Data Processing Agreement

This DPA is between you (the “Customer”, acting as controller) and Schertenleib Solutions, Tunaustrasse 20, 5734 Reinach AG, Switzerland(the “Processor”). For the personal data inside your uploaded documents and the extraction results derived from them, you are the controller and we process that data only as your processor. For our own account, billing, and operational data, we are the controller as described in the Privacy Policy.

We process Customer personal data only to provide the document-extraction service: ingesting documents, computing page counts, running schema-based extraction, generating exports, and making results available through the portal and API. The types of personal data and categories of data subjects are determined by the documents the Customer chooses to upload.

We process Customer personal data only on the Customer's documented instructions, including those given through normal use of the service, unless required to act otherwise by applicable law. We will inform the Customer if, in our opinion, an instruction infringes applicable data protection law.

Personnel authorized to process Customer personal data are bound by appropriate obligations of confidentiality and access is limited to what is necessary to provide and support the service.

We maintain technical and organizational measures appropriate to the risk, including:

• Tenant isolation via Postgres row-level security scoped by organization.
• Private storage buckets served only through short-lived signed URLs.
• API credentials stored as salted hashes, shown once, revocable immediately, and scoped by permission.
• Encryption in transit, and encryption at rest provided by our infrastructure providers.
• Data minimization in logging and analytics — document content, extracted values, and prompts containing document text are excluded.
• Retention-driven deletion (0, 7, 30, or 90 days) with audit logging of deletions.

The Customer authorizes us to engage the sub-processors listed below to provide the service. We impose data protection obligations on each sub-processor that are no less protective than this DPA, and we remain responsible for their performance. We will give advance notice of intended changes and the opportunity to object.

We aim to keep processing within Switzerland and the EEA. Where a sub-processor processes Customer personal data outside the EEA, that transfer is covered by an adequacy decision, the EU Standard Contractual Clauses with the Swiss addendum, or another lawful transfer mechanism, together with appropriate safeguards.

Taking into account the nature of the processing, we will assist the Customer with appropriate measures in fulfilling its obligations to respond to data-subject requests and to ensure security, breach notification, and, where applicable, data protection impact assessments. We will notify the Customer without undue delay after becoming aware of a personal data breach affecting Customer personal data.

On expiry of the applicable retention window, or on termination of the service, we delete or return Customer personal data in accordance with the Customer's retention settings and these terms, unless retention is required by law. Deleting the Customer organization removes its tenant data.

We make available information reasonably necessary to demonstrate compliance with this DPA and allow for and contribute to audits, including inspections, conducted by the Customer or a mandated auditor, subject to reasonable confidentiality and security conditions.

Liability under this DPA is subject to the limitations set out in the Terms of Service. In case of conflict between this DPA and the Terms regarding the processing of personal data, this DPA prevails. To request a countersigned copy, contact formparse@schertenleib-solutions.ch.