BankChangeGuardDashboard

Data Processing Addendum

Last updated: 2026-05-31

This Data Processing Addendum ("DPA") forms part of and is incorporated by reference into the BankChangeGuard Terms of Service. It applies where BankChangeGuard processes personal data on behalf of a Customer. Capitalized terms not defined here have the meaning given in the Terms. If there is a conflict between the Terms and this DPA regarding the processing of personal data, this DPA controls.

This Data Processing Addendum is available to business customers on request and is being finalized with counsel. The Article 28 clause headings and annexes below describe how BankChangeGuard processes personal data on a customer's behalf. To execute a DPA, contact privacy@bankchangeguard.com.

1. Roles and scope

For the data described in Annex I, the Customer acts as controller (or as processor for its own client) and BankChangeGuard acts as processor (or subprocessor). BankChangeGuard processes Customer Personal Data only to provide and support the Service and on the Customer's documented instructions. The Customer is responsible for the lawful basis for its processing and for notices owed to data subjects, including the vendor contacts it instructs BankChangeGuard to email.

2. Processor commitments (Article 28(3))

BankChangeGuard will:

  • Process Customer Personal Data only on the Customer's documented instructions, including for transfers, unless required by law (with notice where lawful).
  • Ensure persons authorized to process the data are bound by confidentiality.
  • Implement appropriate technical and organizational measures under GDPR Article 32 (see Annex II).
  • Engage subprocessors only under Article 28(2) and (4): general authorization with 30-day advance notice and a right to object (see the Subprocessors page).
  • Assist the Customer, by appropriate measures, to respond to data-subject rights requests, including from vendor contacts.
  • Assist the Customer with security, breach notification, data-protection impact assessments, and prior consultation (Articles 32 to 36).
  • Delete or return Customer Personal Data at the Customer's choice at the end of the services, subject to legal retention (see Annex I retention).
  • Make available information necessary to demonstrate compliance and allow for and contribute to audits.

3. Subprocessors

The Customer provides general authorization for the subprocessors listed on the Subprocessors page. BankChangeGuard will give at least 30 days' advance notice of any new or replacement subprocessor that processes Customer Personal Data (shorter where urgent security, availability, or legal reasons require) and the Customer may object on reasonable data-protection grounds.

4. International transfers

BankChangeGuard serves US-based customers during early access. Before processing EU, UK, or Swiss personal data on a customer's behalf, BankChangeGuard will incorporate the applicable EU Standard Contractual Clauses module, the UK Addendum/IDTA, and the Swiss adaptation, and complete a transfer impact assessment. Operator access from Pakistan is disclosed as an international transfer.

5. Personal-data breach notification

BankChangeGuard will notify the Customer without undue delay after becoming aware of a personal-data breach affecting Customer Personal Data, with the known facts, the affected data categories, mitigation steps, and a point of contact, and will provide further information as it becomes available.

Annex I: Description of processing

  • Subject matter and duration: processing of vendor and verification data to provide the Service, for the term of the subscription plus the retention windows in the Privacy Policy.
  • Nature and purpose: logging vendor bank-change requests, sending email callback verifications to previously-verified vendor contacts, capturing verification responses, and generating audit-trail records.
  • Categories of data subjects:the Customer's vendor contacts and the Customer's own personnel.
  • Categories of personal data: vendor name, vendor contact email, verification responses and attestation text, channel and timestamp metadata, and limited payment-account reference data (account last-four only). No full bank account numbers, routing numbers, card numbers, payment credentials, or bank-login credentials are processed.
  • Special categories: none intended or requested.
  • Retention:audit-trail records (verifications, evidence hashes, audit PDFs) up to 7 years from the verification event to support the Customer's evidence needs; deletion or return at the Customer's choice on termination, subject to backup cycles and legal holds (see the Privacy Policy).

Annex II: Technical and organizational measures

Summarized on the Compliance and Security page: TLS 1.2+ in transit, encryption at rest, encrypted OAuth tokens with rotation, per-IP rate limiting, least-privilege need-to-know access controls, and append-only audit logging. Full bank account numbers, routing numbers, and payment credentials are never stored.

Annex III: Subprocessor list

See the canonical Subprocessors page.

Contact

DPA questions and signature requests: privacy@bankchangeguard.com.