Data Processing Addendum

This Data Processing Addendum (“DPA”) forms part of the agreement between AgreeMintZ LLC (“AgreeMintZ”) and the Customer. Capitalized terms not defined in this DPA have the meanings given in the main agreement.

1. Roles

Customer: Data Controller
AgreeMintZ: Data Processor

2. Scope of Processing

AgreeMintZ processes personal data solely to:

• Store and manage uploaded contracts;
• Perform automated analysis and reminders; and
• Maintain platform security and audit logs.

3. Processing Instructions

AgreeMintZ processes data only on documented instructions from the Customer, including those inherent in the use of the Service.

4. Security Measures

AgreeMintZ implements reasonable technical and organizational safeguards, including:

• Encryption in transit;
• Restricted administrative access;
• Logging and monitoring; and
• Incident response procedures.

5. Subprocessors

AgreeMintZ may use subprocessors for hosting, email delivery, and payment processing. A current list is available upon request.

6. Data Subject Requests

AgreeMintZ will assist Customers with data subject requests as required by applicable law.

7. Personal Data Breach

AgreeMintZ will notify the Customer without undue delay upon becoming aware of a personal data breach.

8. Data Deletion

Upon termination, Customer content will be deleted within a commercially reasonable timeframe unless legally required to retain it.