HatchCheck
Open menu
Get My App Checkup
DPA draft

Data Processing Addendum

This draft DPA is for business customers that need processor/service-provider terms for HatchCheck customer content.

Version: 0.1-draft

Effective date: 2026-05-04

Last updated: 2026-05-04

Attorney-review banner: Draft for legal review only. This DPA is not final, not countersigned, and must be reviewed before production use.

Parties and Role Assumptions

  • Customer may be a controller/business for customer content.
  • HatchCheck may be a processor/service provider for customer content processed to provide the service.
  • HatchCheck may be an independent controller/business for account, billing, security, support, analytics, and operational records.

Subject Matter, Duration, Nature, and Purpose

Processing covers HatchCheck's provision of app checkup intake, upload-light evidence review, URL checks, findings, reports, review-note drafts, Agent Fix Packs, support, security, and privacy request handling for the term of the service relationship.

Personal Data and Data Subjects

TypesAccount info, project/app info, launch artifacts, optional notes, communications, logs, payment metadata, and AI output where configured.
Data subjectsCustomer users, team members, app reviewers named in materials, app end users represented in safe screenshots or summaries, and support/privacy requesters.

Processor Obligations

  • Process customer content only to provide and support HatchCheck unless otherwise instructed.
  • Maintain confidentiality commitments for personnel with access.
  • Use appropriate technical and organizational security measures for the V1 risk profile.
  • Assist with data subject requests, breach assistance, deletion/return, and audit information as described in final terms.

Subprocessors and Transfers

  • Subprocessors are listed at /subprocessors.
  • SCC/international transfer placeholder: [SCC_MODULES_AND_TRANSFER_IMPACT_LANGUAGE].
  • US state privacy addendum placeholder: [US_STATE_PRIVACY_ADDENDUM].

Deletion, Return, and Audit

Customer content deletion/return and audit information rights need final retention, backup, exception, and support workflow language before use.

Related Legal Pages

TermsPrivacyCookiesRefundsDisclaimerAcceptable UseTrust & SecurityDPASubprocessorsPrivacy Request

HatchCheck cookie preferences

Essential cookies are always on. Analytics, functional, and marketing cookies stay off unless you allow them. HatchCheck does not load analytics or marketing scripts before consent.