Marketing arguments for privacy issues in Bubble app

I have a customer that want to have acces to artificial intelligence features to make queries about a large custom database of legal and financial documents so the privacy issue is very important.

So i don’t to propose him to build a GPT even it’s becoming very easy to implement because i don’t know where the data goes. And i don’t want to propose him a commercial solution because it’s either too expensive or is evasive about privacy issues.

So i think to propose a bubble.io app with data stored on azure to have access to openai api.

With data stored in a private azure account he get control about his data.what about using a bubble.io app. i see it’s stored on aws how can i have control on it?

I’m looking from you the experienced community some marketing arguments about privacy and security questions regarding a bubble.io app.

Thank you for your help.

You mean you want some kind of statement to make to the potential client that helps them understand the privacy and security capabilities of a Bubble app so that they would agree to having the app built in Bubble?

Yes i want to have information about security and privacy questions for bubble appa.
where the data in a bubble.io app is stored?
Is it possible to have on premise database?
Is it possible to have on premise app?..

And other arguments that favorises a nocode app vs a GPT app regarding privacy and security.

Because now it’s very easy to make custom chatgpt bot for custom data with the new GPT feature from openai but i don’t know if it’s for evey kind of usage.

Thanks

You probably ought to already have an idea of the answers to these if working on client apps but:

Data is stored in the US in most apps.

You cannot of an on premise app or database.

You can technically have an on premises database if you use an external database.

You cannot have an on premises app.

You can move your Bubble app and database to (I think) any AWS region by paying $3800/mo+ for a dedicated server.

Ok thank you.
Because the use is the European union the GPDR compliance will be an issue.