AISpendGuard

Data Protection

Last updated: 6 March 2026

1. Our Commitment to Data Protection

AISpendGuard is operated by IT Kings, s.r.o., a company registered in the Slovak Republic. We are fully subject to and comply with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Slovak Act No. 18/2018 Coll. on the Protection of Personal Data.

Data protection is not an afterthought — it is a core design principle. AISpendGuard was built from day one as a tags-only platform that never stores prompts, completions, or any AI model input/output content.

2. Data Controller

IT Kings, s.r.o.

Hlavna 561

951 78 Kolinany

Slovak Republic

ICO (Company ID): 45528110

DIC (Tax ID): 2023032330

IC DPH (VAT ID): SK2023032330

Email: privacy@aispendguard.com

3. Privacy by Design & by Default

In accordance with Art. 25 GDPR, we implement data protection by design and by default:

3.1 Data Minimisation

  • We collect only what is strictly necessary for cost attribution: provider, model, token counts, latency, and your custom tags.
  • We never collect or store AI prompts, completions, outputs, or end-user content.
  • Our ingest API and SDK include a privacy guard that actively rejects payloads containing forbidden fields (prompt, completion, output, content, message, attachment).
  • Customer identifiers must be opaque internal IDs — never email addresses or PII.

3.2 Technical Safeguards

  • Encryption in transit: All communications use HTTPS/TLS 1.2+.
  • Encryption at rest: Database storage encrypted at the infrastructure level.
  • API key hashing: Ingest keys stored as SHA-256 hashes. Raw keys displayed once at creation.
  • Workspace isolation: Multi-tenant architecture with strict data separation between workspaces.
  • Role-based access: Four roles (Owner, Admin, Member, Viewer) with granular permissions.
  • Batch size limits: Maximum 500 events per request to prevent abuse.
  • Cron job auth: Fail-closed verification with Vercel cron signatures.

3.3 Organisational Safeguards

  • Access to production data is limited to essential personnel only.
  • All sub-processors are contractually bound to GDPR-compliant data handling.
  • We maintain records of processing activities as required by Art. 30 GDPR.

4. Legal Bases for Processing

Processing ActivityLegal BasisGDPR Article
Account creation & managementPerformance of a contractArt. 6(1)(b)
Usage event ingestion & analysisPerformance of a contractArt. 6(1)(b)
Billing & subscription managementPerformance of a contractArt. 6(1)(b)
Retention of billing records (10 years)Legal obligation (Slovak tax law)Art. 6(1)(c)
Server logs & security monitoringLegitimate interest (security)Art. 6(1)(f)
Budget alerts via email (Resend)Performance of a contractArt. 6(1)(b)
Transactional emails (alerts, invitations)Performance of a contractArt. 6(1)(b)
Service notifications via emailLegitimate interest (informing users)Art. 6(1)(f)
Product analytics (PostHog, cookieless)Legitimate interest (product improvement)Art. 6(1)(f)

5. International Data Transfers

Our primary database (Neon PostgreSQL) is hosted in the EU (Frankfurt region). Some sub-processors operate in the United States:

Sub-ProcessorLocationTransfer Mechanism
Clerk (authentication)USAEU Standard Contractual Clauses (SCCs) + EU-U.S. Data Privacy Framework
Vercel (hosting)USA / EUEU Standard Contractual Clauses (SCCs)
Stripe (payments)USAEU Standard Contractual Clauses (SCCs) + EU-U.S. Data Privacy Framework
Resend (transactional email)USAEU Standard Contractual Clauses (SCCs) + DPA
Cloudflare (DNS, email routing)USA / EUEU Standard Contractual Clauses (SCCs) + DPA
Neon (database)EU (Frankfurt)No transfer required
PostHog (product analytics)EU (EU Cloud)No transfer required

All transfers to third countries are made in compliance with Chapter V of the GDPR, using the safeguards listed above.

6. Your Data Subject Rights

Under the GDPR, you have the right to:

Access (Art. 15)

Request a copy of all personal data we hold about you, including account data, workspace memberships, and usage event metadata.

Rectification (Art. 16)

Request correction of any inaccurate or incomplete personal data. You can update your profile directly in the dashboard.

Erasure (Art. 17)

Request deletion of your personal data. We will delete your account and all associated data within 30 days, except where retention is required by law.

Restriction (Art. 18)

Request that we restrict processing of your data while we verify accuracy or assess whether our legitimate interests override your rights.

Data Portability (Art. 20)

Receive your data in a structured, commonly used, machine-readable format (JSON). This includes your usage events and workspace data.

Objection (Art. 21)

Object to processing based on legitimate interest. We will cease processing unless we demonstrate compelling legitimate grounds.

To exercise any of these rights, email us at privacy@aispendguard.com. We will verify your identity and respond within 30 days. If we need additional time due to complexity, we will inform you within the initial 30-day period.

7. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

  • Notify the supervisory authority within 72 hours of becoming aware of the breach (Art. 33 GDPR).
  • Notify affected data subjects without undue delay if the breach is likely to result in a high risk to their rights and freedoms (Art. 34 GDPR).
  • Document the breach, its effects, and remedial actions taken in our internal breach register.

8. Data Protection Impact Assessment

Given our tags-only approach and the absence of high-risk processing activities (no profiling, no special category data, no large-scale monitoring of public areas), a full DPIA under Art. 35 GDPR is not currently required. However, we regularly assess our processing activities against DPIA criteria as the Service evolves.

9. Supervisory Authority

Our competent supervisory authority is:

Urad na ochranu osobnych udajov Slovenskej republiky

(Office for Personal Data Protection of the Slovak Republic)

Hranicna 12

820 07 Bratislava 27

Slovak Republic

Phone: +421 2 3231 3214

Email: statny.dozor@pdp.gov.sk

Web: https://dataprotection.gov.sk

You have the right to lodge a complaint with this authority or with the supervisory authority in your EU/EEA member state of residence (Art. 77 GDPR).

10. Records of Processing Activities (Art. 30)

ActivityCategories of DataPurposeRetention
User registrationEmail, name, Clerk user IDAccount managementAccount lifetime + 30 days
Workspace managementWorkspace name, membership roles, API key hashesMulti-tenant access controlAccount lifetime + 30 days
Usage event ingestionProvider, model, tokens, cost, tags (no PII)AI cost attribution & waste detection12 months
Daily rollup aggregationAggregated event counts & costs by dimensionDashboard KPIs & trend analysis12 months
Subscription billingStripe Customer ID, Subscription ID, plan tierPayment processing10 years (tax law)
Budget alert notifications (email via Resend)Recipient email, workspace name, threshold dataProactive cost alerts30 days (Resend delivery logs)
Transactional emails (Resend)Recipient email address, alert/invite contentBudget alerts, member invitations, service notifications30 days (Resend delivery logs)
Inbound email routing (Cloudflare)Sender/recipient email addresses, email metadataReceiving emails at role addresses (privacy@, support@, etc.)Transient (forwarded immediately, not stored)
Product analytics (PostHog)Page views, clicks, browser type, viewport (no cookies, no PII)Product improvement & feature adoption analysisPostHog EU Cloud retention policy

11. Contact & Related Documents

For data protection enquiries, data subject requests, or to report a concern:

Email: privacy@aispendguard.com

Post: IT Kings, s.r.o., Hlavna 561, 951 78 Kolinany, Slovak Republic

Related documents: