Lumo (Proton)

Privacy-first AI assistant from the makers of ProtonMail, with Swiss jurisdiction and zero-access encryption

Metaview

AI recruiting platform for interview notes and hiring insights

Lumo (Proton)

Excellent

23/25

Metaview

Strong

18/25

Score Breakdown

DimensionLumo (Proton)Metaview

Data Residency

Where is your data stored and processed?

Lumo (Proton): Data hosted in Proton's own data centres in Germany and Norway. Zero-access encryption means even Proton cannot read conversation content. No US infrastructure dependency.

Metaview: Hosts all data in an AWS UK environment (United Kingdom), which is GDPR-aligned and suitable for UK and EU customers, but it is UK-only rather than an EU-region datacentre and runs on a US-headquartered cloud.

5/5

Data hosted in Proton's own data centres in Germany and Norway. Zero-access encryption means even Proton cannot read conversation content. No US infrastructure dependency.

4/5

Hosts all data in an AWS UK environment (United Kingdom), which is GDPR-aligned and suitable for UK and EU customers, but it is UK-only rather than an EU-region datacentre and runs on a US-headquartered cloud.

Legal Jurisdiction

Which laws govern the company and your data?

Lumo (Proton): Swiss incorporation provides one of the strongest privacy jurisdictions globally. Outside US CLOUD Act reach. Swiss FADP and GDPR adequacy. Proton has a decade-long track record of defending user privacy.

Metaview: UK incorporated (Metaview Global Limited, England and Wales) with no US parent identified; subject to UK GDPR rather than EU/EEA jurisdiction.

5/5

Swiss incorporation provides one of the strongest privacy jurisdictions globally. Outside US CLOUD Act reach. Swiss FADP and GDPR adequacy. Proton has a decade-long track record of defending user privacy.

4/5

UK incorporated (Metaview Global Limited, England and Wales) with no US parent identified; subject to UK GDPR rather than EU/EEA jurisdiction.

Data Retention & Training

Is your data used for model training?

Lumo (Proton): Zero-access encryption on conversations. User data explicitly never used for model training. Open-source code enables independent verification of privacy claims.

Metaview: Explicitly does not train third-party models on customer personal data, offers a configurable retention period (2-year default), on-demand deletion with written confirmation, candidate consent handling and a DPA.

5/5

Zero-access encryption on conversations. User data explicitly never used for model training. Open-source code enables independent verification of privacy claims.

4/5

Explicitly does not train third-party models on customer personal data, offers a configurable retention period (2-year default), on-demand deletion with written confirmation, candidate consent handling and a DPA.

Certifications

ISO 27001, SOC 2, Cyber Essentials, etc.

Lumo (Proton): ISO 27001 and SOC 2 at Proton AG organisational level. Strong for a consumer-facing privacy product. ISO 27701 would further strengthen the posture.

Metaview: Holds SOC 2 Type II; no published ISO 27001 certificate was found, so it meets only one of the two baseline enterprise security certifications.

4/5

ISO 27001 and SOC 2 at Proton AG organisational level. Strong for a consumer-facing privacy product. ISO 27701 would further strengthen the posture.

3/5

Holds SOC 2 Type II; no published ISO 27001 certificate was found, so it meets only one of the two baseline enterprise security certifications.

Regulatory Fit

Suitability for regulated industries and professional services

Lumo (Proton): Excellent fit for privacy-sensitive professionals in legal and financial services. Swiss jurisdiction, zero-access encryption, and no training on user data address key regulatory concerns. Not EU-incorporated but GDPR adequate.

Metaview: Suitable for general EU/UK business use with GDPR and consent controls; as recruiting AI handling candidate PII it touches EU AI Act high-risk territory, but it is not purpose-built or certified for heavily regulated sectors.

4/5

Excellent fit for privacy-sensitive professionals in legal and financial services. Swiss jurisdiction, zero-access encryption, and no training on user data address key regulatory concerns. Not EU-incorporated but GDPR adequate.

3/5

Suitable for general EU/UK business use with GDPR and consent controls; as recruiting AI handling candidate PII it touches EU AI Act high-risk territory, but it is not purpose-built or certified for heavily regulated sectors.

Total Score

23/25

18/25

Best For

Lumo (Proton)

Best for EU-headquartered organisations needing maximum data sovereignty; regulated industries (legal, financial-services); privacy-conscious teams who need strong data retention controls; organisations that need self-hosted or on-premise deployment; teams on a tight budget.

Metaview

Best for EU-headquartered organisations needing maximum data sovereignty; privacy-conscious teams who need strong data retention controls; teams on a tight budget.

Detailed Comparison

Lumo (Proton) vs Metaview: Trust & Compliance Comparison

Lumo (Proton) (Proton, CH) scores 23/25 overall with a Gold (Excellent) trust badge. Privacy-first AI assistant from the makers of ProtonMail, with Swiss jurisdiction and zero-access encryption. Metaview (Metaview, GB) scores 18/25 with a Silver (Strong) trust badge. AI recruiting platform for interview notes and hiring insights.

Dimension-by-Dimension Breakdown

#### Data Residency

Lumo (Proton) leads with 5/5 vs 4/5.

●Lumo (Proton) (5/5): Data hosted in Proton's own data centres in Germany and Norway. Zero-access encryption means even Proton cannot read conversation content. No US infrastructure dependency.

●Metaview (4/5): Hosts all data in an AWS UK environment (United Kingdom), which is GDPR-aligned and suitable for UK and EU customers, but it is UK-only rather than an EU-region datacentre and runs on a US-headquartered cloud.

#### Legal Jurisdiction

Lumo (Proton) leads with 5/5 vs 4/5.

●Lumo (Proton) (5/5): Swiss incorporation provides one of the strongest privacy jurisdictions globally. Outside US CLOUD Act reach. Swiss FADP and GDPR adequacy. Proton has a decade-long track record of defending user privacy.

●Metaview (4/5): UK incorporated (Metaview Global Limited, England and Wales) with no US parent identified; subject to UK GDPR rather than EU/EEA jurisdiction.

#### Data Retention & Training

Lumo (Proton) leads with 5/5 vs 4/5.

●Lumo (Proton) (5/5): Zero-access encryption on conversations. User data explicitly never used for model training. Open-source code enables independent verification of privacy claims.

●Metaview (4/5): Explicitly does not train third-party models on customer personal data, offers a configurable retention period (2-year default), on-demand deletion with written confirmation, candidate consent handling and a DPA.

#### Certifications

Lumo (Proton) leads with 4/5 vs 3/5.

●Lumo (Proton) (4/5): ISO 27001 and SOC 2 at Proton AG organisational level. Strong for a consumer-facing privacy product. ISO 27701 would further strengthen the posture.

●Metaview (3/5): Holds SOC 2 Type II; no published ISO 27001 certificate was found, so it meets only one of the two baseline enterprise security certifications.

#### Regulatory Fit

Lumo (Proton) leads with 4/5 vs 3/5.

●Lumo (Proton) (4/5): Excellent fit for privacy-sensitive professionals in legal and financial services. Swiss jurisdiction, zero-access encryption, and no training on user data address key regulatory concerns. Not EU-incorporated but GDPR adequate.

●Metaview (3/5): Suitable for general EU/UK business use with GDPR and consent controls; as recruiting AI handling candidate PII it touches EU AI Act high-risk territory, but it is not purpose-built or certified for heavily regulated sectors.

Certifications at a Glance

Certification	Lumo (Proton)	Metaview
ISO 27001	Yes	No
SOC 2	Yes	No
SOC 2 Type II	No	Yes

Overall Verdict

Lumo (Proton) has a clear trust advantage, scoring 23/25 compared to Metaview's 18/25. Lumo (Proton) particularly excels in data residency, legal jurisdiction, data retention & training, certifications, regulatory fit.

Frequently Asked Questions

Which is better for EU compliance, Lumo (Proton) or Metaview?

Lumo (Proton) has a TrustKit score of 23/25 while Metaview scores 18/25. Lumo (Proton) currently rates higher across data residency, legal jurisdiction, data retention, certifications, and regulatory fit.

How do Lumo (Proton) and Metaview compare on data residency?

Lumo (Proton) scores 5/5 for data residency (Data hosted in Proton's own data centres in Germany and Norway. Zero-access encryption means even Proton cannot read conversation content. No US infrastructure dependency.), while Metaview scores 4/5 (Hosts all data in an AWS UK environment (United Kingdom), which is GDPR-aligned and suitable for UK and EU customers, but it is UK-only rather than an EU-region datacentre and runs on a US-headquartered cloud.).

Are Lumo (Proton) and Metaview GDPR compliant?

Both tools are assessed across five compliance dimensions. Lumo (Proton) has a regulatory fit score of 4/5 and Metaview scores 3/5. Check the full comparison above for a detailed breakdown.

Explore Each Tool