Data Processing Agreement
Last updated · June 1, 2026
This DPA describes how Bellwize processes personal data on behalf of agency customers (the controller) when they use the service to manage their clients' data. It forms part of the Terms of Service.
1. Roles
For client data an agency uploads, the agency is the controller and Bellwize is the processor. We process such data only on the agency’s documented instructions, which are given through normal use of the service.
2. Scope & purpose of processing
Subject matter: provision of local-SEO tooling. Duration: the term of the subscription plus the retention window. Nature: storage, analysis, ranking crawls, review sync, score computation, and report generation. Data subjects:the agency’s clients and their business contacts.
3. Sub-processors
The agency authorises Bellwize to engage sub-processors to deliver the service. We remain responsible for their compliance and will give notice of changes.
4. Security measures
We maintain technical and organisational measures appropriate to the risk, including encryption in transit, row-level tenant isolation at the database, and access controls.
5. Sub-processor breach & assistance
We will notify the controller without undue delay on becoming aware of a personal-data breach affecting their data, and will assist with data-subject requests and impact assessments to the extent required by applicable law.
6. International transfers
Where data is transferred across borders, the parties will rely on a lawful transfer mechanism.
7. Deletion & return
On termination, the controller may export data during the access window described in the Privacy Policy; thereafter data is archived and deleted per that schedule, save where retention is legally required.
8. Execution
A signable version will be provided to agency customers who require an executed DPA.
Questions about this policy? Contact us at hello@bellwize.app.