← conductloop.com

Data Processing Addendum

Effective: July 16, 2026 · Last updated: July 16, 2026

This Data Processing Addendum (“DPA”) forms part of the ConductLoop Terms of Use and applies to the extent ConductLoop (“we”, “us”, “our”) processes Personal Data on behalf of a customer (“you”, “Controller”) in connection with the ConductLoop Service.

ConductLoop is local-first by design: the desktop app stores and processes your data on your own computer and does not transmit it to our servers. This DPA covers only the limited processing we do on our infrastructure — primarily license validation and, when applicable, transactional email for billing.

1. Definitions

2. Roles

For Personal Data you submit through the Service (e.g., your email address at checkout), you are the Controller and ConductLoop is the Processor. For Personal Data we collect independently (e.g., website analytics), ConductLoop is the Controller; see our Privacy Policy.

3. Scope, nature, and purpose of processing

4. Processor obligations

ConductLoop will:

5. Sub-processors

You authorize ConductLoop to engage the following sub-processors. We will notify you at least 30 days before adding or replacing any sub-processor so you can object for legitimate reasons.

6. International data transfers

ConductLoop is operated from the European Economic Area (Spain). Where Personal Data is transferred outside the EEA to a country not recognized by the European Commission as providing an adequate level of protection, we rely on the Standard Contractual Clauses (Module 2: Controller-to-Processor) or another lawful transfer mechanism. You can request a signed copy of the SCCs at privacy@conductloop.com.

7. Personal data breach notification

ConductLoop will notify you without undue delay (and in any case within 72 hours) after becoming aware of a Personal Data breach affecting your Personal Data. The notification will describe the nature of the breach, the categories and approximate number of data subjects and records affected, the likely consequences, and the measures taken or proposed to address it.

8. Data Subject requests

ConductLoop will promptly forward to you any request received directly from a Data Subject relating to Personal Data we process on your behalf, and will not respond to such requests except to acknowledge receipt and direct the Data Subject to you, unless you instruct us otherwise in writing.

9. Liability

The liability of the parties arising out of or in connection with this DPA is subject to the limitations and exclusions of liability set out in the ConductLoop Terms of Use.

10. Order of precedence

In the event of any conflict between this DPA and the Terms of Use with respect to the processing of Personal Data, this DPA prevails.

11. Changes

We may update this DPA; material changes will be reflected by the “Last updated” date above. If changes are significant, we'll notify active subscribers at least 30 days before they take effect.

12. Signature

By using the Service, you agree to this DPA. If you would like a countersigned DPA on file (recommended for enterprise procurement), email privacy@conductloop.com and we'll send a DocuSign envelope within 2 business days.

Contact

Data protection questions? Email privacy@conductloop.com.