Data processing addendum (DPA)
When your organization uses Jonarix to store prompts, run evaluations, or collaborate with team members, we may process personal data on your behalf (for example workspace member names and emails). This page summarizes how that relationship works. The legally binding text is in the full DPA we provide for signature or click-through acceptance.
1. Roles
You (Customer) are typically the controller of personal data you submit about your users and staff. Jonarix acts as a processor, processing that data only to provide the Services in accordance with the Terms of service and your written instructions (including settings you configure in the product).
2. Instructions
You instruct us through: (a) use of the Services as documented; (b) account and workspace configuration; (c) any executed order form or enterprise agreement. We will not use Customer personal data for independent profiling or advertising.
3. Subprocessors
We use vetted infrastructure and service providers (for example cloud hosting, email delivery, error monitoring). A current list is available on request and we will notify subscribing customers of material changes as described in your DPA.
4. Security & assistance
We implement appropriate technical and organizational measures as described in our Security disclosures and detailed schedules to the DPA. We will assist you—within reasonable scope—with data subject requests, impact assessments, and supervisory authority inquiries.
5. International transfers
Where personal data originating in the EEA, UK, or Switzerland is processed in other countries, we rely on appropriate safeguards such as Standard Contractual Clauses, supplemented as needed.
6. Deletion & return
On termination of the Services (subject to legal retention), we will delete or return Customer personal data according to the DPA and product capabilities. Some residual backup copies may persist for a limited period described in the DPA.
7. Audits
Enterprise customers may request reasonable information to confirm compliance, including questionnaires and summaries of independent audits where available.
8. Request the full DPA
Email info@jonarix.com with your company name, plan, and jurisdiction. We will send the latest DPA PDF or DocuSign envelope. For procurement or redlines, include your legal contact.
Related: Privacy policy · Terms of service
Important: This summary does not replace a signed DPA. Your counsel should review the full agreement against your regulatory context (GDPR, HIPAA BAA if applicable, etc.).