Back to Home

Data Processing Agreement

Effective: January 1, 2024
Last Updated: January 1, 2024

Data Processing Agreement

Effective Date: January 1, 2024

This Data Processing Agreement ("DPA") forms part of the agreement between ThreatIntel Bridge ("Processor") and Customer ("Controller") for the provision of threat intelligence services.

1. Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person
  • Processing: Any operation performed on personal data
  • Sub-processor: Any third party engaged by Processor to process personal data
  • Data Subject: The individual to whom personal data relates

2. Processing of Personal Data

2.1 Scope

Processor will process personal data only as necessary to provide the services, including:

  • Account management data
  • Security logs and access records
  • Support ticket information
  • Usage analytics

2.2 Duration

Processing will continue for the term of the agreement and as necessary for legal compliance.

3. Processor Obligations

Processor shall:

  • Process personal data only on documented instructions
  • Ensure confidentiality of personnel
  • Implement appropriate technical and organizational measures
  • Assist with data subject rights requests
  • Delete or return data upon termination
  • Make available information necessary for audits

4. Security Measures

Processor maintains comprehensive security measures:

  • Encryption at rest and in transit
  • Access controls and authentication
  • Regular security assessments
  • Incident response procedures
  • Business continuity planning

5. Sub-processors

5.1 Authorized Sub-processors

Current sub-processors include:

  • Cloud infrastructure providers
  • Communication service providers
  • Support ticketing systems
  • Analytics platforms

5.2 New Sub-processors

Processor will notify Controller of new sub-processors with opportunity to object.

6. International Transfers

For transfers outside the EEA:

  • Standard contractual clauses apply
  • Appropriate safeguards are implemented
  • Transfer impact assessments conducted

7. Data Subject Rights

Processor will assist Controller with:

  • Access requests
  • Rectification or erasure
  • Data portability
  • Objection to processing

8. Breach Notification

Processor will notify Controller without undue delay of any personal data breach.

9. Audit Rights

Controller may audit Processor's compliance through:

  • Questionnaires
  • Remote audits
  • On-site inspections (with notice)

10. Liability

Each party's liability is subject to the limitations in the main agreement.

11. Governing Law

This DPA is governed by the same law as the main agreement.

By using our services, you acknowledge and agree to these data processing terms.

Other Legal Documents

Privacy Policy

Learn how ThreatIntel Bridge collects, uses, and protects your data.

Terms of Service

Terms and conditions governing your use of ThreatIntel Bridge services.

Acceptable Use Policy

Guidelines for appropriate use of ThreatIntel Bridge services and data.

Questions About This Policy?

If you have any questions about this data processing agreement, please contact us.

Contact Us
ThreatIntel Bridge - Threat Intel and Research for Everyone
ThreatIntel Bridge

Helping organizations of all sizes improve their cybersecurity posture with comprehensive, accessible and actionable threat intelligence solutions.

© 2025 ThreatIntel Bridge. All rights reserved.