logo
Hub IT GroupSmart Technology solutions
Back to Legal Hub
Active Termsv1.5

Data Processing Addendum (DPA)

Last Updated: April 27, 2026

1. Scope, Purpose & Hierarchy

This Data Processing Addendum ("DPA") supplements our master service contracts and regulates the processing of personal data in connection with engineering products built by HUB IT Group Pvt. Ltd.

This DPA is designed to ensure our engineering deliverables adhere to global standards such as GDPR, CCPA, and standard digital protection principles, establishing the exact rules when we act as a Data Processor on behalf of our client partners (Data Controllers).

2. Data Processing Specifications

Our data processing operations are governed by the following rules:

  • Subject Matter: Deployment maintenance, hosting optimization, error reporting, database configurations, and bespoke platform operations.
  • Types of Data: User email profiles, authorization records, system credentials, configurations, access logs, and aggregate platform telemetry.
  • Duration: Data is processed for the exact lifetime of active service agreements and is securely purged upon contract termination.

3. Technical & Security Control Safeguards

HUB IT Group implements and maintains comprehensive technical protections to safeguard data against structural loss, unauthorized modification, or exposure:

  1. Database Isolation: Data columns are hosted in distinct server schemas inside restricted VPCs with firewall checks.
  2. Strict Encryption: Deployment layers enforce TLS 1.3 encryption for data in transit and AES-256 standards for at-rest variables.
  3. Access Restriction: Staff access is restricted via hardware authentication keys under strict Least Privilege controls.
  4. Data Security Audits: Periodic structural reviews are performed to check container patches, log anomalies, and node efficiency.

4. Secure Subprocessor Framework

The Controller gives general authorization for HUB IT Group to engage subprocessors to maintain standard operations. Our list of secure subprocessors is highly restricted:

SubprocessorProcessing PurposeLocation
Amazon Web Services (AWS)Cloud servers, database nodes, and storageSingapore Region
Cloudflare Inc.DNS management, CDN asset delivery, and WAF protectionGlobal Network nodes
Google Workspace / FirebaseDiagnostics logging, analytics aggregation, and secure mail routingUS Central

5. Incident Disclosures & Security Breaches

If we confirm a security breach impacting data clusters hosted under our administration, HUB IT Group will:

  • Notify your registered administrative contact within 72 hours.
  • Deliver detailed breakdowns of data categories affected and immediately isolate the source container.
  • Propose and deploy continuous containment measures to secure nodes and support complete regulatory reviews.