# Sentink — Data Processing Agreement (Scaffold Outline)

> **Not executed legal text.** Supply to counsel alongside your organisational risk register before countersignatures. Replace bracketed placeholders. Contact Sentink Legal via privacy@sentink.com for official PDF / DocuSign packages.

---

## Parties

**Controller**: [CUSTOMER ENTITY], address [______]

**Processor**: Sentink FZ‑LLC, Dubai, UAE

## 1. Subject matter & duration

Processor processes personal categories described in **Annex A** strictly to deliver SaaS workloads under order form **#[___]** while the workspace remains active unless earlier deletion instructions arrive per Section 6.

## 2. Nature & purposes

Hosting survey definitions, securing transmission channels, powering analytics workspaces, emitting exports, administering authentication and audit artefacts — always limited to SaaS functionalities enabled for the Controller’s tenant.

## 3. Obligations & instructions

Processor acts **only on documented Controller instructions**, including SCC / UK IDTA mandates when applicable sub-processors replicate duties. Suspicious unlawful instructions escalate to Processor DPO inbox.

## 4. Personnel & secrecy

Staff with logical access abide by written confidentiality pledges refreshed annually plus phishing-resistant MFA for privileged break-glass accounts.

## 5. Security measures _(summary)_

Described concretely in **Annex B** referencing encryption (TLS 1.3 transport, AES-256 class datastore encryption), segregation, patching SLAs, logging minima tied to DPIA proportionalities, intrusion detection, and security-assurance timelines (SOC 2 Type II targeted **Q4 2026**; ISO 27001 targeted **Q1 2027**)—surfaced as roadmaps **not yet** certification assertions.

## 6. Deletes & returns / portability

Upon termination Processor returns via export APIs then purges persistence layers subject to ninety-day cryptographic backup fades unless narrower enterprise schedules contractually prevail. Litigation holds flagged by Controller freeze targeted partitions only.

## 7. Cooperation & audits

Annual questionnaire cycle plus on-site / remote audits with ≥30 business-day notice capped twice yearly unless supervisory authorities compress timelines; Processor may invoice reasonable facilitation fees beyond baseline diligence.

## 8. Breach choreography

Incident bridge calls **without undue delay**; regulatory notifications articulated per GDPR Articles 33/34 interplay annex + PDPL escalation matrix when Emirates respondents exceed threshold triggers.

## 9. Standard Contractual Clauses / IDTA annex

[CUSTOMER attaches Module Two / Three selection + optional UK Addendum as applicable].

## Annex A — Data categories _(template)_

- Identifier classes (workspace admins, SSO metadata)
- Respondent answer payloads optionally containing special-category fields only when Controller configures such flows responsibly
- Low-cardinality telemetry (timestamps of saves, aggregated performance counters)

## Annex B — Security measures _(abridged)_

| Domain | Indicator |
|---------|-----------|
| Transport | Mandatory TLS 1.3 + HSTS on marketing endpoints |
| At rest | KMS-backed disk encryption tiers |
| Access | SSO / SCIM integrations optional; granular RBAC for admin APIs |
| Monitoring | SOC-style alert routing plus incident bridge runbooks |

## Contact

privacy@sentink.com • dpo@sentink.com • legal@sentink.com • security@sentink.com