- Home
- Security
Security & GDPR
Built for the data you can't afford to lose.
Kairos touches your POS, your invoices and your P&L. Here is exactly how that data is handled, where it lives, and what stays under your control — the things a multi-venue group's procurement team needs before signing.
GDPR from day one
Built in Spain under EU law. Kairos acts as a data processor on your operational data; you remain the controller. A full Data Processing Agreement is in place with every client.
Encryption & access control
Data encrypted in transit (TLS) and at rest. Role-based access control via Clerk. Guest-review PII is redacted before any LLM processing — models never see reviewer identities.
EU-based infrastructure
Application database, object storage and LLM inference run on EU infrastructure. The few US processors are EU-US DPF certified or covered by Standard Contractual Clauses.
Your data stays yours
We never sell, share, or use your data to train models for other clients. You can export or delete everything at any time — operational data is retained for the contract duration plus one year, then removed.
Subprocessors
Every third party in the data path, with what they touch and where they sit. The authoritative version lives at /subprocessors.
| Processor | Purpose | Data | Location |
|---|---|---|---|
| NAN (Qwen LLM) | LLM inference | PII-redacted prompts | EU |
| Clerk | Auth & RBAC | Emails, profile | US (DPF certified) |
| AWS S3 | PDF storage | Operational PDFs | EU (Frankfurt) |
| Sentry | Error monitoring | Traces (PII scrubbed) | US (DPF certified) |
| Upstash Redis | Cache & rate limit | Session tokens | EU (Ireland) |
| Prisma Postgres | App database | Full app data | EU |
| Outscraper | Reviews scraping | Public review data | US (SCCs) |
| Resend | Transactional email | Recipient address | EU |
| Vercel | Hosting & edge | Request logs | Global edge |