Data Processing Agreement (DPA)

Last Updated: June 8, 2026

This Data Processing Agreement ("DPA") supplements the Terms of Service between you (the "Customer" or "Data Controller") and MyDashboardPro ("Company" or "Data Processor").

By using our Services to process personal data of your employees, contractors, or customers, you agree to the terms outlined in this DPA to ensure compliance with applicable data protection laws, including the GDPR and CCPA.


1. Scope and Purpose

This DPA applies to the extent that MyDashboardPro processes Personal Data on your behalf in the course of providing the Services (such as scheduling, labor management, and compliance tracking). MyDashboardPro shall process Personal Data only on your documented instructions and for the purposes outlined in the Terms of Service.

2. Roles and Responsibilities

  • Customer (Controller): You determine the purpose and means of processing Personal Data. You are responsible for ensuring that you have the appropriate legal basis (e.g., employee consent or contractual necessity) to collect and transfer the data to us.
  • MyDashboardPro (Processor): We act as a processor. We will only process the data to provide the platform functionality, secure the data, and maintain the platform.

3. Security Measures

We are committed to maintaining the confidentiality, integrity, and availability of your Personal Data. We implement and maintain appropriate technical and organizational security measures, including:

  • Encryption of data in transit (HTTPS/TLS) and at rest.
  • Role-based access controls limiting internal access to data strictly to authorized personnel.
  • Regular vulnerability scanning and security audits.

4. Subprocessors

You agree that we may engage third-party subprocessors to assist in providing the Services (such as cloud hosting providers like AWS/Google Cloud or email routing services). We maintain a current list of subprocessors and ensure that any subprocessor is bound by written agreements that offer at least the same level of data protection as this DPA.

If we add a new subprocessor, we will provide notice (via email or platform notification), giving you an opportunity to object.

5. Data Subject Rights

If we receive a request from a Data Subject (e.g., your employee) regarding their data rights (such as a request to access, correct, or delete data), we will promptly redirect the request to you, as the Controller. We will assist you, to the extent legally required and reasonably possible, in fulfilling your obligations to respond to such requests.

6. Data Breach Notification

In the event of a confirmed Personal Data Breach impacting your data, we will notify you without undue delay after becoming aware of the incident. We will provide reasonable information and cooperation to help you fulfill your data breach reporting obligations under applicable laws.

7. Deletion or Return of Data

Upon termination of your account or subscription, we will, at your choice, delete or return all Personal Data processed on your behalf, unless applicable laws require us to retain the data for a longer period.

8. Governing Law

This DPA is governed by the laws of the United States. In the event of a conflict between the terms of this DPA and the Terms of Service regarding data processing, this DPA shall prevail.

9. Contact Us

For any questions or notices related to this DPA or privacy practices, please contact us at: