Legal

Data Processing Addendum

Last updated: May 16, 2026

Key Highlights

  • Customer controls the data it provides
  • Digibility processes data to provide services
  • Subprocessors may be used
  • Third-party platform rules apply

Introduction

This Data Processing Addendum governs the processing of customer data and personal data by Digibility when Digibility provides its website, platform, Founder Visibility Score, Founder Visibility Pilot, visibility workflows, AI-assisted workflows, content planning, approval workflows, publishing workflows, analytics, action signal tracking, reports, support, assisted services, managed services, and related offerings.

This DPA forms part of Digibility's Terms & Conditions and applies where Digibility processes personal data on behalf of a customer as part of providing services. It should be read with Digibility's Privacy Policy, Subprocessors page, and relevant Service Agreements.

Scope and Application

This DPA applies to processing activities where Digibility processes customer personal data on behalf of a customer in connection with Digibility services. This may include data processed through website forms, Founder Visibility Scores, onboarding, content planning, and managed workflows. It does not apply to third-party platforms that independently process data.

Definitions

Customer Data

Files, assets, AI inputs/outputs, and business details provided by the customer.

Data Fiduciary/Controller

The party determining motives and means of processing.

Data Processor

Digibility, processing data on behalf of the fiduciary/controller.

Subprocessor

Third-party service provider engaged for technical delivery.

Roles of the Parties

For customer-provided personal data, the customer generally acts as the Data Fiduciary or Controller. Digibility generally acts as a Data Processor. However, Digibility may act as an independent controller for account administration, billing, security, and service improvement data.

Nature and Purpose of Processing

Digibility processes customer data to provide, operate, support, secure, and improve visibility management services. This includes score generation, campaign planning, AI drafting, and reporting.

Categories of Data Processed

We process contact info, business context, founder positioning, campaign drafts, uploaded assets (images/videos), social handle info, AI inputs/outputs, action signals, and technical logs. Customers must not submit restricted or high-risk data without express written agreement.

Categories of Data Subjects

Data subjects may include customer employees, founders, contractors, agency users, leads, prospects, and end-customers of the customer. Customers are responsible for obtaining required permissions from these individuals.

Customer Instructions

Digibility processes data based on customer instructions via platform actions, approvals, and support requests. We may refuse instructions that appear unlawful or in violation of platform policies.

Customer Responsibilities

Customers must ensure they have a lawful basis for processing, have obtained required consent, and ensure uploaded content is authorized. Verification of AI outputs and compliance with platform rules remain customer responsibilities.

Digibility's Processing Obligations

We process data only for purposes described in our Terms and instructions. We maintain reasonable security, notify of breaches as legally required, and retain data according to our governance rules.

AI-Assisted Processing

AI may be used to summarize inputs, draft content, and analyze action signals. AI outputs may be inaccurate; customers must review, verify, and approve them before publication.

Subprocessors

Digibility uses subprocessors for hosting, AI, analytics, and infrastructure. Our list of subprocessors is maintained at our Subprocessors page and updated periodically.

View Official Subprocessors

Third-Party Platforms and Integrations

Integrations with platforms like LinkedIn or Meta are controlled by those platforms. They process data under their own terms; Digibility is not responsible for their independent data practices or outages.

Security Measures

We use administrative and technical safeguards like access controls, encryption in transit, and secure hosting. No system is 100% secure; we do not guarantee absolute prevention of all cyber incidents.

Confidentiality

Personnel with access to customer data are subject to confidentiality obligations. Access is limited to those needing it to provide, support, or secure Digibility services.

Data Subject Requests

If we receive a request from an individual regarding customer-controlled data, we will direct them to you. You are responsible for responding to these requests as the data fiduciary/controller.

Data Breach and Security Incidents

Upon discovering a breach affecting customer personal data, we will notify affected customers without undue delay after initial assessment. Notifications will include incident nature and mitigation steps taken.

Data Retention and Deletion

Data is retained to provide services, comply with law, and resolve disputes. After cancellation, data may be deleted, archived, or anonymized based on technical feasibility and legal requirements.

International Transfers

Data may be processed in India or other locations where our service providers operate. Users authorize these transfers as necessary for service delivery, subject to appropriate safeguards.

Audits and Compliance Assistance

Digibility may provide info to help customers understand our data practices. Audits are subject to reasonable notice, scope, and confidentiality restrictions.

Return or Deletion of Customer Data

Upon termination, customers may request deletion of their data. We may retain records for compliance, accounting, or security as required. Customers should export vital assets before cancellation.

Limitations

We are not responsible for customer failures regarding consent, unapproved AI outputs, third-party platform actions, or customer-side security weak points like weak passwords.

Order of Precedence

This DPA fits within our overall governance. In case of conflict with another service agreement, the explicit written agreement controls only if specifically agreed by Digibility.

Changes to this DPA

We update this DPA to reflect changes in law, AI practices, or subprocessors. Continued use reflects acceptance of updated terms.