Data Processing Agreement (DPA)
Effective date: May 5, 2026
This Data Processing Agreement defines how Adsazon processes customer data under GDPR and KVKK. By using Adsazon, you accept this agreement.
Parties and roles
Data Controller: Customer (Adsazon account holder). Data Processor: Aydanoglu Global LLC (operating Adsazon). Data categories: Amazon Ads data, campaign performance data, AI processing logs.
Purpose and duration of processing
Data is processed solely for service delivery, AI recommendation generation, and performance analytics. Processing continues while the customer account is active or as long as legal retention obligations require.
Sub-processors
Stripe (payments), Supabase (database, authentication, EU region), Vercel (hosting), Resend (email), Anthropic (AI processing). All sub-processors operate under GDPR-compliant agreements.
Security measures
All data is encrypted in transit with TLS 1.3 and at rest with AES-256. Access is restricted via role-based access control (RLS). Sensitive fields (passwords, payment data) are hashed or tokenized.
Data breach notification
In the event of a data breach, affected customers will be notified within 72 hours via support@adsazon.com.
Customer rights
The customer may request deletion, correction, or export of their data at any time. Account deletion: Settings → Account → Danger Zone. Other requests: support@adsazon.com.
This DPA is a beta-stage draft. Enterprise customers requiring a signed bespoke DPA should contact support@adsazon.com.