Last updated April 2026

Data Processing Agreement

This Data Processing Agreement (“DPA”) forms part of the Terms of Service and applies when Eden AI processes personal data on behalf of a customer in connection with the Service.

Eden AI is a French company operating under European Union data protection laws, including the GDPR, and designed with emerging AI regulations such as the EU AI Act in mind.

1. Roles

For the purposes of applicable data protection laws:

  • the customer acts as the data controller
  • Eden AI acts as the data processor

2. Scope

This DPA applies to the processing of Customer Data through the Service.

3. Purpose of Processing

Eden AI processes Customer Data only as necessary to provide the Service, including to:

  • route requests to selected AI providers
  • transmit inputs and content
  • receive and return outputs
  • operate, secure, and administer the Service

4. Categories of Data

Depending on how the Service is used, Customer Data may include:

  • text inputs and prompts
  • files, content, and other submitted materials
  • outputs returned through the Service
  • metadata such as usage information, timestamps, and selected providers or models

5. Instructions

Eden AI processes Customer Data only on the customer’s documented instructions and only as necessary to provide the Service and comply with applicable law.

6. Data Minimization

Eden AI is designed to minimize data retention.

By default:

  • prompts and outputs are not stored
  • Customer Data is processed transiently
  • only limited metadata may be retained where necessary for billing, security, operations, and service administration

Eden AI does not use Customer Data to train models and does not sell Customer Data

7. Security

Eden AI implements appropriate technical and organizational measures to protect Customer Data, including measures such as encryption in transit, access controls, and monitoring.

8. Subprocessors

Eden AI may use subprocessors as needed to operate the Service, including:

  • third-party AI providers selected by the customer
  • infrastructure, hosting, analytics, support, and payment providers

9. International Transfers

Customer Data may be transferred outside the European Economic Area depending on the providers selected by the customer or the services used to operate Eden AI.

Where required, appropriate safeguards are applied, including Standard Contractual Clauses or other legally recognized transfer mechanisms.

10. Assistance

Taking into account the nature of the processing, Eden AI will provide reasonable assistance to help the customer comply with applicable data protection obligations, including responding to data subject requests and addressing personal data incidents where relevant.

11. Personal Data Breach

If Eden AI becomes aware of a personal data breach affecting Customer Data, Eden AI will notify the customer without undue delay.

12. Deletion

Because Customer Data is not stored by default, Eden AI generally does not retain prompts or outputs after processing. Any Customer Data retained for legal, billing, security, or operational reasons will be deleted when no longer required for those purposes, unless retention is required by law.

13. Contact

Eden AI
France
contact@edenai.co

You may contact us at any time with questions about this DPA or data protection matters.