Business customers
Applicability
This Data Processing Addendum applies when Flutty processes personal data on behalf of a business customer as a processor, service provider, or equivalent role under applicable privacy law.
Controller and processor
Roles
You are the controller/business for personal data contained in prompts, uploaded files, workspace content, connected repositories, connected databases, generated output, and published sites. Flutty acts as processor/service provider for that data when operating the service on your behalf.
Purpose limitation
Processing instructions
Flutty processes customer personal data to provide, secure, support, improve, and maintain the service; comply with law; and follow documented instructions in the Terms, product settings, and customer requests.
Vendors
Subprocessors
Flutty may use subprocessors listed on the Subprocessors page. Flutty remains responsible for subprocessor processing required to provide the service.
Safeguards
Security
Flutty uses administrative, technical, and organizational safeguards designed to protect customer data, including access controls, encryption where appropriate, logging, separation of duties, least-privilege practices, and incident response procedures.
Requests
Assistance and deletion
Flutty will provide reasonable assistance for data subject requests, security incidents, audits, and deletion/export requests as required by applicable law and the service plan.
Safeguards
International transfers
Where required, Flutty and its subprocessors use appropriate transfer mechanisms for cross-border processing.
DPA questions
Contact
Contact `privacy@flutty.dev` for DPA questions or custom enterprise terms.