Data Processing Addendum

Under the GDPR, the UK GDPR, and equivalent data-protection laws, the customer (“Customer”) acts as the Controller of personal data ingested into a Contexta namespace, and Contexta acts as the Processor of that data. Contexta will process personal data only on documented instructions from the Customer, including those encoded in the configuration of the namespace, the published API surface, and any order form or signed addendum.

The categories of personal data processed under this DPA include:

• Identifiers and account metadata (name, email, organization, role).
• Customer-supplied content ingested into a namespace, which may include free-text messages, structured records, embeddings, and identifiers referenced inside those records.
• Usage telemetry (IP address, user agent, API path, namespace ID, latencies, error fingerprints).

• Customer's personnel (employees, contractors, support agents).
• Customer's end users and customers whose interactions Customer ingests.
• Third parties whose personal data appears in the content Customer ingests (e.g. named entities, support-ticket reporters).

For transfers of EU or EEA personal data outside the EEA, the European Commission's Standard Contractual Clauses (Decision 2021/914, Module 2 — Controller to Processor) are hereby incorporated by reference, with Contexta as “data importer” and Customer as “data exporter”. For UK personal data, the UK International Data Transfer Addendum (Version B1.0) is incorporated by reference and supplements the SCCs. Where the parties' signatures are required, the underlying services agreement executed by both parties constitutes signature of the SCCs and the UK Addendum.

Customer authorizes Contexta to engage subprocessors listed at /legal/subprocessors. Contexta will give at least 30 days' notice by email and via that page before activating a new subprocessor. If Customer reasonably objects in writing on data-protection grounds, the parties will work together in good faith; if no acceptable resolution is reached, Customer may terminate the affected service. Every subprocessor is bound by data-protection terms at least as strict as those in this DPA.

Contexta maintains technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. Controls include namespace isolation, per-namespace Data Encryption Keys, transport encryption (TLS 1.3), least-privilege access, vulnerability management, and a non-destructive audit ledger. The current control set is described in detail at /security.

Contexta will notify Customer without undue delay and in any event within 72 hoursof becoming aware of a personal data breach affecting Customer's data. Notice will describe the nature of the breach, the categories and approximate volume of data and data subjects concerned, the likely consequences, and the measures taken or proposed. Notice will be sent to the security contact on file plus the account administrator(s) for the affected namespace.

Contexta will assist Customer in responding to data subject requests via appropriate technical and organizational measures, including programmatic access to the right-to-be-forgotten endpoint at POST /v1/forget. The endpoint retracts the underlying graph edges, hard-purges payloads per the namespace retention policy, and emits a non-destructive audit entry — so Customer can prove to a supervisory authority that erasure occurred, when, and why.

Contexta will make available to Customer all information necessary to demonstrate compliance with this DPA and the GDPR, including the latest SOC 2 report (once available), security questionnaires, and the public security page. Where applicable law requires an on-site audit beyond those artifacts, the parties will agree on scope, timing, and confidentiality before the audit begins.

On termination of the services, Contexta will, at Customer's choice, return or delete all personal data processed on Customer's behalf within 30 days, unless retention is required by applicable law. Backup copies are purged on the documented rotation; encryption keys are destroyed promptly thereafter.