Data Processing Agreement (DPA)

Last updated: June 10, 2025

This Data Processing Agreement ("DPA") forms part of the Terms of Service between ("Processor") and the customer ("Controller") and governs the processing of personal data in connection with the services provided by .

1. Definitions

Capitalized terms used but not defined in this DPA shall have the meaning given to them in the Terms of Service and applicable data protection laws (including GDPR, CCPA).

2. Scope of Processing

Nature and Purpose: Processing personal data as necessary to provide the Service under the Terms of Service.

Duration: For the term of the Service agreement plus any post-termination retention period required by law.

Categories of Data Subjects: End users of the Controller's application who authenticate through or interact with the Service.

Types of Personal Data: Name, email address, profile picture, authentication credentials, and usage data.

3. Processor Obligations

The Processor shall:

4. Sub-processing

The Controller authorizes the use of sub-processors listed on our Sub-processors page. The Processor will inform the Controller of any intended changes to sub-processors.

5. Security Measures

The Processor implements the security measures described on our Security page, including encryption, access controls, and regular security assessments.

6. Data Subject Rights

The Processor shall, to the extent legally permitted, promptly notify the Controller of any data subject requests received directly. Users can submit requests via our Data Request page.

7. International Transfers

Personal data may be processed in any country where the Processor or its sub-processors operate. The Processor shall ensure appropriate safeguards for such transfers in compliance with applicable data protection laws.

8. Liability

Each party's liability arising out of or related to this DPA shall be subject to the limitations of liability set forth in the Terms of Service.

9. Contact

📧