Template notice: this page is a structured starting point generated by DocuForge Enterprise AI and has not been reviewed by a lawyer. Replace or have counsel review this content before relying on it, especially the limitation-of-liability, data-processing, and AI-output sections.
This summary describes how DocuForge processes personal data on behalf of business customers (“Controllers”). A full, signable DPA is available on request for customers requiring one under GDPR Art. 28 or similar.
Roles
Customer is the Data Controller for personal data included in project descriptions or generated documents. DocuForge is the Data Processor. AI subprocessors process data solely to generate the requested output.
Sub-processing
Customer consents to DocuForge engaging the subprocessors listed on the Subprocessors page. DocuForge will provide notice of new subprocessors where required.
Security Measures
Encryption of secrets at rest, tenant-isolated data access, audit logging of administrative actions, and malware scanning of uploaded files.