🤝 Data Processing Agreement (DPA)

Last Updated: July 31, 2025

1. Scope and Applicability

This Data Processing Agreement ("DPA") is an integral part of the Terms of Service between Centi Clinic ("Processor") and you, our valued client ("Controller"). This DPA governs the processing of all personal data, including Protected Health Information (PHI), under stringent regulations like GDPR and HIPAA.

2. 👥 Roles and Responsibilities

The Controller (you) is the entity that determines the purposes and means of processing personal data. The Processor (Centi Clinic) is the entity that processes this data on your behalf.

3. Our Obligations as Processor

Centi Clinic is obligated to:

• Process personal data only on documented instructions from you.
• Ensure all authorized personnel are bound by strict confidentiality agreements.
• Implement and maintain appropriate technical and organizational security measures to protect all data.

4. Sub-processors

To provide our services, Centi Clinic may engage trusted third-party sub-processors (e.g., cloud hosting providers). We maintain a list of these sub-processors and ensure they are bound by data protection obligations that are at least as strict as those in this DPA.

5. ✉️ Contact Us

For any inquiries regarding this DPA or our data processing practices, please contact us at info@centiclinic.com.