Data Processing Agreement
Last Updated: May 17, 2026
This Data Processing Agreement ("DPA") is between Rejourney ("Processor") and the Customer ("Controller"). It outlines the parties' obligations regarding the processing of Personal Data under the General Data Protection Regulation (GDPR).
1. Scope and Purpose
Processor will process Personal Data only as necessary to provide the Service as described in the Terms, to create anonymized or aggregated outputs as authorized below, and as further specified in Annex I.
2. Authorized Anonymization and Aggregate Research
Controller instructs and authorizes Processor to analyze Customer Data and service telemetry to create anonymized, aggregated, or de-identified datasets for product analytics, service improvement, benchmarking, research, and publication of general trend reports, articles, benchmarks, and similar public findings. Processor will not publish raw session recordings, screenshots, request payloads, Personal Data, Controller confidential information, or statistics that reasonably identify or single out Controller, a specific application, or any data subject without Controller's separate permission.
Pseudonymized data remains Personal Data where it can be attributed to an individual using additional information. Anonymous information created under this section is not subject to this DPA only where the relevant individuals are not or are no longer identifiable by means reasonably likely to be used.
3. Technical and Organizational Measures
Processor has implemented and will maintain the technical and organizational measures specified in Annex II to protect Personal Data against unauthorized or unlawful processing and accidental loss, destruction, or damage.
4. Sub-processors
Controller grants a general authorization for Processor to engage Sub-processors. Processor will provide Controller with at least 14 days' prior written notice (via email or dashboard notification) before adding or replacing any Sub-processor. Controller may object in writing within 14 days of such notice. Current Sub-processors are listed below:
| Sub-processor | Purpose | Location | Transfer Mechanism |
|---|---|---|---|
| Hetzner Online GmbH | Hosting & Infrastructure | Germany (EU) | EU — no transfer |
| Cloudflare R2 | Session Data Storage | EU (Guaranteed) | EU — no transfer |
| OVHcloud US | Object Storage | United States | DPA |
| ZeptoMail (Zoho) | Email Notifications | United States | SCCs (Art. 46(2)(c)) |
| Stripe | Payment Processing | United States | SCCs (Art. 46(2)(c)) |
5. Data Subject Rights
Processor will assist Controller in fulfilling its obligations to respond to requests from individuals exercising their rights under GDPR. Please contact contact@rejourney.co for assistance.
6. Data Breach Notification
Processor will notify Controller without undue delay (and in no case later than 72 hours) after becoming aware of a personal data breach. Processor will provide Controller with all information reasonably necessary to allow Controller to comply with its own notification obligations to supervisory authorities and data subjects under GDPR Articles 33–34.
Annex I: Details of Processing
A. List of Parties
Data exporter: The Customer (Controller)
Data importer: Rejourney (Processor)
B. Description of Transfer
Categories of data subjects: End-users of the Controller's mobile applications.
Categories of personal data: IP addresses, device identifiers, approximate geolocation (country, region, city), session recordings, and interaction metadata.
Nature and purpose of processing: Providing session replay, analytics, diagnostics, security, support, and related Service functionality; improving the Service; and creating anonymized or aggregated outputs for research, benchmarking, and public trend reporting as authorized in Section 2.
Sensitive data: None. Controller is responsible for ensuring that no sensitive data is transmitted to Processor by utilizing the provided masking and redaction tools.
Annex II: Technical and Organizational Measures
Note: The following measures are default tools provided by Rejourney. Final responsibility for the appropriate configuration and use of these tools lies with the Controller.
- Access Control: Logical access controlled via multi-factor authentication and role-based permissions.
- Encryption: Data encrypted in transit using TLS 1.3 and at rest using AES-256.
- Pseudonymization: User identifiers are hashed upon ingest to prevent direct identification.
- Anonymization and Aggregation Controls: Published research and trend outputs use anonymized or aggregated data designed to prevent reasonable identification or singling out of a Controller, application, or data subject.
- Redaction: Automatic UI element masking and sensitive data scrubbing at the SDK level.
- Resilience: Regular backups and geographically redundant storage for disaster recovery.