Back to home
Last updated: February 20, 2026
Data Processing Addendum
This page summarizes our Data Processing Addendum (DPA) for customers who need one for compliance (for example, GDPR/UK GDPR). PermitSmash is provided by Flintime Inc. ("Flintime," "we," or "us"). To request a signed copy, contact us.
Scope
The DPA applies when Flintime processes personal data on behalf of a customer as a processor under applicable data protection laws (e.g., GDPR/UK GDPR). It does not apply to consumer use where Flintime acts as controller for the service.
Key terms (summary)
- Roles and definitions aligned to GDPR/UK GDPR.
- Processing limited to providing PermitSmash and related support.
- Appropriate technical and organizational measures for security (see Security Overview).
- Subprocessors subject to contractual protections; list available on request.
- Breach notification without undue delay as required by law.
- Data subject assistance when requests are received by the customer.
- Data return or deletion upon termination, subject to legal retention obligations.
- Standard Contractual Clauses (SCCs) for relevant transfers, where applicable.
How to request a signed DPA
Email us with your organization name, contact information, and any required terms. We will review and provide our standard DPA for signature, or work with you on reasonable adjustments where appropriate.
Email: support@PermitSmash.com