Bodygraph
All Resources Arrow Policy Center
Related

Data Processing Agreement (DPA)

Last Updated: May 19, 2025

This Data Processing Agreement (“Agreement”) is entered into by and between Human Design Technologies Ltd., a company registered in England (“Data Processor”), and the User/Subscriber of the Bodygraph Chart Software (“Data Controller”).

1. Purpose of Processing

The Data Processor is engaged to process personal data on behalf of the Data Controller solely for the purposes of generating Bodygraph Charts and Reading Reports. Also, this includes providing technical support for the Bodygraph Chart Software. The personal data processed pertains to both the Data Controller and its clients—individuals who interact with the Bodygraph Chart Software embedded on the Data Controller’s website.

2. Types of Personal Data Processed

The Data Processor shall process the following categories of personal data (belonging to both the Data Controller and its clients):

  • First and Last Name

  • Email Address

  • Birth Data: Year, Month, Day, Time, and Location

3. Processing Activities

The Data Processor shall:

  • Display collected client data within the Statistics Dashboard, a feature available exclusively to the Data Controller.

  • Retain and store such data for a period not exceeding 90 days from the date of collection, after which the data will be automatically deleted unless otherwise required by law.

4. Data Security

The Data Processor shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. These measures include, but are not limited to:

  • Encryption of personal data

  • Regular security assessments

  • Staff training in data protection

  • Incident detection and response protocols

5. Use of Subprocessors

The Data Processor engages Stripe as a subprocessor for the purpose of handling payment transactions. Stripe processes payment information, including bank card details, in accordance with its own privacy policies and security standards.

6. Rights of Data Subjects

The Data Processor shall provide reasonable assistance to the Data Controller in fulfilling its obligations to respond to data subject requests, including but not limited to:

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to object

  • Right to data portability

This assistance will be in accordance with applicable data protection laws and regulations.

7. Term and Termination

This Agreement shall remain in effect for as long as the Data Controller maintains an active subscription to the Bodygraph Chart Software. Upon termination:

  • The Data Processor shall, at the choice of the Data Controller, either delete or return all personal data processed on its behalf, unless retention is required by applicable law.

8. Jurisdiction

This Agreement shall be governed by and construed in accordance with the laws of England and Wales.

By using the Bodygraph Chart Software, the Data Controller acknowledges and agrees to the terms set forth in this Data Processing Agreement.

Signed on behalf of the Data Processor:

Human Design Technologies Ltd.

Close

Related