This page summarizes our Data Processing Addendum (DPA). The executed DPA is provided as part of the customer agreement and controls in the event of any conflict with this summary.
For personal data processed inside the NILARA platform on a customer's behalf, the customer is thecontrollerand eSora Labs is theprocessor(or sub-processor, as applicable).
The DPA describes the subject matter, duration, nature and purpose of processing, the types of personal data, and the categories of data subjects, based on the customer's configuration and use.
Under the DPA we process personal data only on documented instructions, maintain confidentiality, apply appropriate technical and organizational security measures, assist with data-subject requests and impact assessments, support audits, and delete or return data at the end of the engagement.
We use vetted subprocessors under written terms and maintain a currentSubprocessor List, with a mechanism to notify customers of changes.
Where personal data is transferred across borders, the DPA includes appropriate safeguards such as standard contractual clauses.
To review or execute the DPA, contactlegal@nilara.io.