legal
Data Processing Terms
Perathos keeps public data-processing language conservative. We do not publish a generic executed DPA or claim GDPR compliance without a signed agreement and deployment-specific controls.
Public page status
This page is a procurement information page, not a signed Data Processing Agreement. Signed data processing terms are reviewed during contracting when personal data is in scope.
Processing purpose
Perathos processes customer data only to provide, evaluate, secure, support, and improve the contracted service unless a signed agreement says otherwise.
Customer instructions
Production data processing should be governed by the order form, service agreement, and any signed DPA. A pilot can be scoped to avoid personal data where possible.
Security measures
Security measures are documented per deployment. We avoid claiming specific encryption, testing, or infrastructure controls publicly unless they are implemented and evidenced for that environment.
Subprocessors
Subprocessor categories are published for planning. The actual subprocessor list should be confirmed during diligence for the customer environment.
Deletion and retention
Retention and deletion commitments are defined by product capability and contract. Customers should review the data retention page before sending production data.
Need DPA review?
Use the enterprise onboarding path. We will scope data categories, subprocessors, retention, deletion, customer responsibilities, and signed terms before production use.