Data Processing Agreement
Effective Date: March 1, 2026
1. Scope
This DPA applies to the processing of personal data by Fimil Inc. ("Processor") on behalf of the customer ("Controller") in connection with the Service.
2. Processing Details
Fimil processes personal data solely to provide the Service as instructed by the Controller. Processing includes scanning metadata, user account information, and scan results.
3. Security Measures
Fimil implements technical and organizational measures as described in our Security Policy.
4. Sub-processors
A current list of sub-processors is maintained at the Fimil Trust Center.
5. Data Subject Rights
Fimil assists the Controller in fulfilling data subject requests. Contact privacy@fimil.dev.
6. Data Deletion
Upon termination, Fimil will delete or return all personal data within 30 days, unless retention is required by law.