PRIVACY POLICY – TENZOVA

This Privacy Policy explains how Deveon - Bartosz Lach, operating under the commercial brand Tenzova ("we", "us", "our", or "Tenzova"), processes personal data.

As a provider of high-performance computational infrastructure for artificial intelligence (B2B), we prioritize security and data sovereignty. Our architecture is built on the principle of data minimization and transparency.

1. Our Roles under GDPR

In accordance with the EU General Data Protection Regulation (GDPR), we operate in two distinct legal capacities depending on your interaction with our services:

• Transient Processor: Regarding any data transmitted to our API endpoints via Authorized Intermediary Platforms (e.g., OpenRouter, EUrouter), Tenzova acts exclusively as a processor performing transient processing. The User (or the entity providing the data) remains the Data Controller.
• Data Controller: We act as a Data Controller only regarding personal data of individuals visiting our website or contacting us directly for business purposes (B2B inquiries).

2. Processing of API Data (Inference Data)

We provide AI model inference services. The processing of data transmitted in input prompts and the resulting outputs is governed by a rigorous Zero Data Retention (ZDR) policy:

• No Logging: We do not log, save, or store the content of your prompts or outputs on any non-volatile storage media.
• Volatile Memory Processing: Data is processed in real-time exclusively within the volatile memory (RAM/VRAM) of our servers and is discarded immediately after the response is transmitted back to the intermediary platform.
• No AI Training: Under no circumstances do we use your input data (prompts) or generated outputs to train, fine-tune, or otherwise improve any artificial intelligence models.

3. Data Location and Routing

We cooperate with various Authorized Intermediary Platforms. Data routing depends on the specific endpoint utilized:

• "EU-Only" Endpoints (e.g., via EUrouter.ai): For services explicitly designated as EU-hosted, we guarantee that all hardware infrastructure is located within the European Union (EU) or the European Economic Area (EEA). Data routed to these endpoints does not leave the EEA, ensuring full compliance with EU data residency requirements.
• "Global" Endpoints (e.g., via OpenRouter.ai): To ensure global scalability, we utilize a distributed cloud infrastructure. Data routed to global endpoints may be temporarily processed in the volatile memory of servers located globally, including outside the EEA. By using these endpoints, you acknowledge and consent to such transient cross-border routing.

4. Website and Business Contact Data

If you visit our website or contact us:

• B2B Communication: If you contact us via email, we process your contact details and message content solely to respond to your inquiry. The legal basis for this is our legitimate interest (Art. 6(1)(f) GDPR) in establishing and maintaining business relationships.
• No Account Registration: Tenzova does not offer direct user registration, store passwords, or process payment card data. These functions are handled entirely by our intermediary platform partners.

5. EU AI Act Compliance

Tenzova provides general-purpose computational infrastructure and raw API endpoints for open-source models. We do not make automated decisions in individual cases. Under the EU AI Act, Tenzova is a provider of AI infrastructure/compute and not a "deployer" of high-risk AI systems. Our business customers are solely responsible for how they integrate and utilize our API within their applications.

6. Data Subject Rights

Under GDPR, you have the right to access, rectify, or erase your personal data, as well as the right to restrict or object to processing.

7. Contact Information

For questions regarding this Privacy Policy or data processing by Tenzova, please contact us at:

Email: contact@tenzova.com