Data Processing Agreement (online version)
Version Web-1.6 — Last updated: May 10, 2026
This Data Processing Agreement (“DPA”) is provided by Bohdan Matviichuk, operating as PlanVault.ai (jednoosobowa działalność gospodarcza), ul. Dziewanny 21/19, 20-539 Lublin, Poland; Tax ID (NIP): PL7123452217 (“Processor”, “we”, “us”).
This DPA applies when you use the PlanVault.ai hosted Services as a business customer: specifically, when a Customer organization is created or continues to use the Services under our Terms of Service (“Terms”). The legal entity or organization that registers or administers the Customer account is the Controller of Company Personal Data (as defined below). Individual end users who interact with your integration are typically Data Subjects whose personal data you lawfully provide to the Services.
How this DPA is formed. By registering an organization, inviting users, or continuing to use the Services in a business capacity after this version is published, the Customer agrees to this DPA as part of the agreement between the Customer and the Processor. If you do not agree, you must not use the Services to process personal data on behalf of others.
Enterprise and custom agreements. If you later negotiate a separate signed data processing agreement with us (for example as part of an enterprise order form), that signed document governs to the extent it expressly overrides this online DPA for your account; otherwise this DPA remains in effect.
1. Definitions
Capitalized terms used in this DPA and not defined here have the meanings given in Applicable Data Protection Law.
- Applicable Data Protection Law — GDPR, and where applicable the UK GDPR and Swiss FADP, as relevant to the Processing.
- Company Personal Data — personal data that the Customer submits to, or that is collected by, the Services on behalf of the Customer and processed by us as Processor in providing the Services.
- Services — the PlanVault.ai hosted SaaS platform and related services described in the Terms.
- Customer-Controlled AI Provider — an AI provider (e.g. OpenAI, Anthropic, Google LLC (Google Cloud AI)) for which you supply API keys (BYOK). We store your provider credentials only server-side in encrypted form under your organization DEK for routing you configure; we do not use platform-owned provider keys and we are not your processor for the separate third-party AI provider relationship.
2. Scope and roles
We process Company Personal Data only as a processor on behalf of the Customer (Controller). Processing details are summarized in Annex A and Annex B below. The current list of third-party Subprocessors is published at planvault.ai/subprocessors.
3. Customer (Controller) obligations
You shall: (a) have a valid legal basis and authority to process Company Personal Data and to instruct us; (b) ensure instructions and data you supply are lawful and accurate; (c) not submit Article 9 or 10 GDPR categories of data through the Services unless we have agreed in writing; (d) provide required transparency to Data Subjects and obtain consents where you are responsible; (e) maintain your own contract (including data processing terms where required) with each Customer-Controlled AI Provider; (f) cooperate with us in responding to requests from Data Subjects or Supervisory Authorities when reasonable.
4. Processor obligations
Instructions. We process Company Personal Data only on your documented instructions (including the Terms, this DPA, and your configuration/use of the Services), unless Union or Member State law requires otherwise — in which case we inform you unless prohibited by law.
If we believe an instruction infringes Applicable Data Protection Law, we will promptly inform you.
Confidentiality. Our personnel authorized to process personal data are bound by confidentiality or statutory duties.
Security. We implement appropriate technical and organizational measures as described at a high level in Annex B and in more detail in our security documentation on request.
Subprocessors. We may engage Subprocessors as described in Section 5.
Assistance. We assist you with Data Subject requests and with DPIAs where applicable, using the mechanisms available in the product (including export and erasure APIs and self-service flows) and reasonable cooperation.
Records. We maintain records of processing activities as required by Applicable Data Protection Law (including Article 30(2) GDPR where applicable) and make them available on reasonable request.
Deletion or return. On termination of the Services, we delete or return Company Personal Data as described in the Terms and Annex B, subject to legal retention requirements. Organization-level deletion (soft-delete grace window). When an authorized Customer administrator deletes an organization via the product (DELETE /admin/v1/orgs/{id}), the organization enters a 7-day grace window during which it is invisible to all tenant read paths (runtime, admin API, sessions) but may be restored by our platform administrator on the Customer's written request (ticketed). At the end of the grace window the deletion is finalized by crypto-shred: the organization-specific Data Encryption Key is permanently deleted and the Postgres tenant rows are purged, rendering any remaining ciphertext (including in short-rotation backups) unreadable. Individual Data Subject erasure requests (for example account-level POST /admin/v1/me/data-erasure) remain immediate and are not subject to the organization-level grace window. A super-admin force-delete path is available to bypass the grace window at the Customer's written request.
Audit. We make available information needed to demonstrate compliance and support audits as set out in our full contractual DPA template available for signature when required; for this online DPA, certifications and summaries may be used where appropriate.
5. Subprocessors and AI (BYOK)
We maintain a current list of Subprocessors at planvault.ai/subprocessors. Before we add a new Subprocessor that processes Company Personal Data, we will provide reasonable advance notice — normally at least 30 days — by updating that page and, where feasible, by in-product notice in the Admin Console and/or email to the Customer's registered contact. You may object on reasonable data-protection grounds by emailing [email protected] (preferred) or [email protected]; if we cannot resolve the objection, you may terminate the affected Services without penalty as set out in our standard terms. Customers under a separately signed DPA may agree a different notice mechanism in that instrument, which prevails for that account.
Customer-Controlled AI Providers are not our Subprocessors. You route traffic via your own keys; you are responsible for your agreement with each provider (for example OpenAI, Anthropic, Google LLC (Google Cloud AI)). We store the provider credentials you configure only as encrypted organization-scoped secrets for routing and verification, and we do not contract with those providers on your behalf.
Semantic Routing Cache. Tenant embeddings used for Semantic Routing Cache are stored only in your organization’s PostgreSQL environment under your organization DEK (see Annex A) and are not sent to AI providers as part of PlanVault→provider traffic. The Privacy Policy at planvault.ai/privacy (Sections 5 and 14) describes processing, isolation, the organization-owner toggle with immediate vector deletion, and lawful bases.
6. Personal data breaches
We will notify you without undue delay after becoming aware of a personal data breach affecting Company Personal Data, and where feasible within 72 hours, including the information required by Applicable Data Protection Law.
7. International transfers
Our primary application infrastructure is in Germany (AWS eu-central-1), and PlanVault operates as an EEA establishment (Poland). Transfers of Company Personal Data from Customers within the EEA to PlanVault do not themselves constitute restricted transfers and do not require Standard Contractual Clauses.
The Services do, however, involve onward transfers of data from PlanVault to US-based Subprocessors outside the EEA — principally Cloudflare, Inc. and Google LLC (see planvault.ai/subprocessors). For those onward transfers, PlanVault acts as "data exporter" and has executed the applicable Standard Contractual Clauses (the 2021 EU SCCs, Module 2 (Controller-to-Processor) where PlanVault acts as controller for the sub-processing, or Module 3 (Processor-to-Processor) where PlanVault acts as processor passing Company Personal Data onward to a sub-processor) with the relevant Subprocessors, together with — where applicable — the UK International Data Transfer Addendum to the EU SCCs and the Swiss adaptations published by the Swiss FDPIC. Each Subprocessor also relies on EU–US Data Privacy Framework certification where certified. The details relevant to those SCC Annexes are drawn from Annex A (subject matter, nature, purposes, data subjects, categories), Annex B (technical and organizational measures), and the published list of Subprocessors. A copy of the executed SCC module and the relevant transfer impact assessment (TIA) summary is available to business customers on request under NDA.
8. Liability
Liability is subject to the Terms, except that nothing in this DPA limits liability that cannot be limited under Applicable Data Protection Law, or rights of Data Subjects (including where applicable compensation under Article 82 GDPR).
9. Changes to this online DPA
We may update this page to reflect changes in processing, law, or the Services. We will indicate the version and “Last updated” date at the top. Material changes will be communicated as described in the Terms (including in-product notice where applicable). Continued use after the effective date constitutes acceptance unless otherwise required by law.
10. Contact
Privacy and data protection inquiries (preferred): [email protected]
Security reviews and vulnerability reports: [email protected]
General inquiries / fallback: [email protected]
Postal address: Bohdan Matviichuk, ul. Dziewanny 21/19, 20-539 Lublin, Poland.
Annex A — Processing overview (summary)
| Topic | Summary |
|---|---|
| Subject matter | Hosted SaaS for AI agent orchestration, runtime, sessions, tools, org/project administration. |
| Nature & purposes | Account and access management; runtime and session processing; usage metering; audit logging; data subject rights tooling; support and incident handling; semantic caching and workflow routing optimization via generation of anonymized vector embeddings derived from Customer Content, exclusively within the submitting tenant (organization-isolated storage; organization owners may disable the feature at any time, which triggers immediate deletion of stored embeddings). |
| Data subjects | Customer admins; organization members; end users (e.g. pseudonymized externalUserId); support contacts. |
| Categories | Account/profile; org/membership; runtime identifiers; session content (may include special categories depending on your use); usage metadata; audit logs; authentication data; policy consent records; support data. |
Annex B — Retention & security
B.1 Retention
| Area | Summary |
|---|---|
| Session content | Configurable per organization (session_retention_days, hosted bounds 1–1461 days, default 90 days for new organizations); daily retention job prunes per org; on-demand and self-service erasure via product APIs. Terminal execution journals are cleaned by a durable jobs-role cleanup-intent reconciler after the encrypted session-event mirror is verified. |
| Run diagnostics | Per-org session retention when set, else 3 days default TTL. |
| Audit logs | Per-org audit_retention_days (0 = no automatic prune); immutable — not removed by self-service erasure (POST …/me/data-erasure) in order to preserve accountability. |
| Application / ingress / request logs | Operational logs rotated per container log-driver and host log-rotation policies; upper bound 12 months; application configuration prevents chat payload and LLM response bodies from being written in production. |
| Backups | AWS DLM daily EBS snapshots with 7-day rotation; after restore, operators run a documented GDPR deletion-log reconciliation procedure against the append-only deletion log (DynamoDB, PITR 35 days) to re-apply deletions that happened after the snapshot. |
| Organization deletion | Two-phase soft-delete + crypto-shred. On Customer-initiated DELETE /admin/v1/orgs/{id} the org is hidden from all tenant read paths for a 7-day grace window (operator-assisted undelete available on Customer's ticketed request). At T+7 days our scheduled sweeper permanently deletes the org-specific Data Encryption Key and purges Postgres rows; content encrypted under that DEK (including in short-rotation backups) becomes unrecoverable. A privileged operator-controlled procedure may bypass the grace window on the Customer's written request. Data Subject-level erasure (Art. 17 requests) remains immediate and is not subject to the grace window. |
| Primary region | Germany (AWS eu-central-1). |
B.2 Technical and organizational measures (TOMs summary — Art. 32 GDPR)
This is a high-level summary. Full TOMs are available to business customers on request (and may be further detailed in a signed DPA).
| Area | Measure |
|---|---|
| Access control — personnel | Role-based access control via a self-hosted identity provider (Keycloak); console roles (OWNER, ADMIN, etc.) scope tenant data; a separate, audit-logged operator credential is used for administrative actions independently of end-user JWTs; administrative identity-provider credentials are required for IdP-side account deletion. |
| Access control — end users | Authentication via the identity provider (OIDC / Login with Google OAuth broker); tenant isolation enforced at the API and database layers; end-user external identifiers are HMAC-pseudonymized with a dedicated secret before storage. |
| Encryption at rest | TLS in transit; AWS KMS Customer-Managed Key wraps EBS volumes in eu-central-1; internal DynamoDB tables used for key management, deletion tracking, and session stores are encrypted with SSE-KMS; a per-organization Data Encryption Key envelope-encrypts sensitive session content, provider credentials, secrets, and member PII (enabling crypto-shred on deletion). DEK rotation keeps new encrypted writes available through the pending DEK version and fails closed if rotation metadata is inconsistent. |
| Secret management | AWS Secrets Manager for production credentials; no plaintext secrets in the source tree (enforced by automated CI checks); policy-consent and administrative tokens are never logged. |
| Logging hygiene | Production logs default to INFO level; application configuration prevents chat body logging; identity-provider logs are restricted to non-verbose levels in production; Admin API and UI services actively redact PII by default. |
| Audit logging | Immutable audit log store with per-organization audit-retention settings; retained independently of user erasure; captures actor, resource, action, timestamp, and organization context. |
| Backups | DLM daily EBS snapshots, 7-day rotation; post-restore reconciliation against the append-only deletion log (PITR 35 days). |
| Incident handling | Documented personal-data breach response procedure; 72-hour supervisory-authority notification assessment per Art. 33; customer notification per DPA §6. |
| Data subject rights | Self-service export (GET /admin/v1/me/data-export, exportVersion 10) and erasure (POST /admin/v1/me/data-erasure) with integrated identity-provider account removal; full organization JSON export for access/portability uses exportVersion 4 at the organization root (nested project payloads remain exportVersion 2), includes membersSummary (org members with decrypted contact fields when the org DEK is available), and may include eligible Semantic Routing Cache scenario metadata (semanticRoutingCacheEligibleAutoScenarios: tool-name-derived labels only; embedding vectors omitted); operator-assisted paths for end-user data (DELETE /admin/v1/orgs/{orgId}/users/{externalUserId}/data); documented GDPR operations runbook. |
| Change control | Version-bumped consent mechanisms force re-acceptance on material policy changes; each acceptance persists inline evidence (the trusted forwarded client IP, User-Agent, and source channel) alongside the privacy/ToS/demo versions for GDPR Art. 7(1) accountability; subprocessor changes tracked via a documented maintenance runbook; runbook-driven engineering process. |
| Vendor management | Master vendor register with classification (external subprocessor / customer-controlled AI / internal self-hosted / operational); SCC / transfer mechanism tracked per vendor in an internal international transfers register. |
B.3 References
For the full list of subprocessors and live evidence links, see Subprocessors. For in-depth technical details or to request the full TOMs packet, contact [email protected].
Annex C — Relationship to signed DPA
This online DPA is intended for transparency and standard B2B/SaaS use, including smaller integrations. A separately executed Data Processing Agreement (for example your vendor paper or our bilateral template in the data room) may contain additional fields (signatures, insurance, audit details). Where both apply to the same Customer, the signed instrument prevails for conflicting terms for that Customer, unless the signed document expressly states otherwise.