Data Processing Agreement

1. Definitions

"Controller", "Processor", "Data Subject", "Personal Data", and "Processing" have the meanings given in the General Data Protection Regulation (EU) 2016/679 ("GDPR"). "Customer" means the entity or individual that has entered into the Terms of Service with promptShield. "Customer Personal Data" means personal data that promptShield processes on the Customer's behalf under these terms.

2. Roles of the Parties

With respect to account and licensing data, the Customer is the Controller and promptShield is the Processor. With respect to document content processed inside the application, no processing by promptShield occurs: all detection and redaction runs locally on the Customer's device, and the Customer remains the sole Controller and processor of that content. promptShield neither receives, stores, nor has any technical means to access document content.

3. Scope and Subject Matter of Processing

The only personal data promptShield processes on the Customer's behalf is:

• Identity and contact data — email address used for the account.
• Billing data — billing details processed via Stripe; card numbers are never stored by promptShield.
• Licensing data — a SHA-256 machine fingerprint and subscription state used to enforce device limits and entitlement.

Document content, detected entities, and redacted output are expressly out of scope: they are processed only on the Customer's device and are never transmitted to promptShield.

4. Duration

Processing continues for the duration of the subscription. On termination, account data is deleted on request, and machine fingerprints tied to expired licenses are deleted automatically after 90 days, as described in the Privacy Policy.

5. Sub-Processors

The Customer authorizes promptShield to engage the sub-processors listed in our Privacy Policy (currently Firebase Authentication, Stripe, Google Cloud, Sentry, and Resend), each receiving only the data necessary for its function. We will reflect additions or replacements in the Privacy Policy's last-updated date and provide a reasonable opportunity to object.

6. Security Measures

promptShield implements appropriate technical and organizational measures, including TLS encryption in transit, bcrypt-hashed credentials, Ed25519-signed license verification, signed binaries, and personal-data scrubbing of crash reports. Because document content is never transmitted, the most sensitive category of data carries no transmission or server-storage risk by design. See our Security page for detail.

7. International Transfers

Account and licensing data is processed on cloud infrastructure located in the United States. Where required, transfers are governed by appropriate safeguards such as the EU Standard Contractual Clauses, available on request.

8. Data Subject Requests

promptShield will assist the Customer, taking into account the nature of processing, in responding to requests from Data Subjects to exercise their rights of access, rectification, erasure, restriction, portability, and objection. Because document content is never received, such requests concern only account and licensing data.

9. Personal Data Breach

promptShield will notify the Customer without undue delay after becoming aware of a personal data breach affecting Customer Personal Data, and will provide the information reasonably necessary for the Customer to meet its own notification obligations.

10. Audits

promptShield will make available, on reasonable request and subject to confidentiality, the information necessary to demonstrate compliance with this DPA. Given the local-only processing model, the documents subject to anonymization are not within promptShield's systems and therefore not within the scope of any such audit.

11. Return and Deletion

On termination, and on the Customer's request, promptShield will delete Customer account and licensing data, except where retention is required by law. Document content requires no return or deletion because it was never in promptShield's possession.

12. Contact

To request a countersigned copy of this DPA, the Standard Contractual Clauses, or to raise a data-protection question, contact us at legal@promptshield.ca.