How It Works Pricing FAQ
Log In Get Started

US Data Processing & Compliance

Productimiser US LLC (operating as ExactSum) complies with CCPA and the requirements of Federal Trade Commission (FTC). All data processed and stored exclusively in US-based facilities.

1. Introduction

This Data Processing Agreement ("DPA") forms part of the agreement between ExactSum, a product of Productimiser US LLC ("Processor", "we", "us") and you ("Controller", "Customer") for the provision of the US Statement Converter service ("Service").

This DPA sets out the terms under which we process personal data on your behalf when you use our Service to convert bank statements.

2. Definitions

3. Scope and Purpose of Processing

3.1 Data Processed

When you upload bank statements to our Service, we may process the following categories of Personal Data:

3.2 Purpose of Processing

We process this data solely for the purpose of:

4. Data Location and Security

US-Based Infrastructure

All data processed and stored exclusively in US-based facilities.

4.1 Data Centers Location

Our servers are located in US data centers with the following certifications:

4.2 Security Measures

We implement appropriate technical and organized measures to ensure security of processing, including:

5. Data Retention

We adhere to strict data retention policies to minimize data exposure:

6. Sub-processors

We use the following sub-processors to provide our Service:

Sub-processor Purpose Location
Hetzner Online GmbH Cloud hosting infrastructure US/Germany (EU)
Stripe Inc. Payment processing United States
Cloudflare Inc. CDN and security services US endpoints

We will notify you of any changes to our sub-processors via email or through our Service.

7. Controller Obligations

As the Controller, you confirm that:

8. Processor Obligations

As the Processor, we undertake to:

9. Data Subject Rights

We will assist you in fulfilling Data Subject rights requests, including:

Given our 24-hour deletion policy, most data subject requests will be automatically fulfilled through our standard data retention practices.

10. Data Breach Notification

In the event of a Personal Data breach, we will:

11. Audit Rights

Upon reasonable notice, we will make available all information necessary to demonstrate compliance with this DPA and allow for audits conducted by you or an appointed auditor, subject to:

12. International Transfers

All data processed and stored exclusively in US-based facilities. If international transfers of Personal Data become necessary, we will ensure appropriate safeguards are in place in compliance with CCPA, such as Standard Contractual Clauses or equivalent mechanisms.

13. Supervisory Authority

Productimiser US LLC (operating as ExactSum) processes personal data in accordance with CCPA, under the oversight of Federal Trade Commission (FTC).

More information about the relevant supervisory authority is available at https://www.ftc.gov.

14. Term and Termination

This DPA remains in effect for the duration of your use of the Service. Upon termination:

15. Liability

Liability under this DPA is subject to the limitations set out in our Terms of Service.

16. Amendments

We may update this DPA to reflect changes in law or our practices. Material changes will be notified via email to registered users. Your continued use of the Service constitutes acceptance of the updated DPA.

Contact Us

For questions about this Data Processing Agreement or to exercise your rights, please contact our Data Protection team:

ExactSum (Productimiser US LLC)

Email: legal@usstatementconverter.com

Website: usstatementconverter.com