Data processing addendum.

This addendum is incorporated into the agreement between Customer and DataDam, Inc. ("DataDam") for use of the DataDam product. Where DataDam processes personal data on Customer's behalf, Customer is the Controller (or Processor for its own customer's data) and DataDam is the Processor.

The architectural premise of DataDam is that the proxy runs in the Customer's environment with Customer's credentials and that customer query content, row values, and personally identifiable information do not flow to DataDam's control plane. This addendum applies to the limited categories of personal data DataDam does receive (account user data, control-plane configuration, rollup telemetry).

DataDam will process personal data only on documented instructions from Customer, including for transfers, except as required by applicable law. The agreement (including configuration in the control plane) constitutes Customer's complete documented instructions.

Categories of personal data processed by DataDam in the control plane: account user email address, role assignment, authentication metadata, IP address of console access, identity-provider claims for SSO sessions.

Categories of data subjects: Customer's authorized administrators, operators, and analysts of the DataDam control plane.

DataDam does not receive end-user PII through the proxy. Field-level masking, tokenization, and PII redaction are applied at the proxy before any telemetry crosses to the control plane.

DataDam maintains the technical and organizational measures described at mydatadam.com/security. Highlights: encryption at rest (AES-256) and in transit (TLS 1.2+); per-org row level security at the database; immutable, hash-chained audit rollup; HttpOnly, encrypted session cookies; per-org salted hashing for masked identifiers; no LLM in the governance loop.

DataDam personnel authorized to process personal data are bound by written confidentiality obligations. Access to production systems is limited to the smallest subset of personnel necessary for service operation and is audited.

Customer authorizes DataDam to engage subprocessors to provide the service. The current subprocessor list and a notice mechanism for additions will be published as part of the customer console prior to general availability. DataDam remains liable for subprocessor acts and omissions to the same extent as for its own.

Where personal data is transferred from the European Economic Area, the United Kingdom, or Switzerland to a country not deemed adequate, the parties incorporate the applicable Standard Contractual Clauses. The customer-deployed proxy architecture allows Customer to keep customer data within a chosen jurisdiction; control-plane processing occurs in the United States by default.

DataDam will assist Customer in responding to requests from data subjects to exercise rights of access, correction, deletion, restriction, objection, and portability, taking into account the nature of processing and the information available to DataDam.

DataDam will notify Customer without undue delay after becoming aware of a personal data breach affecting Customer's data and will provide such information as Customer reasonably requires to fulfill its own breach-notification obligations.

DataDam will make available to Customer the information necessary to demonstrate compliance with this addendum, including the audit rollup, evidence-export endpoints, and the most recent independent attestation when one is available. Customer may request reasonable additional audit cooperation no more than once per year and at Customer's expense.

On termination, DataDam will, at Customer's election, return or delete personal data processed under this addendum within 30 days, except where retention is required by law.

In case of a conflict between this addendum and the agreement, this addendum controls in respect of personal data processing.

Privacy and DPA queries: privacy@mydatadam.com.