Last updated: 7 June 2026
This DPA forms part of Advisomy’s Terms of Service and applies when Advisomy processes personal data on behalf of clients, including international clients subject to GDPR or equivalent regulations.
1. Roles
- Client = Data Controller
- Advisomy = Data Processor
2. Purpose of Processing
Advisomy processes personal data solely to:
- Deliver engineering advisory services
- Provide platform functionality
- Support communication and collaboration
3. Data Security
Advisomy implements:
- Encryption in transit and at rest
- Access controls and authentication
- Audit logging
- Secure hosting infrastructure
4. Sub‑Processors
Advisomy may use vetted third‑party providers for:
- Cloud hosting
- Analytics
- Payment processing
- Communication tools
A current list is available upon request.
5. International Transfers
Where data is transferred outside Australia, Advisomy ensures:
- Adequate protection measures
- Contractual safeguards
- Compliance with applicable laws
6. Data Subject Rights
Advisomy assists clients in responding to:
- Access requests
- Correction requests
- Deletion requests
- Objections or restrictions
7. Data Breach Notification
Advisomy will notify clients without undue delay if a data breach affecting personal data occurs.
8. Termination
Upon termination of services, Advisomy will:
- Return or delete personal data
- Retain only what is legally required