Data Processing Agreement.

A Data Processing Agreement (DPA) is the contract between you (the controller of your customers' data) and Saturn (the processor handling that data on your behalf). It documents what categories of data we process, what we do with it, and what each party's obligations are under GDPR, UK GDPR, and CCPA.

Saturn's DPA is free to execute. It's pre-signed by Saturn — countersigning a copy makes it binding without further negotiation. We don't gate signing behind a sales call or a paid tier; if you're using Saturn in production, the DPA is yours by default.

If you're processing personal data of EU/EEA, UK, or California residents through Saturn — for example, your project ships an app that collects user emails, or your launch flow handles customer signups — you're a controller and Saturn is your processor. The DPA is the legal instrument that documents that relationship.

If you're using Saturn purely for personal projects with no end-user data flowing through it, you typically don't need a DPA. If you're not sure, write us and we'll help you figure out which side of the line you're on.

Email dpa@saturnos.app from the address on your Saturn account. Include the legal entity name you'd like the DPA executed under (yourself as a sole proprietor, your LLC, your Ltd, etc.) and a contact for data-protection notices.

We send you a pre-signed PDF within two business days. You countersign and return one copy; we file both. Once countersigned, the DPA is mutually binding effective the date of your signature.

If your procurement process requires you to use your own DPA template, attach it to the email. We'll review and either sign as-is or come back with a redline within two business days.

Saturn's standard DPA includes:

Saturn relies on a small set of trusted infrastructure providers as sub-processors. The complete current list, with regions, data shapes, and links to each provider's privacy commitments, lives at /subprocessors. The DPA incorporates that page by reference and binds Saturn to written agreements with each sub-processor that pass through the same protections.

We notify customers of new sub-processors at least 30 days before they start processing your data. Notification arrives via email to the address on your Saturn account and is also posted to /subprocessors with the effective date.

Saturn's primary infrastructure (Vercel, Supabase, Anthropic, Stripe, Resend) runs in the United States. EU/EEA personal data transferred to Saturn is covered by the Standard Contractual Clauses (Module 2: Controller-to-Processor) included in the DPA. UK personal data is covered by the UK ICO Addendum. We don't rely on Privacy Shield (it's invalid) or on derogations.

We carry out a transfer impact assessment annually and on material changes (new sub-processor jurisdiction, new product feature). The current TIA summary is available on request from dpa@saturnos.app.

The technical and organizational measures Saturn applies to your data are described in detail at /security. The DPA incorporates those commitments by reference and binds Saturn to maintain them at no less than the level published.

If you require additional measures for a specific use case (e.g. data residency outside the US, customer-managed encryption keys, dedicated single-tenant infra), write enterprise@saturnos.app — we'll let you know what's feasible and what it costs.

If Saturn becomes aware of a personal-data breach affecting your data, we notify you without undue delay and in any case within 72 hours of confirmation. The notification includes what we know about the breach, the categories and approximate number of data subjects and records affected, the likely consequences, and the measures we're taking to mitigate.

We follow up with a full post-mortem once the incident is resolved. Affected customers receive the post-mortem before it is published more broadly.

When your Saturn account is closed (by you, or by us for non-payment after the cure period), Saturn deletes your data within 90 days. The 30-day soft-delete window described at /privacy applies first; after that, deletion is unrecoverable. Backup snapshots roll off on the same cadence.

If you need a copy of your data before deletion, export it from Settings → Data while your account is still active. We don't offer post-termination data return as a separate service.

Procurement questions, redlines, or data-subject right requests on behalf of your end users: dpa@saturnos.app. General data-protection questions: privacy@saturnos.app or support@saturnos.app — we route appropriately.