top of page

Data Processing Agreement (DPA)

 

Effective Date: January 17, 2023
 

Parties: This Data Processing Agreement (“Agreement” or “DPA”) is entered into between CodeConda LLC, a U.S. limited liability company (“Processor”), and the customer or entity that has entered into an agreement for the use of Processor’s services (“Controller”).

 

This DPA forms part of the Terms of Service or other agreement (the “Main Agreement”) between the parties.

​

1. Purpose and Scope

1.1 The Processor provides certain software, translation, hosting, or related digital services (“Services”) which may involve the processing of personal data on behalf of the Controller.
1.2 The Controller determines the purposes and means of processing personal data; the Processor processes such data only on the Controller’s request.
1.3 This DPA governs all processing of personal data by the Processor on behalf of the Controller.

​

2. Definitions

  • “Personal Data” means any information relating to an identified or identifiable natural person.

  • “Processing” means any operation performed on Personal Data, such as collection, storage, use, disclosure, or deletion.

  • “Subprocessor” means any third party engaged by the Processor to process Personal Data.

​

3. Obligations of the Processor

3.1 Processor shall process Personal Data on request from the Controller, including with regard to transfers of Personal Data to a third country, unless required by law.
3.2 Processor may process Personal Data for the following purposes:

  • Hosting, caching, proxying, translation, and data delivery on behalf of the Controller.

  • Providing analytics, debugging, and performance monitoring as part of the Services.

  • Ensuring service integrity, security, and continuity.

  • Compliance with applicable legal obligations.

3.5 Processor is not responsible for compliance with laws applicable to the Controller’s industry or business operations.

​

4. Subprocessors

4.1 Controller authorizes Processor to engage subprocessors as reasonably necessary to provide the Services.
4.2 Current subprocessors may include:

  • Cloud hosting providers (e.g., Google Cloud, Amazon Web Services, Cloudflare, Supabase)

  • Analytics and monitoring services

  • Email, support, and logging tools

​

5. International Data Transfers

5.1 Controller agrees that Processor may transfer Personal Data to the United States or any other country where Processor or its subprocessors operate.
5.2 Controller acknowledges and consents to such transfers.

​

6. Data Retention and Deletion

6.1 Processor shall, at Controller’s choice, delete or return all Personal Data after the end of the provision of Services, unless retention is required by law.
6.2 Processor may retain anonymized or aggregated data for statistical or security purposes.

​

7. Liability

7.1 Processor’s total aggregate liability under this DPA shall be limited to the amounts paid by Controller under the Main Agreement in the three (3) months preceding the event giving rise to the claim.
7.2 Controller agrees to indemnify and hold harmless Processor against any claims, damages, or penalties arising from Controller’s breach of data protection obligations or misuse of the Services.

​

8. Content Responsibility

8.1 The Controller is solely responsible for the content, data, and materials submitted to or processed through the Services, including the accuracy, legality, and publication of any translated or generated outputs.

8.2 The Processor does not review, monitor, or assume liability for such content.

8.3 Controller shall indemnify and hold Processor harmless from any claims, damages, or losses arising from such content or its use.

​

9. Miscellaneous

9.1 This DPA does not grant either party ownership rights in the other’s data or intellectual property.
9.2 If any provision of this DPA is found invalid or unenforceable, the remaining provisions remain in effect.
9.3 In the event of conflict between this DPA and the Main Agreement, this DPA shall control solely with respect to data protection matters.
9.4 This DPA is governed by the laws of the State of Arizona, United States, and disputes shall be resolved exclusively in Arizona courts.

​

10. Contact Information

For privacy and data protection inquiries, contact info@codeconda.com.

bottom of page