Data Processing Addendum (DPA)

This is a lightweight template intended for early customer reviews. It is provided for convenience and is not legal advice.

Roles: The customer is the Data Controller (or Business), and 42Cells is the Data Processor (or Service Provider) to the extent 42Cells processes personal data on behalf of the customer.

Processing: 42Cells processes customer data to provide the service, including running live queries against connected sources and storing query results as Parquet files in S3 to enable continued analysis and merging across sources.

Deletion: Stored query results are deleted when the associated notebooks are deleted, subject to reasonable operational retention for logs and security-related records.

Subprocessors: 42Cells uses subprocessors listed on our Subprocessors page.

Security measures: 42Cells uses access controls (RBAC), audit logs, and standard cloud security practices. SSO can be supported on-demand for enterprise deployments.

International transfers: If processing involves cross-border transfers, the parties will work together to implement appropriate safeguards.