Deena.pro

Legal

Data Processing Addendum

Last updated: 2026-05-02Version 2026.05.02

Data Processing Addendum (DPA)

Counsel review pending. Structural skeleton; final wording before public launch (Spec §1.4). The shape below mirrors the eight required sections from plan/modules/08-legal-static.md §1.4.

This DPA forms part of the Terms of Service between Deena (the "Processor", DEENA_LEGAL_TODO) and the Customer (the "Controller").

1. Subject and duration

Deena processes personal data on the Controller's behalf for the duration of the subscription, plus a 60-day data-erasure window after cancellation (per plan/cross-cutting/billing-stripe.md §7).

2. Nature and purpose of processing

Deena processes personal data only as required to provide the Service:

  • Receive, persist, and reply to customer WhatsApp messages
  • Run AI inference on message text for intent detection and reply drafting (OpenAI EU data residency, Zero Data Retention)
  • Maintain order pipelines, product knowledge, and storefront sync

3. Categories of data subjects and personal data

Data subjects: customers of the shop, the shop's owner and staff.

Categories:

  • WhatsApp phone numbers and message content
  • Order details (items, pickup times, customer name where given)
  • Voice transcripts (post-launch)
  • Owner/staff login credentials (hashed)

4. Operator (Processor) obligations

  • Process data only on documented Controller instructions
  • Keep data confidential; bind staff to confidentiality
  • Implement Technical and Organisational Measures (Annex II below)
  • Assist the Controller with data-subject requests
  • Notify the Controller of data breaches without undue delay
  • Delete or return data on request after the contract ends

5. Customer (Controller) obligations

  • Hold a lawful basis for processing the data they upload or trigger
  • Inform their own data subjects (e.g. customers messaging the shop) about processing
  • Configure access controls within their Deena tenant appropriately

6. Sub-processors

The current sub-processor list is published at /legal/sub-processors. The Controller authorises the listed sub-processors at onboarding and will be notified before any new sub-processor is engaged.

7. Technical and Organisational Measures (Annex II)

DEENA_LEGAL_TODO: TOM annex — typically:

  • Encryption in transit (TLS 1.2+) and at rest (S3 SSE, Postgres at-rest)
  • Postgres row-level security for tenant isolation
  • Argon2id password hashing
  • Audit logs of administrative actions
  • Restricted access to production credentials
  • Verified backup-and-restore drill before launch

8. Audit rights

The Controller may, on reasonable notice and at most once per twelve months, request DEENA_LEGAL_TODO (a SOC2 / similar attestation, or an on-site audit at the Controller's cost). Until such an attestation is available, Deena will provide written answers to a controller-supplied audit questionnaire.

9. Procedures on contract end

After cancellation:

  • Day 0–30: read-only access; Customer can export data
  • Day 30: a one-click export becomes available (CSV + JSON)
  • Day 60: all Customer data is erased from primary and backup systems per Spec plan/cross-cutting/billing-stripe.md §7
Try the WhatsApp demo