Data Processing Addendum

Scope of processing

We process personal data only on your documented instructions. The instructions are: (a) the configuration of your workspace, (b) the actions of your users, and (c) any specific written instruction sent to [email protected].

Subject matter & duration

The subject matter is provision of the DossFox service. Processing continues for as long as we provide the service plus 90 days for export, then data is deleted.

Categories of data subjects

• Your end-users (lawyers, paralegals, compliance officers using the workspace).
• Your clients (whose dossiers are processed inside DossFox).

Categories of personal data

• Identification data (names, emails).
• Identity documents (passports, IDs, address proofs) within dossiers.
• Financial documents (proof of income, tax filings) within dossiers.
• Communication metadata (timestamps, action logs).

Subprocessors

Listed at /legal/security/ and updated when changed. We give you 30 days' notice of any new subprocessor; you may object in writing.

Security measures

• Encryption in transit (TLS 1.3) and at rest (AES-256).
• Single sign-on with SAML/OIDC on Team and Scale.
• Role-based access; principle of least privilege internally.
• Annual penetration testing; SOC 2 Type II certification (target 2027).
• Immutable audit log per workspace.

Sub-processor location & transfers

Primary processing in EU (eu-west-1). Where transfers to non-EEA countries are necessary (e.g. Stripe, US), we rely on EU Standard Contractual Clauses and the EU-US Data Privacy Framework where applicable.

Audit

On 30 days' notice and no more than once per year, you may audit our security controls. We will provide our SOC 2 report and answer reasonable questionnaires in lieu of on-site audits.