Back to home

Data Processing Agreement (DPA)

Effective:

This Data Processing Agreement (“DPA”) supplements the Terms of Service between LetsApp, Inc. dba QuoteLogic (“QuoteLogic”) and the customer using the service (“Customer”).

This DPA applies to the processing of personal data in connection with the use of QuoteLogic.

1. Roles

Customer is the data controller.

QuoteLogic is the data processor and processes personal data only on behalf of the Customer in accordance with this DPA.

2. Categories of Data

QuoteLogic may process the following categories of personal data:

  • User account information (e.g., name, email) processed through WorkOS
  • Application data (e.g., quotes, pricing data, contacts, preferences)
  • Usage and operational data for monitoring and reliability

3. Purpose of Processing

Personal data is processed solely to provide, maintain, and improve the QuoteLogic service, including authentication, data storage, synchronization, and application functionality.

4. Subprocessors

QuoteLogic uses the following subprocessors:

  • WorkOS (authentication and identity management)
  • Convex (application data storage and backend infrastructure)
  • Stripe (payment processing)
  • PostHog (usage analytics)
  • Sentry (error monitoring)

Each subprocessor processes data only as necessary to provide its services.

5. Security Measures

QuoteLogic implements appropriate technical and organizational measures, including:

  • Encryption of data in transit using TLS
  • Encryption of data at rest through infrastructure providers
  • Authentication and identity management via WorkOS
  • Access controls to restrict data to authorized users

6. Data Retention

Customer data is retained for the duration of the service relationship unless otherwise required or agreed.

Enterprise customers may define custom data retention requirements through a Master Services Agreement (MSA).

7. Data Deletion

Customer may delete their account at any time.

Upon account deletion, all associated data is permanently deleted, including:

  • Pricing data
  • Quotes
  • Contacts
  • Logos
  • Fine print
  • Support rules

Customers are responsible for exporting their data prior to deletion. QuoteLogic provides export functionality within the application.

8. Device Data Handling

Data stored on user devices for application performance, preferences, and offline use is cleared on logout or session expiration and restored securely upon authentication.

9. Data Subject Rights

QuoteLogic supports Customer in responding to data subject requests, including access, correction, and deletion, as applicable under relevant data protection laws.

10. International Data Transfers

Data may be processed in the United States and other locations where QuoteLogic’s subprocessors operate.

QuoteLogic relies on its infrastructure providers to maintain appropriate safeguards for international data transfers.

11. Updates

QuoteLogic may update this DPA from time to time. Continued use of the service constitutes acceptance of the updated terms.

12. Contact Information

If you have questions about this DPA, please contact LetsApp™ via our contact form.