Data Processing Addendum (DPA)
Last updated: April 21, 2026
This Data Processing Addendum ("DPA") forms part of the Terms of Service between TradePath HQ, LLC and the customer.
1. Scope & Role
This DPA applies where we process Personal Data on your behalf in the course of providing our ERP services. In this context, you are the Data Controller and TradePath HQ is the Data Processor.
2. Data Isolation Model
We process your data within a strictly isolated multi-tenant architecture. Postgres Row-Level Security (RLS) is employed to ensure that your data is never accessible to other customers.
3. Technical & Organizational Measures
We maintain industry-standard security measures, including:
- Encryption of data in transit and at rest.
- Strict access controls and multi-factor authentication.
- Regular vulnerability scanning and security audits.
4. Sub-processors
You authorize us to engage sub-processors required to deliver the service. A current list of our sub-processors (including Vercel, Supabase, and Clerk) is available on our Security page.
Execution
This DPA is automatically incorporated into our standard Terms of Service upon account creation.