How Aster processes personal data on your behalf as your processor, for customers who need a DPA for their own compliance.
You are the data controller; Aster is the data processor acting on your documented instructions.
We process candidate and workspace personal data solely to provide the service described in our agreement.
We apply technical and organisational measures including encryption in transit and at rest, access controls, and audit logging.
We use the subprocessors listed on our Subprocessors page and will give notice of changes.
Where data moves across regions we rely on appropriate safeguards such as Standard Contractual Clauses.
We help you meet data subject requests and delete or return personal data at the end of the agreement.
This is a plain-English summary, not the full terms.
For the complete, current document or a signed copy, contact our team.
Related documents