Lighthouse

AI revenue management and business intelligence for hospitality and travel

Tucuvi

Autonomous clinical voice AI agents that call patients and run care workflows

Lighthouse

Strong

20/25

Tucuvi

Excellent

23/25

Score Breakdown

DimensionLighthouseTucuvi

Data Residency

Where is your data stored and processed?

Lighthouse: Data hosted on AWS with EU region configuration for European customers. Belgian incorporation means primary data governance is under EU law. Appropriate for European hotel groups with GDPR obligations on guest and revenue data.

Tucuvi: EU-incorporated (Spain) and GDPR-compliant, so an EU hosting region is the reasonable expectation for EU customers, but specific data-centre locations and residency commitments are not published publicly — conservatively scored 4 pending confirmation via the Trust Center/DPA.

4/5

Data hosted on AWS with EU region configuration for European customers. Belgian incorporation means primary data governance is under EU law. Appropriate for European hotel groups with GDPR obligations on guest and revenue data.

4/5

EU-incorporated (Spain) and GDPR-compliant, so an EU hosting region is the reasonable expectation for EU customers, but specific data-centre locations and residency commitments are not published publicly — conservatively scored 4 pending confirmation via the Trust Center/DPA.

Legal Jurisdiction

Which laws govern the company and your data?

Lighthouse: Incorporated in Belgium under Belgian and EU law. GDPR applies as a matter of corporate law, not just contractual obligation. EU incorporation with no US parent company. No CLOUD Act exposure. Strong EU sovereignty story for the hospitality sector.

Tucuvi: Incorporated as Tucuvi Care S.L. in Madrid with no US parent, placing it fully within EU/EEA jurisdiction.

5/5

Incorporated in Belgium under Belgian and EU law. GDPR applies as a matter of corporate law, not just contractual obligation. EU incorporation with no US parent company. No CLOUD Act exposure. Strong EU sovereignty story for the hospitality sector.

5/5

Incorporated as Tucuvi Care S.L. in Madrid with no US parent, placing it fully within EU/EEA jurisdiction.

Data Retention & Training

Is your data used for model training?

Lighthouse: Customer hotel data is not used for cross-customer model training without consent. GDPR-compliant data processing agreements available under Article 28. Configurable data retention aligned with hospitality operational requirements.

Tucuvi: AI agents are trained on a proprietary manually-labelled dataset rather than on live customer data, and the QMS enforces GDPR/HIPAA data protection; however, no explicit public no-training-on-customer-data guarantee or detailed retention/DPA terms are published, so scored 4 rather than 5.

4/5

Customer hotel data is not used for cross-customer model training without consent. GDPR-compliant data processing agreements available under Article 28. Configurable data retention aligned with hospitality operational requirements.

4/5

AI agents are trained on a proprietary manually-labelled dataset rather than on live customer data, and the QMS enforces GDPR/HIPAA data protection; however, no explicit public no-training-on-customer-data guarantee or detailed retention/DPA terms are published, so scored 4 rather than 5.

Certifications

ISO 27001, SOC 2, Cyber Essentials, etc.

Lighthouse: Holds ISO 27001 certification. Appropriate baseline for a hospitality technology platform. SOC 2 Type II would strengthen the posture for hotel groups with enterprise procurement requirements.

Tucuvi: Strong, sector-specific stack: ISO/IEC 27001 and SOC 2 plus CE-marked Class IIb Software as a Medical Device under an ISO 13485 QMS, with EU AI Act and BS 30440 alignment. SOC 2 type (I vs II) not publicly specified.

3/5

Holds ISO 27001 certification. Appropriate baseline for a hospitality technology platform. SOC 2 Type II would strengthen the posture for hotel groups with enterprise procurement requirements.

5/5

Strong, sector-specific stack: ISO/IEC 27001 and SOC 2 plus CE-marked Class IIb Software as a Medical Device under an ISO 13485 QMS, with EU AI Act and BS 30440 alignment. SOC 2 type (I vs II) not publicly specified.

Regulatory Fit

Suitability for regulated industries and professional services

Lighthouse: Excellent fit for European hotel operators subject to GDPR and national data protection authorities. Belgian legal jurisdiction and EU data hosting provide a credible compliance posture. Good alignment with hospitality-specific data governance requirements.

Tucuvi: Purpose-built for regulated EU healthcare and certified as a Class IIb medical device, suitable for hospitals and health systems under EMA/AEMPS oversight and GDPR.

4/5

Excellent fit for European hotel operators subject to GDPR and national data protection authorities. Belgian legal jurisdiction and EU data hosting provide a credible compliance posture. Good alignment with hospitality-specific data governance requirements.

5/5

Purpose-built for regulated EU healthcare and certified as a Class IIb medical device, suitable for hospitals and health systems under EMA/AEMPS oversight and GDPR.

Total Score

20/25

23/25

Best For

Lighthouse

Best for EU-headquartered organisations needing maximum data sovereignty; regulated industries (ICO, APD (Belgium)); privacy-conscious teams who need strong data retention controls.

Tucuvi

Best for EU-headquartered organisations needing maximum data sovereignty; organisations requiring broad certification coverage (CE-marked SaMD (Class IIb), ISO 13485, ISO/IEC 27001); regulated industries (AEMPS, EMA); privacy-conscious teams who need strong data retention controls.

Detailed Comparison

Lighthouse vs Tucuvi: Trust & Compliance Comparison

Lighthouse (Lighthouse, BE) scores 20/25 overall with a Silver (Strong) trust badge. AI revenue management and business intelligence for hospitality and travel. Tucuvi (Tucuvi, ES) scores 23/25 with a Gold (Excellent) trust badge. Autonomous clinical voice AI agents that call patients and run care workflows.

Dimension-by-Dimension Breakdown

#### Data Residency

Both score equally at 4/5.

●Lighthouse (4/5): Data hosted on AWS with EU region configuration for European customers. Belgian incorporation means primary data governance is under EU law. Appropriate for European hotel groups with GDPR obligations on guest and revenue data.

●Tucuvi (4/5): EU-incorporated (Spain) and GDPR-compliant, so an EU hosting region is the reasonable expectation for EU customers, but specific data-centre locations and residency commitments are not published publicly — conservatively scored 4 pending confirmation via the Trust Center/DPA.

#### Legal Jurisdiction

Both score equally at 5/5.

●Lighthouse (5/5): Incorporated in Belgium under Belgian and EU law. GDPR applies as a matter of corporate law, not just contractual obligation. EU incorporation with no US parent company. No CLOUD Act exposure. Strong EU sovereignty story for the hospitality sector.

●Tucuvi (5/5): Incorporated as Tucuvi Care S.L. in Madrid with no US parent, placing it fully within EU/EEA jurisdiction.

#### Data Retention & Training

Both score equally at 4/5.

●Lighthouse (4/5): Customer hotel data is not used for cross-customer model training without consent. GDPR-compliant data processing agreements available under Article 28. Configurable data retention aligned with hospitality operational requirements.

●Tucuvi (4/5): AI agents are trained on a proprietary manually-labelled dataset rather than on live customer data, and the QMS enforces GDPR/HIPAA data protection; however, no explicit public no-training-on-customer-data guarantee or detailed retention/DPA terms are published, so scored 4 rather than 5.

#### Certifications

Tucuvi leads with 5/5 vs 3/5.

●Lighthouse (3/5): Holds ISO 27001 certification. Appropriate baseline for a hospitality technology platform. SOC 2 Type II would strengthen the posture for hotel groups with enterprise procurement requirements.

●Tucuvi (5/5): Strong, sector-specific stack: ISO/IEC 27001 and SOC 2 plus CE-marked Class IIb Software as a Medical Device under an ISO 13485 QMS, with EU AI Act and BS 30440 alignment. SOC 2 type (I vs II) not publicly specified.

#### Regulatory Fit

Tucuvi leads with 5/5 vs 4/5.

●Lighthouse (4/5): Excellent fit for European hotel operators subject to GDPR and national data protection authorities. Belgian legal jurisdiction and EU data hosting provide a credible compliance posture. Good alignment with hospitality-specific data governance requirements.

●Tucuvi (5/5): Purpose-built for regulated EU healthcare and certified as a Class IIb medical device, suitable for hospitals and health systems under EMA/AEMPS oversight and GDPR.

Certifications at a Glance

Certification	Lighthouse	Tucuvi
CE-marked SaMD (Class IIb)	No	Yes
GDPR	No	Yes
HIPAA	No	Yes
ISO 13485	No	Yes
ISO 27001	Yes	No
ISO/IEC 27001	No	Yes
SOC 2	No	Yes

Overall Verdict

Tucuvi has a clear trust advantage, scoring 23/25 compared to Lighthouse's 20/25. Tucuvi particularly excels in certifications, regulatory fit.

Frequently Asked Questions

Which is better for EU compliance, Lighthouse or Tucuvi?

Lighthouse has a TrustKit score of 20/25 while Tucuvi scores 23/25. Tucuvi currently rates higher across data residency, legal jurisdiction, data retention, certifications, and regulatory fit.

How do Lighthouse and Tucuvi compare on data residency?

Lighthouse scores 4/5 for data residency (Data hosted on AWS with EU region configuration for European customers. Belgian incorporation means primary data governance is under EU law. Appropriate for European hotel groups with GDPR obligations on guest and revenue data.), while Tucuvi scores 4/5 (EU-incorporated (Spain) and GDPR-compliant, so an EU hosting region is the reasonable expectation for EU customers, but specific data-centre locations and residency commitments are not published publicly — conservatively scored 4 pending confirmation via the Trust Center/DPA.).

Are Lighthouse and Tucuvi GDPR compliant?

Both tools are assessed across five compliance dimensions. Lighthouse has a regulatory fit score of 4/5 and Tucuvi scores 5/5. Check the full comparison above for a detailed breakdown.

Explore Each Tool