Legal

Data Processing Agreement

We process customer data solely under their instructions — with clear boundaries, strong security, and full alignment with GDPR, CPRA, and international transfer requirements.

July 18, 2025

1. Introduction

This Data Processing Agreement (“DPA”) forms part of the Master Agreement, Terms of Service, or other applicable agreement (“Principal Agreement”) between Anyset Inc. and its Customer. It outlines the parties’ obligations regarding the processing and protection of personal data in accordance with applicable privacy regulations.

2. Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Processing: Any operation performed on Personal Data, whether or not by automated means.
  • Controller: The Customer who determines the purposes and means of processing.
  • Processor: Anyset, which processes Personal Data on behalf of the Controller.
  • Sub-processor: Third parties engaged by Anyset to process data on its behalf.

3. Scope & Roles

This DPA applies where Anyset processes Personal Data on behalf of the Customer. Customer is the Data Controller, and Anyset is the Data Processor.

4. Processing Purpose & Instructions

Anyset will only process Personal Data to provide services under the Principal Agreement and in accordance with Customer’s documented instructions, unless required by law.

5. Security Measures

Anyset maintains appropriate technical and organizational measures to protect Personal Data, including:

  • Encryption at rest and in transit
  • Access control and authentication
  • Regular security audits and vulnerability assessments
  • Least privilege access policies
  • Activity logging and monitoring

Details are outlined in our Data Privacy & Protection Policy.

6. Confidentiality

Anyset ensures that all personnel with access to Personal Data are bound by confidentiality obligations.

7. Sub-processing

Anyset may engage Sub-processors to support service delivery. All Sub-processors are subject to data protection obligations no less protective than those in this DPA. A list of current Sub-processors is available upon request.

8. Data Subject Rights

Anyset will assist Customer in responding to data subject requests, including access, rectification, deletion, restriction, and portability, as required by law.

9. Data Transfers

Where Personal Data is transferred outside of the EEA, UK, or Switzerland, Anyset relies on:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Additional safeguards, where applicable

Anyset will not transfer data to a third country unless appropriate legal mechanisms are in place.

10. Data Retention & Deletion

At termination of the agreement, Customer may request deletion or return of all Personal Data. Anyset deletes remaining backups in accordance with its data retention policies.

11. Audits

Upon written request, Anyset will provide relevant documentation or third-party audit reports to demonstrate compliance with this DPA.

12. Liability

Liability under this DPA is subject to the limitations set out in the Principal Agreement.

13. Contact

For questions about this policy or to submit a privacy rights request:
Email: privacy@anyset.ai
Phone: +1 (437) 900-2214
Website: www.anyset.ai

Demo

Ready to see it in action?

Explore how Anyset can streamline your next project—from kickoff to closeout—with a quick, hands-on demo.

Get a demo

Continuity—from precon through closeout

Products

SpecsCloseoutDocs

Legal

Privacy Policy
Terms of Service
Information Security Policy
Data Privacy & Protection Policy
Data Processing Agreement
AI Governance Policy
Cookie Policy

Contact

contact@anyset.ai+1 (437) 900-2214
Copyright © footer-year Anyset AI (Anyset Inc.)