This is a working draft pending external legal review across the fourteen jurisdictions we serve (APAC + North America + the UK). For the contract-grade text, request the signed copy from [email protected].
1. Roles and data custody (BYOC)
TopAdsROI deploys the platform inside the customer's own cloud — Google Cloud, AWS, Azure, or private. In normal operation, TopAdsROI has no access to — and does not host, store, or process — the customer's end-user personal data. That data lives exclusively in the customer's cloud, in their region, under their retention policy.
- The customer is the sole controller and data custodian of end-user data at all times.
- TopAdsROI acts as a software licensor and deployment service provider — not a general data processor — for that data plane.
- Only where TopAdsROI personnel temporarily access the customer's environment under a written support request does TopAdsROI act as a limited-scope processor on documented instructions; such access is scoped, logged, and time-boxed.
- For website-visitor data on this marketing site, TopAdsROI is the controller (see Privacy Policy).
2. Subject matter and duration
Subject matter: deployment and maintenance of server-side ad-measurement infrastructure (signal capture, identity bridging, repair, deduplication, routing, retention) inside the customer's own cloud. Duration: as specified in the order form, plus 7 days for orderly decommissioning. No vendor-side data-cleanup period is required, because no customer end-user data resides with TopAdsROI.
3. Sub-processors
The customer's end-user data does not flow to any TopAdsROI sub-processor. The third parties on our Sub-processors page support only TopAdsROI's own systems (this marketing site, the admin panel, the demo CRM). The customer's cloud-provider services (Google Cloud, AWS, Azure, or private) are contracted and controlled by the customer (under that provider's own DPA), not TopAdsROI. The ad platforms the customer dispatches to (Meta, TikTok, LINE, Google Ads, LinkedIn) generally act as independent or joint controllers for their own advertising purposes — they are the customer's own recipients, contracted directly with the customer, not TopAdsROI sub-processors; customers should review each platform's data-processing / business-tools terms for the applicable role and any joint-controller obligations. We notify customers of changes to TopAdsROI-side sub-processors; the customer's right to object is preserved.
4. Cross-border transfers
Because customer end-user data stays inside the customer's own cloud, no cross-border transfer by TopAdsROI is contemplated under this DPA. Transfers of TopAdsROI's own website-visitor data (e.g. demo requests processed in our HubSpot account) are governed by the Privacy Policy, not this DPA; where such transfers occur we rely on EU SCCs, the UK IDTA, and — for Australian data — binding contractual undertakings under Privacy Act APP 8 (Australia has no formal SCC-equivalent instrument).
5. Security
The measures on the Security page are split by responsibility domain. TopAdsROI is responsible for the security of its own infrastructure (this website, the admin panel, the deployment toolchain). Security of the customer's own cloud tenancy — encryption at rest, IAM, audit logging, network controls — is the customer's responsibility; TopAdsROI ships hardened Terraform templates and secure configuration defaults but does not control or warrant the customer's infrastructure posture.
6. Audit rights
(a) TopAdsROI systems: customers may audit TopAdsROI's admin panel, deployment toolchain, and vendor-side infrastructure annually with 30 days' notice; the SOC 2 Type II report (when available) and ISO 27001 certificate satisfy this in lieu of on-site audit unless a regulator requires otherwise. (b) The customer's own cloud: the customer has direct, unrestricted access to every audit log, dataset, and access record inside their own cloud account at all times — no TopAdsROI permission is required. This is a core BYOC advantage.
7. Breach notification
TopAdsROI notifies the customer within 24 hours of becoming aware of any breach of TopAdsROI's own systems (e.g. the admin panel or demo CRM), even if the full scope is still being assessed. Because end-user data resides in the customer's own cloud, the customer is responsible for monitoring, detecting, and reporting breaches within their own tenancy, and for end-user notification under applicable law; TopAdsROI provides reasonable forensic assistance on request.
8. Return or deletion
Customer end-user data resides exclusively in the customer's own cloud, so there is nothing for TopAdsROI to return or delete — the customer retains full ownership, access, and control at all times, including after termination. On termination, TopAdsROI revokes any deployment-support access within 48 hours and provides a decommission checklist (removing the deployed containers, scheduler jobs, and IAM bindings) that the customer runs at its own discretion. The customer sets its own retention and deletion schedule (730-day default) for data in its own cloud.
