For Enterprise Customers | January 2026
This Data Processing Agreement ("DPA") governs the processing of Personal Data by DocSentinel Limited ("Processor") on behalf of the Customer ("Controller").
The Processor shall process Personal Data only for the purpose of providing the Services and in accordance with the Controller's documented instructions.
We implement appropriate technical and organizational measures, including:
We engage the following authorized sub-processors:
| Sub-processor | Purpose | Location |
|---|---|---|
| Google Cloud | Infrastructure | EEA (Belgium, Germany) |
| Supabase | Database/Auth | EEA (Belgium, Germany) |
| Vertex AI | AI Processing | EU |
We will notify you without undue delay (within 48 hours) of any Personal Data breach and assist with your notification obligations.
Personal Data is processed within the European Economic Area (EEA). We will not transfer data outside the EEA without your consent and appropriate safeguards.
Upon termination, you may request the return of your data within 30 days, after which it will be securely deleted.
This is a summary of our standard DPA. To sign a formal DPA, please contact legal@docsentinel.io.