Skip to content

Data Processing Agreement (DPA)

Statement

ClaimGuard does not yet publish a standard DPA template on this trust portal. A DPA can be negotiated bilaterally with customers on request today. A standard template is being drafted and will be hosted here once legal review is complete.

This page is the placeholder so a prospect or procurement team can see that a DPA is named and being authored.

What the standard DPA will cover

When published, the DPA template will follow the standard processor- side structure expected under GDPR Art. 28 and equivalent service-provider clauses under CCPA:

  • Roles — ClaimGuard as processor / service provider; the customer as controller / business.
  • Scope of processing — the categories of personal data and the data subjects covered (anchored on Data classification).
  • Purpose and duration — the business purpose for which we process the data and the period over which we hold it (anchored on Data retention).
  • Processor obligations — confidentiality, security measures (anchored on every relevant page in this portal), assistance with data-subject requests, breach notification timelines (cross-listed on Incident response), audit-cooperation rights.
  • Sub-processing — the disclosure list and notification cadence (anchored on Subprocessors).
  • International transfers — the EU-region storage commitment and the Gemini-API outbound flow (anchored on Subprocessors and Cloud provider).
  • Return / deletion of data at end of contract.
  • Liability and indemnification terms (legal-review-driven).

Why we're not publishing a draft yet

A DPA's exact wording is the most legally consequential artifact on this portal — small variations in language meaningfully change risk allocation. Publishing a draft that has not had a legal pass would be worse than waiting; bilateral negotiation today is in any case viable for the small number of customers asking.

Status

planned — verified 2026-04-29.

Bilateral DPAs are negotiable on request. A standard template is in front of legal review.

Roadmap

  • Complete legal review of the draft template.
  • Publish the template as a downloadable PDF on this page with a version number and effective date.
  • Annual review cadence alongside the privacy notice.
  • Standard Contractual Clauses (SCCs) as an addendum if /when a customer requires them.