GO-ORCA logoGO-ORCA

Legal

Data Processing Addendum

Last updated: April 29, 2026

This Data Processing Addendum (“DPA”) forms part of the agreement between the client (“Controller”) and Go-Orca.Tech (“Processor”) for the provision of services that involve processing of personal data.

1. Definitions

“Personal Data”, “Processing”, “Controller”, “Processor”, “Data Subject”, and “Sub-processor” have the meanings given in applicable data protection laws.

2. Roles and scope

The Controller determines the purposes and means of processing. Go-Orca.Tech acts as a Processor and processes Personal Data only on documented instructions from the Controller.

3. Security measures

  • Encryption in transit (TLS) and at rest where supported.
  • Role-based access controls and the principle of least privilege.
  • Strong authentication for all systems handling Personal Data.
  • Logging, monitoring, and regular review of access events.
  • Secure software development practices and code review.
  • Regular backups and tested recovery procedures.

4. Sub-processors

Go-Orca.Tech may engage sub-processors (e.g., cloud hosting, email delivery, analytics). We maintain a list of current sub-processors available on request.

5. Contact

To request a signed copy of this DPA, contact hello@go-orca.tech.

This document is provided as a starting template and does not constitute legal advice. Please have a qualified attorney review before relying on it for your business.