Data Processing Addendum (summary)

Enterprise buyers typically require a signed DPA that defines roles, subprocessors, transfers, security, and breach cooperation.

This summary is not the legal instrument. Final DPA terms require counsel review for your entity and jurisdiction.

What we expect in an executed DPA

Roles: You as controller (or processor-to-subprocessor chain) and CapchaCloud as processor where applicable — roles depend on facts.
Instructions: Processing limited to providing the service per your configuration and our Terms.
Subprocessors: Listed or incorporated by reference with notice mechanism (policy).
International transfers: Module selection (e.g., SCCs) where legally required — finalized with counsel.
Assistance: Reasonable cooperation for breach notifications subject to law and technical feasibility.
Deletion: Align with retention/deletion schedules after legal holds lift (retention).

Contact via serviceautomations.ai with your legal entity name, intended data categories, and regions involved.