Last updated: 20 April 2026
This Data Processing Agreement (“DPA”) forms part of the Terms of Service between Ungo SAS (“Processor”, “we”) and you, the customer (“Controller”), and governs processing of personal data where you act as controller and we act as processor.
1. Scope and roles
You determine the purposes and means of processing data your published sites collect from visitors (e.g., form submissions). We process that data on your behalf, under your documented instructions.
2. Subject matter and duration
Subject matter: operation of the Ungo Service.
Duration: for as long as your subscription is active, plus the retention periods set out in our Privacy Policy.
3. Nature and purpose of processing
Storage, hosting, edge delivery, analytics aggregation, form submission handling, and export, as described in the Service features.
4. Types of personal data
Determined by you. Typically: names, email addresses, IP addresses, form responses, and any other fields you choose to collect on your forms.
5. Categories of data subjects
Determined by you. Typically: visitors to your published sites, newsletter subscribers, leads.
6. Processor obligations
We:
- Process personal data only on your documented instructions (the Terms, your configuration, and any written directions).
- Ensure persons authorized to process personal data are bound by confidentiality.
- Implement appropriate technical and organizational measures (see Annex 1).
- Engage sub-processors only under the conditions in Section 7.
- Assist you with data subject requests to the extent feasible.
- Notify you of a personal data breach without undue delay, and in any case within 72 hours of becoming aware.
- On termination, delete or return personal data, at your choice, within 30 days.
7. Sub-processors
You authorize the following sub-processors:
| Sub-processor | Purpose | Location |
|---|---|---|
| Cloudflare | Hosting, CDN, edge | Global |
| Stripe | Payment processing | USA / Ireland |
| Resend | Transactional email | USA |
| Sentry | Error monitoring | EU |
We give you 14 days’ notice of new sub-processors by email to the account owner. You may object on reasonable data-protection grounds; if we cannot resolve the objection, you may terminate the affected service with a prorated refund.
8. International transfers
For transfers outside the EEA we rely on the EU-US Data Privacy Framework (where available) and the EU Standard Contractual Clauses (Module Two, Controller to Processor), incorporated herein by reference.
9. Audit
We will make available all information necessary to demonstrate compliance with this DPA, and allow for audits, including inspections, conducted by you or an auditor you mandate, on 30 days’ written notice and at your cost.
10. Liability
Liability under this DPA is subject to the limitations in the Terms of Service.
Annex 1 — Technical and organizational measures
- Encryption in transit (TLS 1.3) and at rest (AES-256).
- Password hashing with Argon2id.
- Workspace-level row isolation in the database.
- Role-based access control with least privilege.
- 2FA available for all administrative accounts.
- Encrypted off-site backups with 30-day rolling retention.
- Central logging with 90-day retention.
- Annual internal security review; incident response plan with documented runbooks.
- Access to production limited to named engineers with audited SSH keys.
Contact: Ungo SAS, 42 rue de la République, 75011 Paris, France, privacy@ungo.app (DPO: dpo@ungo.app, legal: legal@ungo.app).