Data Processing Agreement

Last updated: January 1, 2025

1. Introduction

This Data Processing Agreement (DPA) governs the processing of personal data by Womp on behalf of our customers, in compliance with GDPR, CCPA, and other applicable data protection laws.

2. Roles and Responsibilities

Womp acts as a data processor, and our customers act as data controllers. We process data only according to documented instructions.

3. Security Measures

We implement technical and organizational measures including encryption, access controls, pseudonymization, and regular security assessments.

4. Subprocessors

We use vetted subprocessors for hosting, analytics, and customer support. A current list is available upon request.

5. Data Subject Rights

We assist controllers in responding to data subject requests including access, rectification, erasure, and data portability.

6. Data Breach Notification

We will notify controllers without undue delay upon discovering any personal data breach.