ALL SYSTEMS · 99.97%
UTC --:--:--
Draft · pending legal review — not yet binding

Goable — Data Processing Agreement (DPA)

Version: 2026-05-26 · DRAFT — pending legal review. Placeholder; a qualified lawyer must finalise (esp. Annexes + SCCs).

This DPA forms part of the Terms of Service between Goable ("Processor") and the Customer ("Controller") and applies where Goable processes personal data on the Controller's behalf (GDPR Art. 28).

1. Subject matter & roles

Processor processes personal data only to provide the Service. Controller determines purposes + means. For the research dataset (anonymised aggregates) Goable acts as an independent controller.

2. Processor obligations

  • Process only on documented instructions from the Controller (the API calls + configuration constitute instructions).
  • Ensure persons authorised to process are under confidentiality.
  • Implement appropriate technical + organisational measures (Annex II).
  • Not engage a sub-processor without general written authorisation + notice of changes (Annex III); impose equivalent terms on sub-processors.
  • Assist the Controller with data-subject requests + Art. 32–36 duties.
  • Delete or return personal data at end of provision (subject to legal retention + previously-anonymised research aggregates).
  • Make available information to demonstrate compliance + allow audits.

3. Nature of processing (Annex I)

  • Categories of data subjects: the Controller's end users (e.g. booking customers / app users), represented to Goable only as pseudonyms (hashes) + non-identifying attributes.
  • Categories of data: coordinates, activity, time window, pseudonym, optional profile (experience, weight band, risk tolerance, owned gear), reported outcomes. No direct identifiers.
  • Purpose: suitability scoring + personalised decisions + (opt-in) anonymised research.

4. Technical & organisational measures (Annex II)

Hashed credentials, tenant isolation enforced at the API, encryption in transit, audit logging, least-privilege access, GDPR Art. 17 erasure tooling, k-anonymity + lag on any research release.

5. Sub-processors (Annex III)

Hosting/Postgres/Redis provider, Stripe (billing), email provider, Anthropic (optional LLM endpoints — request content sent for explanation). Current list on request; changes notified with a right to object.

6. International transfers

Standard Contractual Clauses where applicable. [Finalise per region.]

7. Liability

As per the Terms of Service limitation of liability.

Contact: privacy@goable.io