Data Processing Agreement

DPA for DataForge Business Customers

What is a DPA?

A Data Processing Agreement (DPA) is a legally binding contract required under GDPR Article 28 when a business (data controller) uses a service provider (data processor) to process personal data on their behalf. It defines the responsibilities and obligations of both parties regarding data protection.

Who Needs a DPA?

  • Business customers using DataForge to process personal data on behalf of their organization
  • Companies subject to GDPR compliance requirements
  • Organizations processing EU residents' personal data through our platform

Individual users and those not processing personal data typically do not require a DPA.

What Our DPA Covers

Subject Matter and Duration

Defines what data is processed and for how long

Nature and Purpose

Data cleaning, deduplication, enrichment, and analysis services

Types of Personal Data

Categories of data you may upload for processing

Data Subject Categories

Who the personal data relates to

Sub-processor List

Third parties we use (Google Cloud, Stripe, Resend, Hetzner)

Technical Measures

Security controls protecting your data

Your Rights and Obligations

Audit rights, data subject requests, breach notification

Download DPA

Our standard DPA is available for download below. The document outlines the data processing terms in accordance with GDPR Article 28.

Download DPA (PDF)

PDF document, placeholder version

Signing Process

  1. 1Download the DPA document
  2. 2Review the terms with your legal team if needed
  3. 3Sign and return to us via email
  4. 4We will countersign and return the executed agreement

Questions?

If you have questions about our Data Processing Agreement or need a customized version, please contact us:

henri.mueller@data-forge.dev