Data Processing Agreement

Last updated: August 2025

1. Parties

This Data Processing Agreement ("DPA") is entered into between Hi.AI Design ("Processor") and the Client ("Controller").

2. Subject Matter

The Processor provides AI design, deployment, and hosting services. This DPA governs the processing of personal data under those services.

3. Types of Data

Personal data may include: names, emails, job applications, CRM records, HR and finance information, depending on the services requested.

4. Purpose of Processing

Data is processed to deliver contracted AI solutions (e.g., CRM automation, HR onboarding, finance reporting).

5. Security Measures

Hi.AI Design ensures technical and organizational measures including:

• EU-based Azure hosting
• Data encryption in transit and at rest
• Restricted access and authentication controls

6. Subprocessors

We may use subprocessors including Microsoft Azure, Gmail, Stripe, and other trusted providers. Clients will be notified of changes.

7. Rights of Data Subjects

We assist the Client in fulfilling data subject rights (access, correction, deletion, portability) as required by GDPR.

8. Duration & Deletion

Personal data is processed only for the duration of the contract. At termination, data will be deleted or returned as instructed.

9. Liability

Each party remains responsible for compliance with applicable laws. This DPA is governed by French law.

10. Contact

For questions about this DPA, contact us at:

Email: hiaicontactparis@gmail.com

Phone: +33 6 62 04 85 09