Terms of Use

Last Updated: March 2026

This Data Processing Addendum ("DPA") forms part of the Terms of Use or other written agreement (the "Agreement") between OOO "MINORAAI" ("Processor", "Minora AI", "we") and the Customer ("Controller", "you") for the provision of the Minora AI Service.

2.1 Roles: For the purposes of Data Protection Laws, Customer is the Data Controller and Minora AI is the Data Processor.

2.2 Purpose of Processing: Minora AI will process Personal Data solely to provide the Service (autonomous marketing execution, campaign analytics, and AI-driven creative generation) in accordance with Customer's documented instructions as set forth in the Agreement and this DPA.

3.1 Processing Instructions: Minora AI will not process Personal Data for its own purposes or for any purpose other than providing the Service.

3.2 AI Model Training: Minora AI does not use Customer's Personal Data, CRM records, or proprietary brand assets to train public, base, or foundational AI models.

3.3 Zero Data Retention: Where Minora AI transmits data to third-party Large Language Models (LLMs) to generate campaign outputs, it does so exclusively using Enterprise APIs subject to Zero Data Retention policies. These LLM providers are contractually prohibited from logging, retaining, or using Customer Data to train their models.

4.1 Authorized Subprocessors: Customer provides general authorization for Minora AI to engage Subprocessors. Our current list of Subprocessors includes:

4.2 Changes to Subprocessors: Minora AI will notify Customer of any new Subprocessor. Customer may object to a new Subprocessor on reasonable data protection grounds within 15 days of notice.

Minora AI shall implement and maintain enterprise-grade technical and organizational security measures designed to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. This includes encryption of data in transit and at rest, strict access controls (RBAC), and ongoing security monitoring.

6.1 Global Processing: Minora AI hosts its primary global infrastructure on Google Cloud in the United States.

6.2 Data Localization: For Customers and data subjects residing in the Republic of Uzbekistan, Minora AI processes and stores relevant Personal Data on localized servers within Uzbekistan to comply with regional data localization laws.

6.3 Transfer Mechanisms: If processing involves the transfer of Personal Data originating from the EEA, UK, or Switzerland to a country not recognized as providing adequate protection, the parties agree that the applicable Standard Contractual Clauses (SCCs) approved by the European Commission or UK ICO shall apply and are hereby incorporated by reference.

Minora AI will, to the extent legally permitted, promptly notify Customer if it receives a request from a Data Subject to exercise their rights under Data Protection Laws. Minora AI will provide commercially reasonable assistance to Customer to fulfill such requests via the Service's technical capabilities.

Upon termination or expiration of the Agreement, Minora AI shall securely delete or permanently anonymize all Customer Personal Data from its systems within 90 days, save for operational logs, billing data, and account metadata which are retained for 5 years to comply with legal, tax, and auditing obligations.

Contact: For privacy inquiries, please contact contact@minora.ai.