Legal

Data Processing Agreement

This page summarizes how EleWave approaches data processing for customer workspace data and where to request a signed DPA.

Last updated 2026-06-02

1. Purpose

This Data Processing Agreement overview explains how elewave work B.V. approaches personal data processed through customer workspaces.

For a signed DPA or customer-specific data processing terms, contact hello@elewave.work.

2. Roles

When a customer uses EleWave to assign activities to its own employees, members, learners, customers, or participants, the customer is generally the controller for the personal data it places in EleWave.

EleWave generally acts as a processor for that customer workspace data and processes it according to the customer's documented instructions, the agreement with the customer, and applicable law.

3. Processing activities

EleWave may process personal data to provide the service, including to:

  • create and manage workspace accounts and memberships;
  • assign scheduled activities to the right people;
  • deliver activities through configured channels;
  • capture responses, proof, approvals, completion state, and audit events;
  • provide support, reliability, security, and operational monitoring;
  • comply with contractual and legal obligations.

4. Customer instructions

Customer configuration, workspace settings, activity content, assignments, schedules, integrations, and support requests are treated as customer instructions unless they conflict with the law or the applicable agreement.

Customers are responsible for ensuring that their use of EleWave has an appropriate legal basis and that they provide required notices to their own users, members, employees, or participants.

5. Subprocessors

EleWave may use subprocessors for hosting, infrastructure, authentication, email, communications, analytics, billing, support, security, and similar services needed to operate EleWave.

Subprocessors are expected to process personal data only for the services they provide to EleWave and under appropriate contractual safeguards.

6. Security measures

EleWave uses technical and organizational measures designed to protect personal data, including access controls, secure infrastructure practices, operational monitoring, and reasonable procedures for handling support and security events.

The exact measures may evolve as the platform changes.

7. Assistance and data subject requests

Where EleWave acts as a processor, we will reasonably assist customers with data subject requests, security incidents, deletion, export, and compliance obligations where required by applicable law and the customer agreement.

If an individual contacts EleWave about data controlled by a customer, we may refer the request to that customer.

8. Deletion and return

After termination or upon verified instruction, EleWave will delete or return customer workspace data according to the applicable agreement, product capabilities, and legal retention requirements.

9. Contact

For DPA requests or data processing questions, contact hello@elewave.work.