ReportingGPT is operated by a licensed Wirtschaftsprüfungsgesellschaft. That means § 203 StGB criminal law confidentiality obligations, § 50a WPO IT outsourcing requirements, and dual-track contracts – not just a privacy policy.
Three-pillar protection
German professional law demands more than just encryption. WPK guidance requires technical safeguards, contractual obligations, and organisational integration into your quality management system.
EU data residency, military-grade encryption, stateless AI inference, and zero data retention at the model layer.
§ 203 StGB professional secrecy obligations, § 50a WPO requirements, dual-track contracts (DPA + confidentiality agreement).
IDW QMS 1 integration, AI competence training (Art. 4 EU AI Act), internal AI policy, and documented review processes.
Pillar 1
Pillar 2
The 2017 reform of § 203 StGB explicitly enabled cloud AI for professional secret holders. § 50a WPO defines six cumulative requirements for IT outsourcing by auditors. ReportingGPT meets all of them.
§ 203 Abs. 1 Nr. 3 StGB designates Wirtschaftsprüfer as Berufsgeheimnisträger (professional secret holders). Unauthorised disclosure of client secrets is punishable by up to one year of imprisonment. This is not a contractual NDA – it is German criminal law.
§ 50a WPO (introduced 2017) explicitly permits auditors to use external IT service providers – including cloud and AI – provided six cumulative requirements are met: careful selection, written contract, confidentiality obligation with criminal law instruction, need-to-know principle, sub-processor chain regulation, and immediate termination rights.
Compliance requires two separate contractual tracks: A Data Processing Agreement (AVV) under GDPR Art. 28 for personal data, and a § 203 StGB confidentiality agreement covering all client secrets – including non-personal business and trade secrets that fall outside the GDPR scope. A DPA alone is not sufficient.
Careful selection of service provider
§ 50a Abs. 2 S. 1
Written contract (Textform)
§ 50a Abs. 3 S. 1
Confidentiality obligation with criminal law instruction
§ 50a Abs. 3 S. 2 Nr. 1
Need-to-know principle
§ 50a Abs. 3 S. 2 Nr. 2
Sub-processor chain regulation
§ 50a Abs. 3 S. 2 Nr. 3
Right to immediate termination
§ 50a Abs. 2 S. 2
Your contract is with justReporting GmbH Wirtschaftsprüfungsgesellschaft – not with AWS, not with Anthropic. We provide both the standard DPA (GDPR Art. 28) and the § 203 StGB confidentiality agreement. AWS operates the infrastructure under our governance. Anthropic has no access to customer data whatsoever. This managed service provider model is explicitly recognised as a compliant path by the WPK and legal literature.
AWS Bedrock runs isolated copies of Claude models in AWS-controlled accounts. The architecture is designed so that neither AWS employees nor Anthropic can access your data.
No. AWS runs isolated "Deep Copy" instances of Claude models in AWS-owned accounts. Anthropic has zero access to these accounts, to customer prompts, or to model outputs. Anthropic receives only aggregate metadata (usage volume, token count, region).
Source: Anthropic on Bedrock Commercial Terms of Service
No. AWS Bedrock does not store or log prompts and completions. It does not use customer input/output to train any AWS models or distribute them to third parties.
Source: AWS Bedrock Data Protection documentation
No. Both AWS and Anthropic contractually guarantee that customer content is never used for model training. The Anthropic Commercial Terms explicitly state: "Anthropic may not train models on Customer Content from Services."
Source: Anthropic on Bedrock Commercial Terms
Exclusively in AWS Frankfurt (eu-central-1). We use In-Region routing only – not Geographic EU and not Global routing. Data never leaves the Frankfurt region during processing.
Source: AWS Bedrock Cross-Region Inference documentation
Your browser
TLS 1.3 encrypted
ReportingGPT app
AWS Frankfurt
AWS Bedrock
Stateless inference
Claude model
Deep Copy, isolated
Anthropic receives only aggregate metadata (usage volume, token count). Zero access to prompts, responses, or customer data.
Pillar 3
WPK guidance requires AI tools to be integrated into the quality management system. IDW QMS 1, the WPK FAQ on AI, and the EU AI Act define the framework.
ReportingGPT is documented as an approved tool within our quality management system per IDW QMS 1 (09.2022). Quality objectives 5 (technological resources) and 7 (service provider engagement) are addressed.
The WPK FAQ on AI (July 2025) confirms: AI tools are permitted if confidentiality is ensured, results are not the sole basis for professional judgement, and the tool is integrated into the quality management system. ReportingGPT is designed to meet all three requirements.
ReportingGPT is classified as a "limited risk" AI system under Art. 6 EU AI Act – not a high-risk system. It does not fall under any Anhang III category. Applicable transparency obligations (Art. 50) will be implemented by August 2026.
IDW PS 861 (03.2023) – the world's first auditing standard for AI – provides the criteria-based framework for evaluating AI systems. ReportingGPT's architecture is designed to be auditable under this standard.
Per § 50a Abs. 5 WPO, client consent is required when a service is used directly for a specific engagement – for example, when analysing a specific client's sustainability report with AI. Using ReportingGPT as general office infrastructure (comparable to email or DMS) does not require individual client consent. We recommend informing clients about AI usage in your engagement letter.
Enterprise readiness
Designed to pass security reviews from regulated firms and large corporations.
AES-256 encryption at rest
AWS KMS managed
TLS 1.2 / 1.3 in transit
Enforced on all connections
EU data residency
AWS Frankfurt (eu-central-1) exclusively
Multi-factor authentication
Mandatory for all users
Role-based access control
Least privilege, session timeouts
Data Processing Agreement
GDPR Art. 28, available for paid plans
§ 203 StGB protection
Criminal law confidentiality – stronger than any NDA
§ 50a WPO compliance
Six requirements for IT outsourcing met
No AI training on customer data
Contractually and technically guaranteed
Audit trail
Application + infrastructure level (CloudTrail)
Sub-processor transparency
Full list in DPA, notification on changes
Data deletion on request
Within 30 days, or on account closure
Data export / portability
PDF + Word export at any time, no vendor lock-in
Free evaluation available
Full Core Review, no credit card required
Automated daily backups
Point-in-time recovery
EU AI Act classification
Limited risk – documented risk assessment
ISO 27001 certification
Planned for 2027
Penetration testing (annual)
First external pentest scheduled H2 2026
SSO / SAML federation
Enterprise tier, planned Q4 2026
BSI C5 attestation
Under evaluation for regulated customers
BYOK (Bring Your Own Key)
Enterprise tier, under evaluation
Need a vendor security questionnaire filled out? We complete BSI, CAIQ, or custom questionnaires. Contact us
Frequently asked questions
justReporting GmbH WPG is a Berufsgeheimnisträger under § 203 Abs. 1 Nr. 3 StGB and meets all § 50a WPO requirements for IT outsourcing. AWS does not currently offer a dedicated § 203 confidentiality agreement (unlike Microsoft or DATEV). We rely on AWS Bedrock's stateless architecture – no prompts, no completions, no data stored at the model layer – combined with our dual-track contract system. We are transparent about this distinction.
Per § 50a Abs. 5 WPO, client consent (Mandanteneinwilligung) is required when the tool is used directly for a specific engagement – for example, reviewing a specific client's sustainability report. Using ReportingGPT as general office infrastructure does not require individual consent. We recommend adding an AI disclosure clause to your engagement letter.
Exclusively in AWS Frankfurt (eu-central-1). We use In-Region routing only – not Geographic EU and not Global routing. Your data never leaves the Frankfurt region during processing. All data at rest is encrypted with AES-256 via AWS KMS.
No. AWS Bedrock runs isolated "Deep Copy" instances of Claude models. AWS does not store or log prompts and completions. Anthropic has zero access to these AWS-owned accounts, to customer prompts, or to model outputs. Anthropic receives only aggregate metadata (usage volume, token count, region).
No – both contractually and technically. AWS Bedrock does not use customer input/output for model training. The Anthropic Commercial Terms explicitly state: "Anthropic may not train models on Customer Content from Services." ReportingGPT's own quality improvements use only approved, anonymised reference comments (RAG), never raw client data.
Two separate agreements: (1) A Data Processing Agreement (AVV) under GDPR Art. 28 for personal data, and (2) a § 203 StGB confidentiality agreement covering all client secrets – including non-personal business and trade secrets. A DPA alone is not sufficient for Berufsgeheimnisträger. Both are available for paid plans.
ReportingGPT is classified as a "limited risk" AI system under Art. 6 EU AI Act. It does not fall under any Anhang III high-risk category. Applicable transparency obligations under Art. 50 will be implemented by August 2026. A documented risk assessment is available on request.
Yes. We complete BSI, CAIQ (Cloud Security Alliance), or custom security questionnaires for enterprise customers. Contact us at hello@justreporting.eu with your questionnaire template.
We walk you through our technical and organisational measures, provide DPA and § 203 agreements, or complete your vendor security questionnaire.
