Data Processing Agreement

Last Updated: May 1, 2026

This Data Processing Agreement ("DPA") forms an integral part of the Archivis Terms of Service ("Terms") between the party named as "Customer" in the Terms ("Customer" or "Controller") and Archivis, Inc. ("Archivis," "Company," or "Processor") and sets out the parties' respective obligations when Customer personal data is processed by Archivis in relation to the Services performed by Archivis on Customer's behalf pursuant to the Terms. The purpose of the DPA is to ensure such processing is conducted in accordance with applicable laws and with due respect for the rights and freedoms of individuals whose personal data is processed.

This Data Processing Agreement ("Agreement") forms part of the Contract for Services ("Principal Agreement") between the Customer and:

Archivis, Inc.

(the "Data Processor")

(together as the "Parties")

WHEREAS

(A) The Customer (whether an individual or an organization) acts as a Data Controller and uses Archivis as a self-service biography platform, which may include AI-assisted writing features, digital preservation, publication services, and—for organizational customers—per-seat institutional subscriptions.

(B) The Customer wishes to subcontract certain Services, which may involve the processing of personal data and confidential biographical information, to Archivis.

(C) The Parties seek to implement comprehensive data protection, confidentiality, and intellectual property provisions that comply with applicable laws including GDPR, U.S. state privacy laws, and other relevant data protection regulations.

(D) The Parties wish to establish clear ownership rights regarding biographical content created during the service engagement.

IT IS AGREED AS FOLLOWS:

1. DEFINITIONS AND INTERPRETATION

1.1 Definitions

Unless otherwise defined herein, capitalized terms and expressions used in this Agreement shall have the following meaning:

1.1.1 "Agreement" means this Data Processing Agreement and all Schedules;

1.1.2 "Customer Personal Data" means any Personal Data Processed by Archivis on behalf of Customer pursuant to or in connection with the Principal Agreement;

1.1.3 "Customer Confidential Information" means all non-public, proprietary, or confidential information disclosed by Customer to Archivis, including but not limited to biographical content, personal stories, family information, photographs, questionnaire responses, and strategic plans;

1.1.4 "Data Protection Laws" means EU Data Protection Laws, U.S. Privacy Laws, and, to the extent applicable, the data protection or privacy laws of any other country;

1.1.5 "U.S. Privacy Laws" means applicable U.S. federal and state privacy laws including but not limited to the California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), and any other applicable state privacy laws;

1.1.6 "EU Data Protection Laws" means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to time, including by the GDPR and laws implementing or supplementing the GDPR;

1.1.7 "GDPR" means EU General Data Protection Regulation 2016/679;

1.1.8 "Data Transfer" means:

a transfer of Customer Personal Data from the Customer to Archivis; or
an onward transfer of Customer Personal Data from Archivis to a Subprocessor, or between two establishments of Archivis, in each case, where such transfer would be prohibited by Data Protection Laws;

1.1.9 "Services" means the Archivis biography platform, including the Free tier (self-authored biography creation), the Premium subscription (AI-assisted prompts, conversational refinement, and speech-to-text transcription), one-time publishing services, institutional subscription management, photo processing, and digital preservation;

1.1.10 "Biographical Content" means all personal stories, memories, narratives, photographs, documents, and other materials provided by Customer or created in the course of providing Services;

1.1.11 "Subprocessor" means any person appointed by or on behalf of Archivis to process Personal Data on behalf of the Customer in connection with the Agreement;

1.1.12 "Institutional Subscription" means a per-organization subscription, contracted and managed through a single administrator email account, that grants Premium features and publishing access to a designated number of member users.

1.2 GDPR Terms

The terms "Commission," "Controller," "Data Subject," "Member State," "Personal Data," "Personal Data Breach," "Processing," and "Supervisory Authority" shall have the same meaning as in the GDPR, and their cognate terms shall be construed accordingly.

2. CONFIDENTIALITY AND DATA PROTECTION

2.1 Comprehensive Confidentiality

2.1.1 Archivis acknowledges that it may receive Customer Confidential Information and Customer Personal Data in connection with the Services.

2.1.2 Archivis shall:

Hold all Customer Confidential Information in strict confidence;
Use Customer Confidential Information solely for the purpose of providing the Services;
Not disclose Customer Confidential Information to any third party without Company's prior written consent;
Implement and maintain appropriate safeguards to protect the confidentiality of such information.

2.1.3 The confidentiality obligations shall survive termination of this Agreement for a period of seven (7) years.

2.2 Processing Obligations

Archivis shall:

2.2.1 comply with all applicable Data Protection Laws in the Processing of Customer Personal Data;

2.2.2 not Process Customer Personal Data other than on the Customer's documented instructions;

2.2.3 ensure all employees, contractors, and writers handling Personal Data or Confidential Information are bound by legally enforceable confidentiality agreements;

2.2.4 provide adequate training to all personnel handling Personal Data on data protection requirements and procedures;

2.2.5 be held liable for any processing activities conducted outside the scope of documented instructions.

2.3 Processing Instructions

The Customer instructs Archivis to process Customer Personal Data for the following purposes:

Operating the biography platform and providing access at the subscribed tier
Storing and managing biographical content authored by the Customer
Delivering AI-assisted features (prompts, conversational refinement, speech-to-text transcription) for users with an active Premium or Institutional Subscription
Photo processing, optimization, and storage
Biography publication on archivis.org (when authorized by the Customer)
Subscription billing and management, including institutional seat assignment
Customer communication and support

3. ENTERPRISE SECURITY MEASURES

3.1 Technical and Organizational Measures

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Archivis shall implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk.

3.2 Specific Security Measures

Archivis implements and maintains the following enterprise-grade security measures:

3.2.1 Encryption:

End-to-end encryption for all data in transit using TLS 1.3
Data at rest encrypted using AES-256 encryption via AWS KMS
Database connections require SSL/TLS (no unencrypted access permitted)
All S3 file storage encrypted with server-side encryption

3.2.2 Network Isolation:

Database hosted in private VPC subnet with zero internet exposure (100% attack surface reduction)
Application servers isolated in private subnets
Security group controls limiting database access to application layer only
NAT gateway for controlled external API access

3.2.3 Access Controls:

Enterprise authentication through AWS Cognito with multi-factor authentication support
JWT token signature verification (cryptographic validation)
Role-based access control separating customer and admin privileges
Session security with HTTPS-only, HttpOnly, and SameSite cookies
Automatic session timeout (1 hour with renewal)

3.2.4 Data Minimization:

Collection limited to information necessary for biography creation
Questionnaire responses stored only for service delivery
Unpublished drafts retained only until publication or account deletion
Configurable retention policies for published biographies

3.2.5 Infrastructure Security:

Automated daily database backups with 7-day retention
Point-in-time recovery capability
S3 versioning enabled for file recovery
Regular security assessments and penetration testing
Comprehensive incident response procedures
Rate limiting on authentication endpoints (10 requests/60 seconds)

3.2.6 Application Security:

Content Security Policy (CSP) headers preventing XSS attacks
HTTP Strict Transport Security (HSTS) enforcing HTTPS
Input validation and sanitization preventing SQL injection
Parameterized database queries (SQLAlchemy ORM)
Security event logging to AWS CloudWatch

3.2.7 Secrets Management:

All credentials stored in AWS Systems Manager Parameter Store
Secrets encrypted at rest with AWS KMS
No credentials in code, configuration files, or environment variables
IAM-based access control to secrets
Comprehensive audit trail via AWS CloudTrail

3.2.8 Compliance Status:

Enterprise-grade security infrastructure implemented
SOC 2 Type I preparation underway (target: Q2 2026)
Regular third-party security audits planned quarterly

3.3 Risk Assessment

In assessing the appropriate level of security, Archivis shall take account in particular of the risks that are presented by Processing, in particular from a Personal Data Breach.

4. U.S. PRIVACY LAW COMPLIANCE

4.1 U.S. Consumer Privacy Rights

Archivis shall assist Customer in fulfilling consumer rights requests under applicable U.S. Privacy Laws, including:

Right to know/access personal information
Right to delete personal information
Right to correct inaccurate personal information
Right to opt-out of sale/sharing of personal information
Right to data portability

4.2 CCPA/CPRA Compliance

4.2.1 Archivis warrants that it will not:

Sell or share Customer Personal Data;
Retain, use, or disclose Customer Personal Data for any purpose other than performing the Services;
Use Customer Personal Data for advertising or commercial purposes outside the Services.

4.2.2 Archivis shall provide the same level of privacy protection as required by applicable U.S. Privacy Laws.

4.3 Cross-Border Data Transfers

For transfers of personal data from the U.S. to other jurisdictions, Archivis shall implement appropriate safeguards including standard contractual clauses or other legally recognized transfer mechanisms.

5. INTELLECTUAL PROPERTY AND CONTENT OWNERSHIP

5.1 Customer Ownership of Biographical Content

5.1.1 Customer retains full ownership of all biographical content from the moment it is provided to or created within the platform, regardless of subscription or payment status, including:

All biographical content provided to Archivis (stories, memories, information)
All photographs and documents uploaded
The biography in any form (draft, final, published, or unpublished)
All intellectual property rights in the biography

5.1.2 To the extent Archivis or its AI-assisted features contribute any output incorporated into the Customer's biography, Archivis hereby assigns to Customer all right, title, and interest in such output.

5.2 Archivis Retained Rights

5.2.1 Archivis retains ownership of:

Its core platform, software, and underlying technology
General writing methodologies and processes
AI models and prompt engineering techniques
Aggregated and anonymized insights that cannot identify Customer

5.2.2 Archivis may use general knowledge, skills, and experience gained from providing Services, provided such use does not violate confidentiality obligations or disclose Customer Confidential Information.

5.3 License Grant

5.3.1 Customer grants Archivis a limited, non-exclusive license to:

Use biographical content solely for creating Customer's biography
Display published biographies on archivis.org (if Customer chooses publication)
Use anonymized portions as samples for marketing (with Customer permission, revocable at any time)

5.3.2 Upon publication, Customer grants Archivis a perpetual, non-exclusive license to display the published biography on archivis.org unless Customer requests unpublication or deletion.

6. SUBPROCESSING

6.1 Authorized Subprocessors

Archivis is authorized to engage the following Subprocessors:

Subprocessor	Purpose	Location
Amazon Web Services (AWS)	Infrastructure, database, file storage	United States (us-east-2)
OpenAI L.P.	AI-assisted biography generation	United States
Stripe, Inc.	Payment processing	United States
Google Workspace	Email communications (SMTP)	United States

6.2 Subprocessor Requirements

Archivis shall ensure that all Subprocessors:

Are bound by data protection and confidentiality obligations substantially equivalent to those in this Agreement
Maintain compliance with applicable Data Protection Laws
Process Personal Data only for the specific purposes authorized by Customer
Implement appropriate technical and organizational measures

6.3 Subprocessor Changes

Archivis shall inform Customer of any intended changes to Subprocessors with at least 30 days' prior written notice via email and website announcement. Customer may object to such changes within 14 days if the changes do not meet required data protection standards.

7. INSTITUTIONAL SUBSCRIPTIONS AND CONTROLLER RELATIONSHIPS

7.1 Application

This Section 7 applies only where the Customer is an organization that has purchased an Institutional Subscription (as defined in Section 1.1.12). It supplements, and does not replace, the other provisions of this Agreement.

7.2 Independent Controllers

7.2.1 The Parties acknowledge that, in the context of an Institutional Subscription, the Customer (institution) and Archivis act as independent Controllers, each in respect of distinct categories of Personal Data:

The institution acts as Controller in respect of: the institution's administrator account; the email addresses of members it invites or assigns to seats; member roster and seat-assignment status; subscription and billing information.
Archivis acts as Controller in respect of: each member's individual user account; biographical content, drafts, photographs, audio recordings, and questionnaire responses created or uploaded by the member; the member's individual usage of Premium features; and biography publication status. Archivis processes such Personal Data pursuant to its direct relationship with the member, in accordance with the Archivis Terms of Service and Privacy Policy.

7.2.2 The institution does not act as Controller, joint Controller, or Processor in respect of biographical content authored by its members. Archivis does not disclose biographical content, drafts, or questionnaire responses to the institution under any circumstances.

7.3 Institution Administrator

7.3.1 Each Institutional Subscription is administered through a single administrator email account designated by the institution at the time of subscription.

7.3.2 The institution is responsible for the security of the administrator account credentials and for all actions taken through the administrator account, including invitations and member-seat assignments.

7.3.3 The administrator may view: the list of members assigned to seats (by email address); seat-assignment status (active, removed); and aggregate seat usage. The administrator may not view biographical content, drafts, photographs, audio recordings, or questionnaire responses of any member.

7.4 Member Lifecycle

7.4.1 When a member is invited to or assigned a seat, the institution provides the member's email address to Archivis as an instruction to grant Premium and publishing access to that member.

7.4.2 When a member is removed from the institution, or the institution's subscription ends, the member's seat is deactivated. The member's user account, biographical content, and any biographies they have published remain under their own control as an individual user, subject to the Archivis Terms of Service and Privacy Policy.

7.4.3 Removal from an institutional subscription does not delete the member's account or content. A member may separately request account or content deletion in accordance with Section 11.2.

7.5 Member Data Subject Rights

Where a member exercises Data Subject rights (access, deletion, correction, portability) in respect of their biographical content, Archivis responds directly to the member as the Controller of that data and is not required to involve or notify the institution. Where a request relates to roster or billing data Controlled by the institution, Archivis will refer the member to the institution.

8. DATA SUBJECT RIGHTS

8.1 Assistance to Customer

Archivis shall assist Customer in fulfilling its obligations to respond to requests to exercise Data Subject rights under applicable Data Protection Laws, including both GDPR and U.S. Privacy Laws.

8.2 Data Subject Request Handling

Archivis shall:

8.2.1 Promptly notify Customer within 5 business days if it receives a request from a Data Subject;

8.2.2 Not respond to that request except on the documented instructions of Customer or as required by applicable laws;

8.2.3 Provide Customer with tools to export their complete data (biography text, photos, questionnaire responses) in machine-readable format (JSON + ZIP);

8.2.4 Process deletion requests within 30 days, with backup purging within 90 days.

9. DATA PROTECTION IMPACT ASSESSMENT

Archivis shall provide reasonable assistance to the Customer with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Customer reasonably considers to be required by Article 35 or 36 of the GDPR or equivalent provisions of any other Data Protection Law.

10. PERSONAL DATA BREACH

10.1 Breach Notification

Archivis shall notify Customer at the email address associated with Customer's account without undue delay and in any event within 72 hours upon becoming aware of a Personal Data Breach affecting Customer Personal Data.

10.2 Breach Contents

Such notification shall contain:

Description of the nature of the breach
Categories and approximate number of affected data subjects
Likely consequences of the breach
Measures taken or proposed to address the breach
Contact point for more information

10.3 Breach Response

Archivis shall cooperate with Customer and take reasonable commercial steps as directed by Customer to assist in the investigation, mitigation and remediation of each such Personal Data Breach.

11. DATA RETENTION AND DELETION

11.1 Retention Periods

Data Type	Retention Period	Reason
Active Account Data	While account active	Service provision
Published Biographies	Indefinite (unless deleted by customer)	Public archival purpose
Unpublished Drafts	Until published or account deleted	Work in progress
Questionnaire Responses	Until account deleted or user-initiated deletion	Service delivery
Payment Records	7 years after transaction	Tax and legal compliance
Security Logs	90 days	Security investigation
Inactive Accounts	5 years without login → archived with notice	Storage optimization
Database Backups	7 days (automated), manual snapshots available	Disaster recovery

11.2 Data Deletion

Archivis shall delete Customer Personal Data and Confidential Information within 30 days of:

Customer account deletion request
Service termination
Completion of service for unpublished biographies (if deletion requested)

Exceptions:

Data required to be retained by law (payment records - 7 years)
Published biographies (customer must unpublish before deletion)
Aggregated, anonymized data that cannot identify Customer
Backups (purged within 90 days after deletion from active systems)

11.3 Deletion Certification

Archivis shall provide written certification to Customer that it has fully complied with deletion obligations within 30 days of the deletion request.

11.4 Right to Data Export Before Deletion

Before deleting data, Archivis shall provide Customer with opportunity to export complete data package within 7 business days.

12. AUDIT RIGHTS

13. DATA TRANSFER AND CROSS-BORDER PROCESSING

14. NO-TRAINING AND AI ETHICS

15. LIABILITY AND INDEMNIFICATION

16. TERM AND TERMINATION

17. GOVERNING LAW AND DISPUTE RESOLUTION

18. GENERAL PROVISIONS

SIGNATURE

By using Archivis Services, Customer agrees to the terms of this Data Processing Agreement.

For questions about this DPA:
Email: privacy@archivis.org
Website: archivis.org/data-processing

Last Updated: May 1, 2026
Version: 1.1

SCHEDULE A - STANDARD CONTRACTUAL CLAUSES

Note: Full EU Standard Contractual Clauses would be included here for customers requiring EU data transfer compliance. These clauses follow the European Commission's approved templates for controller-to-processor transfers.

APPENDIX - ANNEXES

ANNEX I - PARTIES AND TRANSFER

A. LIST OF PARTIES

Data exporter(s):

Name: The party named as "Customer" in the Terms
Address: Address associated with Archivis account
Contact: Email address associated with customer account
Role: Controller

Data importer(s):

Name: Archivis, Inc.
Contact: privacy@archivis.org
Role: Processor

B. DESCRIPTION OF TRANSFER

Categories of data subjects: Biography subjects, family members, account holders, institutional administrators

Categories of personal data: Biographical information, personal details, photographs, account information, questionnaire responses, subscription and billing information

Nature of processing: Storage, AI-assisted drafting (for Premium and Institutional subscribers), photo processing, hosting, publication, subscription management

Purpose: Operating the biography platform, digital preservation, publication (when authorized)

ANNEX II - TECHNICAL AND ORGANISATIONAL MEASURES

Archivis implements comprehensive technical and organizational measures as detailed in Section 3 of this Agreement, including:

Encryption (TLS 1.3, AES-256)
Network isolation (private VPC subnet)
Access controls (Cognito, JWT verification, MFA)
Rate limiting and monitoring
Automated backups and disaster recovery
Security event logging

ANNEX III - LIST OF SUB-PROCESSORS

Name	Purpose	Location	Website
AWS	Cloud infrastructure and hosting	United States	aws.amazon.com
OpenAI	AI language model services	United States	openai.com
Stripe	Payment processing	United States	stripe.com
Google Workspace	Email communications	United States	workspace.google.com

Menu