1. Scope and Roles
This Data Processing and Security Addendum supplements the Prox Terms of Service. It applies to Prox's processing of Customer Personal Data and Customer Materials in connection with the Services.
For Customer Personal Data, Customer is the controller or business, and Prox is the processor or service provider, except where Prox processes account, billing, security, and operational data for its own legitimate business purposes as an independent controller.
2. Processing Instructions
Prox will process Customer Personal Data only on Customer's documented instructions, including the Agreement, order forms, Customer's use of product settings, and Customer's lawful written instructions.
3. Confidentiality and Personnel
Prox will ensure that personnel authorized to process Customer Personal Data are bound by confidentiality obligations. Access is limited to personnel and subprocessors who need access to provide, secure, troubleshoot, review, or support the Services.
Prox remains responsible for the acts and omissions of Prox Personnel and subprocessors to the extent required by the Agreement and applicable law.
4. Security Measures
Prox will maintain administrative, technical, and organizational safeguards designed to protect Customer Data against unauthorized access, disclosure, alteration, and destruction. Prox's current security posture includes tenant isolation, access control, encryption in transit and at rest, audit logging where available, backups, incident response procedures, and vendor review.
Customer acknowledges that security controls may evolve over time, provided Prox does not materially reduce the overall security of the Services during an active term.
4.1 Baseline Security Controls
Tenant isolation: Prox OS uses logical separation controls designed to isolate customer workspaces, business data, and shared configuration data.
Authentication: Identity and access management controls support tenant authentication, organization membership, and SSO or MFA where configured.
Access control: Production administrative access is limited to authorized Prox personnel. Service-role credentials are not exposed to tenant code paths, sandbox containers, or customer browsers.
Encryption: Prox uses TLS for data in transit. Customer documents and business data are stored in cloud infrastructure with encryption at rest. Current target encryption posture includes AES-256 or vendor-equivalent encryption at rest and TLS 1.2 or higher in transit.
Secrets: Platform and tenant credentials are stored in a dedicated secrets management system, not in application source code or tenant-facing databases.
Backups and recovery: Prox relies on cloud-provider backups and point-in-time recovery where enabled, plus rebuildable stateless runtime architecture for agent containers and tenant runtimes.
5. AI and Model Data Use
Prox will not use Customer Data to train general-purpose foundation models. Prox may send limited Customer Data to AI subprocessors as needed to provide the Services, such as parsing documents, generating product knowledge, answering user questions, or producing artifacts.
Prox will maintain subprocessor disclosures for material AI providers and other material subprocessors through its Trust Center or another customer-accessible subprocessor disclosure page.
6. Subprocessors
Customer authorizes Prox to use subprocessors to provide the Services. Prox will maintain a current subprocessor list and will impose written data protection obligations on subprocessors that are materially no less protective than this Addendum for the relevant processing.
Prox's current subprocessor list is available at trust.useprox.com, or at another Trust Center or subprocessor-disclosure URL identified by Prox.
Prox will provide reasonable notice of material new subprocessors where required by applicable law or an order form. Customer may object on reasonable data protection grounds, and the parties will work in good faith to resolve the objection.
7. Security Incidents
Prox will notify Customer without undue delay after confirming a Security Incident affecting Customer Personal Data. Where legally required and commercially practicable, Prox will aim to notify Customer within 72 hours after confirmation.
The notice will include information reasonably available to Prox, such as the nature of the incident, affected systems or data categories, known timing, mitigation steps, and recommended customer actions. Prox's notification is not an admission of fault or liability.
8. Assistance and Data Subject Requests
Taking into account the nature of processing and information available to Prox, Prox will provide reasonable assistance for Customer's obligations relating to data subject requests, security, breach notifications, impact assessments, and regulator inquiries.
9. Return and Deletion
Upon termination or trial expiration, Customer may request export of available Customer Data, including uploaded documents, processed knowledge graph content, and chat logs, subject to technical availability, legal restrictions, and third-party platform limitations.
Prox will provide a 30-day export window after termination unless otherwise stated in an order form. After the export window, Prox will delete or de-identify Customer Data according to its deletion procedures, subject to backup retention, legal obligations, fraud/security records, and ordinary-course archival copies. Prox's target is permanent deletion and backup purge within 60 days after the end of the export window or termination workflow, unless law requires longer retention.
10. Audits and Compliance Materials
Prox may make available security documentation, SOC 2 reports, subprocessor information, architecture summaries, or questionnaire responses under appropriate confidentiality restrictions.
Customer may request a reasonable audit no more than once per year, unless required after a confirmed Security Incident or by law. The parties will first rely on available third-party reports and written responses. Any direct audit must be scoped, scheduled, non-disruptive, and subject to confidentiality and security requirements.
11. International Transfers and Residency
Prox currently operates primarily in the United States and does not commit to EU or non-U.S. data residency unless stated in an order form. If Customer Personal Data is subject to transfer restrictions, the parties will use appropriate transfer mechanisms such as standard contractual clauses where required.
12. Customer Responsibilities
Customer is responsible for determining whether the Services are appropriate for the categories of data Customer uploads, configuring access controls, obtaining required notices and consents, and avoiding upload of data that Customer is not authorized to process.
Customer should not upload regulated sensitive data, export-controlled technical data, health information, financial account data, government identifiers, or other special categories unless Customer has confirmed that the applicable order form, security controls, and legal basis are sufficient.
13. Conflict
If this Addendum conflicts with the Terms of Service, this Addendum controls for privacy, security, and data processing matters. If standard contractual clauses or another required transfer mechanism conflict with this Addendum, that required mechanism controls to the extent of the conflict.