Loading Brysofts
Loading Brysofts
Cookie preferences
We use essential cookies to keep the site working and may use privacy-friendly analytics to understand what helps visitors. Read more in our privacy policy.
This DPA is starter language for projects involving personal data. It should be tailored to the specific client agreement, data flows, subprocessors, and applicable privacy laws.
For client projects, Brysofts may act as a processor or service provider when handling personal data on behalf of a client. The client generally remains responsible for determining the purpose and lawful basis of processing.
Brysofts processes client personal data according to the written agreement, statement of work, documented client instructions, and applicable law.
Brysofts limits access to project data to personnel and subcontractors with a legitimate need to perform the services and expects appropriate confidentiality obligations.
Projects may use hosting, analytics, communications, development, or infrastructure vendors. Specific subprocessors should be listed in the applicable contract or project documentation.
At the end of an engagement, client data is returned, deleted, or retained according to the contract, operational needs, backup practices, and legal obligations.
Brysofts aims to notify affected clients without undue delay after confirming a security incident involving client personal data, subject to investigation needs and legal requirements.