Your Data, Your Control

At Stish, we believe your campaign data belongs to you—and only you. We've built our platform from the ground up with privacy and security as core principles.

EU Servers

Frankfurt, Germany

256-bit Encryption

AES Standard

Zero Data Selling

Ever

GDPR Compliant

Full Compliance

Built in Europe, for the World

Stish is proudly operated by Sociably Digital Services, a Greece-based company subject to the strictest data protection regulations in the world—the European Union's General Data Protection Regulation (GDPR).

Our servers are physically located in Frankfurt, Germany, within the European Union. This means your data never leaves EU soil, and is protected by EU data protection laws from the moment you sign up.

We chose EU hosting deliberately—not because it was the cheapest option, but because we believe our users deserve the highest standard of data protection available anywhere in the world.

Military-Grade Encryption

Every piece of data you entrust to Stish is encrypted—both in transit and at rest.

Data in Transit

TLS 1.3 encryption protects all data moving between your browser and our servers. The same standard used by banks worldwide.

Data at Rest

AES-256 encryption protects your stored data. Your passwords are hashed using bcrypt with salt—we literally cannot read them.

Secure Backups

All backups are encrypted and stored in geographically separate EU data centers for disaster recovery.

Your Data Belongs to You

This is non-negotiable: Your data is yours.We are merely custodians, providing you with the tools to manage your campaigns effectively.

"We will never sell, rent, lease, or otherwise monetize your data. Period. Your campaigns, assets, and client information exist solely to serve you—not our bottom line."

— George, Founder

What this means in practice:

  • Export all your data anytime in standard formats (JSON, CSV)
  • Delete your account and all associated data with one click
  • No data mining, no profiling, no third-party tracking for ads
  • We don't use your data to train AI models

No Data Sharing. No Exceptions.

We don't share your data with anyone. Here's exactly who can access your information:

✓ You and your team

Full access to your organization's data through the platform.

✓ Stripe (payment processing only)

Limited billing information for subscription management. Card details never touch our servers.

✗ Advertisers / Ad Networks

Never. We don't serve ads or sell data to those who do.

✗ Data Brokers

Never. Your data has no price tag.

✗ "Partners" or Third Parties

Never. No hidden sharing agreements.

Infrastructure Security

Our infrastructure is designed with security as the foundation, not an afterthought.

ISO 27001 Certified Hosting

Our infrastructure partners maintain the highest security certifications.

DDoS Protection

Enterprise-grade protection against denial of service attacks.

Regular Security Audits

Continuous vulnerability assessments and penetration testing.

Access Controls

Strict internal access policies. Principle of least privilege.

Your GDPR Rights

Under GDPR, you have extensive rights over your personal data. We make exercising these rights simple:

Right to Access

Download all your data from your profile settings

Right to Rectification

Edit your information anytime in the platform

Right to Erasure

Delete your account and all data instantly

Right to Portability

Export data in JSON/CSV formats

Right to Object

Contact us to object to specific processing

Right to Restrict Processing

Pause data processing upon request

Questions About Your Data?

We're here to help. Contact our team for any privacy or security concerns.

Contact UsFull Privacy Policy

This document was last updated in January 2026. For complete legal details, please refer to our Privacy Policy and Terms of Service.