Data Processing Agreement (DPA)

Data Processing Agreement (DPA)

This Data Processing Agreement ("DPA") applies where Dataspark B.V. processes personal data on behalf of clients using SchemaStudio.

1. Parties

  • Controller: The client using SchemaStudio
  • Processor: Dataspark B.V., registered in the Netherlands

2. Subject-matter and duration

The processor will process personal data in the context of SchemaStudio, for the duration of the agreement.

3. Nature and purpose

Processing of authentication, user and structured business data for the purpose of enabling the SchemaStudio application.

4. Types of data and subjects

  • Names, emails, user metadata
  • Custom table data (defined by the controller)
  • Data subjects: users and entities entered by the controller

5. Obligations of the processor

Dataspark B.V. will:

  • Process data only under the controller's instruction
  • Maintain appropriate technical and organisational security measures
  • Ensure confidentiality and access control
  • Assist the controller in fulfilling GDPR obligations
  • Notify the controller of any data breaches without undue delay

6. Subprocessors

The controller authorizes the use of:

  • Auth0 (identity management)
  • Microsoft Azure (hosting/database)
  • Stripe (payments)
  • Google Cloud Platform (application hosting)

7. International data transfers

All subprocessors are GDPR-compliant and based in jurisdictions with adequate protection.

8. Termination and deletion

Upon termination of the agreement, all personal data shall be deleted or returned upon request.

This DPA supplements the general DPA of Dataspark B.V. and is product-specific to SchemaStudio.

Dataspark B.V. – KvK: 70239266
Burgemeester Broxlaan 12 (Gebouw 88), 5041 SB Tilburg, The Netherlands

Need help or have questions? Contact us at [email protected] or visit www.schemastudio.nl/legal.

SchemaStudio uses cookies for proper functioning and anonymous analytics. See our privacy policy.