Data Processing Agreement - Draftr - Design and prototype Website Template

Data Processing Agreement

Last updated:

Dec 27, 2025

Data Processing Agreement (DPA)

Last Updated: January 2026

This Data Processing Agreement supplements the Deke Data Privacy Policy and outlines how personal information is processed on behalf of users in compliance with GDPR, PIPEDA, and CCPA.

1. Definitions

  • “User” or “Data Controller”: The individual or organization that determines the purposes and means of processing personal data.

  • “Deke Data” or “Data Processor”: The entity that processes personal data on behalf of the User.

  • “Personal Data”: Any information relating to an identified or identifiable individual.

2. Purpose of Processing

Deke Data processes personal data solely to:

  • Operate and maintain the platform

  • Provide analytics, player insights, and membership functionality

  • Manage subscriptions and payments

  • Improve platform performance and user experience

  • Deliver customer support

No personal data is processed for reasons outside this scope.

3. Sub-Processors

Deke Data uses third-party service providers (“sub-processors”) to support core platform functions. These may include:

  • Amazon Web Services (AWS) — hosting and infrastructure

  • Stripe — payment processing

  • Framer — website hosting + frontend delivery

  • Google Analytics — usage analytics

A full, current list is available upon request.

4. Security Measures

Deke Data implements technical and organizational measures to protect personal data, including:

  • Encrypted data transmission

  • Secure infrastructure and access controls

  • Regular monitoring of system performance

  • Authentication and session management

  • Industry-standard security practices

5. User Rights

Users may exercise the following rights at any time:

  • Access to personal data

  • Correction of inaccurate information

  • Request deletion

  • Request export or portability

  • Object to or restrict certain processing activities

Requests can be submitted to: hello@dekedata.com

6. Data Retention

Personal data is retained only as long as necessary to:

  • Provide platform services

  • Fulfill legal obligations

  • Resolve disputes

  • Enforce agreements

When no longer required, data is deleted or anonymized.

7. International Data Transfers

Personal data may be transferred and stored in countries outside the user’s region.
Deke Data ensures such transfers occur under recognized legal safeguards, such as:

  • Standard Contractual Clauses (SCCs)

  • Adequacy decisions

  • Data protection agreements with sub-processors

8. Breach Notification

In the event of a data breach causing a risk to personal rights or freedoms, Deke Data will notify affected users and regulators in accordance with applicable law.

9. Contact

For questions about this DPA, email:
hello@dekedata.com