Last updated: July 6, 2026
This Data Processing Agreement ("DPA") forms part of the agreement between uokay ("Processor") and the customer ("Controller") and applies where uokay processes personal data on the customer's behalf within the meaning of Art. 28 GDPR. A countersigned copy is available on request via [email protected].
Processing of personal data contained in monitoring configurations, prompts, endpoint responses, and alert destinations, for the duration of the customer's account.
Executing scheduled checks against customer-configured endpoints, evaluating responses against customer-defined assertions, storing results, and dispatching alerts.
Categories depend on what the Controller configures: typically contact details of alert recipients (team members) and any personal data the Controller includes in prompts or that appears in endpoint responses. Data subjects are the Controller's personnel and, where the Controller includes such data, its end users.
The Controller grants general authorization for the subprocessors listed in the Privacy Policy. The Processor notifies the Controller of intended changes at least 14 days in advance, giving the Controller the opportunity to object. Where a subprocessor is established outside the EEA or is subject to third-country law, transfers are safeguarded by EU Standard Contractual Clauses or an adequacy decision.
Liability follows the limitations in the Terms of Service. This DPA is governed by Dutch law.