Data Processing Agreement (DPA) — AIOrouter
Template Version: 1.1.0 Generated By: P1-W3-005 (AIRO) + P2-W8-011-L (AINA Legal) Date: 2026-05-13 Status: Draft Template — Customize per enterprise customer agreement. Security limitation added (V1.1.0) Governing Law: Province of Quebec, Canada
1. Parties
- Data Processor: AIOCANA Inc. (operating as "AIOrouter"), Montreal, Quebec, Canada — privacy@aiorouter.ca
- Data Controller: [Enterprise Customer Name] ("Customer")
This DPA forms part of the AIOrouter Terms of Service and governs the processing of Personal Data by AIOrouter on behalf of the Customer.
2. Purpose and Scope
2.1 Processing Purpose
AIOrouter processes Personal Data solely for:
- Routing AI API requests from the Customer's authorized users to selected AI model providers
- Billing and usage tracking per the Customer's subscription tier
- Security monitoring, including AI Firewall prompt injection detection and PII scrubbing
- Compliance audit logging as required by Canadian privacy law (PIPEDA)
2.2 Data Categories
The Personal Data processed includes:
- Customer user email addresses (for account identification)
- API request metadata (model, token count, timestamp, cost)
- API request content (prompts) — processed in memory only, never stored
- IP addresses (for security and geo-anomaly detection)
2.3 Data Subjects
The data subjects are the Customer's authorized users of the AIOrouter API service.
3. Data Residency
All Personal Data is processed and stored exclusively in Canada:
| Storage System | Location | Encryption |
|---|---|---|
| PostgreSQL (Cloud SQL) | Montreal, Canada (northamerica-northeast1) | Google-managed encryption at rest |
| Redis (Memorystore) | Montreal, Canada | TLS + AUTH |
Cloud Logging (audit-mtl regional bucket) |
Montreal, Canada (northamerica-northeast1) | Google-managed encryption; 400-day retention |
GCS Audit Logs (gcp-aiorouter-audit-logs-mtl) |
Montreal, Canada (northamerica-northeast1) | Google-managed encryption; Object Versioning; UBLA + public-access-prevention; 400-day lifecycle retention |
| GCP Secret Manager | Global (IAM-scoped to Canada region) | Google-managed encryption |
Outbound data: Prompt content is forwarded to the selected AI model provider's API endpoint (located in China or the United States, depending on the model). Before forwarding, all detected Personal Information (SIN, credit card numbers, health card numbers, email addresses, phone numbers, names, street addresses) is automatically redacted by the PII Scrubber.
4. Sub-Processors
AIOrouter uses the following sub-processors:
| Sub-Processor | Service | Data Processed | Location |
|---|---|---|---|
| Google Cloud Platform (GCP) | Cloud Run, Cloud SQL, Redis, GCS, Cloud Logging, Secret Manager | All infrastructure data | Montreal, Canada (audit logs pinned to northamerica-northeast1 via dedicated regional Logging bucket + GCS bucket) |
| Stripe, Inc. | Payment processing | Payment transaction data (CAD) | Global (Stripe Canada) |
| Chinese AI Providers (DeepSeek, Qwen, Kimi, GLM) | AI model inference | PII-scrubbed prompt content (in-memory only) | China |
| Western AI Providers (OpenAI, Anthropic, Google) | AI model inference (at-cost, no margin) | PII-scrubbed prompt content (in-memory only) | United States |
AIOrouter will notify the Customer of any new sub-processors at least 30 days before engagement. The Customer may object to new sub-processors on reasonable data protection grounds.
5. Security Measures
AIOrouter implements the following technical and organizational security measures:
| Measure | Description | Standard |
|---|---|---|
| TLS 1.3 | All data in transit encrypted with TLS 1.3 (inbound and outbound) | NIST SP 800-52 |
| API Key Authentication | All API access requires a 256-bit random API key stored only as a SHA-256 lookup hash | OWASP ASVS V2.10 |
| PII Scrubbing | GCP DLP API + regex fallback scans all prompts and responses for Canadian PII | PIPEDA Schedule 1 |
| AI Firewall | 22 regex-based rules detect prompt injection, jailbreak, and sensitive data patterns | OWASP LLM Top 10 |
| Zero Prompt Retention | Prompts processed in memory only; never written to disk, DB, or logs | Technical enforcement |
| Audit Trail | JSON Lines audit log in GCS Montreal bucket (gcp-aiorouter-audit-logs-mtl) with Object Versioning, UBLA, public-access-prevention, and 400-day lifecycle retention; mirrored to a dedicated Montreal Cloud Logging bucket (audit-mtl). CMEK + Bucket Lock available on Enterprise tier. |
PIPEDA §5 |
| Rate Limiting | Per-user, per-model rate limiting prevents abuse and model extraction | OWASP API Top 10 |
| WAF | GCP Cloud Armor with OWASP ModSecurity CRS | OWASP Top 10 |
| Access Control | Least-privilege IAM; Cloud Run service account with minimal permissions | GCP IAM |
5.2 Limitation on Security Warranty
The security measures described in Section 5.1 represent AIOrouter's commercially reasonable efforts and are consistent with or exceed industry standards for API proxy services. However, the Controller acknowledges that:
(a) No security system is absolute. AIOrouter does not warrant that its security measures will prevent all unauthorized access, cyberattacks, data breaches, or security incidents.
(b) The threat landscape evolves continuously. Novel attack vectors, zero-day vulnerabilities, and supply chain compromises may defeat any defensive system.
(c) The Controller accepts the residual risk inherent in any cloud-based service and agrees that AIOrouter's liability for security incidents is governed by the Limitation of Liability provisions of the master Terms of Service.
(d) AIOrouter shall notify the Controller of any confirmed security breach affecting the Controller's Personal Data in accordance with Section 6 (Breach Notification). Such notification does not constitute an admission of liability.
6. Breach Notification
6.1 Detection
AIOrouter maintains an automated breach detection pipeline monitoring:
- AI Firewall BLOCK rate anomalies
- PII detection rate spikes
- Outbound data volume anomalies
6.2 Notification to Controller
In the event of a confirmed Personal Data breach, AIOrouter will notify the Customer:
- Within 72 hours of confirmation (per PIPEDA requirements)
- Via email to the Customer's designated privacy contact
- Including: description of breach, categories of data affected, estimated number of data subjects, likely consequences, measures taken
6.3 Cooperation
AIOrouter will reasonably cooperate with the Customer in:
- Investigating the breach
- Notifying affected data subjects
- Notifying relevant supervisory authorities (e.g., OPC, CAI Quebec)
7. Data Subject Rights
AIOrouter assists the Customer in fulfilling Data Subject Access Requests (DSARs):
- Export: Self-service data export via GET /privacy/my-data
- Deletion: Account deletion with 30-day grace period via DELETE /privacy/my-data
- Portability: Machine-readable JSON export of all user data
- Response SLA: 30 days from request (per PIPEDA Principle 9)
AIOrouter will notify the Customer of any DSARs received directly from data subjects within 5 business days.
8. Data Deletion / Return
8.1 Contract Termination
Upon termination of the service agreement:
- Customer may export all user data via the DSAR export API (within 30 days of termination)
- AIOrouter will delete all Personal Data within 30 days of contract termination
- Billing records retained for 7 years as required by Canada Revenue Agency (CRA)
8.2 Deletion Method
Personal Data is deleted by:
- Anonymizing user email addresses (
deleted_{userId}@deleted.aiorouter.ca) - Revoking all API keys
- Deleting consent records
- Retaining only billing records (for CRA compliance, 7 years)
9. Audit Rights
9.1 Compliance Evidence
AIOrouter provides the following compliance evidence upon request:
- Privacy Impact Assessment (PIA):
docs/pia-aiorouter.md - Security Architecture:
docs/security-architecture.md - Breach history summary (anonymized)
- Sub-processor list (current)
9.2 Audit
The Customer may audit AIOrouter's compliance with this DPA:
- No more than once per 12-month period
- With 30 days' advance written notice
- During normal business hours
- At Customer's expense
Alternatively, AIOrouter may provide a third-party audit report (e.g., SOC 2 Type II) in lieu of an on-site audit.
10. Governing Law
This DPA is governed by the laws of the Province of Quebec, Canada. Any disputes arising from this DPA shall be resolved through arbitration in Montreal, Quebec.
Applicable privacy laws:
- Personal Information Protection and Electronic Documents Act (PIPEDA) — Canada
- Act Respecting the Protection of Personal Information in the Private Sector (Law 25) — Quebec
Template Usage: Replace
[Enterprise Customer Name]with the legal entity name of the Customer. Both parties must sign. Keep signed copies indocs/legal/dpa-signed/.