Last updated: 24 April 2026
This Data Processing Agreement applies when Vezha processes personal data on behalf of a customer as part of the services. It supplements the Terms of Service.
Roles
The customer is the controller or processor that determines purposes and means. Vezha acts as processor or subprocesser only under the customer documented instructions.
Processing details
Processing covers data that the customer or its users submit to Vezha: account data, contact data, technical logs, content, metadata, and other data needed to operate the service.
The processing duration follows the service term plus periods required for security, backups, disputes, or legal obligations.
Subprocessors and transfers
Vezha may use subprocessors for hosting, payments, support, analytics, monitoring, and security. Vezha remains responsible for their processing to the extent required by law.
International transfers use contractual, technical, and organizational safeguards consistent with applicable law.
Security and incidents
Vezha uses appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, disclosure, or access.
Vezha will notify the customer of a confirmed security incident without undue delay after becoming aware of it.
Assistance, return, and deletion
Vezha provides reasonable assistance with data subject requests, impact assessments, audits, and customer obligations where practical and proportionate.
After services end, Vezha will delete or return personal data except where retention is required for law, security, backups, or disputes.
Liability
Any liability under this DPA is limited in the same way as the Terms of Service: excluded to the maximum extent permitted by law, and if exclusion is not possible, limited to the amount paid for the affected market during the one month before the event, or UAH 0 if no amount was paid.