feat(tpsc): Third-Party Services Catalog (CUST-WP-0023)
Introduces TPSC for tracking external service dependencies with GDPR
compliance maturity (CNIL/IAPP CMMI scale), pricing model, ToS, and
data retention information across all repos.
Primary data:
- canon/tpsc/{openai,anthropic,gemini,openrouter}-api.yaml — service definitions
- tpsc.yaml in each repo (llm-connect seeded with 4 services)
State-hub additions:
- Migration j7e8f9a0b1c2: tpsc_catalog + tpsc_snapshots + tpsc_entries
- api/models/tpsc.py, api/schemas/tpsc.py, api/routers/tpsc.py
- /tpsc/catalog/, /tpsc/ingest/, /tpsc/snapshots/, /tpsc/report/gdpr endpoints
- 4 MCP tools: register_service, list_services, ingest_tpsc_tool, get_gdpr_report
- scripts/ingest_tpsc.py + make ingest-tpsc[/-all] targets
- Dashboard: tpsc.md page + docs/tpsc.md
GDPR maturity scale: unknown | non_compliant | initial | developing | defined | managed | certified
Warnings triggered at: unknown, non_compliant, initial
Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
22
canon/tpsc/anthropic-api.yaml
Normal file
22
canon/tpsc/anthropic-api.yaml
Normal file
@@ -0,0 +1,22 @@
|
||||
slug: anthropic-api
|
||||
name: Anthropic API (Claude)
|
||||
provider: Anthropic, PBC
|
||||
category: llm_inference
|
||||
website_url: https://anthropic.com
|
||||
pricing_model: usage_based
|
||||
gdpr_maturity: developing
|
||||
gdpr_notes: >
|
||||
DPA available. SCCs provided for EU→US transfers. Data processed in the US.
|
||||
Prompts and completions are not used for training by default (API usage).
|
||||
Data may be retained for up to 30 days for trust & safety review.
|
||||
Privacy Shield successor mechanisms in place for international transfers.
|
||||
Reference: https://www.anthropic.com/legal/data-processing-agreement
|
||||
dpa_available: true
|
||||
tos_url: https://www.anthropic.com/legal/aup
|
||||
privacy_policy_url: https://www.anthropic.com/legal/privacy
|
||||
data_processing_regions:
|
||||
- us
|
||||
data_retention_notes: >
|
||||
API inputs/outputs not used for model training. Retained up to 30 days
|
||||
for safety review. Enterprise customers can negotiate reduced retention.
|
||||
status: active
|
||||
26
canon/tpsc/gemini-api.yaml
Normal file
26
canon/tpsc/gemini-api.yaml
Normal file
@@ -0,0 +1,26 @@
|
||||
slug: gemini-api
|
||||
name: Google Gemini API
|
||||
provider: Google LLC
|
||||
category: llm_inference
|
||||
website_url: https://ai.google.dev
|
||||
pricing_model: usage_based
|
||||
gdpr_maturity: defined
|
||||
gdpr_notes: >
|
||||
Google Cloud (including Vertex AI / Gemini API via Google Cloud) has a
|
||||
comprehensive GDPR compliance programme. DPA is part of Google Cloud ToS.
|
||||
Data Processing Addendum and SCCs available. Google Cloud has EU data
|
||||
residency options (data can stay in EU). Google AI Studio (free tier)
|
||||
has weaker protections — data may be used to improve Google products.
|
||||
Use Vertex AI / Google Cloud API endpoint for GDPR-adequate usage.
|
||||
Reference: https://cloud.google.com/terms/data-processing-addendum
|
||||
dpa_available: true
|
||||
tos_url: https://ai.google.dev/gemini-api/terms
|
||||
privacy_policy_url: https://policies.google.com/privacy
|
||||
data_processing_regions:
|
||||
- us
|
||||
- eu # when using Vertex AI with EU region selection
|
||||
data_retention_notes: >
|
||||
Google AI Studio: prompts may be reviewed by human raters and used to
|
||||
improve models. Google Cloud / Vertex AI: data not used for training,
|
||||
retained per Cloud data retention policy (configurable).
|
||||
status: active
|
||||
24
canon/tpsc/openai-api.yaml
Normal file
24
canon/tpsc/openai-api.yaml
Normal file
@@ -0,0 +1,24 @@
|
||||
slug: openai-api
|
||||
name: OpenAI API
|
||||
provider: OpenAI, Inc.
|
||||
category: llm_inference
|
||||
website_url: https://openai.com
|
||||
pricing_model: usage_based
|
||||
gdpr_maturity: developing
|
||||
gdpr_notes: >
|
||||
DPA available (Data Processing Addendum). Standard Contractual Clauses (SCCs)
|
||||
provided for EU→US data transfers. Data is processed in the US.
|
||||
Input/output retained up to 30 days for safety monitoring unless opted out
|
||||
via the API zero-data-retention setting. Zero-data-retention is available
|
||||
on eligible endpoints. Not suitable for sensitive personal data without a
|
||||
signed DPA and explicit zero-retention configuration.
|
||||
Reference: https://openai.com/policies/data-processing-addendum
|
||||
dpa_available: true
|
||||
tos_url: https://openai.com/policies/terms-of-use
|
||||
privacy_policy_url: https://openai.com/policies/privacy-policy
|
||||
data_processing_regions:
|
||||
- us
|
||||
data_retention_notes: >
|
||||
Default: 30 days for abuse monitoring. Zero-data-retention available
|
||||
on eligible API endpoints via opt-in. Training opt-out available.
|
||||
status: active
|
||||
27
canon/tpsc/openrouter-api.yaml
Normal file
27
canon/tpsc/openrouter-api.yaml
Normal file
@@ -0,0 +1,27 @@
|
||||
slug: openrouter-api
|
||||
name: OpenRouter API
|
||||
provider: OpenRouter, Inc.
|
||||
category: llm_routing
|
||||
website_url: https://openrouter.ai
|
||||
pricing_model: usage_based
|
||||
gdpr_maturity: initial
|
||||
gdpr_notes: >
|
||||
OpenRouter is a US-based routing proxy for multiple LLM providers.
|
||||
Privacy policy exists but as of early 2026 no formal DPA or SCCs are
|
||||
publicly available. Requests are forwarded to underlying providers
|
||||
(OpenAI, Anthropic, Google, Mistral, etc.) each with their own data
|
||||
handling. GDPR compliance is therefore dependent on both OpenRouter
|
||||
and the selected downstream model provider. Not recommended for
|
||||
processing personal data in corporate/regulated environments without
|
||||
a signed DPA. Suitable for development, prototyping, model comparison.
|
||||
Reference: https://openrouter.ai/privacy
|
||||
dpa_available: false
|
||||
tos_url: https://openrouter.ai/terms
|
||||
privacy_policy_url: https://openrouter.ai/privacy
|
||||
data_processing_regions:
|
||||
- us
|
||||
data_retention_notes: >
|
||||
Requests forwarded to upstream providers. OpenRouter may log requests
|
||||
for billing and abuse prevention. Retention policy not formally published.
|
||||
Downstream provider retention policies apply per selected model.
|
||||
status: active
|
||||
Reference in New Issue
Block a user