Legal

Data Processing Agreement

Version: 2026-05-07

Template: This DPA is intended for business customers that use VantageGrid as a processor under GDPR. Signed customer-specific copies can be requested through support.

1. Parties and Scope

This Data Processing Agreement ("DPA") forms part of the Terms between Vantix Wealth Labs B.V. and the customer using VantageGrid for business purposes. The customer is the controller, and VantageGrid acts as processor where it processes personal data on the customer's behalf.

2. Processing Instructions

  1. VantageGrid processes personal data only to provide, secure, maintain, support, and improve the Service as documented in the Terms, Privacy Policy, and customer configuration.
  2. If VantageGrid believes an instruction violates data protection law, it will notify the customer where legally permitted.

3. Data Categories

  • Account data, identity data, email addresses, authentication metadata, and support communications.
  • Trading journal data, notes, tags, screenshots, import files, performance metrics, and integration metadata.
  • Security telemetry, IP addresses, device data, audit logs, and billing references.

4. Security Measures

VantageGrid uses technical and organizational measures including TLS, access controls, password hashing, encryption for sensitive secrets where stored, logging, rate limiting, backups, and least-privilege operational access.

5. Subprocessors

VantageGrid may use subprocessors for hosting, database infrastructure, email delivery, payments, AI processing, logging, security, and support operations. Subprocessors must be bound by data protection obligations appropriate to their role.

6. International Transfers

Where processing involves transfers outside the EEA, VantageGrid will rely on appropriate safeguards such as adequacy decisions, Standard Contractual Clauses, or equivalent lawful transfer mechanisms.

7. Assistance and Data Subject Requests

VantageGrid will provide reasonable assistance for data subject requests, security obligations, DPIAs, and regulator inquiries, taking into account the nature of processing and information available to VantageGrid.

8. Breach Notice

VantageGrid will notify affected business customers without undue delay after becoming aware of a personal data breach involving customer personal data processed by VantageGrid as processor.

9. Deletion and Return

Upon account termination or written request, VantageGrid will delete or return customer personal data where technically feasible, unless retention is required by law, accounting duties, security, fraud prevention, backup cycles, or dispute handling.

10. Contact

To request a signed DPA or ask processor questions, contact privacy@vantagegrid.pro or support@vantagegrid.pro.