Data Processing Agreement

This DPA applies when Unicorn Leap Ltd processes personal data on behalf of a client (the data controller) in the course of delivering services.

Covers all personal data processed by Unicorn Leap Ltd as a data processor, including customer/end-user data handled through websites, chatbots, forms, and automation workflows we build or manage.

We process data only on documented instructions from the controller. We ensure all personnel with access are bound by confidentiality. We implement appropriate technical and organisational security measures. We assist with data subject access requests and data protection impact assessments. We delete or return all personal data at the end of the engagement, at your choice.

We use sub-processors (Vercel, Resend, Cal.com, OpenAI, CRM providers) only with prior written consent. A current list is available on request.

We will notify you of any personal data breach without undue delay and no later than 48 hours after becoming aware.

Where data is transferred outside the UK/EEA, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses).

DPA queries: info@unicornleap.co.uk