Data Processing Agreement

Last updated: May 18, 2026

1. Overview

Austin Matthews LLC, operating as CloseIntel.ai ("we," "our," or "us"), makes a Data Processing Agreement ("DPA") available to any paid customer. The DPA governs our role as a processor of personal data on the customer's behalf and incorporates the technical and organizational measures described on our Security page, the vendor inventory published at Sub-processors, and the data-handling commitments in our Privacy Policy. This page summarizes what the DPA covers and how to receive an executed copy.

2. What the DPA covers

GDPR Article 28 processor obligations — instructions, confidentiality, security measures, sub-processor terms, assistance with data subject rights, breach notification, and return or deletion of data at the end of the relationship.
US state privacy law processor terms — California (CCPA / CPRA), Colorado, Connecticut, Virginia, and Utah, with service-provider / processor language as required by each jurisdiction.
Sub-processor change notice— at least thirty days' advance notice of a material sub-processor addition, with the customer's right to object on reasonable grounds.
Data export and deletion— customer-initiated export of personal data in a structured format, and deletion of customer data within thirty days of account termination, subject to legal retention requirements.
Security breach notification— notice without undue delay after we become aware of a confirmed personal data breach that affects customer data.
Cross-border transfers— Standard Contractual Clauses (EU 2021/914) and the UK International Data Transfer Addendum, where applicable.
Audit and information rights— the right to receive our most recent security questionnaire response and, on reasonable notice, to request additional information needed to demonstrate processor compliance.

3. Who needs a DPA

A DPA is typically required when any of the following are true of the customer or its end users:

The customer processes personal data of individuals in the EEA, UK, or Switzerland.
The customer processes personal data of California, Colorado, Connecticut, Virginia, or Utah residents and is subject to the relevant state privacy law.
The customer's enterprise procurement process requires a signed processor agreement before deployment.

4. How to request

Email security@closeintel.ai with the legal entity name and address for the agreement. You can also use the contact form and select “Security or procurement” as the topic.

We typically acknowledge requests within one business day and send a pre-signed PDF ready for the customer's countersignature.

5. What you receive

The executed DPA is a PDF, pre-signed by an authorized representative of Austin Matthews LLC. It covers all sub-processors then in use, incorporates the live sub-processor inventory at /sub-processors by reference, and applies for the duration of the customer's subscription unless superseded by a signed master services agreement that addresses the same subject matter.

6. Related documents

See the Trust Center for our compliance posture and document index, the Security page for technical architecture, the Sub-processors page for the live vendor inventory, and our Privacy Policy for the underlying data-handling commitments.

7. Contact

Questions about the DPA can be sent to security@closeintel.ai.