Data Processing Agreement
For customers who require a DPA for compliance
What is a DPA?
A Data Processing Agreement (DPA) is a legally binding contract between a data controller (you) and a data processor (Event Karma). It ensures that we handle your data in compliance with data protection regulations like GDPR.
Our DPA covers the nature and purpose of processing, types of personal data, data subject categories, security measures, and sub-processor disclosures.
Our DPA Covers
- Processing scope: What data we process and why
- Security measures: Technical and organizational safeguards
- Sub-processors: Third parties we use to deliver the service
- Data subject rights: How we help you respond to requests
- Breach notification: Our process for notifying you of incidents
- Data deletion: What happens when you terminate the service
- Audit rights: Your ability to verify our compliance
Our Sub-Processors
We use the following sub-processors to deliver our services:
| Provider | Purpose | Location |
|---|---|---|
| Vercel | Web hosting & edge network | United States |
| Render | Application hosting | United States |
| Stripe | Payment processing | United States |
| Resend | Transactional email | United States |
All sub-processors maintain SOC 2 Type II certification and have signed DPAs with us.
Request a DPA
Need a signed DPA for your compliance requirements? We're happy to provide one. Just reach out and we'll send it over.
Request DPATypical turnaround: 1-2 business days
Questions?
For questions about our data processing practices or to discuss specific compliance requirements:
Email: support@datakarma.ai