Legal
Sub-processors & Service Providers
Last updated: June 2026
To operate the Kiara API (the “Service”) we rely on a small set of trusted service providers that process personal data on our behalf as processors (sub-processors), under written data-processing agreements and our instructions. This page discloses the categories of those providers and the safeguards that apply. Read it together with our Privacy Policy. We do not sell personal data, and we do not share it with any party except as described here or as required by law.
Categories of sub-processors
| Category | Function | Data processed |
|---|---|---|
| Cloud hosting & CDN | Hosts our database, authentication, and generated assets; delivers the website and assets. | Account data, inputs/outputs, usage & logs, security/device data. |
| Payment processor | Processes cryptocurrency top-up payments and returns invoice/credit confirmations. | Payment metadata (invoice id, amount). Payment instrument details are handled by the processor under its own terms. |
| AI compute providers | Run image and video generation on the prompts and inputs you submit. | Inputs (prompts, uploaded images/files) and the resulting outputs. |
| Email / communications | Delivers transactional emails such as magic-link sign-in and account notices. | Email address and message content. |
We disclose categories rather than individual vendor names. A list of the specific entities behind each category is available to business customers on request via privacy@kiara-api.com.
International transfers
Some sub-processors may process data outside the European Economic Area (EEA). Where they do, the transfer is safeguarded under the GDPR — principally the European Commission’s Standard Contractual Clauses (SCCs), with supplementary measures where appropriate, or an adequacy decision — so that your data continues to receive an equivalent level of protection.
Our commitments
- We engage each sub-processor under a written agreement imposing data-protection obligations no less protective than those we owe you.
- We require each sub-processor to process personal data only on our instructions and to apply appropriate security measures.
- We carry out reasonable diligence before engaging a new sub-processor.
- We remain responsible to you for the processing carried out by our sub-processors.
Changes
We may add or replace sub-processors as the Service evolves. We will update the “Last updated” date above when the categories change. Business customers may request advance notice of new sub-processors within a category by contacting privacy@kiara-api.com.
Contact
Questions about our sub-processors or data handling: privacy@kiara-api.com.