← reproit.com

Data Processing Agreement

Last updated: July 3, 2026

This Data Processing Agreement ("DPA") forms part of the Terms of Service between Reproit ("Processor", "we") and the customer accepting the Terms ("Controller", "you"), and applies whenever we process personal data on your behalf while providing the hosted service. If you need a countersigned copy, email agho@reproit.com.

1. Roles and scope

For crash telemetry your apps send us and for reproduction artifacts your CI posts back, you are the controller and we are the processor. For your account data (email, workspace membership, billing plan) we are an independent controller. We process personal data only to provide, secure, and support the service, and only on your documented instructions, which are: the Terms, this DPA, and your configuration of the service.

2. What is processed

3. Our obligations

4. Sub-processors

You authorize the sub-processors listed at reproit.com/subprocessors. We will notify account holders by email at least 30 days before adding or replacing a sub-processor; if you object on reasonable data-protection grounds and we cannot resolve it, you may terminate and receive a pro-rated refund of prepaid fees. Sub-processors are bound by data-protection obligations no less protective than this DPA.

5. International transfers

Where personal data originating in the EEA, the UK, or Switzerland is transferred to a country without an adequacy decision, the parties incorporate the EU Standard Contractual Clauses (Module Two, controller to processor), and for UK transfers the UK International Data Transfer Addendum, by reference into this DPA. Annex details (parties, data, measures) are as described in this DPA and on the sub-processor page.

6. Precedence and liability

If this DPA conflicts with the Terms, this DPA controls for data-protection matters. Liability under this DPA is subject to the limitations in the Terms. This DPA is governed by the same law and venue as the Terms.

Contact

agho@reproit.com