Data Processing Agreement

For customers subject to GDPR, UK GDPR, or similar data-protection law acting as the data Controller of information processed through the managed Service.

Template version — last updated: July 7, 2026

⚠ Draft template — not yet executed or attorney-reviewed. This is a starting point describing the data-processing terms we intend to offer, modeled on Article 28 GDPR requirements. It has not been reviewed by counsel and does not yet include a finalized Standard Contractual Clauses (SCC) annex — see Section 9. Do not represent this as a signed or binding agreement until it has been reviewed by qualified counsel.

1. Parties and Scope

This Data Processing Agreement ("DPA") forms part of the Terms of Service between AI Control Plane Gateway ("Processor") and the customer identified in the applicable Order Form ("Controller"). It applies to the extent Processor processes Personal Data on behalf of Controller in connection with the managed Service, where "Personal Data," "Controller," "Processor," "Processing," "Data Subject," and "Supervisory Authority" have the meanings given in Regulation (EU) 2016/679 ("GDPR") and, where applicable, the UK GDPR and Data Protection Act 2018.

2. Subject Matter and Duration

Processor processes Personal Data only for the duration of the Terms of Service, solely to provide the Service (LLM request routing, PII/PHI redaction, caching, audit logging, and related governance features) as configured by Controller.

3. Nature and Purpose of Processing

Processing may include: receiving API requests containing Personal Data submitted by Controller's end users; detecting and redacting PII/PHI entities before forwarding requests to a third-party LLM provider selected by Controller; caching de-identified request/response pairs (subject to Controller's configuration); recording metadata in an audit log; and any other processing reasonably necessary to operate the Service as documented.

4. Categories of Data Subjects and Personal Data

Data Subjects: Controller's own end users, employees, or other individuals whose information appears in the content of requests Controller (or its users) submit to the Service. Categories of Personal Data: determined entirely by Controller — the Service does not require any particular category of Personal Data, and Controller is responsible for configuring redaction and access controls appropriate to the data it chooses to transmit (see also the Business Associate Agreement for PHI specifically).

5. Processor Obligations

6. Controller Obligations

Controller is responsible for the lawfulness of its Processing instructions and for ensuring it has a valid legal basis to submit any Personal Data to the Service, and for configuring the Service's redaction and retention features appropriately for the data it chooses to transmit.

7. Subprocessors

Controller provides general authorization for Processor to engage the following categories of Subprocessor: cloud infrastructure hosting, the LLM provider(s) Controller selects within the Service, payment processing, and transactional email delivery. Processor remains liable to Controller for the acts and omissions of its Subprocessors to the same extent Processor would be liable if performing the services directly. Processor will maintain a current list of named Subprocessors available on request and will provide notice of any intended change, giving Controller the opportunity to object.

8. International Transfers

Where Processing involves a transfer of Personal Data from the European Economic Area, the United Kingdom, or Switzerland to a country not deemed to provide an adequate level of protection, the parties agree that the transfer will be governed by the European Commission's Standard Contractual Clauses (Module Two: Controller to Processor, or Module Three: Processor to Processor, as applicable), incorporated by reference and to be executed as an annex to this DPA (Annex to be finalized — see Section 9).

9. Annexes (To Be Completed Before Execution)

These annexes must be drafted and attached before this DPA is executed with an EU/UK customer — a DPA referencing "Annex to be finalized" is not yet complete or signable.

10. Liability

Liability under this DPA is subject to the limitations of liability set out in the Terms of Service, except where such limitation would be unenforceable under applicable data protection law.

11. Term

This DPA remains in effect for as long as Processor processes Personal Data on behalf of Controller under the Terms of Service.

12. Contact

AI Control Plane Gateway
Email: [email protected]
Website: aicontrolplanegateway.com

For GDPR-specific inquiries, please include "GDPR Request" in your subject line.