AISO.OSTHE LIVING-PROFILE OS
AiOSToolsTrace
DPA

Data processing addendum.

When you use AISO as a data controller, AISO acts as a data processor for the data you store in our systems. This addendum lists every sub-processor that touches your data, their role, the data category they receive, and the region in which they operate.

Last updated: 2026-06-02 · Operational v1 pending qualified legal review.

1. Roles

You (the customer) are the data controller for end-user data submitted to AISO. AISO is the data processor. AISO's sub-processors (listed below) are sub-processors under the GDPR / UK GDPR / CCPA shape.

2. Security commitments

AISO keeps account secrets, API keys, and webhook signing secrets server-side. All public surfaces are read-only and exclude OWNER_NOTES blocks (the leak barrier). Stripe webhook bodies are HMAC-verified; outbound webhooks sign with the Stripe-compatible X-Aiso-Webhook-Signature header.

3. Sub-processors

Current list (subject to change with 30 days' notice in-app):

  • Privy — authentication + embedded wallet — US (Privy Inc.). Data: email, Privy DID, wallet addresses.
  • Supabase — primary Postgres database — EU (eu-west-1) for new accounts. Data: every model in prisma/schema.prisma.
  • HOSTUP — application hosting (Cloudflare-fronted) — EU (Stockholm VPS). Data: application traffic, logs.
  • Cloudflare — CDN + DDoS + Turnstile — global edge. Data: hashed request IPs, request headers.
  • Stripe — payments — US / EU. Data: billing email, payment method, invoice + subscription state.
  • Coinbase Onchain Receipts or sponge.dev — x402 facilitator (Wave 3, pick-one decision). Data: payer wallet address, tx hash.
  • NanoGPT — chat + monitored prompts — international. Data: prompt text + grounded profile excerpts (no OWNER_NOTES).
  • Anthropic / OpenAI / Google / xAI — engine probes when wired (Phase 2). Data: prompt text for monitored-prompt tests.
  • Resend — transactional email — US. Data: recipient email, message body for magic-link / publish / scan-complete notifications.
  • Sentry — error reporting — US / EU. Data: scrubbed stack traces, redacted request metadata.
  • PostHog — analytics — EU (eu.posthog.com). Data: server-side event captures keyed to hashed visitor ID; consent-gated in EEA / UK.
  • Inngest — durable job queue — US. Data: event payloads for scheduled / retried work.
  • TOOLBOX / context.aiso.tools / api.aiso.tools — first-party scanner backend on HOSTUP. Same DPA jurisdiction as AISO.

4. International transfers

Transfers from EEA / UK rely on the EU SCCs (controller-to-processor) plus the UK IDTA where applicable. AISO maintains backup processing in EU regions wherever the processor offers them (Supabase EU, PostHog EU).

5. Data subject rights

Export and delete flows ship inside the product — see /app/settings → Danger zone. AISO will assist data controllers with subject access requests, deletion, or correction within 30 days via privacy@aiso.tools.

6. Breach notification

AISO will notify affected controllers within 72 hours of becoming aware of a personal-data breach, with the scope, categories of data, and proposed remediation.

7. How to sign

Email dpa@aiso.tools with your legal entity and processing volume. A countersigned PDF will be returned within 5 business days.

See also: Terms · Privacy · Cookies