Last updated May 2026

Data Processing Agreement

If you require a signed version of this Data Processing Agreement, you may request one by completing the following form.

For customers with advanced requirements, including enterprise-grade security, compliance, or audit needs, Eden AI may offer enhanced contractual terms as part of a dedicated offering.

This Data Processing Agreement (“DPA”) forms part of the Terms of Service and applies when Eden AI processes personal data on behalf of a customer in connection with the Service.

Eden AI is a French company operating under European Union data protection laws, including the General Data Protection Regulation, and is designed with emerging AI regulations such as the EU AI Act in mind.

In case of conflict between this Data Processing Agreement and the Terms of Service, this Data Processing Agreement shall prevail with respect to data protection matters.

1. Roles

For the purposes of applicable data protection laws:

  • the customer acts as the data controller
  • Eden AI acts as the data processor

Eden AI acts as an orchestration layer and does not independently determine the purposes or means of processing performed by third-party AI providers.

2. Scope

This DPA applies to the processing of Customer Data by Eden AI on behalf of the customer in connection with the provision of the Service.

3. Purpose of Processing

Eden AI processes Customer Data only on documented instructions from the customer and only as necessary to provide the Service, including to:

  • route requests to selected AI providers
  • transmit inputs and content
  • receive and return outputs
  • operate, secure, and administer the Service

The selection and use of third-party AI providers is determined by the customer through the Service.

The Service may evolve over time, including the addition or removal of AI providers and features.

4. Categories of Data

Depending on how the Service is used, Customer Data may include:

  • Personal data relating to end users of the customer’s application or services
  • Personal data relating to the customer’s employees or contractors
  • Text inputs, prompts, files, audio, images, and other submitted content
  • Outputs generated by AI models
  • Metadata such as timestamps, usage data, and selected providers or models

5. Instructions

Eden AI processes Customer Data only on the customer’s documented instructions and as necessary to comply with applicable law.

The customer is responsible for ensuring that it has all necessary rights and legal bases to provide Customer Data to Eden AI for processing.

The customer is solely responsible for determining the suitability of the AI providers used and for ensuring compliance with applicable data protection laws.

6. Data Minimization

Eden AI is designed to minimize data retention.

By default:

  • prompts and outputs are not stored
  • Customer Data is processed transiently
  • only limited metadata may be retained where necessary for billing, security, operations, and service administration

Although Customer Data is not stored by default, it may be processed transiently by Eden AI and selected AI providers for the duration necessary to perform the requested operations.

Eden AI does not use Customer Data to train models and does not sell Customer Data.

7. Security

Eden AI implements appropriate technical and organizational measures to protect Customer Data, including encryption in transit and at rest, access controls, logging, and monitoring systems designed to prevent unauthorized access, disclosure, or alteration.

Eden AI continuously improves its security practices in line with industry standards.

Additional information regarding security practices may be made available upon request or through dedicated documentation.

8. Subprocessors

Eden AI may use subprocessors as needed to operate the Service, including:

  • third-party AI providers selected by the customer
  • infrastructure, hosting, analytics, support, and payment providers

More information about available AI providers and their hosting locations can be found at:
https://app.edenai.run/models

Eden AI will make available information about its subprocessors upon request.

Eden AI is not responsible for the data processing practices of third-party AI providers selected by the customer.

9. International Transfers

Customer Data may be transferred outside the European Economic Area depending on the providers selected by the customer or the services used to operate Eden AI.

In such cases, Eden AI implements appropriate safeguards, including Standard Contractual Clauses or other legally recognized transfer mechanisms.

The customer acknowledges that the use of certain AI providers may involve transfers to countries outside the European Economic Area.

Information regarding the location of processing for specific AI providers is made available through the Service or at: https://app.edenai.run/models

The customer is responsible for selecting AI providers that meet its own data protection and localization requirements.

10. Assistance

Taking into account the nature of the processing and the information available to Eden AI, Eden AI will provide reasonable assistance to help the customer comply with applicable data protection obligations, including responding to data subject requests and addressing personal data incidents where relevant, including, where applicable, making available information necessary to demonstrate compliance with applicable data protection laws.

11. Personal Data Breach

If Eden AI becomes aware of a personal data breach affecting Customer Data, Eden AI will notify the customer without undue delay and, where feasible, within a reasonable timeframe, including information reasonably necessary for the customer to comply with its own notification obligations.

12. Deletion

Because Customer Data is not stored by default, Eden AI generally does not retain prompts or outputs after processing.

Any Customer Data retained for legal, billing, security, or operational reasons will be deleted when no longer required for those purposes, unless retention is required by law.

13. Legal Requests

Eden AI may disclose Customer Data where required by applicable law or in response to a valid legal request.

14. Updates

Eden AI may update this DPA from time to time. The latest version will be made available on the website.

15. Contact

Eden AI
France
[email protected]

You may contact us at any time with questions about this DPA or data protection matters.

Annex - Description of Processing

Categories of data subjects:

  • End users of the customer’s application
  • Customer employees or contractors

Types of personal data:

  • User inputs (text, files, audio, images)
  • Outputs generated by AI models
  • Metadata (timestamps, usage data)

Purpose of processing:

  • Provision of AI routing and processing services

Retention:

  • Customer Data is not stored by default
  • Limited metadata may be retained for billing, security, and operational purposes