Back to Security Center
Legal Framework

Data Processing
Agreement.

Version 2.1Last Updated: February 2026

01. Introduction

This Data Processing Agreement ("DPA") forms part of the Master Service Agreement or other written or electronic agreement between Dexra AI ("Dexra") and the Customer for the purchase of online services from Dexra (the "Agreement") to reflect the parties' agreement with regard to the Processing of Personal Data.

In the course of providing the Services to Customer pursuant to the Agreement, Dexra may Process Personal Data on behalf of Customer. Dexra agrees to comply with the following provisions with respect to any Personal Data submitted by or for Customer to the Services.

02. Definitions

  • "Data Protection Laws" means all laws and regulations, including laws and regulations of the European Union, the European Economic Area and their member states, Switzerland and the United Kingdom, applicable to the Processing of Personal Data under the Agreement.
  • "Personal Data" means any information relating to an identified or identifiable natural person.
  • "Processing" means any operation or set of operations which is performed upon Personal Data.

03. Processing of Personal Data

Dexra shall Process Personal Data only for the purposes described in the Agreement and only in accordance with Customer's documented instructions. Customer instructs Dexra to Process Personal Data for the following purposes:

  • Processing in accordance with the Agreement and applicable Order Form(s);
  • Processing initiated by Users in their use of the Services; and
  • Processing to comply with other documented reasonable instructions provided by Customer.

04. Security Measures

Dexra shall maintain appropriate technical and organizational measures for protection of the security, confidentiality and integrity of Personal Data, as set forth in the Dexra Security Documentation. Dexra regularly monitors compliance with these measures. Dexra will not materially decrease the overall security of the Services during a subscription term.

05. Sub-processors

Customer acknowledges and agrees that Dexra may engage third-party Sub-processors in connection with the provision of the Services. Dexra maintains a current list of Sub-processors at the Dexra Security & Trust Center. Dexra shall impose data protection terms on any Sub-processor it appoints that require it to protect Personal Data to the standard required by Data Protection Laws.

Standard Contractual Clauses (SCCs)

For transfers of Personal Data from the European Union, the European Economic Area and/or their member states, Switzerland and the United Kingdom to countries which do not ensure an adequate level of data protection, Dexra utilizes the Standard Contractual Clauses approved by the European Commission.

Have questions about our legal framework?

Contact our Legal Team