z3t.ai

AI Processing & Data Flows

Last updated: June 24, 2026

Overview

This page explains how data flows through z3t.ai when Customers create, publish, and run AI-powered Agents and workflows.

It is intended to help Customers, Creators, security teams, procurement teams, and privacy professionals understand:

  • who is responsible for different types of processing;
  • when data is processed by AI providers;
  • how integrations work;
  • what role Appesco B.V. plays;
  • what data may leave the Platform.

This page should be read together with our:


The Roles Involved

Appesco B.V.

Appesco B.V. operates the z3t.ai Platform.

Our role is to provide:

  • infrastructure;
  • workflow execution;
  • authentication;
  • storage;
  • billing;
  • security controls;
  • operational tooling.

Appesco B.V. generally does not determine the business purpose of Creator-built Agents.

Creators

Creators create and configure Agents.

Creators determine:

  • what an Agent does;
  • what prompts are used;
  • which AI models are selected;
  • which integrations are connected;
  • what data is processed;
  • what outputs are generated.

Creators are responsible for ensuring that their Agents comply with applicable laws and regulations.

Buyers and Customers

Customers choose which Agents to run and what data to provide.

Customers are responsible for ensuring that they have the right to submit data to an Agent.


Typical Data Flow

A simplified workflow generally follows this pattern:

Customer

Agent

AI Provider(s)

Optional Integrations

Response Returned

The exact flow depends entirely on how the Creator configured the Agent.

Not every Agent uses every component.


What Happens When You Run an Agent

When a Customer executes an Agent:

  1. The Customer submits input.
  2. The Platform executes the workflow configured by the Creator.
  3. Data may be sent to one or more AI providers selected by the workflow.
  4. Data may be sent to integrations configured by the workflow.
  5. The resulting output is returned to the Customer.

The specific providers involved depend on the Agent's configuration.


AI Providers

Some Agents use third-party AI providers to generate outputs.

Examples may include:

  • OpenAI
  • Anthropic
  • Google
  • additional providers added in the future

AI providers are only involved when a workflow is configured to use them.

A request is not automatically sent to every provider supported by the Platform.

Current providers are listed on our Subprocessors page.


Integrations

Creators may connect Agents to external systems.

Examples include:

  • CRM systems;
  • internal databases;
  • APIs;
  • communication platforms;
  • productivity tools;
  • MCP servers;
  • custom services.

These integrations are selected and controlled by the Creator.

Appesco B.V. does not generally determine the purpose of those integrations and does not review the business logic of individual workflows.


Creator Responsibility

Creators are responsible for:

  • Agent behavior;
  • workflow logic;
  • prompts and instructions;
  • connected integrations;
  • compliance with applicable laws;
  • disclosures made about their Agents.

Creators are also responsible for ensuring that personal data is processed lawfully.

Additional information is available in our Terms and Conditions.


Appesco's Role

Appesco B.V. provides the infrastructure used to execute workflows.

Our responsibilities generally include:

  • Platform availability;
  • authentication;
  • billing;
  • security controls;
  • workflow execution;
  • storage and retention controls;
  • operational monitoring.

Appesco B.V. does not guarantee:

  • the accuracy of Agent outputs;
  • the legality of Creator-built workflows;
  • the correctness of prompts;
  • the suitability of outputs for any particular purpose.

Data Retention

By default:

Data TypeTypical Retention
Run inputsApproximately 3 days
Run outputsApproximately 3 days
Uploaded filesApproximately 3 days
Billing recordsAs required by law
Security logsAs reasonably necessary for security purposes

Retention periods may change as Platform features evolve.

Additional information is available in our Privacy Policy.


Automated Operations

The Platform is designed around automation-first operational principles.

Where practical, operational processes are performed through software and infrastructure automation rather than manual handling of customer data.

Examples include:

  • workflow execution;
  • infrastructure provisioning;
  • monitoring and alerting;
  • retention enforcement;
  • backups;
  • billing processes;
  • payout processing.

This approach helps reduce operational risk and minimizes unnecessary access to customer data.

Additional information is available on our Security page.


Security

We implement technical and organizational measures designed to protect Platform infrastructure and customer data.

Examples include:

  • encryption in transit;
  • encryption of sensitive stored credentials;
  • authentication controls;
  • access controls;
  • monitoring and logging;
  • backup and recovery processes.

For details, see our Security page.


International Data Transfers

Depending on the AI providers and integrations used by a workflow, data may be processed outside the European Economic Area or the United Kingdom.

Where required by applicable law, Appesco B.V. implements appropriate safeguards for international transfers.

Additional information is available in our:


Questions

Questions regarding AI processing or data flows may be directed to:

Appesco B.V.
Voorburg, The Netherlands

Email: [email protected]