# Sub-Processors Notice This Sub-Processors Notice details the current sub-processors that Lampi AI has authorized to handle customer personal data as part of Lampi AI's services, in accordance with Lampi AI's Data Processing Addendum (DPA). ## 1. Infrastructure providers | Sub-processor | Processing activities | Location of data processing | DPA | | --------------------------- | --------------------- | ------------------------------ | ------------------------------------------------------------------------------------------ | | OVH | Data hosting | Paris, France, Europe | [Link](https://us.ovhcloud.com/legal/data-processing-agreement/) | | Vercel | Data hosting | Paris, France, Europe | [Link](https://vercel.com/legal/dpa) | | Scaleway | Data hosting | Amsterdam, Netherlands, Europe | [Link](https://www-uploads.scaleway.com/Data_Processing_Agreement_03092021_6e2ca4da3c.pdf) | | Google Cloud Platform (GCP) | Data hosting | Eemshaven, Netherlands, Europe | [Link](https://cloud.google.com/terms/data-processing-addendum) | | Microsoft Azure | Data hosting | Paris, France, Europe | [Link](https://drive.google.com/file/d/1m_215PmnJ_GDRpQzkafbZxY0W5OF2XPX/view?usp=sharing) | ## 2. LLM Providers | Open-source models vs LLM Providers | | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | |

At Lampi, our primary focus is to ensure security and privacy by design when providing AI-related services to Customers. To maintain robust control over data flows, Lampi AI predominantly uses open-source models.

Open-source models are typically run on our infrastructure hosted by infrastructure providers located in Europe, allowing us to maintain complete control over data processing activities. This means that Customer Data remains within Lampi's secure environment, minimizing the risk of unauthorized access or exposure.

However, Customers have the flexibility to select Third-Party Models for interacting with AI agents. When Customers opt for Third-Party Models from a Third-Party Services provider, some data will flow to the Third-Party to process your request. As a result, we may not have full visibility or control over how the Third-Party handles the data you chose to process with them. Third-Party Services provider may have their data handling policies and practices, which could differ from Lampi's security and privacy standards.

| | Sub-processor | Processing activities | Location of data processing | DPA | | ------------------------- | --------------------------------------------------------------------------------------------------------------------------------------- | --------------------------- | ------------------------------------------------------------------------------------------ | | Anthropic, PBC | Data processing and generation - Anthropic applies a Zero Data Retention Policy on all data, and does not use it for training purposes. | US | [Link](https://drive.google.com/file/d/15byD2uhXBo0gaBT1Zl8jdxpeeUuV7Wzu/view?usp=sharing) | | Microsoft Azure (OpenAI) | Data processing and generation - Microsoft applies a Zero Data Retention Policy on all data, and does not use it for training purposes. | EU | [Link](https://drive.google.com/file/d/1m_215PmnJ_GDRpQzkafbZxY0W5OF2XPX/view?usp=sharing) | | Google, Inc. | Data processing and generation - Google applies a Zero Data Retention Policy on all data, and does not use it for training purposes. | EU | [Link](https://ai.google.dev/gemini-api/terms?hl=fr) | ## 3. Other service providers | Sub-processor | Processing activities | Location of data processing | DPA | | ------------- | --------------------------------------- | --------------------------- | -------------------------------------------------------------------------------------- | | Hubspot | Internal client management (CRM) | USA | [Link](https://legal.hubspot.com/dpa) | | Stripe | Payment processor for specific features | Paris, France, Europe | [Link](https://stripe.com/fr/legal/dpa) | | Docusign Inc. | Contract Management | USA | [Link](https://www.docusign.com/legal/terms-and-conditions/data-protection-attachment) | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://legal.lampi.ai/sub-processors-notice.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.