PrivateNode

AI specialists for UK professional services — employment law, tax, immigration, and more with zero data retention

Tractable

AI-powered visual damage assessment for auto and property insurance claims

PrivateNode

Strong

18/25

Tractable

Moderate

13/25

Score Breakdown

DimensionPrivateNodeTractable

Data Residency

Where is your data stored and processed?

PrivateNode: All infrastructure hosted on Hetzner servers in Germany (EU). Zero US cloud dependency — no AWS, Azure, or GCP. Data stays within the EU at all times.

Tractable: Multi-cloud deployment (Azure confirmed). EU affiliates in France and Germany suggest EU data handling capability. Specific data centre regions not publicly documented.

5/5

All infrastructure hosted on Hetzner servers in Germany (EU). Zero US cloud dependency — no AWS, Azure, or GCP. Data stays within the EU at all times.

3/5

Multi-cloud deployment (Azure confirmed). EU affiliates in France and Germany suggest EU data handling capability. Specific data centre regions not publicly documented.

Legal Jurisdiction

Which laws govern the company and your data?

PrivateNode: UK limited company (Twakka Ltd, England & Wales). UK GDPR-equivalent jurisdiction with EU adequacy decision. Not subject to US CLOUD Act. Outside EEA but UK adequacy provides smooth data transfer basis.

Tractable: UK limited company. Post-Brexit UK GDPR applies. EU adequacy decision enables straightforward data transfers. Serves European insurers (Covea, Direct Assurance) demonstrating EU regulatory acceptance.

3/5

UK limited company (Twakka Ltd, England & Wales). UK GDPR-equivalent jurisdiction with EU adequacy decision. Not subject to US CLOUD Act. Outside EEA but UK adequacy provides smooth data transfer basis.

3/5

UK limited company. Post-Brexit UK GDPR applies. EU adequacy decision enables straightforward data transfers. Serves European insurers (Covea, Direct Assurance) demonstrating EU regulatory acceptance.

Data Retention & Training

Is your data used for model training?

PrivateNode: Explicit zero data retention policy. Conversations are not stored after session ends. No user data used for model training. Single-tenant architecture provides full isolation.

Tractable: Core AI model pre-trained on proprietary historical dataset. Customer-specific data handling governed by enterprise DPA. Insurance claims data is highly sensitive — specific retention terms negotiated per contract.

5/5

Explicit zero data retention policy. Conversations are not stored after session ends. No user data used for model training. Single-tenant architecture provides full isolation.

3/5

Core AI model pre-trained on proprietary historical dataset. Customer-specific data handling governed by enterprise DPA. Insurance claims data is highly sensitive — specific retention terms negotiated per contract.

Certifications

ISO 27001, SOC 2, Cyber Essentials, etc.

PrivateNode: No SOC 2 or ISO 27001 certifications publicly confirmed. Hosting provider (Hetzner) holds ISO 27001 certification. Early-stage company; formal certifications would strengthen trust posture.

Tractable: No SOC 2 or ISO 27001 publicly confirmed. Serves major regulated insurers suggesting contractual security requirements are met. Public certification would significantly strengthen enterprise procurement.

1/5

No SOC 2 or ISO 27001 certifications publicly confirmed. Hosting provider (Hetzner) holds ISO 27001 certification. Early-stage company; formal certifications would strengthen trust posture.

1/5

No SOC 2 or ISO 27001 publicly confirmed. Serves major regulated insurers suggesting contractual security requirements are met. Public certification would significantly strengthen enterprise procurement.

Regulatory Fit

Suitability for regulated industries and professional services

PrivateNode: Strong fit for UK regulated professional services. Domain-specific specialists trained on authoritative legislation sources. Zero data retention addresses key GDPR concerns. Suitable for SRA-regulated solicitors and FCA-regulated advisers.

Tractable: Deployed by FCA-regulated UK insurers and ACPR-regulated French insurers. UK jurisdiction with EU adequacy. Insurance-specific AI with proven regulatory acceptance across multiple markets.

4/5

Strong fit for UK regulated professional services. Domain-specific specialists trained on authoritative legislation sources. Zero data retention addresses key GDPR concerns. Suitable for SRA-regulated solicitors and FCA-regulated advisers.

3/5

Deployed by FCA-regulated UK insurers and ACPR-regulated French insurers. UK jurisdiction with EU adequacy. Insurance-specific AI with proven regulatory acceptance across multiple markets.

Total Score

18/25

13/25

Best For

PrivateNode

Best for regulated industries (ICO, SRA); privacy-conscious teams who need strong data retention controls.

Tractable

Best for enterprises requiring SSO integration.

Detailed Comparison

PrivateNode vs Tractable: Trust & Compliance Comparison

PrivateNode (PrivateNode, GB) scores 18/25 overall with a Silver (Strong) trust badge. AI specialists for UK professional services — employment law, tax, immigration, and more with zero data retention. Tractable (Tractable, GB) scores 13/25 with a Bronze (Moderate) trust badge. AI-powered visual damage assessment for auto and property insurance claims.

Dimension-by-Dimension Breakdown

#### Data Residency

PrivateNode leads with 5/5 vs 3/5.

●PrivateNode (5/5): All infrastructure hosted on Hetzner servers in Germany (EU). Zero US cloud dependency — no AWS, Azure, or GCP. Data stays within the EU at all times.

●Tractable (3/5): Multi-cloud deployment (Azure confirmed). EU affiliates in France and Germany suggest EU data handling capability. Specific data centre regions not publicly documented.

#### Legal Jurisdiction

Both score equally at 3/5.

●PrivateNode (3/5): UK limited company (Twakka Ltd, England & Wales). UK GDPR-equivalent jurisdiction with EU adequacy decision. Not subject to US CLOUD Act. Outside EEA but UK adequacy provides smooth data transfer basis.

●Tractable (3/5): UK limited company. Post-Brexit UK GDPR applies. EU adequacy decision enables straightforward data transfers. Serves European insurers (Covea, Direct Assurance) demonstrating EU regulatory acceptance.

#### Data Retention & Training

PrivateNode leads with 5/5 vs 3/5.

●PrivateNode (5/5): Explicit zero data retention policy. Conversations are not stored after session ends. No user data used for model training. Single-tenant architecture provides full isolation.

●Tractable (3/5): Core AI model pre-trained on proprietary historical dataset. Customer-specific data handling governed by enterprise DPA. Insurance claims data is highly sensitive — specific retention terms negotiated per contract.

#### Certifications

Both score equally at 1/5.

●PrivateNode (1/5): No SOC 2 or ISO 27001 certifications publicly confirmed. Hosting provider (Hetzner) holds ISO 27001 certification. Early-stage company; formal certifications would strengthen trust posture.

●Tractable (1/5): No SOC 2 or ISO 27001 publicly confirmed. Serves major regulated insurers suggesting contractual security requirements are met. Public certification would significantly strengthen enterprise procurement.

#### Regulatory Fit

PrivateNode leads with 4/5 vs 3/5.

●PrivateNode (4/5): Strong fit for UK regulated professional services. Domain-specific specialists trained on authoritative legislation sources. Zero data retention addresses key GDPR concerns. Suitable for SRA-regulated solicitors and FCA-regulated advisers.

●Tractable (3/5): Deployed by FCA-regulated UK insurers and ACPR-regulated French insurers. UK jurisdiction with EU adequacy. Insurance-specific AI with proven regulatory acceptance across multiple markets.

Overall Verdict

PrivateNode has a clear trust advantage, scoring 18/25 compared to Tractable's 13/25. PrivateNode particularly excels in data residency, data retention & training, regulatory fit.

Frequently Asked Questions

Which is better for EU compliance, PrivateNode or Tractable?

PrivateNode has a TrustKit score of 18/25 while Tractable scores 13/25. PrivateNode currently rates higher across data residency, legal jurisdiction, data retention, certifications, and regulatory fit.

How do PrivateNode and Tractable compare on data residency?

PrivateNode scores 5/5 for data residency (All infrastructure hosted on Hetzner servers in Germany (EU). Zero US cloud dependency — no AWS, Azure, or GCP. Data stays within the EU at all times.), while Tractable scores 3/5 (Multi-cloud deployment (Azure confirmed). EU affiliates in France and Germany suggest EU data handling capability. Specific data centre regions not publicly documented.).

Are PrivateNode and Tractable GDPR compliant?

Both tools are assessed across five compliance dimensions. PrivateNode has a regulatory fit score of 4/5 and Tractable scores 3/5. Check the full comparison above for a detailed breakdown.

Explore Each Tool