RELIANOID Data Processing Agreement (DPA)

Last Reviewed: 14th April 2025
Next Review Due: 14th April 2026
(Public Summary)

Purpose

This Data Processing Agreement (“DPA”) outlines how RELIANOID processes personal data on behalf of its customers in connection with the provision of our load balancing software, hardware, and cloud services. It ensures compliance with applicable data protection regulations, including the General Data Protection Regulation (GDPR).

Scope of Processing

RELIANOID acts as a data processor when handling personal data transmitted through, or stored in, our services. This may include:

  • IP addresses
  • HTTP headers or metadata
  • Admin user account details (name, email)
  • Logs containing end-user identifiers (depending on customer configuration)

Note: RELIANOID does not intentionally access or store application-layer personal data unless provided by the customer.

Roles and Responsibilities

  • Customer (Data Controller): Determines the purpose and means of data processing.
  • RELIANOID (Data Processor): Processes data only on the customer’s documented instructions.

Data Security Measures

RELIANOID maintains technical and organizational safeguards to protect data, including:

  • Encryption in transit and at rest
  • Role-based access controls
  • Logging and monitoring
  • Regular vulnerability and penetration testing
  • Staff training in data privacy and security

More details are available in our Security and Compliance page.

Data Location and Transfers

Customer data is processed in data centers located in London (UK) and replicas in San Francisco (USA) and Spain (Europe). Cross-border transfers, if any, are governed by Standard Contractual Clauses (SCCs) or equivalent safeguards.

Sub-Processors

RELIANOID uses select sub-processors to support service delivery (e.g., hosting providers, support tools). Each sub-processor is:

  • Bound by equivalent DPA terms
  • Assessed for security and compliance

Data Subject Rights and Assistance

We support our customers in responding to:

  • Access, rectification, and deletion requests
  • Restriction or objection to processing
  • Data portability requests

Data Retention and Deletion

Data is retained only as long as needed for the purpose defined by the customer. Upon contract termination or customer request, data is securely deleted within 90 days.

Breach Notification

In the event of a personal data breach affecting customer data, RELIANOID will:

  • Notify affected customers without undue delay
  • Provide sufficient detail to support regulatory reporting and risk mitigation

Data Subject Rights & Requests

Under the GDPR, individuals have the right to access, rectify, and erase their personal data, as well as other rights related to the processing of their data. RELIANOID assists clients in managing data subject requests by providing clear processes for:

  • Access requests: Allowing individuals to request copies of their personal data.
  • Rectification: Enabling individuals to correct inaccurate or incomplete data.
  • Erasure requests: Facilitating individuals’ requests to delete their personal data when applicable.

We work closely with our clients to ensure that data subject rights are respected and that requests are addressed promptly.

Final Statement

RELIANOID is committed to ensuring compliance with data protection regulations, including the GDPR, through robust Data Processing Agreements. Our DPA reflects our commitment to safeguarding personal data, maintaining data security, and supporting.

Document Reviews

DateComment
14th April 2025Document creation

Contact and Assurance

We welcome requests for detailed security documentation, risk mapping matrices, or compliance disclosures.

Contact our Compliance & Security Team

Download Latest Security Report