← Back to jinen.ai

Data Processing Agreement

Last updated: April 19, 2026

This Data Processing Agreement ("DPA") supplements the Terms of Service and applies where Jinen processes personal data on your behalf in connection with providing the Jinen platform. This DPA is incorporated into the Terms by reference.

1. Definitions

Terms used in this DPA have the meanings given in the GDPR (EU 2016/679) and applicable data protection laws. Key definitions:

  • Controller: You, the Jinen customer, who determines the purposes and means of processing personal data.
  • Processor: Jinen Labs, Inc., which processes personal data on the Controller's behalf.
  • Data Subjects: Individuals whose personal data is processed (e.g., your end users, subscribers, or team members).

2. Roles and Responsibilities

Jinen acts as a Processor when processing personal data you supply through the platform (e.g., content about or from your users). Jinen acts as an independent Controller for data it collects directly for its own purposes (e.g., your account registration data), as described in the Privacy Policy.

3. Processing Purposes and Instructions

Jinen will process personal data only on your documented instructions, which include: (a) storing and serving content you create; (b) running AI inference on that content as directed by your prompts; (c) publishing project sites on your behalf. Jinen will not process personal data for any other purpose without your prior written consent, except where required by applicable law.

4. Sub-Processors

Jinen engages the following sub-processors to deliver the platform. By accepting this DPA, you provide general authorization for these sub-processors:

Sub-processorPurposeLocation
Amazon Web Services (AWS)Cloud infrastructure, database, file storage, CDN, AI inference (Bedrock)USA (us-east-1 primary)
Google LLCOAuth-based authenticationUSA
Replicate Inc.AI music generationUSA

We will notify you of any intended changes to this list (additions or replacements) with at least 14 days' notice, giving you the opportunity to object.

5. Security Measures

Jinen implements appropriate technical and organizational measures to protect personal data against unauthorized access, accidental loss, destruction, or alteration, including:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256 via AWS managed keys)
  • Access controls and least-privilege principles for production systems
  • Regular security reviews and dependency updates
  • Isolated tenant data — content is scoped per account with row-level access checks

6. Confidentiality

Jinen ensures that personnel authorized to process personal data are bound by confidentiality obligations.

7. Data Subject Rights

Jinen will assist you (as the Controller) in fulfilling data subject requests to access, correct, delete, or port personal data, taking into account the nature of the processing. Contact support@jinen.ai for assistance.

8. Breach Notification

In the event of a personal data breach affecting data we process on your behalf, Jinen will notify you without undue delay and within 72 hours of becoming aware. The notification will include, to the extent known: the nature of the breach, categories and approximate number of data subjects and records affected, likely consequences, and measures taken or proposed.

9. Data Transfers

Personal data is processed primarily in the United States. For data originating in the European Economic Area (EEA) or UK, Jinen relies on Standard Contractual Clauses (SCCs) as the transfer mechanism to the extent required by applicable law. Please contact us if you require SCCs to be executed.

10. Audit Rights

You may request information necessary to demonstrate compliance with this DPA no more than once per calendar year. Such requests must be made in writing to support@jinen.ai and will be fulfilled within 30 days.

11. Deletion and Return of Data

Upon termination of the agreement or your written request, Jinen will delete or return all personal data processed on your behalf within 30 days, and will delete existing copies unless retention is required by law.

12. Contact

For DPA-related inquiries, email support@jinen.ai.