Data Processing Agreement (DPA)
Last Updated: June 2026
This Data Processing Agreement forms part of the agreement between SendCore and its customers.
Definitions
Customer means the organization using SendCore Services.
Personal Data means information relating to an identified or identifiable individual.
Processing means any operation performed on Personal Data.
Scope
SendCore processes Personal Data solely for the purpose of providing Services to the Customer.
Customer Responsibilities
Customer is responsible for:
- Obtaining lawful consent where required.
- Providing appropriate notices.
- Ensuring lawful processing.
SendCore Responsibilities
SendCore shall:
- Process data only as instructed.
- Maintain appropriate security measures.
- Restrict access to authorized personnel.
- Assist with reasonable compliance requests.
Security Measures
Security controls include:
- TLS encryption
- Access controls
- Audit logging
- Backup procedures
- Authentication controls
Subprocessors
Customer authorizes SendCore to engage subprocessors necessary for service delivery.
Current subprocessors include:
- DigitalOcean (cloud infrastructure, database, Redis)
- Amazon Web Services (S3 file storage)
- Cloudflare (DNS, security, CDN)
- Flutterwave (payment processing)
- GitHub (source code management)
- ZeptoMail / Netcore Cloud (email delivery)
- OpenAI / Azure OpenAI (AI-powered semantic search)
Data Breach Notification
SendCore will notify affected customers without undue delay after becoming aware of a confirmed security incident involving Personal Data.
Data Deletion
Upon account closure, Customer may request deletion of Personal Data subject to legal, operational, and backup retention requirements.
Contact: support@usesendcore.com