Data Processing Addendum

Scope & roles

This DPA applies where RevLeads processes personal data on behalf of the customer in connection with the services. The customer acts as controller and RevLeads as processor.

Processing of personal data

RevLeads processes personal data only on documented instructions from the customer, including for transfers, unless required to do otherwise by law.

The subject matter, duration, nature, and purpose of processing are described in the agreement and the services documentation.

Sub-processors

The customer authorizes RevLeads to engage sub-processors to deliver the services. RevLeads remains responsible for sub-processors' compliance with this DPA and will provide notice of changes.

Security measures

RevLeads implements appropriate technical and organizational measures designed to protect personal data against unauthorized or unlawful processing and accidental loss, destruction, or damage.

International transfers

Where personal data is transferred across borders, RevLeads relies on appropriate safeguards such as Standard Contractual Clauses, in line with GDPR and applicable law.

Data subject requests & contact

RevLeads will assist the customer in responding to data subject requests. For DPA inquiries, email hello@revleads.io.