Merge branch 'main' into christian/docs_deployment_step_for_gen

Author: masnwilliams

apps/deploy.mdx

@@ -37,19 +37,19 @@ kernel deploy my_app.py --env MY_ENV_VAR=my_value # Can add multiple env vars de
 
 <CodeGroup>
 ```bash Typescript/Javascript
-/project-root
-  |-- my_app.ts # Entrypoint file
-  |-- package.json
-  |-- .gitignore # Make sure to exclude dependency folders like node_modules
-  |-- tsconfig.json # If Typescript
-  ∟-- package-lock.json # Or bun.lock or pnpm-lock.yaml
+project-root/
+  ├─ .gitignore # Exclude dependency folders like node_modules
+  ├─ my_app.ts # Entrypoint file
+  ├─ package.json
+  ├─ tsconfig.json # If using TypeScript
+  └─ bun.lock | package-lock.json | pnpm-lock.yaml # One of these lockfiles
 ```
 
 ```bash Python
-/project-root
-  |-- my_app.py # Entrypoint file
-  |-- .gitignore # Make sure to exclude dependency folders like .venv
-  ∟-- requirements.txt # or pyproject.toml or uv.lock
+project-root/
+  ├─ .gitignore # Exclude dependency folders like .venv
+  ├─ my_app.py # Entrypoint file
+  └─ pyproject.toml
 ```
 </CodeGroup>
 

docs.json

@@ -42,6 +42,7 @@
     "tabs": [
       {
         "tab": "Guides",
+        "icon": "book-open",
         "groups": [
           {
             "group": "Get Started",
@@ -76,13 +77,6 @@
               "apps/logs"
             ]
           },
-          {
-            "group": "API",
-            "pages": [
-              "reference/cli",
-              "reference/mcp-server"
-            ]
-          },
           {
             "group": "Integrations",
             "pages": [
@@ -117,7 +111,22 @@
       },
       {
         "tab": "API Reference",
+        "icon": "code",
         "openapi": "https://app.stainless.com/api/spec/documented/kernel/openapi.documented.yml"
+      },
+      {
+        "tab": "MCP",
+        "icon": "code-fork",
+        "pages": [
+          "reference/mcp-server"
+        ]
+      },
+      {
+        "tab": "CLI",
+        "icon": "terminal",
+        "pages": [
+          "reference/cli"
+        ]
       }
     ]
   },

dpa.mdx

@@ -1,6 +1,9 @@
 ---
 title: "Data Processing Agreement"
 ---
+
+Last Modified: August 18, 2025
+
 This Data Processing Addendum ("DPA") forms part of and is subject to the agreement, whether written or
 electronic, between the Customer and Kernel Technologies, Inc. ("Kernel") for the Services (as defined in
 Section 1 below) (collectively, the "Agreement"). For the purposes of this DPA,
@@ -69,6 +72,9 @@ Data only as a processor (or sub-processor) acting on behalf Customer and, with
 service provider, in each case, regardless of whether Customer acts as a controller or as a data processor
 on behalf of a third-party controller with respect to Customer Personal Data.
 
+For purposes of European Data Protection Laws, the parties acknowledge and agree that Customer is
+the Controller and Kernel is the Processor of Customer Personal Data processed under this DPA.
+
 3.2 Scope of Processing. Kernel certifies that it will not (i) "sell" or "share" Customer Personal Data; (ii)
 retain, use or disclose Customer Personal Data outside of the direct business relationship between
 Customer and Kernel or for any purpose other than as permitted under the Agreement (including
@@ -118,7 +124,7 @@ Kernel's access to process such Customer Personal Data. The period for which Cus
 Data will be retained and the criteria used to determine that period shall be determined by Customer
 during the term of the Agreement. Upon termination or expiration of the Agreement, Customer may
 retrieve or delete all Customer Personal Data as set forth in the Agreement. Any Customer Personal Data
-not deleted by Customer shall be deleted by Kernel promptly upon the later of (i) expiration or
+not deleted by Customer shall be deleted by Kernel within thirty (30) upon the later of (i) expiration or
 termination of the Agreement and (ii) expiration of any post-termination "retrieval period" set forth in
 the Agreement.
 
@@ -232,14 +238,41 @@ extent such information is available.
 ## 6. Hosting and Processing Locations
 For Kernel's cloud services, Kernel will only host Customer Personal
 Data in the specified region(s) disclosed to Customer. Kernel will not Process Customer Personal Data
-from outside the disclosed hosting region except as reasonably necessary to provide the Services or as
+from outside the disclosed hosting region(s) except as reasonably necessary to provide the Services or as
 necessary to comply with the law or binding order of a governmental body.
 As between Customer and Kernel, Customer is solely
 responsible for any access granted to Kernel to Customer Personal Data hosted by Customer.
 
+6.1 Schrems II and Standard Contractual Clauses. Where Customer Personal Data 
+originating in the EEA, UK, or Switzerland is transferred to Kernel in the United States, 
+the parties agree that such transfers shall be governed by the EU Commission 
+Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914), 
+which are hereby incorporated by reference. 
+
+(a) The parties agree that Module Two (Controller-to-Processor) shall apply where 
+Customer is a Controller and Kernel is a Processor, and Module Three (Processor-to-Processor) 
+shall apply where Customer is a Processor and Kernel is a Sub-Processor. 
+
+(b) For purposes of the SCCs: (i) the data exporter is Customer and the data importer is Kernel; 
+(ii) the parties elect Option 2 of Clause 9 (general authorization of subprocessors), 
+and the time period for notice of changes shall be as set forth in Section 4.3 of this DPA; 
+(iii) the optional docking clause in Clause 7 shall apply; (iv) for Clause 17, the parties select 
+the law of Ireland; and (v) for Clause 18, the courts of Ireland shall have jurisdiction. 
+
+(c) Kernel shall implement and maintain supplementary measures to ensure a level of 
+protection essentially equivalent to that under European Data Protection Laws, including 
+encryption in transit and at rest, strict access controls, policies for handling government 
+access requests, and transparency commitments, in accordance with Schrems II.
+
+(d) For transfers from the UK, the parties agree that the International Data Transfer 
+Addendum (issued by the UK Information Commissioner's Office) shall apply, 
+incorporating the SCCs as modified by that Addendum. For transfers from Switzerland, 
+the SCCs apply with the modifications required by the Swiss Federal Data Protection Act. 
+
+
 ## 7. Personal Data Breach Management and Notification
-If Kernel becomes aware of a Personal Data
-Breach, Kernel shall: (i) promptly notify Customer of the discovery of the Personal Data Breach, which
+If Kernel becomes aware of a Personal Data Breach, Kernel shall notify Customer without undue delay
+and in any event within twenty-four (24) hours: (i) the discovery of the Personal Data Breach, which
 shall include a summary of the known circumstances of the Personal Data Breach and the corrective action
 taken or to be taken by Kernel; (ii) conduct an investigation of the circumstances of the Personal Data
 Breach; (iii) use commercially reasonable efforts to mitigate the effects of the Personal Data Breach; and (iv)