Data Processing Agreement
Effective from: June 2026 · Between Camile AI (Processor) and Enterprise Customer (Controller)
1. Scope
This DPA governs the processing of personal data by Camile AI Tecnologia LTDA ("Processor") on behalf of the contracting organization ("Controller") under the applicable service agreement. This DPA is incorporated by reference into our Enterprise Terms.
2. Definitions
Terms shall have the meanings defined in LGPD (Lei 13.709/2018): personal data, sensitive data, processing, controller, processor, data subject, ANPD.
3. Processing Details
- Subject Matter: Provision of the Camile AI platform (autonomous digital entities, API, dashboard).
- Duration: For the term of the service agreement + 30 days post-termination.
- Purpose: Platform operation, entity execution, conversation processing, AI model improvement (anonymized).
- Data Categories: Registration data, conversation logs, entity configurations, usage metadata.
- Data Subjects: Controller's employees, contractors, and end users interacting with deployed entities.
4. Processor Obligations
- Process personal data only on documented instructions from the Controller.
- Ensure confidentiality of personnel authorized to process personal data.
- Implement appropriate technical and organizational security measures.
- Assist Controller in responding to data subject rights requests.
- Notify Controller of personal data breaches within 24 hours.
- Delete or return all personal data upon termination, at Controller's choice.
5. Subprocessors
Controller authorizes the following subprocessors:
- Infrastructure: Hetzner (servers in Germany), Cloudflare (CDN, DDoS protection)
- AI Models: DeepSeek, Anthropic — for entity intelligence (prompts processed ephemerally, not stored)
- Payments: Mercado Pago, Stripe — for payment processing
- Email: Resend — for transactional email delivery
Processor will inform Controller of any intended changes to subprocessors and provide an opportunity to object.
6. Security Measures
- Encryption: TLS 1.3 in transit, AES-256 at rest
- Multi-tenant isolation via Row-Level Security (RLS)
- Multi-factor authentication for administrative access
- Immutable audit logs with tamper detection
- Regular vulnerability assessments and penetration testing
7. International Transfers
Data is primarily stored and processed in Brazil. Some subprocessors may process data in other jurisdictions. In such cases, Processor ensures adequate safeguards (Standard Contractual Clauses or equivalent).
8. Audit Rights
Controller may audit Processor's compliance with this DPA once per year, upon 30 days' notice, during business hours, and at Controller's expense. Processor will provide relevant documentation and reports.