Data Processing Agreement (DPA)
Last Updated: October 1, 2024
1. Background
This Data Processing Agreement forms part of the Terms of Service. It governs the processing of personal data by Delivami on behalf of its customers in accordance with GDPR and other relevant data protection laws.
2. Processing of Personal Data
Delivami shall process Personal Data only on documented instructions from the Customer, unless required to do so by applicable law to which Delivami is subject.
3. Subprocessing
The Customer provides a general authorization for Delivami to engage Subprocessors (such as Cloudflare, Neon, Paystack, and Better Auth) to deliver our services. Delivami ensures that all sub-processors are bound by written agreements that require them to provide at least the level of data protection required by GDPR, including the execution of Standard Contractual Clauses (SCCs) where data is transferred outside the EEA.
4. Security Measures & Data Breach Notification
Delivami implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including encryption of personal data in transit (TLS) and at rest (AES-256). In the event of a Personal Data Breach, Delivami will notify the Customer without undue delay.
