Legal
Data Processing Addendum
How Capfold processes personal data on behalf of customers in line with applicable data protection laws.
Last updated: June 2026
Draft placeholder. This page is a structural placeholder. The final wording will be prepared and reviewed by Capfold's legal counsel before launch.
1. Scope and roles
This addendum applies where Capfold processes personal data on behalf of a customer. The customer is the data controller and Capfold is the data processor.
2. Processing instructions
Capfold processes personal data only on documented instructions from the customer, including with regard to transfers of personal data, unless required to do otherwise by law.
3. Sub-processors
Capfold engages vetted sub-processors to deliver the service and remains responsible for their compliance with this addendum.
4. Security measures
Capfold maintains appropriate technical and organisational measures to protect personal data, as further described on our security page.
5. International transfers
Where personal data is transferred across borders, Capfold relies on appropriate safeguards as required by applicable data protection laws.
6. Contact us
For DPA requests, email privacy@capfold.com.
Questions about this document? Email legal@capfold.com.