Data Processing Agreement

Opsiton makes a Data Processing Agreement available for customers that need contractual data-processing terms for GDPR, UK GDPR, KVKK, or similar compliance programs.

The DPA is intended for customers using Opsiton as part of a regulated or contract-sensitive environment where controller-processor terms are required.

The Opsiton DPA is intended to address the operational and legal topics most enterprise customers expect in a processor agreement.

• Processing instructions and scope.
• Confidentiality obligations.
• Technical and organizational security measures.
• Subprocessors.
• Assistance with data subject requests.
• Breach notification commitments.
• Return or deletion of data at the end of service.
• International transfer terms where required.

Where required, Opsiton can provide information about the categories of subprocessors used to host, support, and secure the service. Additional transfer commitments may be addressed in the DPA or related contractual documentation.

If your organization needs a signed DPA, send your request to [email protected] with your company name, contracting entity, and any deployment or compliance requirements that should be considered during review.

We can also coordinate next steps if your legal or procurement team needs supporting security documentation alongside the DPA request.