Data Processing Agreement
Last updated: January 1, 2026
⚠️ This is a placeholder. Replace with lawyer-reviewed content before launch.
1. Scope and Purpose
This Data Processing Agreement (“DPA”) forms part of the agreement between the Customer (“Controller”) and Bunyani (“Processor”) and governs the processing of personal data in connection with the Bunyani platform.
2. Processing Details
Bunyani processes personal data on behalf of the Customer as necessary to provide the platform services. The types of personal data processed include user account information, project data, and usage logs.
3. Sub-processors
Bunyani uses the following sub-processors: [list to be finalized before launch — include hosting provider, email service, analytics]. Customers will be notified of material changes to sub-processors.
4. Data Subject Rights
Bunyani will assist the Customer in responding to data subject requests for access, correction, deletion, or portability of personal data.
5. Security Measures
Bunyani implements industry-standard security measures including encryption at rest and in transit, access controls, and regular security reviews.
6. Breach Notification
Bunyani will notify the Customer without undue delay (and within 72 hours) upon becoming aware of a personal data breach.