SentientPro Data Processing Addendum (DPA)
Last updated: January 1, 2026
1. Purpose and Scope
This Data Processing Addendum (“DPA”) forms part of and is incorporated into the SentientPro Terms of Service or other written agreement between Customer and SentientPro governing Customer’s use of the Services (“Agreement”). This DPA applies to SentientPro’s processing of Personal Data on behalf of Customer as a processor, and to Customer as the controller, as defined under applicable Data Protection Laws.
2. Definitions
Personal Data means any information relating to an identified or identifiable natural person as defined under Data Protection Laws.
Customer Data means any data, content, emails, calendar information, CRM data, or files submitted or connected by Customer for processing by the Services. Account Information refers solely to administrative or billing data. SentientPro’s processing of user data is subject to the Google API Services User Data Policy, including the Limited Use requirements.
Data Protection Laws include GDPR, UK GDPR, CCPA/CPRA, PIPEDA, VCDPA, and other applicable laws.
Subprocessor means any third party engaged by SentientPro to process Personal Data on behalf of Customer.
SCCs means the EU Standard Contractual Clauses.
IDTA means the UK International Data Transfer Addendum.
3. Roles of the Parties
Customer is the controller determining the purposes and means of processing. SentientPro acts as a processor for Customer Data and as an independent controller for aggregated analytics, security, and product improvement data.
4. Customer Instructions
SentientPro processes Personal Data only per Customer’s documented instructions, the Agreement, and this DPA. SentientPro does not sell Personal Data, share it for cross-context behavioral advertising, or use it to train generalized AI models without explicit Customer opt-in.
5. Processing Activities
Subject Matter: Provision of the Services.
Duration: Duration of the Agreement plus retention allowed under this DPA.
Nature of Processing: Storage, retrieval, transmission, analysis, AI-enabled processing.
Types of Personal Data: Contact info, identifiers, communications, uploaded content, usage logs.
Data Subjects: Customer’s end users, employees, contractors, and other individuals.
6. AI and Machine Learning Processing
AI processing is used only to provide the Services. Customer Data is not used to train generalized models without explicit opt-in. Aggregated, anonymized data may be used for security and product improvement.
7. Confidentiality
SentientPro ensures personnel are bound by confidentiality obligations. Customer Data is treated as Confidential Information.
8. Security Measures
SentientPro maintains industry-standard safeguards, including encryption, monitoring, access controls, and secure development practices.
9. Data Breach Notification
SentientPro notifies Customer without undue delay of any Security Incident affecting Customer Personal Data, including required details and ongoing updates.
10. Subprocessors
Customer authorizes SentientPro to use subprocessors. SentientPro remains responsible for their actions and maintains an updated subprocessors list. Subprocessors are prohibited from using Customer Data for any purpose other than providing services to SentientPro.
11. International Transfers
SentientPro uses lawful transfer mechanisms including SCCs, IDTA, and TIAs for global data transfers.
12. Data Subject Requests
SentientPro assists Customer in responding to Data Subject Requests, including access, correction, deletion, and restriction requests. To submit a Data Subject Request, please contact support@sentientpro.com or privacy@sentientpro.com.
13. Data Return and Deletion
Upon termination, Customer may export data. SentientPro deletes Personal Data within ninety (90) days unless legally required to retain it. Backups purge within one hundred eighty (180) days.
14. Customer Responsibilities
Customer agrees to provide lawful instructions, obtain necessary consents, secure access credentials, and review AI outputs for accuracy.
15. Liability
Liability follows the Agreement, except where prohibited by law.
16. Audit and Compliance
SentientPro provides documentation for compliance and supports audits once per year with thirty (30) days' notice.
17. Governing Law
This DPA follows the Agreement’s governing law unless required otherwise by Data Protection Laws.
18. Entire Agreement
This DPA is part of the Agreement. In case of conflict, order of precedence: DPA, Terms of Service, other documents.
19. Contact
For questions regarding this DPA or data processing activities, please contact: