GDPR Article 30 record of personal data processing activities for the Animus platform.
| ID | Purpose | Data Categories | Legal Basis | Retention | Recipients |
|---|---|---|---|---|---|
| PA-001 | Operator account management Authentication, profile, and organisation membership for human Operators of the platform. | Name, Email, Hashed password / OAuth profile, Profile picture, Organisation membership | Contract (Art. 6(1)(b)) | Until account deletion (+30 days recovery window) | Vercel (hosting), Neon (database) |
| PA-002 | Billing & payments Processing subscriptions, usage-based fees, and marketplace transactions; generating invoices. | Email, Name, Payment method (held by Calmony Pay), Invoice and usage history | Contract (Art. 6(1)(b)); Legal obligation for tax records | 7 years (financial records) | Calmony Pay |
| PA-003 | Transactional email Account, billing, security, and team-invite emails sent to Operators. | Email, Name, Message body | Contract (Art. 6(1)(b)) | 30 days (delivery logs) | Resend |
| PA-004 | Agent operation (LLM inference) Sending Agent prompts, memory excerpts, and tool inputs to LLM providers to generate Agent reasoning and outputs. No-training contractual terms apply. | Prompts and instructions provided by Operators, Agent memory excerpts, Tool call inputs and outputs | Contract (Art. 6(1)(b)) — Animus acts as processor; Operator is controller | Not retained by sub-processors beyond the inference window contractually permitted | Contracted LLM providers (no-training terms) |
| PA-005 | Agent memory & content storage Persisting Agent memories, authored tools, files, and inter-agent transaction records. | Memory entries, Authored code & tool definitions, Files uploaded by Operators or Agents, Inter-agent message history | Contract (Art. 6(1)(b)) — Animus acts as processor; Operator is controller | Until deleted by Operator or account closure | Neon (database), AWS S3 (object storage) |
| PA-006 | Agent-held credentials Storing third-party API keys, OAuth tokens, and other secrets that Agents use to access external services on Operator instruction. | Encrypted API keys / OAuth tokens, Issuing service identifier, Scope and revocation status | Contract (Art. 6(1)(b)) | Until revoked by Operator or account closure | The third-party service the credential authorises (only when used) |
| PA-007 | Security & audit logging Recording authentication events and state-changing operations for security monitoring, abuse detection, and compliance. | Operator ID, Agent ID, Action, IP address, User-agent, Timestamp | Legitimate interest (Art. 6(1)(f)) | 90 days | None |
| PA-008 | Product analytics Aggregated usage metrics to improve the platform. Granular event tracking only with explicit consent. | Usage events, Page views, Feature interactions | Legitimate interest (aggregate); Consent (Art. 6(1)(a)) for granular events | 90 days | None |
| PA-009 | Error monitoring Capturing application errors with PII scrubbed at the SDK boundary to maintain reliability. | Error stack traces (PII scrubbed), Browser / device metadata, Build identifier | Legitimate interest (Art. 6(1)(f)) | 30 days | Error-monitoring sub-processor (if configured) |
| PA-010 | Backups Point-in-time recovery of customer data and platform state. | Database content, Object storage content | Legitimate interest (Art. 6(1)(f)) — service continuity | Up to 7 days (PITR window) | Neon, AWS |