Legal

Data Processing Addendum

Last updated June 3, 2026

This Data Processing Addendum ("DPA") supplements the Ascend One Terms of Service between Ascend One ("Processor") and the customer ("Controller").

1. Scope

Ascend One processes personal data on behalf of the Controller to provide the Services described in the Terms.

2. Sub-processors

  • Lovable Cloud — application hosting, database, authentication, file storage.
  • Email delivery provider — transactional and account email.
  • Analytics provider — aggregate usage metrics.

3. Security measures

Encryption in transit (TLS) and at rest; row-level access controls; least-privilege service credentials; logging and monitoring; periodic access reviews.

4. Data subject rights

Ascend One will assist the Controller in responding to data subject requests (access, correction, deletion) using the in-app self-service tools and, where necessary, administrative export.

5. Breach notification

Ascend One will notify the Controller without undue delay (and in any case within 72 hours of confirmation) of any breach of personal data.

6. International transfers

Where personal data is transferred outside the data subject's region, transfers rely on appropriate safeguards (e.g. Standard Contractual Clauses).

7. Contact

DPO / privacy contact: legal@getascendone.com.