This Data Processing Agreement ("DPA") supplements our Terms of Service and Privacy Policy and applies when ALLEN Agent LLC ("we", "us", "Processor") processes personal data on behalf of a Client ("you", "Controller") in the course of providing services.
1. Scope and Definitions
This DPA applies to the processing of personal data by ALLEN Agent LLC on behalf of the Client. Terms used in this DPA have the meanings defined in:
- The General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR");
- The California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA);
- Other applicable data protection laws.
2. Roles of the Parties
The Client acts as the Data Controller and determines the purposes and means of processing personal data. ALLEN Agent LLC acts as the Data Processor and processes personal data only on documented instructions from the Client.
3. Subject Matter and Duration
The subject matter of processing is the personal data provided by the Client for the purpose of receiving services from ALLEN Agent LLC. The duration of processing corresponds to the duration of the engagement defined in the applicable Statement of Work, plus any retention period required by law.
4. Nature and Purpose of Processing
ALLEN Agent LLC processes personal data for the purpose of:
- Building and deploying AI agents, automation systems, and digital marketing solutions;
- Performing technical support and maintenance;
- Training AI models (only with explicit Client consent);
- Complying with legal obligations.
5. Categories of Data Subjects and Personal Data
Categories of data subjects may include the Client's customers, employees, prospects, or website visitors. Categories of personal data may include names, email addresses, phone numbers, business contact details, content of communications, and any other data the Client chooses to share or process via systems we build.
6. Processor Obligations
ALLEN Agent LLC agrees to:
- Process personal data only on documented instructions from the Client;
- Ensure that personnel authorized to process personal data are bound by confidentiality;
- Implement appropriate technical and organizational security measures (see our Security Policy);
- Assist the Client in responding to data subject requests (access, deletion, portability, etc.);
- Notify the Client without undue delay of any personal data breach;
- Assist with data protection impact assessments where required;
- Delete or return all personal data at the end of the engagement, unless retention is required by law.
7. Sub-Processors
The Client authorizes ALLEN Agent LLC to engage sub-processors (such as cloud hosting providers, AI model APIs, payment processors, and analytics services) for the provision of services. We maintain a current list of sub-processors and will notify the Client of changes. Sub-processors are bound by data protection obligations equivalent to those in this DPA.
Common sub-processors include: Anthropic, OpenAI, Google Cloud, Amazon Web Services, Microsoft Azure, Stripe, PayPal, Slash, Zapier, Make, and similar service providers. A current list is available on request.
8. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA), United Kingdom, or other restricted regions, ALLEN Agent LLC ensures appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs), adequacy decisions, or other approved transfer mechanisms.
9. Security Measures
ALLEN Agent LLC implements appropriate technical and organizational measures to protect personal data, including:
- Encryption in transit (TLS) and at rest (where applicable);
- Access controls and authentication (multi-factor authentication);
- Regular security reviews and updates;
- Incident response procedures;
- Employee confidentiality and training.
See our Security Policy for more details.
10. Data Subject Rights
If a data subject contacts ALLEN Agent LLC directly with a request to exercise their rights (access, rectification, deletion, portability, etc.), we will forward the request to the Client without undue delay and assist as reasonably required.
11. Audits and Compliance
The Client may request reasonable information necessary to demonstrate compliance with this DPA. Audits may be conducted no more than once per year (except in case of a personal data breach), with reasonable advance notice and at the Client's cost.
12. Liability and Indemnification
Liability under this DPA is subject to the limitations set out in our Terms of Service.
13. Term and Termination
This DPA remains in effect for the duration of the engagement under the applicable Statement of Work. Upon termination, ALLEN Agent LLC will delete or return all personal data to the Client, except where retention is required by law.
14. Governing Law
This DPA is governed by the laws of the State of Texas, United States, in conjunction with applicable data protection laws (GDPR, CCPA/CPRA, etc.).
15. Contact
For any questions about this DPA or to request a signed copy, contact contact@allenagent.llc.
Questions about this policy?
ALLEN Agent LLC · Operated by Chris Allen Schulenberg Sr
1637 E Missouri Ave, Dallas, TX 75216, United States
Email: contact@allenagent.llc
Phone: +1 737-378-2419
EIN: 42-2584400