Data Processing Agreement
Our default DPA for tenants who process personal data through Numezis.
When you use Numezis to process personal data (employee records, customer contacts, supplier representatives), Numezis acts as a processor and you act as the controller. This page summarizes our default Data Processing Agreement (DPA). The full signable PDF is available from Settings → Legal → Data Processing Agreement inside the app.
Scope
The DPA covers all personal data you submit to Numezis through:
- The application UI (any of the 5 portals).
- API integrations.
- Email ingestion (
<...>@<tenant>.in.numezis.com). - File uploads, including OCR processing of PDFs and images.
Roles
| Role | Who |
|---|---|
| Data subject | Employees, customers, suppliers, and other individuals whose data you enter |
| Controller | You (the Numezis tenant) |
| Processor | Numezis Sàrl |
| Sub-processors | See list below; same DPA terms flow down |
Sub-processors
We maintain a current list at the bottom of this page. We notify tenants in writing (or via in-app banner) at least 30 days before adding or replacing a sub-processor.
Current sub-processors:
| Vendor | Purpose | Location |
|---|---|---|
| Google Cloud | Hosting, storage, KMS | Zurich (CH) |
| Mistral AI | Document OCR | EU |
| Sentry | Error monitoring | EU |
| Stripe | Subscription billing | EU/US (SCC) |
| SIX bLink | Bank connectivity | Switzerland |
Security commitments
- Encryption at rest and in transit (see Security).
- Tenant data isolation enforced at the application layer.
- Personnel with production access: limited, MFA-required, logged.
- Sub-processors contractually bound to equivalent standards.
Data subject requests
When one of your data subjects exercises a right under revFADP or GDPR (access, rectification, erasure, restriction, portability, objection), you can:
- Use the tools at Settings → Data subject requests to fulfill it.
- Or request assistance from
dpo@numezis.comif technical help is needed.
Term and termination
The DPA runs for the duration of your Numezis subscription. On termination, we delete or return your personal data within 90 days at your choice. Backups are purged within an additional 30-day cycle.
Data location
Primary data is stored in Switzerland (europe-west6). Some
sub-processors (Stripe, Sentry) process data in the EU. The
Mistral OCR endpoint runs in the EU; document content is not retained
beyond the inference request.
Updates to this DPA
Material changes are notified in writing with 30 days' notice. Tenants that disagree may terminate without penalty during that period.