Parties: Customer (Controller) ↔ STARK PROJECTS LTD (t/a "Vidintro") (Processor)
Contact: info@vidintro.io
Last updated: 19 August 2025
Process only on documented instructions; implement appropriate security measures (Annex II); ensure confidentiality; assist with DSRs, DPIAs, consultations; breach notice without undue delay; delete/return data at end of services (subject to backups); maintain records; permit audits (one per 12 months, 30 days' notice, reasonable scope/NDAs; independent third-party reports may satisfy).
General authorisation. Current list: Convex (US), Vercel (global; primary US), Resend (US). Objections on reasonable data-protection grounds; the parties will work in good faith to resolve.
For UK/EEA personal data to non-adequate countries, incorporate: EU SCCs (2021/914) – Module 2 (C→P) and the UK Addendum, plus supplementary measures (encryption, access controls, strict retention).
Videos → 30 days; metadata → 90 days unless instructed otherwise or required by law. Backups purge on rolling schedule.
Subject to the Agreement's liability cap unless prohibited by law. The parties may adjust allocation for biometric-law risk (e.g., BIPA) in relevant orders.
As above. Controller: Customer. Processor: STARK PROJECTS LTD (t/a "Vidintro"). Contact: info@vidintro.io.
TLS in transit; encryption at rest; RBAC/least-privilege/MFA; secure SDLC; dependency scanning; secrets management; logging/monitoring; anomaly detection; rate-limiting; backups & tested restores; incident response; vendor due diligence; staff training/background checks (as appropriate).
Convex; Vercel; Resend (updated list maintained online or via notice).