## Overview This Data Processing Agreement ("DPA") governs Rivano AI's processing of personal data on behalf of Customers subject to GDPR, UK GDPR, the Swiss Federal Act on Data Protection, or US state privacy laws that require similar terms. The template below is incorporated into the [Terms of Service](/legal/terms) for Customers on Governance and Enterprise tiers. Free-tier customers may request a signed DPA at [email protected]. To execute, email **[email protected]**. We sign on a per-Customer basis. ## 1. Definitions Unless otherwise defined, capitalized terms have the meanings given to them in the GDPR. "Customer" is the controller; "Rivano AI" is the processor. ## 2. Scope Rivano AI processes Customer Personal Data only on Customer's documented instructions, including the instruction to operate the service as described in the Order Form and Terms of Service. ## 3. Categories of personal data | Category | Examples | |---|---| | Account data | name, email, organization, role | | Usage metadata | request timestamps, latency, decision outcomes, error traces | | Audit log entries | tool/skill call records, agent identity, decision reason | | Billing data | held by Stripe (sub-processor) | ## 4. Categories of data subjects End users of Customer's agents and applications, Customer's own employees and contractors who use the dashboard, and individuals whose data passes through Customer's agents. ## 5. Sub-processors The current list of sub-processors is at [/legal/sub-processors](/legal/sub-processors). Customer authorizes the listed sub-processors. Rivano AI provides 30 days' notice before adding or replacing a sub-processor; Customer may object in writing within 14 days of notice on reasonable grounds. ## 6. Security measures - TLS 1.2+ in transit; ACME-managed certificates with auto-renewal. - AES-256 at rest in Cloud SQL. - Multi-tenant isolation enforced via FORCE ROW LEVEL SECURITY in Postgres. - OIDC + RBAC for dashboard access; mTLS optional for the gateway. - Annual penetration test by a third party. - Encryption keys managed by Google Cloud KMS; Customer-Managed Encryption Keys available on Enterprise tier. A current overview lives at [/security](/security). ## 7. Breach notification Rivano AI notifies Customer within 72 hours of becoming aware of a personal data breach affecting Customer Data, with the information required by GDPR Art. 33(3) to the extent then known. ## 8. Audit rights Customer may audit Rivano AI's processing once per calendar year on reasonable notice, or more frequently if required by a regulator. SOC 2 Type II report (when available) and the [/security](/security) page satisfy initial audit requests. ## 9. International transfers Where Customer Data is transferred from the EEA, UK, or Switzerland to the US, the EU Standard Contractual Clauses (Module 2: controller to processor, 2021/914 as amended) are incorporated by reference. UK transfers use the IDTA Addendum. Swiss transfers reference the Swiss Federal Data Protection Act amendments to the SCCs. ## 10. Return or deletion On expiry or termination, Rivano AI deletes or returns Customer Data per the retention schedule in the [Privacy Policy](/legal/privacy), unless retention is required by law. ## 11. Term This DPA enters into force on the Order Form's effective date and remains in force for the term of the agreement, plus the post-termination period required to complete data return or deletion. ## Contact **Execute or query the DPA:** [email protected]