Legal
Last updated: May 2026 · Draft — not yet legally reviewed
The DPA will document: controller/processor roles, processing activities (AI model pipelines, email service provider API calls, audit logging), sub-processors (Azure OpenAI, SendGrid, Stripe, Azure SQL), data residency (South Africa North primary), POPIA and GDPR Article 28 obligations, and the customer's right to audit.
Until GA, this page is a placeholder. To request a draft DPA for procurement purposes, email: legal@newsletterssuck.email