Data Processing Agreement.
A standard DPA template used when Garnet Grid Consulting LLC ("processor") handles personal data on behalf of a customer ("controller"). Available for countersign on request — email garnetgrid@gmail.com with subject "DPA Request".
1. Parties & Scope
Processor: Garnet Grid Consulting LLC, New York, NY.
Controller: The customer organization signing this DPA.
This DPA applies whenever Garnet Grid processes personal data on behalf of the customer in the course of providing services (GEO, Audit Retainer, Cluster Ops, downloadable reports, audit tools, and ancillary engagements). The Main Services Agreement (or, absent one, the order/invoice plus our Terms of Service) governs the scope of services.
2. Data Categories & Subjects
| Category | Subjects | Purpose |
|---|---|---|
| Contact details (name, email, company) | Customer staff + leads | Communication, fulfillment |
| Billing identifiers | Customer org | Invoicing via Stripe |
| Operational logs / telemetry | End-user visitors on customer-instrumented properties | GEO citation tracking, audit findings, Cluster Ops inference logs |
| Customer content uploaded for audit | Customer-defined | Audit findings, recommendations |
3. Subprocessors
The current subprocessor list is published at /privacy Section 4 and is maintained as the canonical reference. Material additions are communicated to the controller via email at least 14 days before they go live; the controller may object in writing within that window.
4. International Transfers
Personal data may be transferred to the United States (Google, Stripe, Cloudflare US data centers). Each of these subprocessors maintains EU-US Data Privacy Framework certification or Standard Contractual Clauses (SCCs Module 2: Controller-to-Processor). On request, Garnet Grid will share the executed SCC reference for any specific subprocessor.
5. Security Measures (Technical & Organizational)
- Encryption in transit (TLS 1.3+) for all customer data ingress / egress.
- Encryption at rest: Cloudflare R2 AES-256, Cloudflare KV AES-256, Postal mail-server LUKS disk encryption, Stripe vendor-managed.
- Per-request nonce-bound CSP (script-src 'strict-dynamic'), HSTS preload, frame-ancestors 'none'.
- Ed25519 / HMAC-SHA256 signature verification on all third-party webhooks (Stripe, Discord).
- HMAC-signed R2 tokens (16-hex slug) for customer portal access, scoped per dashboard.
- No client-side secrets; all API keys live in Cloudflare Worker secret storage and are rotated on demand or on incident.
- Per-IP rate limiting on cost-sensitive endpoints (LLM, TTS, audit-baseline).
- Daily Stripe canary + weekly Monday site-health pulse + cron-failure alerting via Discord.
- R2 idempotency-marker 90-day lifecycle + replay-window guard on webhook timestamps.
Detailed security posture, including non-claims and exclusions, is published at /trust.
6. Retention
| Data class | Default retention |
|---|---|
| Customer-portal tokens (R2) | Lifetime of subscription + 90 days |
| Operational queue (LEAD_NURTURE_KV) | 14 days TTL on entries |
| Consent log (KV) | 1 year |
| R2 reports / snapshots | 365 days (lifecycle rule) |
| Webhook idempotency markers | 90 days (lifecycle rule) |
| Stripe data | Vendor-managed, customer-deletable via portal |
| Email transactional log (Postal) | 30 days |
Controller may request earlier deletion of any category at any time — see Section 8.
7. Data Subject Rights (DSRs)
Garnet Grid will assist the controller in responding to data-subject requests (access, rectification, erasure, restriction, portability, objection) within 30 days. The controller is the primary point of contact for the data subject; Garnet Grid is the processor and acts on the controller's documented instructions.
For requests routed directly to Garnet Grid: see /privacy Section 11 for the standing workflow.
8. Termination & Return / Deletion
Upon termination of the Main Services Agreement, Garnet Grid will, at the controller's election, either return all personal data in machine-readable format or permanently delete it within 60 days, including all backups. A deletion certification is provided on request.
9. Audits & Information
Garnet Grid will, on reasonable notice and at most once per 12 months, provide the controller with information necessary to demonstrate compliance with this DPA. Given Garnet Grid is a single-engineer operation, the standing audit format is: (a) written responses to the controller's questionnaire within 14 days, and (b) reference to the published /trust and /changelog pages, which are the public record of operational practice.
10. Breach Notification
Garnet Grid will notify the controller without undue delay (and within 48 hours of awareness) of any personal-data breach affecting the controller's data. The notification will describe the nature of the breach, categories and approximate number of data subjects affected, likely consequences, and measures taken or proposed to address it.
11. Liability & Governing Law
Liability under this DPA is governed by the limitations in the Main Services Agreement, except where law prohibits such limitation. Disputes are governed by the law of the State of New York, USA, without regard to its conflict-of-laws principles.
This template is provided in good faith and reflects Garnet Grid's standing operational practice. It is not a substitute for legal advice. Last reviewed: .