Skip to content
Tracehold

Platform

One console for AI data loss prevention

What we cover: detection, prevention, reporting, integrations and deployment — all run from a single console across your browser, desktop and dev tools.

See the platform

Platform

How it works The on-device detection mechanism, step by step. Platform One console for the browser, desktop and dev tools. Multi-tenant Separate workspaces per team or client, one account. Deployment Live in weeks via Microsoft Intune or your MDM. Integrations SSO, SIEM, Slack/Teams alerts and the Outlook add-in.

Detection, prevention & reporting

Detection What Tracehold catches before it reaches AI tools. Prevention Redact the sensitive part, or block the message — automatically. Reporting Real-time dashboards and board-ready analytics. Endpoint agents Desktop, dev tools and email — beyond the browser.

Solutions

AI DLP for regulated industries

Every industry uses AI differently — and leaks differently. See how Tracehold maps to your sector's data and rules.

See all use cases

By industry

Banking & financial services Customer records, IBANs, transaction data. Healthcare Patient data, on-device, before it reaches AI. Insurance Claims and policyholder data, protected. Public sector Government and public-body AI use, governed.

By need

Use cases Common rollouts across regulated sectors. Integrations SSO, SIEM, Slack, Teams, Outlook & MDM.

Resources

Trust, by design

On-device detection, EU hosting and audit-ready evidence — the posture and paperwork your security and legal teams will ask for.

Security overview

Trust

Security On-device detection, encryption, EU hosting. Compliance Mapped to GDPR, NIS2, ISO 27001 and SOC 2.

Legal

Privacy policy How we handle data, metadata and prompts. DPA Data Processing Agreement, ready to sign.

Company

Built in the EU, from day one

Tracehold (formerly Verifia) is an EU company building AI-native data loss prevention — EU-hosted, EU-built, EU-run.

About Tracehold

Company

About Who we are and why we're building this in the EU. Contact Talk to us, or book a 30-minute demo.

Join us

Careers We're hiring — reach out to hello@tracehold.com. Terms Terms of service.
Pricing
Sign in Request a demo
EnglishEspañol
Sign in Request a demo
[ Legal · Sub-processors · Managed service · EU-hosted ]

Sub-processors

This page lists the third-party sub-processors that Tracehold B.V. ("Tracehold", "we", "us"), formerly Verifia, engages to help deliver the managed Tracehold service — our paid Insight and Governance plans. It supports the transparency commitments in our customer Data Processing Agreement (DPA).

Last updated: 22 June 2026 · Applies to the managed Tracehold service

On this page

  1. Scope & what a sub-processor is
  2. Current sub-processors
  3. Analytics
  4. Advance notice of changes
  5. Contact us
The free browser extension uses no sub-processors. The free Tracehold browser extension runs entirely on your device. Detection happens locally in the browser, the extension does not require an account, and — by default — the content of your prompts, messages and files never leaves your browser. Because nothing is transmitted to a backend, the free extension relies on no sub-processors at all. The list below applies only to the managed service.

1. Scope & what a sub-processor is

A sub-processor is a third party we engage to process customer data on our behalf in order to provide the managed Tracehold service. Sub-processors act on our documented instructions, under contract, and only to the extent needed to deliver the service.

Consistent with our design, the managed service is built to minimise what leaves the device: detection runs on the device and, by default, only metadata — the type of finding, its severity and a timestamp — reaches the backend. The prompt itself — your api-keysensitive content — does not leave the browser by default. Tracehold is built and hosted in the European Union, in France, with EU data residency; organisations that prefer it can self-host the entire stack, in which case no data reaches our infrastructure and these sub-processors do not apply.

2. Current sub-processors

We engage a small number of vetted infrastructure sub-processors to run the managed service. Each operates within the European Union, under a written contract imposing data-protection obligations no less protective than those in our DPA, and only to the extent needed to provide the service.

Sub-processor Purpose Location
Contabo Infrastructure hosting (compute, storage and database for the managed service) European Union (France)
OVH Infrastructure hosting (compute, storage and database for the managed service) European Union (France)

System & transactional email (sign-in, alerts and service notifications) is sent from Tracehold's own self-hosted mail infrastructure in the EU, so no third-party transactional-email provider acts as a sub-processor. We use no third-party error-monitoring service and no analytics provider.

3. Analytics

We use no website or product analytics: no third-party analytics provider, and no analytics or tracking cookies. If we ever introduced one, it would be added to the table above and disclosed here before it was enabled.

4. Advance notice of changes

We may add, replace or remove sub-processors as the managed service evolves. When we do, we will update this page and revise the "Last updated" date above. In line with our customer DPA, we offer advance notice of material changes to this list so customers have the opportunity to review them.

To receive advance notice of changes, subscribe by emailing privacy@tracehold.com.

5. Contact us

Questions about our sub-processors, data processing or the DPA?

  • Privacy enquiries & change notifications: privacy@tracehold.com
  • Data Protection Officer: dpo@tracehold.com
  • General: hello@tracehold.com
  • Post: Tracehold B.V., Werfkade 25, 1033 TA Amsterdam, Netherlands · Jurisdiction: the Netherlands

Tracehold is built and hosted in the European Union, in France, on Contabo and OVH infrastructure, with EU data residency and an optional full self-host. See our Security and Privacy Terms DPA Subprocessors pages for more.

Tracehold

AI-native data loss prevention (AI DLP). Detection runs on the device — only metadata reaches the backend.

EU-HOSTED · ISO 27001 IN PROGRESS

Product

Platform Detection Endpoint agents Browser extension Outlook add-in Compliance Pricing Integrations Use cases

Why Tracehold

How it works What we detect Beyond the browser Compliance Security & privacy Book a demo

Company

About (formerly Verifia) Security Careers Privacy Terms DPA Subprocessors Contact
© 2026 Tracehold. Formerly Verifia. All rights reserved. AI-native data loss prevention, built in the EU.
Privacy Terms DPA