Legal

Data Processing Agreement

CORUVE's DPA ensures GDPR, CCPA, and data protection law compliance.

Overview

This Data Processing Agreement ("DPA") is entered into between CORUVE Analytics ("Data Processor") and our Customers ("Data Controller") to govern the processing of personal data in accordance with GDPR, CCPA, and other applicable data protection laws.

1. Scope and Purpose

End-user event data collected through the CORUVE SDK

Customer account information and settings

Usage analytics and insights

2. Processing Instructions

CORUVE processes personal data only upon documented instructions from the Customer and for purposes specified in the Customer Agreement. We do not process personal data for any other purpose without explicit consent.

3. Data Subject Rights

Right of access to personal data

Right to rectification or correction

Right to erasure (right to be forgotten)

Right to restrict processing

Right to data portability

Right to object to processing

4. Security Measures

Encryption

End-to-end encryption in transit and at rest

Access Controls

Authentication and role-based access

Audits

Regular security audits and penetration testing

PII Protection

Automated PII detection and removal

5. Sub-Processors

CORUVE uses the following sub-processors for essential functions:

Stripe

Payment processing and billing

Resend

Email delivery for transactional messages

Tinybird

Data warehouse and analytics engine

All sub-processors are bound by data protection agreements equivalent to this DPA.

For DPA inquiries or to execute a formal DPA:

Contact our legal team