Silker AISilker AI
Get started
Back

Data Processing Addendum

Effective date: June 2026 — summary

This page summarizes the key terms of the Silker AI Data Processing Addendum (DPA). It is provided for transparency and does not replace a signed agreement. For a countersigned DPA, see the contact details at the end of this page.

1. Roles

In relation to personal data processed through the service, the customer is the data controller and Silker AI is the data processor. Silker AI processes personal data only on the customer's documented instructions.

2. Processing Scope

Silker AI processes security telemetry generated by the SDK or proxy to detect and report threats. This includes HTTP request metadata, network identifiers (IP, user agent), and request context for flagged traffic, with PII sanitized client-side before transmission.

  • Subject matter: runtime threat detection and security analytics
  • Duration: for the term of the subscription, subject to plan retention windows
  • Nature & purpose: detecting, classifying, and reporting security threats
  • Data subjects: the customer's end users and visitors

3. Subprocessors

Silker AI engages the following subprocessors to deliver the service:

  • Cloud hosting: EU-hosted infrastructure for storage and processing
  • Stripe: billing and payment processing
  • OpenAI: AI analysis of flagged threats

4. Security Measures

Silker AI maintains appropriate technical and organizational measures, including API keys stored as SHA-256 hashes, row-level security on tenant data, TLS in transit, client-side PII sanitization, EU hosting, and least-privilege access. See our Security page for details.

5. Data Subject Requests

Silker AI assists the customer, taking into account the nature of processing, in responding to data subject requests (such as access or deletion). Requests can be facilitated via support at privacy@silkerai.com.

6. Deletion on Termination

Upon termination of the service, Silker AI will delete or return customer personal data in accordance with the agreement, subject to any retention required by applicable law.

Contact us for a signed DPA

Need a countersigned DPA for your compliance records? Reach out to privacy@silkerai.com.