===== PRIVACY =====

  * **Where is LUCY storing and processing data?** This information can be obtained by finding out where the data is being hosted. Lucy can be installed On-Site or on a cloud server. If installed on a cloud server, all data is stored on that specific server.

  * **Where is data sent?** It’s also important to remember that data can be moved around between an app’s different data centers. That depends on the feature used in LUCY. As you can see in [[network_communication_-_lucy_--_internet|this chapter]], LUCY uses some connections to centralized servers (e.g. update server). But no personalized information that falls under GDPR ever gets transmitted.

  * **Data processing agreement**: Please visit this [[company_application_and_data_security|chapter]]


  * **Protecting personal data**: It is crucial for users to have good security measures in place to protect personal data against alteration, loss and unofficial processing. Lucy encrypts the data and offers many possibilities to [[security_considerations|secure access to the data]]. But this hardening must be done by the LUCY client.


  * **Collecting personal data**: In certain countries (e.g. Germany), you are not allowed to collect personalized data (e.g. who failed a phishing simulation and who did not pass a training). In such a case you need to [[confidentiality_of_campaign_data|enable anonymous mode in LUCY]].