Data Processing Addendum
This is a non-binding template. Counter-signature available at procurement on request. EDGE Operator Ltd. acts as the Processor; the Customer is the Controller.
1. Processor role
EDGE Operator Ltd. ("EDGE", "we") processes personal data on behalf of the Customer ("Controller") strictly to provide the EDGE Terminal SaaS. We do not use customer personal data for our own purposes.
2. No personal data training
EDGE does not, and will not, use the Controller's personal data, trading-journal entries, or any other Restricted-class data to train any machine-learning model. Anthropic, our inference provider, processes prompts under the Zero Data Retention beta when ANTHROPIC_ZDR_ENABLED is set; absent ZDR, Anthropic retains prompts for 30 days strictly for abuse detection per their commercial terms.
3. Sub-processors
Current sub-processor list at /trust/sub-processors. We will notify the Controller of additions at least 30 days in advance and provide an objection mechanism.
4. Data residency
Primary database and backups live in EU-Central-1 (Frankfurt). AI inference traffic transits us-east-1 today; an eu-central-1 Bedrock route is available to enterprise customers.
5. Termination & retention
On contract termination, EDGE will return or delete personal data within 30 days unless retention is required by law. Audit-log rows are retained for 7 years per CFTC 1.31 / SEC 17a-4 books-and-records requirements; personal identifiers in those rows are anonymised on account deletion.
6. GDPR Art. 28(3) compliance
EDGE only processes Controller personal data on documented Controller instructions; ensures authorised personnel are bound by confidentiality; takes appropriate technical and organisational measures (see /trust); engages sub-processors only after written authorisation; assists Controller in fulfilling data-subject requests and breach notifications; makes available all information necessary to demonstrate compliance.
7. Standard Contractual Clauses — Module Two
For international transfers, EDGE relies on the SCCs published by the European Commission (Decision 2021/914/EU), Module Two: transfer from Controller to Processor.
8. Audit rights
The Controller may audit EDGE's compliance once per calendar year with 30 days' notice. EDGE will provide the most recent SOC 2 Type II report (once available) in lieu of an on-site audit at the Controller's option.
9. On-premises option
For Controllers with stricter data-isolation requirements, EDGE offers an on-premises deployment that eliminates the Processor relationship entirely; the Controller becomes both Controller and Processor of all customer data. Runbook at deploy/onprem/RUNBOOK.md.