Data processing agreement (DPA)

This DPA is an integral part of the agreement entered into between SWIFTASK TECHNOLOGY SAS (the "Processor") and the client (the "Data Controller").

1. Roles and obligations

In accordance with the GDPR, the Client guarantees that it processes personal Data lawfully. Swiftask undertakes to process this data only on documented instructions from the client (use of the Platform, Prompts, Skills).

2. Specific Prohibitions Related to AI

Swiftask formally prohibits itself from using the client's personal data (including prompts and unstructured documents) to train its own Artificial Intelligence models or those of its AI model providers (Foundation Models).

3. Sub-processing

The client authorizes Swiftask to use the sub-processors listed in our privacy policy. Swiftask will inform the client at least fifteen (15) days before adding a new sub-processor.

4. Security, breaches and audits

Swiftask implements appropriate technical measures (encryption). In the event of a data breach, Swiftask will inform the Client as soon as possible. The Client has the right to a documentary audit (maximum once per year, with 30 days' notice, at the Client's expense).

5. Data fate and liability

Upon termination, the client has 30 days to export their data before deletion. Any claim under this DPA is subject to the limitations and liability caps stipulated in the general terms and conditions of sale and use.