Data Processing Agreement
This website is owned and operated by Aimavrik Technologies LLP under the AiMavrik brand. In this document, “AiMavrik”, “we”, “us” and “our” refer to Aimavrik Technologies LLP.
This page explains, in plain English, how we handle personal data we process on your behalf. For a formal DPA to accompany a signed agreement, contact us. Where a signed DPA exists, it governs.
1. Purpose & roles
When we process personal data on your instructions — for example, data inside a system we operate for you, or content in your Catalyst workspace — you are the controller and AiMavrik is the processor. For our own enquiry and relationship data, we are the controller (see our Privacy Policy).
2. Scope
This covers personal data we process to provide the Services, the categories of data involved, and the duration of processing, as described in your agreement and our Privacy Policy.
3. Customer responsibilities
- Ensure you have a lawful basis to share the data with us.
- Provide accurate instructions and only the data needed.
- Manage your users’ access and handle data-subject requests you control.
4. Our obligations
- Process personal data only on your documented instructions.
- Keep it confidential and ensure personnel are bound by confidentiality.
- Apply appropriate security measures (see our Security page).
- Assist you with data-subject requests and, where required, breach notification.
5. Data ownership
You own your Customer Data. We claim no ownership of it and use it only to provide the Services.
6. Retention & deletion
We retain personal data for the period needed to provide the Services or as required by law, then delete or return it. Indicative periods are in our Data Retention Policy. On termination you will have a reasonable opportunity to export Customer Data before deletion.
7. International transfers
Where data is transferred across borders, we rely on appropriate safeguards consistent with the DPDP Act and applicable transfer mechanisms.
8. Security
We apply the technical and organisational measures described on our Security page, including encryption in transit, access control and least privilege.
9. Sub-processors
We use vetted sub-processors to help deliver the Services, each bound by contract. The current list is on our Sub-processor List. We will inform you of material changes where your agreement requires it.
10. Assistance
We will provide reasonable assistance with data-protection impact assessments, data-subject requests, and audits appropriate to the engagement.
11. Term
This applies for as long as we process personal data on your behalf. On termination, data handling follows section 6.
12. Contact
To request a signed DPA or ask a question, email hello@aimavrik.com.
| Topic | Contact |
|---|---|
| General enquiries | hello@aimavrik.com |
| Privacy & data protection | hello@aimavrik.com |
| Security | hello@aimavrik.com · see Responsible Disclosure |
| Legal notices | hello@aimavrik.com |