1. Definitions
"Controller" means the customer who determines the purposes and means of processing Personal Data."Processor" means BlazeCrawl, Inc. processing Personal Data on behalf of the Controller."Personal Data" means any information relating to an identified or identifiable natural person as defined under GDPR.
2. Scope and Purpose
This DPA applies when BlazeCrawl processes Personal Data on behalf of customers using BlazeCrawl's services. The purpose of processing is providing the SaaS data extraction and crawling services.
3. Categories of Data Processed
BlazeCrawl may process:
- Contact information (name, email, company)
- Usage data and analytics
- Extracted content from customer-specified sources
- Authentication credentials (API keys, tokens)
4. Processor Obligations
4.1 Processing
- Process Personal Data only on documented instructions from Controller
- Ensure personnel processing Personal Data are bound by confidentiality
- Implement appropriate technical and organizational security measures
4.2 Security
Per Article 32 GDPR, implement:
- Pseudonymization and encryption
- Confidentiality, integrity, availability
- Timely restoration of availability
- Regular testing of security measures
4.3 Sub-processors
- Current approved Sub-processors listed at: /subprocessors
- 30-day advance notice before engaging new Sub-processors
- Controller may object within 15 days
- Flow down same obligations to Sub-processors
5. International Transfers
- EU-US Data Privacy Framework (if applicable)
- Standard Contractual Clauses (SCCs) for other transfers
- UK Addendum for UK transfers
6. Breach Notification
- Notify Controller within 24 hours of becoming aware of a breach
- Provide: nature of breach, categories and approximate number of data subjects, likely consequences
7. Auto-Counter-Signature
For customers with annual recurring revenue (ARR) exceeding $50,000, this DPA is automatically counter-signed upon execution of the main service agreement.
For customers below $50,000 ARR, request manual signature by contacting legal@blazecrawl.dev.
Need to sign a DPA?
Contact our legal team at legal@blazecrawl.dev to execute a DPA for your organization.