There is a mobile app for field notes, with built-in photo capture, and a web app for writing documents, integrating collected notes, and sending them to clients. This page summarizes how There handles security, privacy, hosting, AI, and access rights.Documentation Index
Fetch the complete documentation index at: https://docs.there.do/llms.txt
Use this file to discover all available pages before exploring further.
Key points
Data mainly hosted in Europe
Documents, files, media, and core processing are mainly hosted in Europe, with some global services required to operate the product.
Notes are private by default
A note is private by default, except for guest users, whose notes are automatically shared with the organization.
Documents are visible in the organization
By default, documents are visible to organization members with the
admin and member roles.AI is optional
AI features are optional. Customer data is not used to train AI models.
Data hosting
There stores and processes its core data in Europe. The application database is stored in Frankfurt, Germany. There uses Cloudflare for the web frontend, network security, serverless execution, and some infrastructure processing. Some services required to operate the product, such as authentication or certain AI features, may involve processing outside the European Union with the associated contractual safeguards.Infrastructure, encryption, and access
There uses Cloudflare Workers to run part of the application on demand, without maintaining dedicated servers that stay active 24/7. Resources automatically adjust to the actual activity of the service. This approach limits permanently provisioned resources when load is low. It also supports a more resource-efficient infrastructure: less unused capacity, and more resources allocated only when they are needed. It also improves performance. When you connect to There, some requests may go through servers close to your location to reduce latency. For a user in France, this can include Paris, Lyon, Marseille, Bordeaux, or nearby European points of presence such as Amsterdam, Brussels, Frankfurt, London, Madrid, or Milan. Traffic between your browser and There is encrypted in transit via HTTPS. Data is encrypted at rest by the hosting services used by There.Service continuity and SLA
There defines recovery commitments around two indicators:- RTO (Recovery Time Objective): maximum recovery time of 48 hours.
- RPO (Recovery Point Objective): maximum data loss of 24 hours.
Data backups
The application database supports point-in-time restore to the minute over the last 7 days. Snapshots are also retained on the following schedule:- daily snapshots at 00:00 UTC, retained for 30 days;
- Monday snapshots, retained for 5 weeks;
- snapshots from the 1st day of the month, retained for 1 month.
AI, transcription, and models
AI features are optional. You can use There to create, organize, and share notes or documents without using AI features. For audio transcription, the audio file is sent to a transcription service hosted in Europe. The transcribed text may then be sent to an AI model to produce a summary or generated content. For other AI features, you can choose the model used among OpenAI, Anthropic, Google, and Mistral AI. Only the data required for the request is sent to the selected provider.Customer data is not used to train AI models.
Export, customer backups, and reversibility
You can request access, export, correction, or deletion of your data by contacting the support team. For full reversibility, There can prepare an export of the data linked to an organization within 30 days. This export contains raw data in JSON and the associated files. Some exports are available directly in the app. You can export a document as a PDF, download images from a gallery as a ZIP file, copy and paste a note’s content, download its audio file, and retrieve its transcription. You can also connect There to a DMS to automate part of your customer backups. See DMS integrations for the available options.Historical data linked to attendance, task, and progress blocks is not available for export today.
Data ownership and use
Content created or imported into There remains the customer’s property: notes, documents, photos, audio files, transcriptions, and other content. There uses it only to provide the service: storage, sync, transcription, AI on request, sharing, support, and security. There does not sell customer data and does not use it to train AI models.Product quality and change tracking
There ships continuous updates, several times a day when needed, to fix issues reported by customers quickly. Users can track changes and service status through:- public documentation on docs.there.do;
- a public product changelog, updated every week;
- a service status page for incidents, planned maintenance, and post-incident reviews;
- live chat, assisted by AI to answer common questions quickly, with the There team taking over whenever needed and a response time that is generally within the same business day.
FAQ
Where is my data stored?
Where is my data stored?
There data is mainly stored in Europe.The application database is stored in Frankfurt, Germany. There also uses Cloudflare for the web frontend, network security, serverless execution, and some infrastructure processing.Some services required to operate the product, such as authentication or certain AI features, may involve processing outside the European Union with the associated contractual safeguards.
Does There work locally or in the cloud?
Does There work locally or in the cloud?
The mobile app can work offline for field note-taking.Sync, transcription, AI features, document storage, media, PDF generation, and sharing then use There’s cloud infrastructure.
How does There secure data?
How does There secure data?
Traffic with There uses HTTPS. Data is encrypted at rest by the hosting services used.There also uses Cloudflare for the web frontend, network security, and serverless execution.
How are vulnerabilities handled?
How are vulnerabilities handled?
There uses Dependabot to monitor dependencies and receive security alerts. Dependency updates are reviewed regularly.To report a vulnerability, contact hello@there.do with a description, reproduction steps, and potential impact.
Is data used to train AI models?
Is data used to train AI models?
No. Customer data is not used to train AI models.
Are AI features required?
Are AI features required?
No. AI features are optional.You can create and manage notes or documents manually. When you use an AI feature, only the data required for the request is sent to the selected provider.
Are audio recordings stored?
Are audio recordings stored?
Yes. There stores audio files and transcripts after transcription because they remain accessible in the web and mobile apps.The audio recording remains private to the user who created it. It is not accessible to other organization members.
Who can see my notes and documents?
Who can see my notes and documents?
A note is private by default: only its author can see it.Special case: for a guest user, a new note is automatically created with Organization visibility to simplify field collection.Documents are visible by default to organization members with the
admin and member roles.To manage access, see Note visibility and sharing and Visibility and permissions.How can I retrieve my data?
How can I retrieve my data?
You can request access, export, correction, or deletion by contacting hello@there.do.For a full organization export, There can provide raw data in JSON and the associated files within 30 days.You can also export a document as a PDF, download images from a gallery as a ZIP file, copy and paste a note’s content, download its audio file, and retrieve its transcription. To automate customer backups, see DMS integrations.
What data loss prevention options are available?
What data loss prevention options are available?
There syncs data with its cloud infrastructure so it remains available from the web and mobile apps.The application database supports point-in-time restore to the minute over the last 7 days. Daily snapshots are retained for 30 days, Monday snapshots for 5 weeks, and snapshots from the 1st day of the month for 1 month.To reduce data loss risk at the organization level, use exports, DMS integrations, access rights, SSO, active sessions, and deletion settings available in the app.
How are identities and access managed?
How are identities and access managed?
There supports email sign-in, Google Sign-In, and Microsoft Sign-In.Organization SSO, including SAML, can be enabled on request. Automatic domain-based invitation also helps route new sign-ups to the right workspace after the organization’s domain has been verified.Documents are visible by default to organization members with the
admin and member roles, while guests cannot see documents by default.For notes, a note is private by default, except for guest users whose new notes are created with Organization visibility.See also Members and guests, Note visibility and sharing, and Visibility and permissions.Does There offer an SLA?
Does There offer an SLA?
Yes. There defines an RTO of 48 hours and an RPO of 24 hours.RTO is the maximum recovery time. RPO is the maximum data loss in case of an incident.There does not publish a standard availability percentage. status.there.do shows observed availability over the last 90 days, incidents, planned maintenance, and post-incident reviews.If your organization needs specific contractual commitments, contact hello@there.do.
Who owns the data?
Who owns the data?
Notes, documents, photos, audio files, transcripts, and other content you create or import into There remain your data.There uses them to provide the service: storage, sync, transcription, content generation, sharing, support, and security. There does not sell your data, and customer data is not used to train AI models.
How can human risk be reduced?
How can human risk be reduced?
Use named accounts, avoid shared accounts, and remove access for people who no longer need There.Enable SSO for your organization when relevant, configure automatic domain-based invitation to prevent users from joining the wrong organization, monitor active sessions, use security keys when available, and check note visibility before sharing.For field guests, remember that their new notes are automatically shared with the organization.
Which technologies does There use?
Which technologies does There use?
There is built mainly with TypeScript, in a monorepo setup that allows part of the code to be shared between the web app and the mobile app.The web app uses React, Next.js, and Cloudflare Workers. The mobile app uses Expo and React Native.
Do you have APIs?
Do you have APIs?
There does not expose a general public API today.Some integrations already exist for business workflows, including DMS integrations. See DMS integrations or contact hello@there.do to discuss a specific need.
Can I use my own AI models?
Can I use my own AI models?
Yes, on request.There can deploy open models through Cloudflare, since the AI infrastructure uses Cloudflare Gateway.
Can it run in a private cloud or on‑premises?
Can it run in a private cloud or on‑premises?
No. It is not available as a private cloud or on‑premises deployment today.
Does There support SSO or SAML?
Does There support SSO or SAML?
Yes. There supports Google Sign-In and Microsoft Sign-In.Organization SSO, including SAML, can be enabled on request. Contact hello@there.do to set it up.
Is There GDPR compliant?
Is There GDPR compliant?
There is a French company and the application’s main data is hosted in Europe.For GDPR requests, contact hello@there.do with your organization name and the nature of the request.
Related
Terms of Service
Review the terms that apply to using There.
Privacy Policy
Review how There collects, uses, and protects personal data.
Account sign-in and security
Manage sign-in methods, security keys, active sessions, and account deletion.