Data Processing Agreement (DPA)

Last updated: June 2026

1. Introduction

This Data Processing Agreement ("DPA") forms part of the Terms of Service between EasyAIWrapper ("Data Processor") and the Customer ("Data Controller"). It regulates the processing of personal data subject to the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Processing of Personal Data

We act as a Data Processor for the chatbot interactions generated on your behalf. We will only process personal data based on your documented instructions. All bot conversational data is encrypted at rest using AES-256-GCM.

3. Zero-Knowledge and Confidentiality

We employ strict security measures. Our team does not have plaintext access to your bot chat histories or raw transcripts, as they are encrypted before being stored. Access is programmatically restricted to the automated lead extraction services.

4. Data Subject Rights (Portability & Deletion)

We provide you with the tools to honor Data Subject Requests. You can export all leads, knowledge bases, and chat transcripts via your dashboard. You can also permanently delete your account and all associated data at any time via the Settings panel.

5. Security of Processing

We implement appropriate technical and organizational measures including HMAC-SHA256 token hashing and AES-256 encryption to ensure a level of security appropriate to the risk.