed format.
- Your data is deleted within 30 days of the engagement ending.
- Once deleted, your dedicated bucket is removed entirely – not emptied and reused.
If you need a different retention window – shorter for sensitivity, or longer to bridge into a follow-on engagement – we agree that in writing before work starts.
4My role under GDPR
Under GDPR and Norwegian data protection law (Datatilsynet), the roles are clear and split:
You decide what data is shared and why. It remains yours throughout.
I process your data only to deliver the agreed work, on your instructions.
I will sign a data processing agreement (DPA / databehandleravtale) as part of the engagement where you need one. I do not use your data to train models, and I do not share it with anyone outside the sub-processors listed below.
5Who else touches your data
I keep the list of sub-processors short on purpose. These are the only third parties involved in storing or processing your data, and all of them offer EU data handling:
| Sub-processor | Role | Location |
|---|---|---|
| Cloudflare | Storage and hosting (R2) | EU (Eastern Europe) region |
| Anthropic | AI processing (Claude), used to assist analysis and automation | Processed under Anthropic's commercial API terms. Your data is not used to train models and is not retained beyond the processing needed to deliver the work. |
If an engagement ever needs an additional sub-processor, I tell you before any of your data reaches it.
6Questions
If anything here needs to be tighter for your situation – a signed DPA, a specific retention window, a named contact for data requests – just ask before we start. Getting this right up front is part of the work, not an afterthought.