Data Processing Agreement (DPA)

Effective Date: 15 August 2025

This Data Processing Agreement (“Agreement”) forms part of the Terms and Conditions between Sisstent.ai (“Processor”) and the Customer (“Controller”) in compliance with the General Data Protection Regulation (GDPR).

1. Subject Matter and Duration

The Processor shall process personal data on behalf of the Controller for the purposes defined in the main agreement, for the duration of the services provided.

2. Nature and Purpose of Processing

Processing includes storage, retrieval, analysis, and generation of AI-driven outputs based on the data provided by the Controller.

3. Types of Personal Data

May include names, emails, and other identifiers necessary for account management and service provision.

4. Obligations of the Processor

• Process data only under documented instructions from the Controller.
• Ensure confidentiality and security of the personal data.
• Assist the Controller in fulfilling GDPR obligations.

5. Sub-Processors

Processor may engage sub-processors for certain tasks, ensuring equivalent data protection obligations are applied.

6. Data Subject Rights

The Processor shall assist the Controller in responding to requests from data subjects under GDPR.

7. Security Measures

The Processor shall implement appropriate technical and organizational measures to ensure the security of personal data.

8. Return or Deletion of Data

Upon termination of services, all personal data shall be deleted or returned to the Controller unless otherwise required by law.

9. Governing Law

This Agreement shall be governed by the laws of the European Union and the country of residence of the Controller.

Download PDF