Data Processing Addendum

ElasticD3M, LLC · Last updated 2026-06-19

DRAFT pending legal review. Review by counsel required before launch.

This Data Processing Addendum ("DPA") forms part of the Terms of Service between ElasticD3M, LLC ("Processor") and the customer ("Controller") and governs processing of Controller's data.

1. Roles and scope

Controller determines the purposes of processing; Processor processes data solely to provide the Services and on Controller's documented instructions, including the financial telemetry Controller connects.

2. Confidentiality

Processor limits access to personnel bound by confidentiality obligations and with a need to access. Production access is restricted to authorized US persons.

3. Security measures

4. Subprocessors

Controller authorizes the subprocessors listed at /subprocessors. Processor remains responsible for their performance and will give notice of material changes.

5. Data residency

All processing and storage occurs in United States regions. No processing in non-US regions.

6. Personal data and assistance

Processor assists Controller, taking into account the nature of processing, with data-subject requests and with security, breach notification, and impact assessments to the extent applicable.

7. Breach notification

Processor notifies Controller without undue delay after becoming aware of a personal-data breach affecting Controller data.

8. Return and deletion

On termination, Processor deletes or returns Controller data per the retention terms in the Privacy Policy, subject to legal-hold and audit-retention obligations.

9. Contact

[email protected].