Sub-processors
Third parties we engage to process Customer Personal Data.
Last updated: 27 May 2026
This page lists the sub-processors engaged by Kings AI Automation Pty Ltd to process Customer Personal Data in support of the KAINDIS platform. The list is maintained in accordance with section 4.3 of our Data Processing Addendum. Each sub-processor is engaged under a written agreement that imposes data-protection obligations equivalent to those in our DPA, including obligations under APP 8.1 and HPP 9 in respect of overseas disclosures.
Customers may subscribe to change notifications by emailing kaindis@kai-auto.com.
Infrastructure
| Sub-processor | Purpose | Data categories | Processing location |
|---|---|---|---|
| Amazon Web Services (AWS), Inc. | Application, database, object storage, networking, logs | All Customer Data including participant PII and sensitive health information | Sydney, Australia (ap-southeast-2) |
| Amazon CloudWatch (AWS) | Infrastructure metrics and log aggregation | Operational telemetry; incidental access logs | Sydney, Australia (ap-southeast-2) |
Payments and billing
| Sub-processor | Purpose | Data categories | Processing location |
|---|---|---|---|
| Stripe Payments Australia Pty Ltd | Payment processing, subscription management, tax invoicing. Also Stripe Connect Standard for participant payments where the tenant has enabled clause 12A and connected a Stripe account. | Billing contact, card tokens (never raw card data), transaction records | Australia, with US parent processing |
| Stripe, Inc. (parent) | Underlying card network processing; fraud detection | Same as above, for cross-border card routing | United States |
| Xero Australia Pty Ltd (optional — only if Customer connects Xero) | Sync invoices and payments to Customer-managed accounting ledger | Invoice totals, customer name, ABN | Australia |
Email and messaging
| Sub-processor | Purpose | Data categories | Processing location |
|---|---|---|---|
| Amazon Web Services (AWS) — Simple Email Service (SES) | Primary transactional email sender (welcome, password reset, booking confirmations, invoices, dunning) for tenants that do not have a Customer-connected mailbox. | Recipient email address, name, content of the transactional message, and any attachments included with the message (for example, invoice PDFs) | Sydney, Australia (ap-southeast-2) |
| Twilio SendGrid (Twilio Inc.) | Fallback transactional email when AWS SES is unavailable, and where no Customer-connected mailbox is configured. Where the Customer has connected their own Gmail, Outlook, or SMTP account, that mailbox takes precedence over both SES and SendGrid. | Recipient email address, name, content of the transactional message | United States (with Australian edge routing) |
| Twilio Inc. | SMS delivery (MFA codes, booking reminders where enabled) | Mobile number, message content | United States (AU gateways for AU numbers) |
AI and automation
| Sub-processor | Purpose | Data categories | Processing location |
|---|---|---|---|
| Anthropic, PBC | LLM inference for the in-app AI assistant, chatbot, and suggestion engine | Prompts initiated either explicitly by Customer end-users (chatbot) or automatically by the platform on the Customer’s behalf within the tenant context (suggestion engine and AI assistant). Not used to train Anthropic’s models, in accordance with Anthropic’s API terms. | United States |
| OpenAI, L.L.C. | Speech-to-text transcription via the Whisper API for voice-recorded care notes and shift notes | Audio recordings submitted by Customer staff. Audio may contain voices of participants and staff; transcribed text is returned to KAINDIS and stored within the Customer tenant. Not used to train OpenAI models (zero-retention API). | United States |
| Google LLC (Google Cloud Speech-to-Text) | Fallback speech-to-text transcription when OpenAI Whisper is unavailable | Same as OpenAI — audio recordings only sent on fallback | United States (global edge) |
Maps and geocoding
| Sub-processor | Purpose | Data categories | Processing location |
|---|---|---|---|
| Google LLC (Google Maps Platform) | Address autocomplete, geocoding, map display, transport route optimisation | Address strings supplied by Customer users | United States (global edge) |
Observability and developer tooling
| Sub-processor | Purpose | Data categories | Processing location |
|---|---|---|---|
| Better Stack, Inc. (Delaware, USA) | Log aggregation, uptime monitoring, and the public status page (status.kaindis.com) | Application log lines forwarded from CloudWatch (may incidentally include tenant/user IDs and request paths; no plaintext participant PII by convention); HTTP uptime probes | Data residency: Germany / European Union (EU data centres). Contracting entity: United States (Delaware). |
Government and regulatory APIs
The KAINDIS platform also transmits data to Australian government services where the Customer enables those features. These are not sub-processors in the conventional sense — they are statutory recipients with their own legal authority — but we identify them here for transparency:
- Australian Business Register (ABR): Active. ABN verification queries only (no participant data). Location: Australia.
- National Disability Insurance Agency (NDIA) and Services Australia (PRODA): Planned — not currently active. Direct bulk-claim submission to PRODA is on our roadmap but not yet enabled. For now, customers export an NDIA Bulk Payment Request CSV from the Claims module and upload it via the myplace portal themselves; no claim data is transmitted from KAINDIS to PRODA today. When we activate the integration, we will give the standard 14 days' notice. Data (when active): NDIS numbers, service dates, amounts, and provider identifiers. Location: Australia.
- Services Australia (Medicare ECLIPSE): Planned — not currently active. Deferred alongside PRODA. Data (when active): provider and location identifiers. Location: Australia.
Change notifications
In accordance with our DPA §4.3, we will provide at least 14 days' written notice to each Customer's nominated privacy contact, and on this page, before adding a new sub-processor or materially changing the scope of an existing one.
Customers may object to the addition or change on data protection grounds within the 14-day period. We will discuss objections in good faith. If we cannot accommodate the objection within 30 days of receiving it, the Customer may terminate the affected subscription on written notice and we will refund any prepaid unused fees, as the Customer's sole remedy for the change.
Change log
| Date | Change |
|---|---|
| 2026-04-18 | Initial publication for launch. |
| 2026-04-23 | Added Better Stack (Germany/EU) for log aggregation, uptime monitoring, and the public status page. |
| 2026-05-09 | Removed Sentry — error monitoring is now handled by the in-platform error reporting system in conjunction with CloudWatch and Better Stack. Added OpenAI (Whisper API) for primary speech-to-text transcription of voice care notes, and Google Cloud Speech-to-Text as a fallback transcription provider. Updated SendGrid description to clarify fallback-only role — primary email delivery is via the Customer's own connected mailbox. Added a Government and regulatory APIs section. Aligned change-notice wording with the DPA. |
| 2026-05-09 | Corrected Better Stack legal entity. Verified against the published Better Stack Terms of Use (betterstack.com/terms, last updated Feb 14 2025): the contracting entity is Better Stack, Inc., a Delaware corporation(US), notwithstanding that data is hosted in EU data centres. Earlier descriptions naming "Productboard Labs s.r.o." or "Better Stack s.r.o." were incorrect. APP 8 disclosure now clearly identifies both the contracting jurisdiction (US) and the data-residency location (EU). |
| 2026-05-26 | Added Amazon Web Services (AWS) SES (Sydney, ap-southeast-2) as the primary transactional email sender; Twilio SendGrid is now the documented fallback. Annotated the Stripe row to note Stripe Connect Standard is used for participant payments where the tenant has enabled clause 12A and connected a Stripe account. |