Beta Preview

Some compliance features are in active development. Learn more โ†’

Data Processing Agreement (DPA)

Data Processing Agreement designed for GDPR Article 28 compliance (Enterprise Customers)

For Enterprise Customers

If your organization requires a signed Data Processing Agreement (DPA) to comply with GDPR Article 28, you can download our standard template below. The DPA covers our role as a data processor, security measures, subprocessors, and your rights as the data controller.

GDPR Article 28 Template

Template designed to address GDPR Article 28 requirements for data processor agreements.

Current Subprocessors

List of current subprocessors: Stripe, AWS, Storecove, FineoPay with Standard Contractual Clauses.

Security Measures

Details on AES-256 encryption, access controls, audit logs, and breach notification procedures.

Data Subject Rights

Assistance with access, erasure, portability, rectification, and other GDPR rights.

Download DPA Template

Download the template, fill in your company details, sign it, and email it to us.

Download DPA (Markdown) Contact Legal Team

How to Use This DPA

  1. 1
    Download the template

    Click the download button above to get the DPA template in Markdown format.

  2. 2
    Fill in your details

    Complete the sections marked with [To be completed] with your company information.

  3. 3
    Review and sign

    Have an authorized representative review and sign the agreement.

  4. 4
    Email to us

    Send the signed DPA to legal@encryptinvoice.com

  5. 5
    We'll countersign

    We'll review, countersign, and return a fully executed copy within 5 business days.

Frequently Asked Questions

Who needs a DPA?

Enterprise customers who process personal data of EU residents and need to comply with GDPR Article 28 requirements for processor agreements. This is typically required by your legal or compliance team.

Is there a cost for the DPA?

No, the DPA is provided free of charge to all Enterprise plan customers.

Can I modify the DPA terms?

For standard terms, please use the template as-is. If your organization requires custom DPA terms, contact legal@encryptinvoice.com and we'll work with you (Enterprise plans only).

What about subprocessor changes?

We will notify you by email at least 30 days before adding or changing subprocessors. You have the right to object if the change poses compliance risks.

We use cookies and privacy-respecting analytics

We use essential cookies for authentication and privacy-respecting analytics (self-hosted, respects Do Not Track). No advertising or third-party tracking. Learn more