French Living
Sign In
Legal

Data Processing Addendum

How CloudIP processes personal data on your behalf, sub-processors, and security measures.

Roles

For purposes of applicable data-protection laws, you are the data controller and CloudIP is the data processor for personal data you submit to the platform.

CloudIP processes such data only as instructed by you, except as required by applicable law.

Scope

This DPA applies to processing of personal data by CloudIP on your behalf in connection with the services described in our terms of service.

It supplements, and is incorporated by reference into, the agreement between you and CloudIP.

Sub-processors

CloudIP uses a limited set of sub-processors to deliver the platform, including a payment processor, transactional email provider, shipping rate provider, and cloud infrastructure providers.

A current list of sub-processors is maintained at cloudip.com/subprocessors and is updated when changes occur.

CloudIP requires all sub-processors to maintain confidentiality and security standards no less protective than those CloudIP itself observes.

Security measures

CloudIP applies the technical and organizational measures described on its security page, including encryption in transit and at rest, access controls, audit logging, immutable backups, and identity controls.

Specific security commitments are documented in the security review packet available to enterprise customers under NDA.

Personal data breach

If CloudIP becomes aware of a personal data breach affecting your data, CloudIP will notify you without undue delay and provide the information reasonably necessary for you to meet your notification obligations under applicable law.

Data subject requests

If a data subject sends a request relating to data CloudIP processes on your behalf, CloudIP will, where practicable, redirect that data subject to you and assist you in fulfilling the request as required by applicable law.

International transfers

Customer data is stored in the United States. Where data must be transferred internationally for support or billing purposes, CloudIP relies on appropriate transfer mechanisms in accordance with applicable law.

Return or deletion of data

On termination of the services, CloudIP returns or deletes personal data processed on your behalf in accordance with the terms of service.

Audits

CloudIP makes available information necessary to demonstrate compliance with this DPA on reasonable request, including third-party attestations under NDA where applicable.

Contact

Questions about this DPA can be sent to privacy@cloudip.com.

Last updated April 2026.