Legal

Data Processing Addendum

Last updated: May 15, 2026.

1. Scope

This Addendum applies to Tenalytics' processing of Customer Personal Data on behalf of Customer in connection with the Services described in the Master Agreement.

2. Roles

Customer is the Controller; Tenalytics is the Processor. Tenalytics will Process Customer Personal Data only on documented instructions from the Customer.

3. Subprocessors

Tenalytics maintains a current list of authorized subprocessors at /legal/subprocessors. Customer may object to new subprocessors with reasonable notice.

4. Security

Tenalytics implements appropriate technical and organizational measures including encryption in transit and at rest, access controls, audit logging, and incident response procedures.

5. International transfers

Where applicable, transfers are governed by Standard Contractual Clauses or other lawful transfer mechanisms.

6. Data subject requests

Tenalytics will reasonably assist Customer in responding to data subject requests within applicable legal timeframes.

7. Audit

Subject to confidentiality, Customer may request an annual security review or audit summary on reasonable notice.

8. Return and deletion

On termination, Tenalytics will return or delete Customer Personal Data on request, subject to legally required retention.

9. Contact

Email privacy@tenalytics.com to execute a signed copy of the DPA.