Data Processing Agreement

Last Updated: January 1, 2025

This Data Processing Agreement ("DPA") forms part of the Terms of Service between Neura Parse ("Processor") and you ("Controller") regarding the processing of personal data in connection with the Neura Agent platform.

This DPA applies where and only to the extent that Neura Parse processes personal data on behalf of the Controller in the course of providing the Service, and such personal data is subject to data protection laws.

1. Definitions

In this DPA, the following terms have the meanings set out below:

• "Controller": The entity that determines the purposes and means of processing personal data
• "Processor": Neura Parse, which processes personal data on behalf of the Controller
• "Personal Data": Any information relating to an identified or identifiable natural person
• "Processing": Any operation performed on personal data
• "Data Subject": An identified or identifiable natural person
• "GDPR": General Data Protection Regulation (EU) 2016/679

2. Scope and Nature of Processing

Subject Matter

The subject matter of processing is the provision of the Neura Agent AI workflow automation platform and related services as described in the Terms of Service.

Duration

Processing will continue for the duration of the Service agreement and as necessary to fulfill legal obligations thereafter.

Purpose of Processing

• Provision of the Neura Agent platform services
• Customer support and technical assistance
• Service improvement and optimization
• Compliance with legal obligations

Categories of Data Subjects

• Controller's employees and authorized users
• Controller's customers and end users
• Other individuals whose data is processed through workflows

Types of Personal Data

• Contact information (names, email addresses, phone numbers)
• Account and authentication data
• Workflow and automation data
• Usage and analytics data
• Any other personal data uploaded or processed through the Service

3. Processor Obligations

Processing Instructions

Neura Parse will process personal data only on documented instructions from the Controller, including with regard to transfers of personal data to third countries or international organizations.

Confidentiality

Neura Parse ensures that persons authorized to process personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

Security Measures

Neura Parse implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

• Encryption of personal data in transit and at rest
• Ability to ensure ongoing confidentiality, integrity, and availability
• Ability to restore availability and access to data in a timely manner
• Regular testing and evaluation of security measures

Sub-processors

Neura Parse may engage sub-processors with the Controller's general written authorization. Current sub-processors are listed in our Privacy Policy. We will notify Controllers of any changes to sub-processors.

4. Data Subject Rights

Neura Parse will assist the Controller in fulfilling data subject rights requests, including:

• Access: Providing access to personal data
• Rectification: Correcting inaccurate personal data
• Erasure: Deleting personal data when required
• Restriction: Limiting processing when requested
• Portability: Providing data in a structured format
• Objection: Stopping processing when objected to

5. Data Breach Notification

In case of a personal data breach, Neura Parse will:

• Notify the Controller without undue delay and within 72 hours of becoming aware
• Provide all relevant information about the breach
• Assist the Controller in notifying supervisory authorities and data subjects
• Implement measures to address the breach and prevent future occurrences

6. International Transfers

Personal data may be transferred to and processed in countries outside the EEA. Such transfers are protected by:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions for countries with equivalent protection
• Other appropriate safeguards as required by applicable law

7. Data Retention and Deletion

Upon termination of the Service agreement, Neura Parse will:

• Return or delete all personal data as instructed by the Controller
• Delete existing copies unless retention is required by law
• Provide certification of deletion upon request

8. Audits and Compliance

Neura Parse will:

• Make available information necessary to demonstrate compliance
• Allow for and contribute to audits conducted by the Controller
• Provide regular compliance reports and certifications
• Maintain records of processing activities

9. Liability and Indemnification

Each party's liability under this DPA is subject to the limitation of liability provisions in the Terms of Service. Each party will indemnify the other for claims arising from its breach of this DPA.

10. Contact Information

For questions about this DPA or to exercise data subject rights, please contact: