Data Processing Addendum

Last updated: 28 May 2026 · Version 0.4 (pre-launch draft)

Status

This page summarises the standard Data Processing Addendum (DPA) that Aperintel offers to Hyperaxis design partners and customers. The full executable DPA is provided as a signable document during contract negotiation. This page exists so prospective buyers can review the terms before requesting the document.

Parties

The DPA is between Aperintel (the Processor) and the customer (the Controller). When Aperintel Ltd is incorporated, the legal counterparty becomes Aperintel Ltd; the substance of the DPA is unchanged.

Scope of processing

Hyperaxis processes the following categories of personal data on the Controller's behalf when the Controller's AI systems route requests through the gateway:

• Identifiers contained in prompts and responses (where the Controller passes them; subject to redaction guardrails)
• Principal identifiers for the actor making each call (typically an API key alias)
• Tenant identifier and configuration metadata
• Cryptographic hashes of the request, response, and policy verdict (which by construction cannot be reversed)

Categories of data subjects: Controller's end users, Controller's staff making AI calls, Controller's customers if any are referenced inside prompts or responses.

Duration: for the lifetime of the Controller's Hyperaxis subscription plus a retention window of seven years on the audit chain (this is configurable down to one year on request, but a minimum retention of one year is needed for the EU AI Act Article 12 obligation).

Sub-processors

Hyperaxis uses the following sub-processors:

• Microsoft Azure (compute, Key Vault for signing keys; UK South or West Europe)
• Supabase (managed Postgres; EU region)
• Upstash (managed Redis; EU region)
• Resend (transactional email; EU region)
• The AI provider(s) the Controller selects (e.g., OpenAI, Anthropic, Google, Mistral). These are the Controller's choice; Hyperaxis is the audit and governance layer.

Aperintel will notify Controllers of any change to this list with 30 days' notice before the change takes effect.

Security measures

Aperintel maintains the technical and organisational measures described on the Security & Compliance page, which is incorporated by reference. Particular note:

• Encryption in transit (TLS 1.2+) and at rest (managed-PaaS-grade)
• Tenant-level data isolation at the database row level
• Cryptographic signature on every audit entry; key material in Azure Key Vault
• Public anchor proofs verifiable independently of Aperintel
• Backup retention with point-in-time recovery

Data-subject rights

Aperintel will assist the Controller in responding to data-subject access, rectification, erasure, restriction, portability, and objection requests within the statutory windows. Erasure on the audit chain is implemented as a tombstone record (the original content is replaced with a hash, the chain integrity is preserved, the public anchor remains valid) to satisfy the EU AI Act traceability obligation while honouring the GDPR erasure right.

Breach notification

Aperintel will notify the Controller of any personal-data breach without undue delay and in any case within seventy-two hours of becoming aware. Notification will include the categories and approximate number of affected data subjects, the likely consequences, and the measures taken or proposed.

International transfers

Customer data does not leave the chosen residency region (UK South or West Europe) for processing purposes. Some sub-processors (notably AI providers) may operate outside the UK/EU; Controllers select which providers to use and the appropriate transfer mechanism (UK IDTA or EU Standard Contractual Clauses) is applied at that boundary.

Audit rights

The Controller may audit Aperintel's compliance with the DPA once per twelve-month period on thirty days' written notice, plus immediate audit rights following a breach. The audit chain itself is independently verifiable by the Controller at any time using only the public verifier; this is the primary day-to-day audit instrument.

Term and termination

The DPA continues for the duration of the underlying subscription. On termination, audit data is retained for the configured retention window then deleted on a verifiable schedule (deletion is itself written as an audit event).

Requesting the executable DPA

Design partners and prospective customers can request the executable DPA at any time by emailing hyperaxis@aperintel.com. We will return a signable PDF within one business day.