This DPA is entered into between SoftwareValue.ai and the Customer in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the UK Data Protection Act.

The Customer is the data controller. SoftwareValue.ai acts as a data processor on behalf of the Customer.

SoftwareValue.ai will provide reasonable assistance to the Customer in conducting Data Protection Impact Assessments (DPIAs) or prior consultations with supervisory authorities as required by applicable law.

SoftwareValue.ai maintains access logs for AI-related interactions and limits access to such data to authorized personnel only. Access is subject to periodic internal review.

SoftwareValue.ai will process Customer Personal Data solely to provide the Service and only in accordance with documented instructions from the Customer.

SoftwareValue.ai uses trusted subprocessors, including OpenAI, Anthropic, and Fireworks.ai and Google, for AI-powered features. A current list of subprocessors is available upon request.

SoftwareValue.ai implements appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or misuse.

Data may be transferred outside of the EEA or UK to subprocessors in compliance with applicable data transfer mechanisms, such as Standard Contractual Clauses.

SoftwareValue.ai will assist the Customer in fulfilling requests from data subjects, such as access, rectification, or deletion of personal data.

Upon termination of the Service, SoftwareValue.ai will delete or return Customer Personal Data, unless retention is required by law.
 

Customers may request an audit of SoftwareValue.ai’s processing activities no more than once per year with 30 days’ notice.

SoftwareValue.ai will notify the Customer without undue delay upon becoming aware of a personal data breach affecting Customer Personal Data.