Data Processing Addendum (DPA)

Effective date: 2026-02-06

This Data Processing Addendum applies when XperienC AI processes personal data on behalf of a customer in connection with the Service.

1) Roles

• Customer is the controller (or business) for customer data.
• XperienC AI is the processor (or service provider) for customer data.

2) Processing purpose

We process customer data only to operate and provide the Service, including account management, CRM sync, workflows, billing, and support diagnostics.

3) Data categories

• Account identifiers (name, email, role, org identifiers).
• CRM records (accounts, contacts, and related metadata).
• Operational telemetry required for reliability and support.

4) Confidentiality and security

We apply reasonable technical and organizational measures, including encryption in transit, protected credential handling, and role-limited access controls.

5) Subprocessors

We may use subprocessors to run the Service (for example Cloudflare, Stripe, and SendGrid). Subprocessors are bound by confidentiality and security obligations.

6) Deletion and return

Upon verified request or account termination, we delete or return customer data within a reasonable period, unless retention is required for legal, billing, or audit obligations.

7) Incident notification

We notify affected customers without undue delay after confirming an incident affecting customer data.

Contact

Email support@xperienc.ai.