Data Processing Agreement

share close
← Security & Trust

Data Processing Agreement

Adversa AI provides a Data Processing Agreement (DPA) to all customers who require one. Our DPA defines the terms under which we process personal data on your behalf, in compliance with GDPR, CCPA, and other applicable data protection regulations.

Key Commitments

What our DPA covers

Our Data Processing Agreement establishes clear obligations and protections for the processing of your data.

Processing Scope

Data is processed only in accordance with your documented instructions and for specified purposes. We enforce strict purpose limitation and data minimization. Processing activities are fully documented and auditable.

Security Measures

Technical and organizational security measures aligned with SOC 2 and ISO 27001 controls. Encryption at rest and in transit, access controls, multi-factor authentication, continuous monitoring, and incident response procedures.

Subprocessors

We maintain a transparent list of subprocessors used in the delivery of our services. Changes to subprocessors are communicated to customers in advance. All subprocessors are subject to equivalent security and privacy requirements.

DPA provisions

Additional protections in our DPA

Data subject rights. We assist you in fulfilling data subject access requests, including the right to access, rectification, erasure, restriction of processing, data portability, and the right to object.

Breach notification. In the event of a personal data breach, we notify you without undue delay and provide all information necessary to meet your regulatory notification obligations.

Data deletion. Upon termination of services or upon request, we securely delete or return all personal data processed on your behalf, with documented verification of destruction.

Audit rights. Our DPA includes provisions for audits and inspections to verify compliance with data protection obligations. Our SOC 2 report and Delve Trust Center provide ongoing compliance evidence.

International transfers. Where personal data is transferred across borders, we implement appropriate safeguards including Standard Contractual Clauses (SCCs) as required by GDPR.

Request our
Data Processing Agreement

Contact our security team to receive a copy of our DPA or to discuss data processing requirements for your organization.

Request DPA → Security & trust