Sign in

DATA PROCESSING AGREEMENT (DPA)

Effective Date: March 21, 2026 Between: ImagoDraw Inc. (« Processor ») and the Subscriber (« Controller »)

1. INTRODUCTION & SCOPE

This Data Processing Agreement (« DPA ») forms an integral part of the Service Agreement between ImagoDraw Inc., located at 1201 Market St, Redding, CA 96001, and the Customer. This document outlines the parties’ commitment to data protection laws, including the GDPR (EU) and CCPA (California), regarding the processing of Personal Data through the ImagoDraw AI engine.

2. DEFINITIONS

  • « Personal Data » means any information relating to an identified or identifiable natural person.

  • « Processing » means any operation performed on personal data, such as collection, storage, or generation of AI assets based on user inputs.

  • « Sub-processor » means any third party engaged by ImagoDraw to assist in providing the services (e.g., cloud infrastructure providers).

[Image d’un schéma illustrant le flux de données sécurisé entre l’utilisateur et le cloud ImagoDraw]

3. ROLES OF THE PARTIES

  • Customer as Controller: The Customer is responsible for ensuring they have a legal basis for processing any personal data uploaded to ImagoDraw (e.g., photos of individuals for AI retouching).

  • ImagoDraw as Processor: ImagoDraw shall process data only upon the documented instructions of the Customer and for the sole purpose of providing high-definition image generation and editing services.

4. DATA PROTECTION & SECURITY MEASURES

In accordance with our values of technical excellence and sincerity, ImagoDraw implements rigorous security standards:

  • Encryption: Data is encrypted at rest using AES-256 and in transit via TLS 1.2+.

  • Confidentiality: All personnel authorized to process personal data are committed to strict confidentiality agreements.

  • Isolation: Customer data and generated assets are logically isolated to prevent unauthorized cross-access.

5. USE OF SUB-PROCESSORS

The Controller grants general authorization to ImagoDraw to engage sub-processors (such as AWS for GPU hosting or Stripe for payments).

  • ImagoDraw ensures that every sub-processor is bound by data protection obligations at least as restrictive as those in this DPA.

  • A current list of sub-processors is available to the Customer upon request.

6. DATA SUBJECT RIGHTS

ImagoDraw shall provide the Controller with the necessary tools to fulfill their obligations to respond to requests from individuals exercising their rights (access, correction, or deletion of data).

7. DATA BREACH NOTIFICATION

In the event of a confirmed security breach affecting Customer Personal Data, ImagoDraw will notify the Customer without undue delay (within 48 to 72 hours), providing all necessary information to comply with legal reporting obligations.

8. DELETION AND RETURN OF DATA

Upon termination of the Service Agreement, or at the Customer’s request, ImagoDraw shall delete or return all Personal Data, unless local legislation requires further storage of the data.

EXECUTION

By using the ImagoDraw platform and accepting our Terms of Service, both parties agree to be bound by the terms of this DPA.

ImagoDraw Inc. 1201 Market St, Redding, CA 96001

Contact: support@imagodraw.com | +1 916-871-3795