This DPA template is provided in good faith and is suitable for most tenant engagements. Enterprise plans may negotiate variations. The template is pending review by external counsel; tenants requiring lawyer-approved final form may request the latest signed copy via legal@cognoshift.in.
1. Parties & Roles
This DPA forms part of the Terms of Service between the tenant ("the Fiduciary") and COGNOSHIFT PRIVATE LIMITED ("the Processor"). The Fiduciary is the data fiduciary under the DPDP Act 2023; the Processor processes personal data only on the Fiduciary's documented instructions.
2. Subject Matter, Duration, Nature, and Purpose
The Processor processes personal data submitted by the Fiduciary to the Sanad Service for the duration of the underlying subscription. The nature of processing is the issuance, signing, storage, and verification of compliance artifacts. The purpose is to enable the Fiduciary to discharge its compliance obligations under Indian law.
3. Categories of Personal Data and Data Principals
The Processor expects to receive HMAC hashes of personal identifiers (rather than raw identifiers) and limited metadata about consent purposes, processing activities, breaches, and DPIAs. The Fiduciary undertakes not to submit raw direct identifiers to the Service except where strictly necessary.
4. Processor Obligations
- Process personal data only on the documented instructions of the Fiduciary, including for transfers outside India to the extent expressly permitted.
- Ensure that persons authorised to process the personal data are bound by confidentiality obligations.
- Implement appropriate technical and organisational measures (set out in Schedule A).
- Engage sub-processors only with the Fiduciary's general authorisation; the current list is published at /legal/sub-processors with 30 days' notice of changes.
- Assist the Fiduciary in fulfilling data-principal rights requests and in performing DPIAs.
- Notify the Fiduciary of any personal data breach affecting personal data processed on the Fiduciary's behalf without undue delay.
5. Sub-processors
The Processor uses the sub-processors listed at /legal/sub-processors. The Fiduciary is deemed to have consented to these sub-processors on signing the Terms.
6. Cross-border Transfers
Operational data is hosted in India (Supabase ap-south-1). Where any sub-processor causes data to leave India, the transfer occurs only under safeguards permitted by DPDP §16 and any relevant gazette notifications.
7. Audit
The Processor will respond to reasonable audit requests in writing within 30 days. On-site audits are available for Enterprise-tier customers, subject to confidentiality undertakings and reasonable scheduling.
8. Return or Deletion
On termination, the Processor will, at the Fiduciary's choice, return or delete all personal data processed on the Fiduciary's behalf within 90 days, and will issue a signed erasure attestation as evidence.
9. Liability
Liability under this DPA is subject to the limitations set out in the Terms of Service.
Schedule A — Technical and Organisational Measures
- Tenant isolation via row-level security on all multi-tenant tables.
- Per-tenant Ed25519 signing seeds derived from cryptographically random secrets, stored only server-side.
- Append-only hash chains per artifact type for tamper detection.
- HMAC-signed outbound webhooks for partner integrations.
- TLS 1.2+ in transit, AES-256 at rest (managed by Supabase).
- Least-privilege role-based access for internal staff; no human access to tenant data without an audited break-glass procedure.