Data processing addendum

Facturn acts as a data processor for the workspace data you bring into the service. This page describes the substance of the processing arrangement and how to obtain a signed addendum.

What we process

• Workspace content you upload or import via connected sources.
• Operational metadata (sign-in events, request logs) needed to run the service.

How we process it

• Stored on Vercel and Neon Postgres in the EU region.
• Encrypted in transit (TLS) and at rest.
• Accessed only by Facturn personnel, only when needed for support or operations, and only with audit logging.

Subprocessors

The current subprocessor list lives at /legal/subprocessors. We will publish updates to that list at least 30 days before they take effect.

Requesting a signed DPA

Most early-access teams are fine with this page as a record of intent. For organizations that need a counter-signed PDF, write to team@facturn.app and we will send one over.