Data Processing Agreement
Our DPA governs personal data processed inside customer database backups.
Documented instructions
We process backup data only to create, store, verify, provide and delete backups as configured by the customer, unless applicable law requires otherwise.
Confidentiality and security
Authorised personnel are bound by confidentiality. Credentials are encrypted at rest, managed backups use encrypted storage, and verification databases are short-lived and isolated from customer databases.
Subprocessors and transfers
Subprocessors receive equivalent contractual protections. We publish our providers, notify customers of material changes and use an applicable transfer mechanism when data is processed outside the EEA.
Assistance and deletion
We assist with data-subject rights, security assessments, incidents and DPIAs. At the end of service, customers can export account metadata and erase credentials, managed backups and related records.
A countersigned DPA with the parties, processing details and security schedule will be available before production onboarding. Contact privacy@revivedb.dev.