Partes
Este DPA se celebra entre Prilog Inc. ("Encargado") y el cliente ("Responsable"). Prilog Inc. se encuentra en 2261 Market Street STE 12675, San Francisco, CA 94114, Estados Unidos.
// effective date — 12 June 2026
Este DPA se celebra entre Prilog Inc. ("Encargado") y el cliente ("Responsable"). Prilog Inc. se encuentra en 2261 Market Street STE 12675, San Francisco, CA 94114, Estados Unidos.
General: hola@prilog.ai
Soporte: support@prilog.ai
Privacidad y legal: privacy@prilog.ai
Dirección: 2261 Market Street STE 12675, San Francisco, CA 94114, Estados Unidos
This DPA applies to processing of datos personales on behalf of the Responsable when using Prilog.ai, including connected observability, repository, task-routing, chat, support, billing, and AI/model workflows.
La entidad que determina los fines y medios del tratamiento de los datos personales.
Prilog Inc. procesa datos personales por cuenta del Responsable según lo descrito en este DPA.
Personal data submitted to Prilog.ai through the service, integrations, support channels, billing workflows, or authorized AI/model workflows.
Provide Remediación con IA, observability correlation, root-cause summaries, suggested patches, test guidance, pull-request and ticket routing, notifications, billing, support, security, and engineering workflow automation.
For the term of the agreement and any retention period requested by the Responsable, configured in the service, stated in an order form, or required by law.
Prilog-controlled service processing occurs in the European Union where available. Customer-enabled integrations, AI/model providers, support, and billing providers may process data in other regions as configured or instructed by the Responsable.
Process datos personales only on documented instructions from the Responsable, including instructions provided through product settings, connected integrations, support requests, and order forms.
Garantizar que el personal esté sujeto a obligaciones de confidencialidad y capacitado en protección de datos.
Asistir al Responsable con las solicitudes de los interesados, las EIPD y las consultas reglamentarias.
Do not use Customer Data to train foundation models or shared model-training datasets. AI/model providers may process prompts, outputs, and context only to provide requested workflows where enabled.
Encryption in transit and at rest, role-based access controls, least privilege, secure authentication, secrets protection, and network controls for systems used to provide the service.
Logging, monitoring, vulnerability and dependency review, access review, respuesta a incidentes procedures, and secure development practices to protect data.
Backups y prácticas de resiliencia adecuadas al servicio.
Core providers may include AWS or other cloud infrastructure, PostHog EU analytics, Intercom support messaging, ipapi.co locale lookup, Google Fonts/static delivery, Stripe billing and payment processing where paid billing is used, and SSO providers such as Google, Microsoft, and GitHub when selected.
OpenAI, Anthropic, and customer-configured or self-hosted Ollama-compatible endpoints may process prompts, outputs, and relevant context where the Responsable enables Remediación con IA workflows.
Responsable-enabled providers include observability, logging, tracing, error monitoring, cloud logging, archives, event streams, source control, code hosting, issue tracking, chat, notifications, and session-monitoring tools shown in the service or on the integrations page. Examples include Datadog, SigNoz, Grafana, New Relic, Sentry, Honeycomb, Splunk, Elastic, AWS, GCP, Azure, GitHub, GitLab, Bitbucket, Jira, Linear, Slack, Rollbar, Bugsnag, LogRocket, FullStory, Firebase Crashlytics, Instabug, and Embrace.
Notificaremos al Controlador sobre los cambios materiales a los subprocesadores y brindaremos la oportunidad de objetar.
Ayudaremos al Controlador a responder a las solicitudes de los interesados para acceder, eliminar o corregir datos.
Si recibimos una solicitud directamente, dirigiremos al interesado al Responsable.
Notificaremos al Controlador sin demora indebida después de tener conocimiento de una violación de datos personales.
Las notificaciones incluirán información disponible sobre el alcance, el impacto y las medidas de mitigación.
Prilog-controlled service data is processed in the European Union where available. Transfers outside the EU may occur for customer-enabled integrations, AI/model providers, support, billing, or infrastructure providers based on the Responsable's configuration or the provider's infrastructure.
Where international transfers are required, Encargado will use appropriate safeguards such as adequacy decisions, Standard Contractual Clauses, or other lawful transfer mechanisms.
Tras la rescisión, eliminaremos o devolveremos los datos personales según las instrucciones, a menos que la ley exija su conservación.
Proporcionaremos información razonable para demostrar el cumplimiento y adaptarnos a las auditorías con previo aviso.
Responsable employees, contractors, authorized users, support contacts, billing contacts, and end users whose data appears in logs, traces, tickets, alerts, repositories, contexto de código, pull requests, support messages, or billing records.
Identifiers, contact details, account roles, authentication metadata, IP-derived locale data, log and trace metadata, error events, stack traces, repository metadata, code snippets, pull-request metadata, ticket and issue metadata, integration configuration, tokens, secrets, billing details, usage data, and support communications.
Collection, storage, retrieval, transmission, analysis, correlation, classification, remediation drafting, ticket and pull-request creation, notification delivery, support, billing, deletion, and export.
Role-based access controls, least privilege, secure authentication, personnel confidencialidad obligations, periodic access review, and audit logging.
Encryption in transit and at rest, secure key management, secrets handling, network controls, backup controls, data deletion workflows, and separation between customer workspaces.
Copias de seguridad, monitoreo y procedimientos de recuperación ante desastres.
Monitoring, respuesta a incidentes, vulnerability and dependency review, secure development practices, and logging appropriate to the service.