Fêtes
Ce DPA est conclu entre Prilog Inc. ("Sous-traitant") et le client ("Responsable du traitement"). Prilog Inc. est située au 2261 Market Street STE 12675, San Francisco, CA 94114, États-Unis.
// effective date — 12 June 2026
Ce DPA est conclu entre Prilog Inc. ("Sous-traitant") et le client ("Responsable du traitement"). Prilog Inc. est située au 2261 Market Street STE 12675, San Francisco, CA 94114, États-Unis.
Général: hello@prilog.ai
Assistance: support@prilog.ai
Confidentialité et juridique : privacy@prilog.ai
Adresse : 2261 Market Street STE 12675, San Francisco, CA 94114, États-Unis
This DPA applies to processing of données personnelles on behalf of the Responsable du traitement when using Prilog.ai, including connected observability, repository, task-routing, chat, support, billing, and AI/model workflows.
L'entité qui détermine les finalités et les moyens du traitement des données personnelles.
Prilog Inc. traite les données personnelles pour le compte du Responsable du traitement comme décrit dans ce DPA.
Personal data submitted to Prilog.ai through the service, integrations, support channels, billing workflows, or authorized AI/model workflows.
Provide Remédiation par IA, observability correlation, root-cause summaries, suggested patches, test guidance, pull-request and ticket routing, notifications, billing, support, security, and engineering workflow automation.
For the term of the agreement and any retention period requested by the Responsable du traitement, configured in the service, stated in an order form, or required by law.
Prilog-controlled service processing occurs in the European Union where available. Customer-enabled integrations, AI/model providers, support, and billing providers may process data in other regions as configured or instructed by the Responsable du traitement.
Process données personnelles only on documented instructions from the Responsable du traitement, including instructions provided through product settings, connected integrations, support requests, and order forms.
Assurez-vous que le personnel est lié par des obligations de confidentialité et formé à la protection des données.
Aider le contrôleur avec les demandes des personnes concernées, les DPIA et les demandes réglementaires.
Do not use Customer Data to train foundation models or shared model-training datasets. AI/model providers may process prompts, outputs, and context only to provide requested workflows where enabled.
Encryption in transit and at rest, role-based access controls, least privilege, secure authentication, secrets protection, and network controls for systems used to provide the service.
Logging, monitoring, vulnerability and dependency review, access review, réponse aux incidents procedures, and secure development practices to protect data.
Sauvegardes et pratiques de résilience adaptées au service.
Core providers may include AWS or other cloud infrastructure, PostHog EU analytics, Intercom support messaging, ipapi.co locale lookup, Google Fonts/static delivery, Stripe billing and payment processing where paid billing is used, and SSO providers such as Google, Microsoft, and GitHub when selected.
OpenAI, Anthropic, and customer-configured or self-hosted Ollama-compatible endpoints may process prompts, outputs, and relevant context where the Responsable du traitement enables Remédiation par IA workflows.
Responsable du traitement-enabled providers include observability, logging, tracing, error monitoring, cloud logging, archives, event streams, source control, code hosting, issue tracking, chat, notifications, and session-monitoring tools shown in the service or on the integrations page. Examples include Datadog, SigNoz, Grafana, New Relic, Sentry, Honeycomb, Splunk, Elastic, AWS, GCP, Azure, GitHub, GitLab, Bitbucket, Jira, Linear, Slack, Rollbar, Bugsnag, LogRocket, FullStory, Firebase Crashlytics, Instabug, and Embrace.
Nous informerons le contrôleur des modifications importantes apportées aux sous-traitants ultérieurs et lui offrirons la possibilité de nous y opposer.
Nous aiderons le contrôleur à répondre aux demandes des personnes concernées pour accéder, supprimer ou corriger les données.
Si nous recevons une demande directement, nous dirigerons la personne concernée vers le responsable du traitement.
Nous informerons le responsable du traitement sans délai injustifié après avoir pris connaissance d'une violation de données personnelles.
Les notifications comprendront les informations disponibles sur la portée, l’impact et les mesures d’atténuation.
Prilog-controlled service data is processed in the European Union where available. Transfers outside the EU may occur for customer-enabled integrations, AI/model providers, support, billing, or infrastructure providers based on the Responsable du traitement's configuration or the provider's infrastructure.
Where international transfers are required, Sous-traitant will use appropriate safeguards such as adequacy decisions, Standard Contractual Clauses, or other lawful transfer mechanisms.
En cas de résiliation, nous supprimerons ou restituerons les données personnelles comme indiqué, sauf si la loi exige leur conservation.
Nous fournirons des informations raisonnables pour démontrer la conformité et organiserons des audits avec préavis.
Responsable du traitement employees, contractors, authorized users, support contacts, billing contacts, and end users whose data appears in logs, traces, tickets, alerts, repositories, contexte du code, pull requests, support messages, or billing records.
Identifiers, contact details, account roles, authentication metadata, IP-derived locale data, log and trace metadata, error events, stack traces, repository metadata, code snippets, pull-request metadata, ticket and issue metadata, integration configuration, tokens, secrets, billing details, usage data, and support communications.
Collection, storage, retrieval, transmission, analysis, correlation, classification, remediation drafting, ticket and pull-request creation, notification delivery, support, billing, deletion, and export.
Role-based access controls, least privilege, secure authentication, personnel confidentialité obligations, periodic access review, and audit logging.
Encryption in transit and at rest, secure key management, secrets handling, network controls, backup controls, data deletion workflows, and separation between customer workspaces.
Procédures de sauvegarde, de surveillance et de reprise après sinistre.
Monitoring, réponse aux incidents, vulnerability and dependency review, secure development practices, and logging appropriate to the service.