Back to Home
GrowBridge Legal

Data Processing Agreement (DPA)

Last updated: February 18, 2026

This Data Processing Agreement ("DPA") applies when GrowBridge processes Personal Data on behalf of a customer ("Customer") in the context of providing the Service. This DPA is intended to meet the requirements of GDPR Article 28 and similar laws.

1. Roles

  • Customer is the Data Controller for Personal Data submitted to the Service.
  • GrowBridge is the Data Processor and processes Personal Data only on documented instructions from Customer.

2. Processing Details

Subject matter: providing the Service (prospecting, enrichment, messaging, orchestration, analytics, and integrations).
Duration: for the term of the Customer’s subscription and as needed for support, security, and legal compliance.
Nature and purpose: hosting, processing, and transmitting Customer data as required to provide the Service.
Types of Personal Data: contact and account identifiers, outreach content, usage logs, integration metadata, and related fields.
Categories of data subjects: Customer’s users, prospects/contacts, and other individuals included in Customer data.

3. Customer Obligations

  • Customer is responsible for the legality of the data and for providing required notices/consents.
  • Customer will ensure it has the right to connect and sync third-party services and data.

4. Processor Obligations

  • Process Personal Data only on documented instructions from Customer.
  • Ensure personnel are bound by confidentiality.
  • Implement appropriate technical and organizational measures to protect Personal Data.
  • Assist Customer with data subject requests to the extent applicable and feasible.
  • Notify Customer of Personal Data breaches without undue delay where required by law.

5. Subprocessors

Customer authorizes GrowBridge to use subprocessors to provide the Service (for example, cloud hosting and database providers). GrowBridge will require subprocessors to implement appropriate security and confidentiality measures.

6. International Transfers

Where Personal Data is transferred internationally, GrowBridge will use appropriate safeguards as required by applicable law.

7. Deletion and Return

Upon termination of the Service, GrowBridge will delete or return Personal Data in accordance with the Service’s capabilities and applicable law. Customer may request deletion via support@growbridge.ai.

8. Contact

DPA questions: support@growbridge.ai.