Art & Tech bird logoArt & Tech

Data Compliance

Last updated: July 15, 2026

I advise organizations on AI governance and data protection for a living. It would be strange if I did not hold my own operation to the same standard. Here is how I do.

The rules I work within

What that looks like in practice

Processors and subprocessors

The services that process data on my behalf, each under a data processing agreement:

International transfers

These providers are US-based. For visitors in the EU, EEA, or UK, transfers rely on Standard Contractual Clauses and, where applicable, the EU-US Data Privacy Framework, alongside each provider’s data processing terms. I ask for a current copy of these safeguards on request.

If something goes wrong

If I become aware of a data incident affecting your information, I will tell you, and I will notify regulators (within 72 hours where the GDPR requires it).

Questions

For compliance questions, data processing agreements, or my current vendor list: ezra@artandtech.com.