Data Processing Agreement
Last updated: TODO(founder) — set on first real publish
This page is a reviewed template, not final legal advice. Sections marked TODO(founder/lawyer) must be completed or confirmed by a lawyer qualified in Czech/EU law before this policy is relied upon in production.
This Data Processing Agreement ("DPA") applies where you (the "Customer") upload photos or other content that may contain personal data, and Stagio processes that content on your behalf as a processor under Article 28 GDPR. TODO(founder/lawyer): this template needs execution mechanics (e.g. signature block, incorporation-by-reference clause into the Terms) before it is a binding standalone agreement.
1. Roles
For personal data contained in photos you upload (e.g. incidental images of people, or property/owner details you include), the Customer is the data controller and Stagio is the data processor. For Stagio's own account/billing data about you, Stagio is the controller (see the Privacy Policy).
2. Subject matter and duration
Stagio processes Customer content for the duration of the Customer's use of the service, subject to the retention and deletion rules described in the Privacy Policy (30-day default retention, immediate per-project deletion, and immediate purge on account deletion).
3. Nature and purpose of processing
Automated image staging and decluttering, automated quality-control scoring, storage of originals and outputs, and delivery/export of the resulting images to the Customer.
4. Categories of data and data subjects
Primarily property imagery; personal data is typically limited to incidental content within photos (e.g. a person visible in a room) and the Customer's own account contact details. Special-category data is not intentionally processed and Customers must not upload content designed to capture it.
5. Processor obligations
Stagio will: process content only on documented instructions (i.e. to provide the service); ensure personnel with access are bound by confidentiality; implement appropriate technical and organizational security measures; assist the Customer in responding to data-subject requests and security incidents; and delete or return Customer content at the end of the engagement, subject to the tax-retention carve-out for invoices/ledger entries described in the Privacy Policy.
6. Subprocessors
The Customer authorizes Stagio's use of the subprocessors listed on the Subprocessors page. TODO(founder): define and publish the advance-notice period (e.g. 30 days) before onboarding a new subprocessor, and the Customer's right to object.
7. International transfers
TODO(lawyer): confirm and attach EU Commission Standard Contractual Clauses (or an equivalent transfer mechanism) for any subprocessor located outside the EU/EEA, notably any US-based AI model provider used for quality control.
8. Audits
TODO(lawyer): define reasonable audit rights (e.g. annual, on notice, using a mutually agreed third-party auditor or existing certifications in lieu of an on-site audit).
9. Deletion on termination
On termination, Customer content is deleted according to the same retention rules described in the Privacy Policy: immediately on request via account deletion, or automatically after the 30-day default retention period for anything not explicitly deleted sooner.
10. Liability
TODO(lawyer): liability allocation between controller and processor, consistent with the main Terms of Service.
11. Governing law
TODO(lawyer): confirm, expected to mirror the Terms of Service (laws of the Czech Republic).