This Data Processing Addendum ("DPA") supplements the Ascend One Terms of Service between Ascend One ("Processor") and the customer ("Controller").
1. Scope
Ascend One processes personal data on behalf of the Controller to provide the Services described in the Terms.
2. Sub-processors
- Lovable Cloud — application hosting, database, authentication, file storage.
- Email delivery provider — transactional and account email.
- Analytics provider — aggregate usage metrics.
3. Security measures
Encryption in transit (TLS) and at rest; row-level access controls; least-privilege service credentials; logging and monitoring; periodic access reviews.
4. Data subject rights
Ascend One will assist the Controller in responding to data subject requests (access, correction, deletion) using the in-app self-service tools and, where necessary, administrative export.
5. Breach notification
Ascend One will notify the Controller without undue delay (and in any case within 72 hours of confirmation) of any breach of personal data.
6. International transfers
Where personal data is transferred outside the data subject's region, transfers rely on appropriate safeguards (e.g. Standard Contractual Clauses).
7. Contact
DPO / privacy contact: legal@getascendone.com.
