Data Processing Addendum (DPA)
Last updated: May 31, 2026
This DPA forms part of the Terms between the customer ("Controller") and Partybus, Inc.("Processor") and applies where we process personal data on your behalf.
1. Roles & scope
You are the Controller of Customer Content; we are the Processor. We process personal data only on your documented instructions and to provide the service.
2. Confidentiality & security
We implement appropriate technical and organizational measures: encryption in transit and at rest, per-tenant isolation, scoped credentials, access controls, and audit logging. Personnel are bound by confidentiality.
3. Subprocessors
You authorize the subprocessors listed at /legal/subprocessors. We remain responsible for their performance and will give notice of changes.
4. International transfers
Where personal data is transferred across borders, we rely on appropriate safeguards (e.g. Standard Contractual Clauses). Enterprise customers may pin data residency.
5. Data subject requests & breach
We assist you in responding to data subject requests and will notify you without undue delay after becoming aware of a personal data breach.
6. Deletion & return
On termination, we return or delete personal data in accordance with the Terms, subject to legal retention requirements.
Execution
To execute this DPA for your organization, contact sales@partybus.ai.