Final DPA available on request to compliance@neyvo.ai.
Overview
Neyvo acts as data processor; customer as data controller. Includes GDPR-compliant SCCs and sub-processor notification commitments.
Key provisions
Processing scope — only as instructed by customer. Security — AES-256 at rest, TLS 1.3 in transit. Sub-processors — list at /security, 30-day notice. Rights — Neyvo assists with access/deletion. Breach — 72-hour notification. Transfers — SCCs for non-EEA.
HIPAA BAA
Healthcare customers get a BAA. Included Growth+. Add-on at Starter. Contact compliance@neyvo.ai.
Request
Email compliance@neyvo.ai or request via dashboard.