Data Processing Agreement

Our DPA governs personal data processed inside customer database backups.

Documented instructions

We process backup data only to create, store, verify, provide and delete backups as configured by the customer, unless applicable law requires otherwise.

Confidentiality and security

Authorised personnel are bound by confidentiality. Credentials are encrypted at rest, managed backups use encrypted storage, and verification databases are short-lived and isolated from customer databases.

Subprocessors and transfers

Subprocessors receive equivalent contractual protections. We publish our providers, notify customers of material changes and use an applicable transfer mechanism when data is processed outside the EEA.

Assistance and deletion

We assist with data-subject rights, security assessments, incidents and DPIAs. At the end of service, customers can export account metadata and erase credentials, managed backups and related records.

A countersigned DPA with the parties, processing details and security schedule will be available before production onboarding. Contact privacy@revivedb.dev.