Data Processing Addendum

Last updated: March 22, 2026

This DPA forms part of the agreement between you ("Customer") and KnownBase ("Processor") and governs the processing of personal data in connection with the KnownBase service.

1. Scope of processing

Data subjects: Customer's employees and contractors who use approved communication channels.

Categories of data: Usernames, message content from approved channels, expertise profiles (derived), decision records (derived), relationship mappings (derived).

Purpose: Building and maintaining the institutional memory knowledge graph for Customer's workspace.

2. No-training guarantee

KnownBase and its sub-processors (Google, Anthropic) shall NOT use Customer data to train, fine-tune, or improve any machine learning models. All LLM processing is performed under zero-retention agreements. Data exists only in volatile memory during inference.

3. Sub-processors

Sub-processorPurposeLocation
AWSInfrastructure, storageus-east-1 (EU option)
Google (Gemini API)LLM inference (ZDR)US/EU
Anthropic (Claude API)LLM inference (ZDR)US
Neo4j AuraKnowledge graph DBUS/EU
StripePayment processingUS/EU

Customer will be notified 30 days before any sub-processor change.

4. Data retention and deletion

Knowledge graph data is retained during the subscription period. Upon termination, all Customer data is deleted within 30 days. Customer may request immediate deletion at any time via privacy@knownbase.ai.

5. Security measures

6. Data subject rights

KnownBase will assist Customer in responding to data subject requests (access, rectification, erasure, portability) within 72 hours of notification.

7. Right to audit

Customer has the right to audit KnownBase's data processing practices. KnownBase will provide access to security documentation and, upon reasonable notice, facilitate on-site or remote audits.

8. Contact

DPA questions: legal@knownbase.ai

Data protection: privacy@knownbase.ai