Noxtua

Europe's sovereign legal AI with its own European-trained legal LLM

fynk

AI-powered contract lifecycle management platform from Vienna

Noxtua

Excellent

25/25

fynk

Strong

20/25

Score Breakdown

DimensionNoxtuafynk

Data Residency

Where is your data stored and processed?

Noxtua: Processing occurs exclusively on European infrastructure (Open Telekom Cloud by Deutsche Telekom and IONOS) with no connection to US cloud providers, plus an on-premise deployment option. Best-in-class EU data residency.

fynk: Austrian company with EU data hosting. Contract data stays within EU jurisdiction. No US infrastructure dependency.

5/5

Processing occurs exclusively on European infrastructure (Open Telekom Cloud by Deutsche Telekom and IONOS) with no connection to US cloud providers, plus an on-premise deployment option. Best-in-class EU data residency.

5/5

Austrian company with EU data hosting. Contract data stays within EU jurisdiction. No US infrastructure dependency.

Legal Jurisdiction

Which laws govern the company and your data?

Noxtua: Incorporated in Germany as Noxtua SE (formerly Xayn AG), an EU/EEA entity with no US parent. Designed to meet German professional-secrecy law (§ 43e BRAO, § 203 StGB).

fynk: Austrian GmbH, fully under EU law. Austrian-funded (3VC, 10x Founders). No US parent or investor control concerns.

5/5

Incorporated in Germany as Noxtua SE (formerly Xayn AG), an EU/EEA entity with no US parent. Designed to meet German professional-secrecy law (§ 43e BRAO, § 203 StGB).

5/5

Austrian GmbH, fully under EU law. Austrian-funded (3VC, 10x Founders). No US parent or investor control concerns.

Data Retention & Training

Is your data used for model training?

Noxtua: Explicitly states customer data is never used to train, retrain or improve AI models, with sovereign/on-premise deployment and enterprise DPA-level controls. Specific configurable retention windows are not publicly detailed but the no-training and isolation posture is strong.

fynk: Contract data not used for model training. As a contract management tool handling sensitive legal documents, data handling policies are core to the value proposition.

5/5

Explicitly states customer data is never used to train, retrain or improve AI models, with sovereign/on-premise deployment and enterprise DPA-level controls. Specific configurable retention windows are not publicly detailed but the no-training and isolation posture is strong.

4/5

Contract data not used for model training. As a contract management tool handling sensitive legal documents, data handling policies are core to the value proposition.

Certifications

ISO 27001, SOC 2, Cyber Essentials, etc.

Noxtua: Extensive published certification stack: ISO 42001 (first German company), ISO 27001, 27017, 27018, 9001, plus BSI C5 and TISAX. No SOC 2 (US-oriented), but European sector and AI-specific certifications exceed the baseline.

fynk: No SOC 2 or ISO 27001 certifications publicly confirmed. GDPR compliant as an EU entity. Certification gap is common for seed-stage companies but should be addressed as they scale.

5/5

Extensive published certification stack: ISO 42001 (first German company), ISO 27001, 27017, 27018, 9001, plus BSI C5 and TISAX. No SOC 2 (US-oriented), but European sector and AI-specific certifications exceed the baseline.

2/5

No SOC 2 or ISO 27001 certifications publicly confirmed. GDPR compliant as an EU entity. Certification gap is common for seed-stage companies but should be addressed as they scale.

Regulatory Fit

Suitability for regulated industries and professional services

Noxtua: Purpose-built for regulated EU legal work, explicitly meeting attorney confidentiality and professional-secrecy requirements, with backing from major law firms and legal publishers. Suitable for the most demanding EU regulated legal and public-sector use.

fynk: EU-native legal structure makes it straightforward for European legal and procurement teams. Ideal for organisations that need contract management without US data exposure. Certification gaps are the main improvement area.

5/5

Purpose-built for regulated EU legal work, explicitly meeting attorney confidentiality and professional-secrecy requirements, with backing from major law firms and legal publishers. Suitable for the most demanding EU regulated legal and public-sector use.

4/5

EU-native legal structure makes it straightforward for European legal and procurement teams. Ideal for organisations that need contract management without US data exposure. Certification gaps are the main improvement area.

Total Score

25/25

20/25

Best For

Noxtua

Best for EU-headquartered organisations needing maximum data sovereignty; privacy-conscious teams who need strong data retention controls; teams on a tight budget.

fynk

Best for EU-headquartered organisations needing maximum data sovereignty; organisations requiring broad certification coverage (ISO 42001, ISO 27001, ISO 27017); regulated industries (BfDI, BaFin); privacy-conscious teams who need strong data retention controls; organisations that need self-hosted or on-premise deployment.

Detailed Comparison

fynk vs Noxtua: Trust & Compliance Comparison

fynk (fynk, AT) scores 20/25 overall with a Silver (Strong) trust badge. AI-powered contract lifecycle management platform from Vienna. Noxtua (Noxtua, DE) scores 25/25 with a Gold (Excellent) trust badge. Europe's sovereign legal AI with its own European-trained legal LLM.

Dimension-by-Dimension Breakdown

#### Data Residency

Both score equally at 5/5.

●fynk (5/5): Austrian company with EU data hosting. Contract data stays within EU jurisdiction. No US infrastructure dependency.

●Noxtua (5/5): Processing occurs exclusively on European infrastructure (Open Telekom Cloud by Deutsche Telekom and IONOS) with no connection to US cloud providers, plus an on-premise deployment option. Best-in-class EU data residency.

#### Legal Jurisdiction

Both score equally at 5/5.

●fynk (5/5): Austrian GmbH, fully under EU law. Austrian-funded (3VC, 10x Founders). No US parent or investor control concerns.

●Noxtua (5/5): Incorporated in Germany as Noxtua SE (formerly Xayn AG), an EU/EEA entity with no US parent. Designed to meet German professional-secrecy law (§ 43e BRAO, § 203 StGB).

#### Data Retention & Training

Noxtua leads with 5/5 vs 4/5.

●fynk (4/5): Contract data not used for model training. As a contract management tool handling sensitive legal documents, data handling policies are core to the value proposition.

●Noxtua (5/5): Explicitly states customer data is never used to train, retrain or improve AI models, with sovereign/on-premise deployment and enterprise DPA-level controls. Specific configurable retention windows are not publicly detailed but the no-training and isolation posture is strong.

#### Certifications

Noxtua leads with 5/5 vs 2/5.

●fynk (2/5): No SOC 2 or ISO 27001 certifications publicly confirmed. GDPR compliant as an EU entity. Certification gap is common for seed-stage companies but should be addressed as they scale.

●Noxtua (5/5): Extensive published certification stack: ISO 42001 (first German company), ISO 27001, 27017, 27018, 9001, plus BSI C5 and TISAX. No SOC 2 (US-oriented), but European sector and AI-specific certifications exceed the baseline.

#### Regulatory Fit

Noxtua leads with 5/5 vs 4/5.

●fynk (4/5): EU-native legal structure makes it straightforward for European legal and procurement teams. Ideal for organisations that need contract management without US data exposure. Certification gaps are the main improvement area.

●Noxtua (5/5): Purpose-built for regulated EU legal work, explicitly meeting attorney confidentiality and professional-secrecy requirements, with backing from major law firms and legal publishers. Suitable for the most demanding EU regulated legal and public-sector use.

Certifications at a Glance

Certification	fynk	Noxtua
BSI C5	No	Yes
ISO 27001	No	Yes
ISO 27017	No	Yes
ISO 27018	No	Yes
ISO 42001	No	Yes
ISO 9001	No	Yes
TISAX	No	Yes

Overall Verdict

Noxtua has a clear trust advantage, scoring 25/25 compared to fynk's 20/25. Noxtua particularly excels in data retention & training, certifications, regulatory fit.

Frequently Asked Questions

Which is better for EU compliance, Noxtua or fynk?

Noxtua has a TrustKit score of 25/25 while fynk scores 20/25. Noxtua currently rates higher across data residency, legal jurisdiction, data retention, certifications, and regulatory fit.

How do Noxtua and fynk compare on data residency?

Noxtua scores 5/5 for data residency (Processing occurs exclusively on European infrastructure (Open Telekom Cloud by Deutsche Telekom and IONOS) with no connection to US cloud providers, plus an on-premise deployment option. Best-in-class EU data residency.), while fynk scores 5/5 (Austrian company with EU data hosting. Contract data stays within EU jurisdiction. No US infrastructure dependency.).

Are Noxtua and fynk GDPR compliant?

Both tools are assessed across five compliance dimensions. Noxtua has a regulatory fit score of 5/5 and fynk scores 4/5. Check the full comparison above for a detailed breakdown.

Explore Each Tool