This document describes how Gamma processes customer personal data under the main agreement, including security commitments, subprocessors, and international data transfer safeguards.
Review the Gamma Data Processing Addendum covering customer personal data, processor obligations, security measures, subprocessors, and international transfer terms.
The DPA forms part of the contractual relationship whenever Gamma processes customer personal data on behalf of a customer in connection with the services.
The customer generally acts as controller or business, while Gamma acts as processor or service provider for the relevant personal data processed through the platform.
Gamma commits to appropriate organisational and technical protections, supports customers with certain privacy-related requests, and outlines breach notification and response expectations.
Gamma may use approved subprocessors to deliver services and requires them to follow contractual data protection obligations. International transfer mechanisms may apply where required by law.
The DPA works together with the main Terms of Use, the Privacy Policy, and the Subprocessors page, which together define the broader framework for handling data in Gamma services.