Infrastructure
Hosting and database
Privian's data plane runs on serverless infrastructure with a managed Postgres-compatible database for account, billing, BYOK and usage data. Raw prompt and response bodies are not written.
Resources
Who Privian relies on to operate, which model providers requests can be routed to, and what BYOK changes.
Context
Subprocessors are simply the third-party services Privian uses to operate. Enterprise procurement reviews ask about them; this page exists to give a calm, directional answer.
This is not a legal document. For procurement-grade subprocessor lists and data-processing arrangements tied to a specific deployment, contact support and we will follow up directly. We deliberately do not invent a legal posture we cannot stand behind in a contract review.
With BYOK, the managed model provider relationship remains tied to your credential, account, billing and provider-side terms.
Operating Privian
Categories rather than vendor names, kept directional. The exact provider list is shared on request for procurement.
Infrastructure
Privian's data plane runs on serverless infrastructure with a managed Postgres-compatible database for account, billing, BYOK and usage data. Raw prompt and response bodies are not written.
Payments
Subscription and usage billing is handled by a third-party payments provider. Payment method data is held by that processor, not by Privian.
Operational emails (verification, account events) are sent through a third-party email provider.
Analytics
Marketing-site analytics are minimal and consent-gated. Application analytics do not contain prompt or response bodies.
Model providers
With BYOK, the relationship with the model provider is yours, not Privian's.
Trust boundary
With BYOK the upstream provider call is authenticated by your credential, not by a Privian-pooled key.
Framework
Store encrypted
The provider credential is encrypted at rest.
Resolve in process
The credential is decrypted only for the current request.
Authenticate upstream
The provider call uses your account and provider terms.
Discard plaintext
No plaintext credential is retained after the request.
Retention
FAQ
Keep reading
What reaches the model, what stays, what is logged.
Operational security posture and trust boundaries.
How the gateway is built end-to-end.
Reducing prompt-level exposure under GDPR.
Bring-your-own-key trust boundary.
What no raw-prompt retention means.
Blueprint
Trust
The same picture from different angles — procurement-friendly references.
Trust & Security Review Center
Procurement-ready hub: data path, retention, BYOK and scope.
Data path
What reaches the model, what stays, what is logged.
GDPR and LLMs
How prompt-level controls fit EU privacy expectations.
Security
Privian's security model, retention and credential handling.
Privacy
Privacy notice for the Privian application and gateway.