Data Processing Agreement
Last Updated: March 2026
This Data Processing Agreement ("DPA") forms part of the agreement between Brimble Inc and its customers.
1. Roles
Customer acts as the data controller. Brimble acts as the data processor.
2. Scope of Processing
Brimble processes data solely for the purpose of providing cloud infrastructure services.
3. Security Measures
Brimble implements security measures including: encryption in transit, access control policies, monitoring systems
4. Sub-processors
Brimble may engage approved sub-processors. A list is available on the Brimble Sub-processors page.
5. Data Breach Notification
Brimble will notify customers without undue delay after confirming a breach affecting customer data.
6. Data Retention and Deletion
Customer data will be deleted when services are terminated unless retention is legally required.
7. International Transfers
Data may be processed in multiple jurisdictions depending on infrastructure providers.