Data Processing Agreement

Version 2026-03-15
Published at 2026-03-15

Where RetentBase processes cancellation data on behalf of a customer workspace, RetentBase acts as processor and the customer acts as controller.

Processing scope

  • Hosted cancellation data
  • Custom cancellation event ingestion
  • Issue detection and reporting data tied to a workspace

Security posture

  • Workspace isolation with Supabase RLS
  • Server-side authorization for all writes
  • Signed webhooks and derived secrets for integrations
Back to home