Security
Prerequisites for production use
This page lists the technical and organisational prerequisites for using knowmind safely. Required by ISO/IEC/IEEE 82079-1:2019 before the first step.
Browser and device
- Current browser version (Chrome, Firefox, Safari, Edge — the two most recent major releases).
- TLS 1.2 or higher (standard in current browsers).
- JavaScript enabled (dashboard and API playground).
- Cookies allowed for the knowmind.de domain (session cookie for sign-in).
Network
- Outbound HTTPS to
knowmind.de(port 443). - With OAuth integrations, additionally to Anthropic (
anthropic.com) or OpenAI (openai.com) depending on the AI tool. - For magic-link sign-in: reachability of Brevo (
sendinblue.com) for outbound mail.
Account
- Valid email address. Use a business address when you store business content — moving content to a different account later requires manual work.
- For Business and higher: payment details in Stripe or a purchase order for the data processing agreement.
- For API tokens: a safe storage solution (password manager or vault). See Token handling.
Privacy
- Only push personal data to knowmind if you have a legal basis (consent, contract performance, legitimate interest).
- For processing in a business context: a Data Processing Agreement per GDPR Art. 28 is available from Business upwards. Sign it before uploading personal content.
- If you store a BYOK key and choose a US-based model, AI calls go directly to that provider — verify this is acceptable under your DPIA. Alternatives: Mistral (EU), Aleph Alpha (DE), Ollama / LM Studio / vLLM (local).