Data Processing Agreement

Tolly's commitment to responsible data handling.

Tolly's Data Processing Agreement (DPA) governs how we process personal data on behalf of our customers. The DPA covers our obligations under GDPR, CCPA, and other applicable data protection regulations.

What the DPA Covers

Scope and purpose of data processing
Data controller and data processor responsibilities
Sub-processor management and notification obligations
Data security measures and encryption standards
Data subject rights and request handling procedures
Data breach notification timelines and procedures
Data transfer mechanisms (including Standard Contractual Clauses)
Data retention and deletion policies
Audit rights and compliance verification

Availability

The DPA is available upon request for Enterprise customers. If your organization requires a DPA as part of your procurement or compliance process, please contact our legal team.

Contact

Email: legal@trytolly.ai

We typically respond to DPA requests within 2 business days.

Questions about data handling?

Our team is happy to discuss security, compliance, and data processing practices.

Contact Our Team View Security Details