For regulated European teams

Meetings you can bring to your DPO.

Punkto is built for European organisations where compliance is not optional — healthcare, legal, finance, public sector, research. EU-hosted end-to-end, no US control surface, signed DPA, auditable.

Book a compliance call Read privacy policy

Why Punkto for compliance-driven teams

EU data residency

Every request, every row, every transcript stays on European infrastructure. No AWS, no Google Cloud, no Azure.

No US CLOUD Act exposure

No US-controlled entity in the data path. Schrems II- and Schrems III-resilient by design — your DPIA stays short.

Signed DPA

Signed Data Processing Agreement available on Enterprise plans. Article 28 GDPR–compliant, negotiated with your legal team.

Audit logs

Full audit trail on every board, recording and action item. Exportable JSON / CSV via webhook or API.

Zero audio retention

Your call audio is transcribed in memory, then immediately discarded. We never write audio files to disk — by design. Only transcript text and the AI summary are stored, scoped to your account.

Ephemeral & zero-knowledge modes

Run sessions that leave no trace in the database, or ones where shared files are encrypted client-side with a key that never touches our servers.

How Punkto compares

Versus typical US-hosted meeting-AI tools (Otter.ai, Fireflies, Tactiq, Fathom).

Criterion

Typical US tool

Punkto

Hosting region

🇺🇸 AWS / GCP (various)

🇪🇺 European Union

Hosting region

Typical US tool: 🇺🇸 AWS / GCP (various)

Punkto: 🇪🇺 European Union

CLOUD Act exposure

Yes

CLOUD Act exposure

Typical US tool: Yes

Punkto: No

Signed DPA

Usually

Yes

Signed DPA

Typical US tool: Usually

Punkto: Yes

AI model training on your data

Often opt-out only

Never

AI model training on your data

Typical US tool: Often opt-out only

Punkto: Never

Third-party analytics

Common

None

Third-party analytics

Typical US tool: Common

Punkto: None

Self-hosted option

Rare

On request

Self-hosted option

Typical US tool: Rare

Punkto: On request

Full subprocessor transparency

Every third-party service we use, where they're based, what they do. No hidden vendors.

Infrastructure

European hosting (EU)

Database & Storage

Self-hosted, EU region

AI transcription

European AI provider

Real-time sync

Self-hosted CRDT

Audio/video rooms

Self-hosted, EU region

Email delivery

Transactional only, user consent

Analytics

None. Server logs only.

Enterprise compliance roadmap

Available

•EU hosting
•Signed DPA
•Private recordings
•Ephemeral mode
•E2E files

In progress

•SSO (SAML / OIDC)
•Audit log export (webhook)
•Self-hosted deployment

Roadmap

•ISO 27001
•SOC 2 Type II
•HIPAA BAA
•Fine-grained retention policies

Talk to us before you send us an RFP.

Fifteen minutes is usually enough to confirm Punkto fits your compliance profile. Bring your DPO, bring your questions.

Book a call →