Skip to main content
Legal
Privacy PolicyTerms of ServiceData ProcessingCookie PolicyAcceptable Use

Data Processing Agreement

Last updated: March 1, 2026

1. Scope and Purpose

This DPA supplements the Terms of Service and applies when CloudLink processes personal data on your behalf as a "Processor" under GDPR or equivalent laws.

2. Data Processing Details

Categories of data subjects: your employees, contractors, and end-users. Types of personal data: name, email, IP address, usage telemetry. Processing purposes: service delivery, support, billing.

3. Processor Obligations

CloudLink shall: (1) process data only on documented instructions, (2) ensure personnel are bound by confidentiality, (3) implement appropriate technical and organizational measures, (4) assist with data subject rights requests.

4. Sub-Processors

Current sub-processors: AWS (infrastructure), Stripe (billing), Clerk (authentication), Sentry (error tracking). We notify you 30 days before adding a new sub-processor.

5. International Transfers

Data is processed in the United States. For EU transfers, we rely on Standard Contractual Clauses (Module 2: Controller-to-Processor) adopted by the European Commission.

6. Data Breach Notification

We will notify you of a personal data breach without undue delay and no later than 72 hours after becoming aware of the breach, providing details required under Article 33 GDPR.

Questions about this document? Contact us at [email protected] or write to CloudLink LLC, 8 The Green, Suite A, Dover, DE 19901, USA.