/ compliance

Data Processing Agreement

Last updated July 11, 2026

1. Parties and roles

This Data Processing Agreement (“DPA”) forms part of the agreement between you (the “Controller”) and ErrTap Inc. (the “Processor”) for the ErrTap service. You determine the purposes of processing telemetry and account data; we process that data on your documented instructions.

2. Subject matter and duration

We process personal data contained in account records and in telemetry you send to the service (errors, performance, uptime, cron, and release metadata) for as long as your account is active and for any retention window published for your plan, then delete or anonymize it.

3. Nature and purpose of processing

Processing is limited to operating error tracking, alerting, uptime and cron monitoring, releasing features you configure, providing support, securing the platform, and meeting legal obligations.

4. Types of data and data subjects

Data may include identifiers, contact details, authentication tokens (hashed), IP addresses, user agents, and any personal data you embed in stack traces or payloads. Data subjects are your end users, employees, and other individuals whose data appears in your telemetry.

5. Controller instructions

You instruct us to process data solely to provide the service. You are responsible for scrubbing sensitive fields before ingestion where feasible and for ensuring you have a lawful basis to send data to ErrTap.

6. Security measures

We implement appropriate technical and organizational measures including encryption in transit and at rest, access controls, audit logging of sensitive actions, and isolation of customer projects by API key. Details are summarized on our Security page.

7. Subprocessors

You authorize us to engage subprocessors listed on our Subprocessors page. We will notify you of material changes and remain responsible for subprocessors’ performance under this DPA.

8. International transfers

Where personal data is transferred outside your jurisdiction, we use appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms required by applicable law.

9. Assistance and audits

We will assist with data subject requests, impact assessments, and breach notifications to the extent reasonably possible given the nature of processing. Upon written request and subject to confidentiality, we will make available information reasonably necessary to demonstrate compliance.

10. Deletion and return

On termination we will delete or return personal data in accordance with our retention practices, except where retention is required by law. Project tokens may be rotated or revoked at any time from your dashboard.

Questions? Email us at legal@errtap.com.

Data Processing Agreement — ErrTap