Data Processing Agreement (DPA)

This DPA applies to personal data processed by Yuvira Ventures on behalf of the Client while delivering services described in the engagement.

The Client is the Data Controller. Yuvira Ventures is the Data Processor and may engage sub-processors under written agreements that impose equivalent obligations.

We implement appropriate technical and organisational measures including encryption in transit, access controls, least-privilege, regular reviews and staff training.

A current list of sub-processors is available upon request. We notify Clients of material changes and allow reasonable objections.

Where personal data is transferred outside the EEA/UK, appropriate safeguards including Standard Contractual Clauses are used.

We assist the Client in responding to Data Subject requests under GDPR within reasonable timeframes.

We notify the Client without undue delay after becoming aware of a personal data breach and provide reasonable cooperation.

Upon termination, we return or delete Client personal data unless retention is required by law.