Data Processing Agreement

1. Overview

This Data Processing Agreement ("DPA") forms part of the Terms of Service between UNI.social and the Customer. It reflects the parties' agreement with regard to the processing of Personal Data.

2. Roles and Responsibilities

• Customer as Controller: The Customer determines the purposes and means of processing Personal Data.
• UNI.social as Processor: UNI.social processes Personal Data only on behalf of and in accordance with the Customer’s instructions.

3. Sub-processors

UNI.social may engage sub-processors to provide aspects of the Service. A current list of sub-processors (including AWS, Firebase, Stripe) is available upon request or via our Security Portal.

4. Data Transfers

Personal Data may be processed in the United States or any other country in which UNI.social or its sub-processors maintain facilities. We ensure all transfers comply with applicable data protection laws.

5. Security Measures

UNI.social maintains appropriate technical and organizational measures to protect Personal Data against unauthorized or unlawful processing, as detailed in our Security Policy.