Legal - B2B
DPA (Data Processing Agreement)
Informational summary for enterprise customers that require a formal controller-processor agreement.
1. Parties and roles
In general, the customer acts as controller and Cadenio acts as processor for data handled by the service.
2. Technical and organizational measures
- Tenant isolation and role-based access controls.
- Encryption in transit and at rest.
- Audit trails for sensitive operations.
3. Subprocessors
The subprocessors list is available on commercial request and may be updated as infrastructure evolves.
4. Assistance and incidents
Cadenio provides reasonable assistance for data subject rights handling and security incident notifications under applicable legal obligations.
5. Term and deletion
At the end of the contractual relationship, personal data is returned or deleted in line with contractual clauses and applicable legal obligations.
6. Request signature
To receive the full DPA for signature, submit a request using the dedicated contact form.