AIMO
Sign up Log in

Data Processing Agreement

AIMO Data Platform Effective date: 19 May 2026 Version: 1.0

Version 1.0 · Effective 19 May 2026. Concluded pursuant to Article 28 GDPR. Permalink to this version · Current version · Change log

This DPA is incorporated by reference into the AIMO Terms of Service and is automatically accepted when a Customer accepts those Terms. It may also be executed as a standalone agreement for enterprise customers.

Preamble

This Data Processing Agreement ("DPA") is entered into between:

Processor: Motify Data Mining (Business ID: 1507487-0), operating as AIMO ("AIMO", "Processor"), providing the AIMO data monitoring platform at aimodata.ai; and

Controller: The entity that has accepted the AIMO Terms of Service or otherwise agreed to this DPA ("Customer", "Controller").

This DPA forms part of the agreement between AIMO and the Customer for the provision of the AIMO service (the "Main Agreement"). In the event of conflict between this DPA and the Main Agreement, this DPA prevails with respect to the processing of personal data.

This DPA is entered into pursuant to Article 28 of Regulation (EU) 2016/679 ("GDPR").

1. Definitions

Terms not defined here have the meanings given in the GDPR or the Main Agreement.

"Controller" means the Customer, who determines the purposes and means of the processing of personal data.

"EEA" means the European Economic Area.

"Personal Data" means any information relating to an identified or identifiable natural person, as defined in Art. 4(1) GDPR, that is contained within or derivable from Processed Data transmitted to AIMO by the Agent.

"Personal Data Breach" means a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data.

"Processed Data" means the schema metadata (table names, column names, data types), profiling statistics, and Monitor Results transmitted from the Customer's on-premises Agent to the AIMO Platform. This expressly excludes raw database rows and raw field values, which are never transmitted to the Platform.

"Processing" has the meaning given in Art. 4(2) GDPR.

"Processor" means AIMO, who processes Personal Data on behalf of the Controller in accordance with this DPA.

"Sub-processor" means any third party engaged by AIMO to process Personal Data.

2. Subject Matter, Nature, and Purpose of Processing

2.1 Subject matter

AIMO processes Processed Data on behalf of the Customer in the course of providing the AIMO data monitoring service. This may include Personal Data where, for example, the Customer's database schemas contain column names that identify or relate to natural persons (e.g. "customer_id", "email"), or where statistical aggregates derived from such columns constitute Personal Data.

2.2 Nature of processing

AIMO performs the following operations on Processed Data:

  • Storage: Processed Data is stored on AIMO's cloud infrastructure for the duration of the subscription and for up to sixty (60) days following termination.
  • Analysis and display: Monitor Results are analysed, compared against historical baselines, and displayed in the Customer's dashboard.
  • AI-assisted processing: Schema metadata (table and column names, data types, and profiling statistics) may be transmitted to third-party LLM API providers to generate Monitor suggestions and refinements. AIMO currently uses Mistral AI SAS via the La Plateforme (API) tier, under which inputs and outputs are not used to train Mistral's models. See Section 6 (Sub-processors).
  • Alert delivery: When Monitor thresholds are breached, AIMO sends alert notifications to destinations configured by the Customer.
  • Anomaly detection: Aggregated Monitor Results are processed by AIMO's machine learning models to identify statistical anomalies.

What AIMO does not do: AIMO does not receive, store, or process raw database rows or raw field values. The Agent performs all database reads locally and transmits only aggregates and metadata.

2.3 Purpose

The purpose of processing is the delivery and operation of the AIMO data quality monitoring service, including monitor execution, anomaly detection, alerting, and AI-assisted monitor generation. AIMO may also use aggregated and anonymised data for service improvement (such as evaluating model performance); any data so used cannot be linked back to a specific data subject or Customer.

2.4 Duration

Processing continues for the duration of the Main Agreement and ends sixty (60) days after termination or expiry, at which point Personal Data is deleted in accordance with Section 10.

3. Categories of Personal Data and Data Subjects

3.1 Categories of Personal Data

The Personal Data processed under this DPA may include, depending on the content of the Customer's database schemas:

  • Identifiers contained in column names (e.g. customer IDs, user IDs)
  • Statistical aggregates derived from columns containing personal data (e.g. count of null email fields, count of duplicate user records)
  • Schema-level metadata that may indirectly reveal the nature of data processed by the Customer

AIMO will not knowingly process special categories of personal data (Art. 9 GDPR) via AI features. The Customer is responsible for identifying and informing AIMO if schemas submitted to AIMO's AI features may reflect special-category data; in such cases, the Customer should contact AIMO before enabling AI features so that appropriate arrangements can be put in place or AI features can be disabled for those schemas.

3.2 Categories of data subjects

Data subjects may include any individuals whose personal data is stored in the Customer's Customer Data Sources and whose information is reflected (in aggregate or metadata form) in Processed Data transmitted to AIMO. These may include the Customer's own customers, employees, or other individuals.

4. Controller's Instructions and Responsibilities

4.1 AIMO shall process Personal Data only on documented instructions from the Controller. The Customer's configuration of monitors, data sources, and alert destinations, as set through the AIMO dashboard and Agent, constitutes the documented instructions for this purpose.

4.2 If AIMO is required by EU or Member State law to process Personal Data beyond the Controller's instructions, AIMO will inform the Controller before processing, unless prohibited by law on grounds of public interest.

4.3 The Customer represents and warrants that:

a) it has a lawful basis under GDPR for the processing of personal data contained in its Customer Data Sources;

b) it has provided any required notices to, and where necessary obtained consent from, the data subjects whose Personal Data may be reflected in Processed Data;

c) the instructions it gives to AIMO comply with applicable data protection law;

d) it is authorised to access and connect all Customer Data Sources configured in AIMO.

4.4 The Customer acknowledges that AIMO's service is architected so that raw personal data rows never leave the Customer's environment. The Customer is responsible for ensuring that this architectural guarantee is preserved by correctly deploying and maintaining the Agent within a network environment that has read-only access to the Customer Data Sources.

5. AIMO's Obligations

AIMO shall:

a) process Personal Data only for the purposes set out in this DPA and in accordance with the Customer's instructions, except where required to do otherwise by applicable law;

b) ensure that persons authorised to process Personal Data are subject to appropriate confidentiality obligations;

c) implement the technical and organisational measures described in Schedule A;

d) assist the Customer in meeting its obligations to respond to data subject rights requests (Section 8);

e) provide the Customer with reasonable assistance in carrying out data protection impact assessments and prior consultations with supervisory authorities pursuant to Art. 35 and 36 GDPR, where such assistance is relevant to AIMO's processing under this DPA;

f) notify the Customer of any Personal Data Breach as set out in Section 9;

g) on termination, delete Personal Data as set out in Section 10;

h) make available to the Customer the information reasonably necessary to demonstrate compliance with this DPA, and cooperate with audits as set out in Section 11;

i) promptly inform the Customer if, in AIMO's opinion, an instruction from the Customer would infringe GDPR or other applicable data protection law.

6. Sub-processors

6.1 General authorisation

The Customer grants AIMO general authorisation to engage Sub-processors to assist with the services, subject to the conditions in this Section.

6.2 Current Sub-processors

AIMO currently engages the following Sub-processors that may process Personal Data:

Sub-processor Purpose Location DPA in place
UpCloud Oy Cloud hosting, storage, compute (primary infrastructure) Finland (EEA) Yes (controller–processor terms)
Mistral AI SAS LLM API for AI-assisted monitor generation (schema metadata only; La Plateforme tier — no model training on inputs) France (EEA) Yes (controller–processor terms)
[Payment / billing / tax services provider — vendor selection pending] Payment processing, billing, and tax (VAT / sales tax). The selected vendor will be EEA-resident; personal data will be processed within the EEA. [EEA — TBD] To be put in place before launch
Lettermint B.V. Transactional and alert email delivery Netherlands (EEA) Yes (controller–processor terms)

All Sub-processors process personal data within the EEA. AIMO will not engage a Sub-processor whose engagement would require Personal Data to leave the EEA.

This list is reproduced in our Privacy Policy and is the authoritative current list. Historical changes to this list are recorded in the change log.

6.3 Changes to Sub-processors

AIMO will provide at least thirty (30) days' advance notice of any addition or replacement of Sub-processors by updating the table above in this DPA and notifying the Customer by email. New Sub-processors will not begin processing Personal Data until the thirty-day notice period has expired.

6.4 Objection

The Customer may object to a new Sub-processor within fourteen (14) days of the notice referred to in Section 6.3 by emailing info@aimodata.ai with a written explanation of its data-protection grounds. AIMO will work in good faith to address legitimate concerns. If AIMO cannot accommodate the objection, the Customer may terminate the relevant services on thirty (30) days' notice without penalty, and the new Sub-processor will not be engaged in relation to the Customer's data before that termination takes effect.

6.5 Sub-processor obligations

AIMO shall impose data protection obligations on Sub-processors equivalent to those in this DPA and shall remain responsible to the Customer for the performance of Sub-processors.

7. International Data Transfers

7.1 Personal Data processed under this DPA is stored and processed in the European Economic Area (EEA). AIMO does not transfer Personal Data to countries outside the EEA, and selects Sub-processors on the basis that they likewise process Personal Data within the EEA.

7.2 AIMO will promptly notify the Customer of any governmental requests to access Personal Data and will not voluntarily disclose Personal Data to governmental authorities without the Customer's prior consent, except as required by law.

8. Data Subject Rights

8.1 AIMO shall notify the Customer within five (5) business days of receiving a request from a data subject exercising their rights under Chapter III GDPR (access, rectification, erasure, portability, restriction, objection).

8.2 AIMO shall not respond directly to data subject rights requests on the Customer's behalf unless specifically instructed to do so. The Customer remains responsible for handling data subject rights requests in relation to data held in its own databases.

8.3 AIMO shall provide the Customer with reasonable technical assistance to fulfil data subject rights requests relating to Processed Data held on the Platform. Such assistance is provided at no additional charge for standard requests (data export, identification of Processed Data attributable to a given identifier, or deletion of Processed Data); assistance requiring significant manual effort or development work may be subject to reasonable, cost-based charges agreed in advance.

9. Personal Data Breach

9.1 AIMO shall notify the Customer without undue delay, and in any event within 48 hours of becoming aware of a Personal Data Breach affecting Processed Data.

9.2 Notification will be made to the primary account email address and, where provided, the designated security contact. Security issues may also be reported to AIMO at security@aimodata.ai.

9.3 The notification will include, to the extent known at the time:

a) a description of the nature of the breach, including, where possible, the categories and approximate number of data subjects and records affected;

b) the likely consequences of the breach;

c) the measures taken or proposed to address the breach and mitigate its effects.

9.4 AIMO will provide further information as it becomes available and will cooperate with the Customer's investigation.

9.5 The Customer is responsible for notifying the relevant supervisory authority and data subjects as required by Art. 33 and 34 GDPR. AIMO will provide reasonable assistance upon request.

10. Return and Deletion of Personal Data

10.1 Upon termination or expiry of the Main Agreement, or upon the Customer's written request, AIMO shall:

a) make available for export all Monitor configurations, Monitor Results, schema metadata, and alert history attributable to the Customer's account in JSON or CSV format within thirty (30) days of the request; and

b) delete all remaining Personal Data and Processed Data from AIMO's primary systems and from Sub-processors' systems within sixty (60) days of the termination date or export request (whichever is later).

10.2 Personal Data may persist in encrypted backup snapshots for up to thirty-five (35) days after deletion from primary systems, after which the backups are overwritten in the ordinary backup rotation. AIMO will not restore deleted Personal Data from a backup except where required to recover from a service incident; in such a case, the restored data will be re-deleted as soon as the incident has been remediated.

10.3 AIMO shall provide written confirmation of deletion upon request.

10.4 AIMO may retain Personal Data beyond these periods only to the extent required by applicable EU or Member State law, and only for the duration and purpose required by that law. Any such retained data will be processed in accordance with this DPA.

11. Audit Rights

As required by Art. 28(3)(h) GDPR, AIMO will make available the information necessary to demonstrate compliance with this DPA and will allow for and contribute to audits. Audits may be conducted no more than once per calendar year on at least thirty (30) days' written notice, during normal business hours, and subject to reasonable confidentiality obligations. AIMO may satisfy audit requests by providing a recent independent third-party audit report (such as SOC 2 Type 2 or ISO 27001) where one is available. The Customer bears the costs of any audit unless it reveals material non-compliance.

12. Liability

The liability of the parties in connection with this DPA is governed by the liability provisions of the Main Agreement. Where both parties are responsible for damage caused by processing, each party shall be liable for the damage it is responsible for.

13. Governing Law

This DPA is governed by the laws of Finland. The competent supervisory authority is the Finnish Data Protection Ombudsman (Tietosuojavaltuutettu), P.O. Box 800, FI-00521 Helsinki, tietosuoja.fi. Any disputes arising from this DPA shall be resolved in accordance with the dispute resolution provisions of the Main Agreement.

Schedule A — Technical and Organisational Measures

The following is a summary of AIMO's technical and organisational security measures. A full description of AIMO's security architecture is published at aimodata.ai/docs/security.

A.1 Access controls and authentication

  • Passkey-based (WebAuthn) authentication for all user accounts; no passwords are stored
  • Role-based access control (Admin and Viewer roles per account)
  • Agent authentication via Ed25519 asymmetric keypairs; private keys remain in the Customer's environment; short-lived JWT tokens issued via proof of private key possession
  • Principle of least privilege applied to all internal service accounts

A.2 Encryption

  • In transit: All communications between Agent and Platform use TLS/WSS. All web traffic uses TLS (HTTPS).
  • At rest: Database credentials stored in encrypted form (AES-GCM) using a key derived from a passphrase that never leaves the Customer's environment. Dynamic Platform configuration uses RSA+AES-GCM encryption.
  • Agent registration tokens are single-use and short-lived.

A.3 Network and infrastructure security

  • Agent-to-Platform communication is outbound-only from the Customer's environment; no inbound path from AIMO cloud to Customer databases exists
  • Network segmentation and firewall rules applied to Platform infrastructure
  • Infrastructure hosted on UpCloud (EEA) with appropriate physical and logical access controls

A.4 Data minimisation and isolation

  • Only aggregated Monitor Results and schema metadata are stored on the Platform; raw database rows are never transmitted
  • Multi-tenant isolation: Customer data is logically separated by account; database queries and API endpoints enforce account-scoped access

A.5 Operational security

  • Rate limiting applied to the agent token endpoint and other sensitive endpoints
  • Job payloads use strictly typed schemas; the Platform does not accept arbitrary code or unconstrained SQL via the job system, only validated monitor definitions
  • Internal monitoring and alerting for infrastructure anomalies
  • Dependency updates and security patching applied on a regular cycle
  • Encrypted backups with a defined retention and rotation cycle (see Section 10.2)

A.6 Organisational measures

  • Personnel with access to Personal Data are subject to written confidentiality obligations and receive security and data protection training appropriate to their role
  • Access to production systems is granted on a need-to-know basis and revoked promptly on role change or offboarding
  • Security incidents are tracked and post-mortems conducted
  • This DPA and security policies are reviewed at least annually

A.7 Limitations

AIMO's security measures are designed to protect Processed Data on the Platform. The security of data within the Customer's own environment (databases, Agent host, credentials management) is the Customer's responsibility.

Schedule B — Approved Sub-processors

See the current sub-processor list in Section 6.2 above. Historical changes to the sub-processor list are recorded in the change log.

Version 1.0 · Effective 19 May 2026 · Permalink · Change log

This DPA is written in English. In the event of any conflict with a translated version, the English version prevails.