Legal
Data Processing Addendum
Last updated April 25, 2026. Forms part of the agreement between you (Controller) and RevInnova (Processor).
1. Subject matter and duration
This Data Processing Addendum (“DPA”) governs the processing of personal data by RevInnova on behalf of the Customer in connection with the Service. It applies for the duration of the underlying agreement and any post-termination data export period.
2. Roles
Customer is the data Controller and determines the purposes and means of processing. RevInnova acts as Processor and processes personal data only on documented instructions from the Customer.
3. Categories of data and data subjects
Categories of data: contact details, professional information, and any other personal data the Customer chooses to upload.
Data subjects: Customer’s prospects, leads, and contacts.
4. Processor obligations
RevInnova will (a) process personal data only as instructed; (b) ensure persons authorized to process the data are bound by confidentiality; (c) implement appropriate technical and organizational measures; (d) assist the Customer with data subject requests; and (e) notify the Customer of any personal data breach without undue delay.
5. Sub-processors
Customer authorizes RevInnova to engage sub-processors to provide the Service. A current list is available on request. We’ll give Customer the opportunity to object to new sub-processors with reasonable notice.
6. International transfers
Where personal data is transferred outside the EEA, UK, or Switzerland, the parties rely on the Standard Contractual Clauses (Module Two: Controller-to-Processor) which are incorporated by reference.
7. Security measures
RevInnova implements industry-standard security measures including encryption in transit (TLS 1.2+) and at rest (AES-256), least-privilege access controls, audit logging, and regular vulnerability reviews.
8. Audits
Customer may, at its expense and with reasonable notice, audit RevInnova’s compliance with this DPA, no more than once per year, except where required by a supervisory authority.
9. Return or deletion of data
Upon termination of the underlying agreement, RevInnova will return or delete all Customer personal data within the timeframes set out in our Privacy Policy.
10. Signing
This DPA is automatically incorporated into the Terms of Service. To request a countersigned copy, email legal@revinnova.pro.