Legal
Data Processing Addendum (DPA)
This summary outlines our standard DPA. A signed copy with your details (controller name, processing instructions, etc.) is available upon request.
Security commitments
- Process personal data solely under customer instruction
- Apply administrative, technical, and physical safeguards appropriate to the risk
- Notify customers of security incidents without undue delay
- Assist with data subject requests and regulatory inquiries
- Support audits and provide documentation upon reasonable notice
Current subprocessors
- Google Workspace (email, documents)
- ClickUp (project and CRM management)
- Notion (knowledge base)
- OpenAI / Anthropic (AI platform partners, project dependent)
- AWS & GCP (infrastructure for client-hosted workloads, project dependent)
Need us to add or remove a subprocessor? Email legal@pocketctopartners.com and we will review within two business days.
Request a signed copy
Email legal@pocketctopartners.com with your legal entity name and we'll return a DocuSign-ready version within one business day.
Last updated: 2026