Teravor MonitorBETA
Draft — pending legal review. Teravor Monitor is pre-launch and this document is published for transparency while we finalize counsel review. If you need a signed copy or have questions, email [email protected].
Legal · DPA

Data Processing Agreement

This Data Processing Agreement ("DPA") forms part of your Terms of Service and governs how Teravor processes personal data on your behalf under GDPR and the UK GDPR.

Roles

You are the Controller. Teravor is the Processor. Teravor processes personal data only on your documented instructions — namely, the monitor configuration and alert channels you set up in your account.

Categories of data

  • Account identifiers: email address, display name, organization name.
  • Monitor configuration: URLs, hostnames, assertions, alert recipients.
  • Alert recipients' contact details: email addresses, webhook URLs, Slack / Discord channels you configure.

Sub-processors

Teravor engages the sub-processors listed in the Privacy Policy. We'll give 30 days' notice of any material change (by email and/or in-product notice) and you may terminate if you reasonably object.

Security

Teravor maintains technical and organizational measures appropriate to the risk, including encryption in transit and at rest, access controls, backup rotation, and monitored infrastructure. See Privacy · Security.

International transfers

Personal data is processed in the EU (Hetzner Falkenstein). Some sub-processors are located in the US; transfers rely on Standard Contractual Clauses and supplementary measures.

Data subject requests

If a data subject contacts Teravor directly, we will forward the request to you without undue delay. We assist you in responding to access, rectification, deletion, and portability requests using the tools in the account UI.

Breach notification

Teravor will notify you without undue delay, and within 72 hours where feasible, of any Personal Data Breach affecting your data, and will provide the information reasonably necessary for you to meet your GDPR obligations.

Audits

On reasonable notice, Teravor will respond to customer audit questionnaires. Physical audits of Teravor premises are not available pre-Business tier; we instead provide current security documentation and sub-processor attestations.

Return or deletion

On termination, Teravor deletes all personal data within 30 days unless applicable law requires longer retention. A customer-triggered export is available at any time.

Signing

For a countersigned copy of this DPA for your records, email [email protected] with your organization name and primary account email.