This Data Processing Addendum is intended as a template for business customers that require contractual privacy commitments. It should be finalized in a signed agreement before enterprise deployment.

1. Roles of the parties

Depending on the deployment model, the customer may act as controller of business contact data and any support-submitted materials, and the operator may act as processor only to the limited extent necessary to provide support, billing administration, and related commercial operations. The product itself is described as desktop-first and designed to keep tutorial session files local to the customer device during normal use.

2. Subject matter and duration

Processing under this addendum covers the limited commercial and support activities necessary to deliver the software, maintain customer communications, process billing records, and respond to support inquiries for the term of the commercial relationship.

3. Nature and purpose of processing

Processing may include account administration, payment operations, support correspondence, issue triage, procurement documentation, and security communications. It does not claim that the operator receives the customer’s raw screen recordings or local session assets in the ordinary software workflow.

4. Categories of data

Typical categories may include names, business emails, billing references, support messages, technical logs voluntarily shared for troubleshooting, and records required for contract performance or legal compliance.

5. Processor obligations

The operator will process covered data only on documented instructions, implement reasonable safeguards, limit access to those with a business need, and assist the customer with legally required privacy responses to the extent reasonably possible and proportionate.

6. Subprocessors

Possible subprocessors may include hosting, email, payment, and AI providers where relevant to the contracted services. The final signed DPA should include an actual subprocessor list or a contract mechanism for disclosing them.

7. Cross-border transfers

Where processors or infrastructure operate outside the customer’s jurisdiction, transfers will be subject to the applicable legal transfer mechanism required under the governing privacy framework.

8. Security measures

Baseline measures may include controlled access to business systems, credential hygiene, least-privilege handling, update management, and reasonable protection of support and billing records. Customers should review the separate Security Overview page for operational context.

9. Return and deletion

Upon expiration or termination, covered data will be deleted or retained only as required for accounting, legal, dispute, or security purposes, subject to applicable law and legitimate recordkeeping obligations.

10. Priority and execution

This page is a procurement-oriented template. A signed customer-specific DPA should control over this public summary where enterprise contracting is required.