1. Subject matter
This Addendum governs Navodat's processing of personal data on behalf of the Customer in connection with the services.
2. Roles
Customer is the Controller (or Business). Navodat is the Processor (or Service Provider) and processes personal data only on documented instructions from the Customer.
3. Security
Navodat implements the technical and organizational measures described in Annex II, including encryption, access controls, and monitoring.
4. Subprocessors
Customer authorizes Navodat to engage the subprocessors listed in our Trust Center. We notify of material changes with an objection period.
5. International transfers
Where personal data is transferred out of the EEA, UK, or Switzerland, the Standard Contractual Clauses (with applicable addenda) are incorporated by reference.
6. Data subject rights
Navodat assists Customer in responding to data subject requests using the tools provided in the service and reasonable additional support.
7. Audits
Customer may audit Navodat's compliance annually, including via SOC 2 reports and on-site review with reasonable notice.
8. Term
This Addendum applies for the duration of the subscription. Upon termination, personal data is deleted or returned per Customer instructions.
Request a signed copy
Email legal@navodat.com or use the contact form to request a counter-signed DPA.