Data Processing Agreement
1. Scope
This Data Processing Agreement forms part of the Terms between the customer and Nebulix Technologies FZE LLC ("Nebulix") for business use of Nebulix. It applies when Nebulix processes personal data on behalf of a business customer.
2. Roles
The customer is the controller for personal data it submits or instructs Nebulix to process. Nebulix is the processor for that customer data and may also act as controller for account, billing, support, and security records.
3. Processing Details
Subject matter: providing the Nebulix product website, pricing page, suite subscriptions, and links to individual Nebulix apps.
Data categories: contact emails, checkout plan selections, billing records, app selection, support messages, and basic website analytics.
Purpose: service delivery, support, security, billing, fraud prevention, and legal compliance.
4. Processor Obligations
- Process customer personal data only on documented instructions, unless required by law.
- Use appropriate confidentiality, access control, and security safeguards.
- Assist with reasonable data-subject, audit, deletion, and security requests.
- Notify customers without undue delay after becoming aware of a confirmed personal data breach affecting customer data.
5. Sub-Processors
Nebulix may use the following categories of sub-processors for Nebulix:
- Payment provider for checkout and billing
- Email provider for support messages
- Cloudflare or hosting providers for website delivery
- Supabase or platform records for subscription data
Nebulix remains responsible for sub-processor performance as required by applicable data-protection law.
6. International Transfers
Where data is processed outside the UAE or your home jurisdiction, Nebulix relies on contractual, technical, and organisational safeguards appropriate to the transfer, including encryption in transit where supported.
7. Deletion and Return
At the end of the service, Nebulix will delete or return customer personal data that it controls as processor, unless retention is required for billing, tax, security, dispute, or legal obligations. Browser-local data remains on the user's device until cleared by the user.
8. Contact
DPA requests: [email protected].