REALIFY DATA PROCESSING ADDENDUM (DPA)

Company: Realify AI India Private Limited
Registered Address: Plot No. 629, 629, Sector 82, Sahibzada Ajit Singh Nagar, Punjab 140306
Contact: hello@realify.ai
Effective Date: 17 February 2026

This Data Processing Addendum (“DPA”) forms part of the Terms of Service between Realify and the customer (“Customer”) to the extent Realify processes personal data on behalf of Customer in connection with the Services.

  1. ROLES
    Customer is the data controller (or equivalent under applicable law) with respect to personal data relating to its end‑users and customers (“Customer Personal Data”). Realify acts as a data processor, processing Customer Personal Data only on Customer’s documented instructions and as needed to provide the Services.

  2. SUBJECT MATTER, NATURE, AND PURPOSE
    Realify processes Customer Personal Data to provide unified planning, analytics, automation, and related commerce operations tools, as described in the Services documentation.

  3. DURATION
    Processing continues for the term of the Services and for up to 30 days thereafter to allow Customer to export data, unless applicable law requires a longer retention period.

  4. SECURITY
    Realify implements reasonable technical and organisational measures to protect Customer Personal Data, including encryption in transit, access controls, and monitoring. On request, Realify will provide a high‑level description of these measures.

  5. SUB‑PROCESSORS
    Customer authorises Realify to appoint sub‑processors (such as cloud hosting, email, and analytics providers) to support provision of the Services. Realify will ensure sub‑processors are bound by written agreements that require them to protect Customer Personal Data to a standard no less protective than this DPA. A current list of key sub‑processor categories is available on request.

  6. DATA SUBJECT RIGHTS
    Taking into account the nature of the processing, Realify will provide reasonable assistance to Customer, at Customer’s cost, to respond to requests from individuals to exercise their rights under applicable data‑protection laws (such as rights of access, correction, or deletion), insofar as such requests relate to Customer Personal Data stored in the Services.

  7. INTERNATIONAL TRANSFERS
    Where Customer Personal Data is transferred outside the country of origin, Realify will implement appropriate safeguards as required by applicable law (for example, Standard Contractual Clauses for transfers from the EEA/UK). Customer is responsible for ensuring that its use of the Services and any cross‑border transfers are permitted under applicable law.

  8. SECURITY INCIDENTS
    If Realify becomes aware of a personal‑data breach affecting Customer Personal Data, it will notify Customer without undue delay and provide information reasonably requested to allow Customer to meet any obligations to notify regulators or affected individuals. Realify’s notification shall not be taken as an admission of fault or liability.

  9. RETURN OR DELETION OF DATA
    At the end of the provision of Services, upon Customer’s request Realify will delete or return Customer Personal Data stored in the Services, except to the extent retention is required by law or for legitimate record‑keeping purposes. Backup copies will be deleted in line with our normal backup cycle.

  10. PRIORITY
    If there is any conflict between this DPA and the Terms of Service with respect to processing of Customer Personal Data, this DPA will prevail.

END OF DATA PROCESSING ADDENDUM

  1. ROLES
    Customer is the data controller (or equivalent under applicable law) with respect to personal data relating to its end‑users and customers (“Customer Personal Data”). Realify acts as a data processor, processing Customer Personal Data only on Customer’s documented instructions and as needed to provide the Services.

  2. SUBJECT MATTER, NATURE, AND PURPOSE
    Realify processes Customer Personal Data to provide unified planning, analytics, automation, and related commerce operations tools, as described in the Services documentation.

  3. DURATION
    Processing continues for the term of the Services and for up to 30 days thereafter to allow Customer to export data, unless applicable law requires a longer retention period.

  4. SECURITY
    Realify implements reasonable technical and organisational measures to protect Customer Personal Data, including encryption in transit, access controls, and monitoring. On request, Realify will provide a high‑level description of these measures.

  5. SUB‑PROCESSORS
    Customer authorises Realify to appoint sub‑processors (such as cloud hosting, email, and analytics providers) to support provision of the Services. Realify will ensure sub‑processors are bound by written agreements that require them to protect Customer Personal Data to a standard no less protective than this DPA. A current list of key sub‑processor categories is available on request.

  6. DATA SUBJECT RIGHTS
    Taking into account the nature of the processing, Realify will provide reasonable assistance to Customer, at Customer’s cost, to respond to requests from individuals to exercise their rights under applicable data‑protection laws (such as rights of access, correction, or deletion), insofar as such requests relate to Customer Personal Data stored in the Services.

  7. INTERNATIONAL TRANSFERS
    Where Customer Personal Data is transferred outside the country of origin, Realify will implement appropriate safeguards as required by applicable law (for example, Standard Contractual Clauses for transfers from the EEA/UK). Customer is responsible for ensuring that its use of the Services and any cross‑border transfers are permitted under applicable law.

  8. SECURITY INCIDENTS
    If Realify becomes aware of a personal‑data breach affecting Customer Personal Data, it will notify Customer without undue delay and provide information reasonably requested to allow Customer to meet any obligations to notify regulators or affected individuals. Realify’s notification shall not be taken as an admission of fault or liability.

  9. RETURN OR DELETION OF DATA
    At the end of the provision of Services, upon Customer’s request Realify will delete or return Customer Personal Data stored in the Services, except to the extent retention is required by law or for legitimate record‑keeping purposes. Backup copies will be deleted in line with our normal backup cycle.

  10. PRIORITY
    If there is any conflict between this DPA and the Terms of Service with respect to processing of Customer Personal Data, this DPA will prevail.

END OF DATA PROCESSING ADDENDUM

Cart (0 items)