Skip to content
Legal

Data Processing Agreement

Terms governing our processing of personal data on your behalf.

Last updated: June 1, 2026

This document is a structured template provided for transparency. It is not legal advice.

Scope

This Data Processing Agreement ("DPA") applies where EagleSON X processes personal data on behalf of a customer ("Controller") in connection with the platform. It forms part of the Terms & Conditions.

Roles

The Controller determines the purposes and means of processing. EagleSON X acts as Processor and processes personal data only on documented instructions from the Controller.

Security Measures

We implement technical and organizational measures including encryption, tenant isolation, MicroVM-based sandboxing, access controls, and audit logging, as described in our Trust Center.

Sub-processors

We engage sub-processors only under written contracts imposing equivalent obligations. A current list is available on request, and we provide notice of material changes.

Data Subject Requests

We assist the Controller in responding to data subject requests and in meeting obligations regarding security, breach notification, and impact assessments.

International Transfers

Cross-border transfers are protected by appropriate safeguards. Data residency can be configured per deployment.

Return & Deletion

Upon termination, we return or delete personal data at the Controller’s choice, except where retention is required by law.

Other legal documents

Privacy Policy Terms & Conditions Cookie Policy Acceptable Use Policy Contributor Agreement Export & Ownership Policy AI Usage Policy Security Disclosure Policy