📄 Data Processing Agreement (DPA)
Effective Date: August 25, 2025
Last Updated: August 25, 2025
At Fluxedita, we take data protection and compliance seriously. We recognize that our customers — especially those based in the European Union (EU), European Economic Area (EEA), or the United Kingdom (UK) — may require a Data Processing Agreement (DPA) to satisfy their obligations under the General Data Protection Regulation (GDPR) or other regional privacy laws.
🔐 What Is a DPA?
A Data Processing Agreement is a legally binding document entered into between a data controller (you, the customer) and a data processor (us, Fluxedita). It governs the processing of personal data in accordance with Article 28 of the GDPR.
📌 When Is a DPA Required?
You need a DPA if:
- You are using Fluxedita to collect, store, or process personal data of individuals (such as members, users, or customers).
- You are based in the EU, EEA, UK, or are otherwise subject to GDPR, UK GDPR, or equivalent data protection laws.
- Your use of Fluxedita involves managing content or user accounts containing names, emails, photos, or other personal identifiers.
✅ What Our DPA Covers
Fluxedita's standard DPA includes:
- Roles of the data controller and processor
- Scope, nature, and purpose of processing
- Data retention and deletion terms
- Subprocessor information (e.g. Supabase, Cloudinary, Stripe)
- Security measures and encryption standards
- Data transfer safeguards (including SCCs if applicable)
- Data subject rights assistance
- Breach notification processes
Our DPA aligns with the requirements of:
- GDPR (EU 2016/679)
- UK GDPR
- Swiss FADP
- Other similar global data regulations
📝 How to Request a DPA
To request a signed copy of our standard DPA, please email:
To request a signed copy of our standard DPA, please email:
Subject: DPA Request – [Your Company Name]
Please include:
- Your full legal entity name
- Contact details of your data protection officer or representative
- Any custom clauses or additional processing instructions (optional)
We typically process requests within 3–5 business days.
🌍 International Data Transfers
Fluxedita may use subprocessors located outside the EU/EEA. Where applicable, we rely on Standard Contractual Clauses (SCCs) and other GDPR-approved mechanisms to ensure lawful data transfers and equivalency of protection.
🔄 Updates to This Page
We may update this page to reflect legal changes, new subprocessors, or updates to our privacy and compliance practices. You are encouraged to review it periodically.
📬 Contact
For any other questions about data processing, privacy, or compliance, please contact our Data Protection Officer:
✅ Summary
If you're using Fluxedita to manage personal data and are legally required to have a DPA in place, we're ready to help. We are committed to lawful, transparent, and secure data processing at every level of our service.