applatform.ai
Request access
// DATA PROCESSING

Data Processing Agreement

Last updated: 2026-05-14

applatform.ai offers a Data Processing Agreement (DPA) compliant with the EU General Data Protection Regulation (GDPR), the UK GDPR, and applicable US state privacy laws (CCPA/CPRA, VCDPA, CPA, CTDPA, UCPA).

What our DPA covers

  • Roles & responsibilities of applatform.ai as a processor and our customer as a controller.
  • Permitted purposes for processing personal data, with strict purpose limitation.
  • Sub-processor list, prior-consent process, and Standard Contractual Clauses (SCCs) for international transfers.
  • Security commitments: encryption in transit and at rest, access controls, audit logging, incident response.
  • Data-subject rights handling (access, deletion, portability, rectification, objection).
  • Breach-notification timeline and process.
  • Audit rights, with reasonable notice and confidentiality terms.
  • Return or deletion of customer data on contract termination.

How to request

Email privacy@applatform.ai with the subject line DPA request and include:

  • Your legal entity name and country of incorporation.
  • Primary jurisdiction(s) where you process personal data.
  • Any modifications you need (specific SCC modules, named-controller language, etc.).

We'll send back our pre-signed template within two business days. Most customers can execute as-is; we're happy to discuss reasonable redlines.

Sub-processors

Our current sub-processor list is maintained as part of the DPA. We will notify customers in writing at least thirty (30) days before adding or replacing a sub-processor, and you may object on reasonable grounds.

Trust & security

For our security posture, certifications, and architecture details, request the trust pack via security@applatform.ai.