How aiAxonIQ processes personal data on your behalf, in compliance with GDPR and other data protection regulations.
Last updated: March 1, 2026
"Controller" means the entity that determines the purposes and means of the processing of Personal Data (you, the customer).
"Processor" means the entity that processes Personal Data on behalf of the Controller (aiAxonIQ).
"Personal Data" means any information relating to an identified or identifiable natural person that is processed by aiAxonIQ in connection with the Service.
"Sub-processor" means any third party appointed by aiAxonIQ to process Personal Data on behalf of the Controller.
"Data Subject" means the individual to whom Personal Data relates.
This Data Processing Agreement ("DPA") supplements the Terms of Service and applies to the extent aiAxonIQ processes Personal Data on your behalf when providing the Service.
aiAxonIQ processes Personal Data solely to provide the observability platform service as described in the Terms of Service. We do not process Personal Data for any other purpose.
The types of Personal Data processed depend on what you send to the Service in your telemetry data:
‣Log data: May contain IP addresses, user identifiers, email addresses, or other personal data embedded in application logs.
‣Trace data: May contain user identifiers or request metadata in span attributes.
‣Metric data: Generally does not contain personal data, but labels may include identifiers.
‣Account data: Name, email address, company name of account holders.
You are responsible for ensuring that any Personal Data sent to the Service is collected and transmitted in compliance with applicable data protection laws.
aiAxonIQ shall:
‣Process Personal Data only on documented instructions from the Controller
‣Ensure that persons authorized to process Personal Data are bound by confidentiality obligations
‣Implement appropriate technical and organizational security measures (see our Security page)
‣Not engage a Sub-processor without prior written authorization from the Controller
‣Assist the Controller in responding to Data Subject requests (access, deletion, portability)
‣Delete or return all Personal Data upon termination of the Service, at the Controller's choice
‣Make available to the Controller all information necessary to demonstrate compliance
‣Allow for and contribute to audits conducted by the Controller or an appointed auditor
aiAxonIQ uses the following Sub-processors:
‣Amazon Web Services (AWS): Infrastructure hosting (US: us-east-1, EU: eu-central-1)
‣Stripe: Payment processing (billing data only)
‣Postmark: Transactional email delivery (email addresses only)
‣Cloudflare: CDN and DDoS protection (IP addresses in transit)
We will notify you at least 30 days before adding a new Sub-processor. You may object to a new Sub-processor by contacting us within 15 days of notification. If we cannot address your objection, you may terminate the affected Service.
For transfers of Personal Data from the EU/EEA/UK to the United States, we rely on:
‣Standard Contractual Clauses (SCCs) as approved by the European Commission (Module 2: Controller to Processor)
‣UK International Data Transfer Addendum for UK transfers
Enterprise customers may request EU-only data residency (AWS eu-central-1, Frankfurt). With EU residency, telemetry data does not leave the EU.
In the event of a Personal Data breach, aiAxonIQ shall:
‣Notify the Controller without undue delay and in any event within 72 hours of becoming aware of the breach
‣Provide sufficient detail about the nature of the breach, categories of data affected, and remediation measures taken
‣Cooperate with the Controller in investigating and mitigating the breach
‣Maintain records of all breaches, including facts, effects, and remedial action taken
This DPA is effective for the duration of the Service agreement. Upon termination:
‣All Personal Data will be deleted within 30 days
‣A certificate of deletion is available upon request (Enterprise)
‣Obligations under this DPA survive termination to the extent they relate to Personal Data processed during the term
For DPA-related inquiries:
‣Email: dpo@aiaxoniq.com
‣Mail: aiAxonIQ, Inc., 548 Market St #83279, San Francisco, CA 94104
To request a signed copy of this DPA, email legal@aiaxoniq.com.