Legal

Data Processing Addendum

How Capfold processes personal data on behalf of customers in line with applicable data protection laws.

Last updated: June 2026

Draft placeholder. This page is a structural placeholder. The final wording will be prepared and reviewed by Capfold's legal counsel before launch.

1. Scope and roles

This addendum applies where Capfold processes personal data on behalf of a customer. The customer is the data controller and Capfold is the data processor.

2. Processing instructions

Capfold processes personal data only on documented instructions from the customer, including with regard to transfers of personal data, unless required to do otherwise by law.

3. Sub-processors

Capfold engages vetted sub-processors to deliver the service and remains responsible for their compliance with this addendum.

4. Security measures

Capfold maintains appropriate technical and organisational measures to protect personal data, as further described on our security page.

5. International transfers

Where personal data is transferred across borders, Capfold relies on appropriate safeguards as required by applicable data protection laws.

6. Contact us

For DPA requests, email privacy@capfold.com.

Questions about this document? Email legal@capfold.com.