Data Processing & Subprocessors
Effective date: March 16, 2026
1. Data Processing Roles
Customers act as data controllers for customer content. QwryAI acts as a data processor to provide contracted services.
2. Processing Purpose
Data is processed for service delivery, support automation, platform security, billing, and reliability monitoring.
3. Subprocessor Categories
QwryAI uses subprocessors to provide infrastructure, AI features, billing, and security operations.
| Category | Examples | Purpose |
|---|---|---|
| AI/ML providers | OpenAI (where enabled) | Model inference and embeddings |
| Payments | Stripe | Billing and payment processing |
| Identity | Google OAuth and auth stack | Authentication and access control |
| Infrastructure | Cloud hosting, storage, cache | App hosting and data operations |
| Observability | Analytics and error monitoring | Performance and reliability |
4. Data Locations and Transfers
Data may be processed in multiple regions depending on configured providers. Where required, transfer safeguards such as contractual clauses are applied.
5. Security Measures
We apply access controls, encryption, audit logging, and internal policies to protect customer and personal data.
6. DPA and Contact
Customers requiring contractual data processing terms may request a Data Processing Addendum (DPA).
For DPA and subprocessor updates, contact privacy@qwry.ai.
7. Subprocessor Change Notices
Material changes to subprocessor categories are reflected on this page with an updated effective date.