Data Processing Agreement
Last updated: February 21, 2026
1. Parties
This Data Processing Agreement (“DPA”) is entered into between:
- Data Controller (“Customer”): The entity that has agreed to FitSignal's Terms of Service.
- Data Processor (“FitSignal”): GroundForm Software LLC, a Wyoming limited liability company.
This DPA supplements and forms part of the Terms of Service and applies to the extent FitSignal processes Personal Data on behalf of the Customer.
2. Definitions
- Personal Data: Any information relating to an identified or identifiable natural person, as defined by applicable data protection laws (including GDPR Article 4(1)).
- Processing: Any operation performed on Personal Data, including collection, storage, use, disclosure, and deletion.
- Sub-processor: A third party engaged by FitSignal to process Personal Data on behalf of the Customer.
- Data Subject: The identified or identifiable natural person to whom Personal Data relates.
3. Scope & Purpose of Processing
Purpose
FitSignal processes Personal Data solely to provide the survey measurement and analytics services described in the Terms of Service, including:
- Storing customer contact information (name, email) uploaded by the Customer
- Delivering survey emails to the Customer's end users
- Collecting and storing survey responses
- Generating PMF analytics (scores, word clouds, persona breakdowns)
Categories of Personal Data
- Contact information: name, email address
- Custom fields defined by the Customer (e.g., company, role)
- Survey responses: PMF ratings and free-text answers
- Technical metadata: IP address, browser info (for widget submissions)
Categories of Data Subjects
- The Customer's end users / customers who receive surveys
Retention
Personal Data is retained for the duration of the Customer's account. Upon account deletion or written request, FitSignal will delete all Personal Data within 30 days, except where retention is required by law.
4. Customer Obligations
The Customer warrants that:
- It has a lawful basis for collecting and sharing Personal Data with FitSignal (e.g., legitimate interest, consent).
- It has provided appropriate notice to Data Subjects about the use of FitSignal.
- It will not upload sensitive or special category data (health, political, religious, etc.) unless explicitly agreed in writing.
5. FitSignal Obligations
FitSignal shall:
- Process Personal Data only on documented instructions from the Customer (i.e., as necessary to provide the Service).
- Ensure personnel authorized to process Personal Data are bound by confidentiality obligations.
- Implement appropriate technical and organizational security measures (see Section 7).
- Assist the Customer in responding to Data Subject requests (access, rectification, deletion, portability).
- Delete or return all Personal Data upon termination of the Service, at the Customer's choice.
- Make available information necessary to demonstrate compliance with this DPA.
6. Sub-processors
The Customer authorizes FitSignal to engage the following sub-processors. FitSignal will notify the Customer at least 30 days before adding a new sub-processor.
| Sub-processor | Purpose | Location |
|---|---|---|
| Neon | Database hosting (Postgres) | United States |
| Clerk | Authentication & user management | United States |
| Resend | Email delivery | United States |
| Vercel | Application hosting & CDN | United States / Global |
| Cloudflare (R2) | File storage | United States / Global |
| Upstash | Rate limiting (Redis) | United States |
| PostHog | Product analytics | United States / EU |
| Sentry | Error monitoring | United States |
| Paddle | Payment processing | United Kingdom |
FitSignal ensures each sub-processor is bound by data protection obligations no less protective than those in this DPA.
7. Security Measures
FitSignal implements the following technical and organizational measures:
- Encryption in transit: All data transmitted over TLS 1.2+.
- Encryption at rest: Database encryption provided by Neon. File storage encryption provided by Cloudflare R2.
- Access control: Role-based access with principle of least privilege. Production database access restricted to authorized personnel.
- Authentication: Multi-factor authentication for all administrative access.
- Monitoring: Real-time error monitoring (Sentry), uptime monitoring, and audit logging.
- Rate limiting: API and email delivery rate limiting to prevent abuse.
- Backups: Automated daily database backups with point-in-time recovery.
- Incident response: Documented incident response procedures with defined escalation paths.
8. Data Subject Rights
FitSignal will assist the Customer in fulfilling Data Subject requests under applicable data protection laws, including requests for access, rectification, erasure, restriction, portability, and objection. The Customer can fulfill most requests directly via the FitSignal dashboard (export, delete). For requests requiring FitSignal's assistance, contact support@fitsignal.com.
9. Data Breach Notification
FitSignal will notify the Customer without undue delay (and in any event within 72 hours) after becoming aware of a Personal Data breach. The notification will include:
- The nature of the breach, including categories and approximate number of affected Data Subjects
- The likely consequences of the breach
- The measures taken or proposed to address the breach
- Contact details for further information
10. Audit Rights
The Customer may, upon reasonable notice (at least 30 days) and no more than once per year, request information or conduct an audit to verify FitSignal's compliance with this DPA. FitSignal may satisfy this obligation by providing relevant certifications, audit reports, or responses to a security questionnaire. On-site audits require mutual agreement on scope, timing, and confidentiality.
11. International Transfers
Personal Data is primarily processed in the United States. For transfers from the EU/EEA/UK/Switzerland, FitSignal relies on the EU-U.S. Data Privacy Framework and, where applicable, Standard Contractual Clauses (SCCs) as approved by the European Commission.
12. Term & Termination
This DPA remains in effect for the duration of FitSignal's processing of Personal Data on behalf of the Customer. Upon termination of the Service, FitSignal will delete all Personal Data within 30 days unless the Customer requests return of data or applicable law requires retention.
13. Contact
For DPA-related inquiries, contact: support@fitsignal.com
GroundForm Software LLC
Wyoming, United States