Data Processing Addendum

When Bytevon processes personal data within a customer's agentic system, the customer is the controller and Bytevon is the processor. This addendum supplements the customer agreement and governs that processing.

This document is a plain-language statement of current practice. It is reviewed by counsel before each material release; for the authoritative executed version applicable to your contract, contact legal@bytevon.com.

Bytevon processes personal data only on the documented instructions of the customer, including with regard to transfers, unless required otherwise by law — in which case we inform the customer before processing, where legally permitted.

Bytevon maintains technical and organisational measures appropriate to the risk — identity and access control, encryption in transit and at rest, sandboxed execution, and an append-only audit log. See the Security page for specifics.

Bytevon engages subprocessors only under written terms imposing equivalent data-protection obligations. Customers receive notice of new subprocessors and may object on reasonable data-protection grounds. On-prem deployments use no subprocessors.

Where personal data is transferred across borders, transfers are made under an approved transfer mechanism (such as Standard Contractual Clauses). On-prem and in-region deployments avoid cross-border transfer entirely.

Bytevon assists the customer with data-subject requests and with deletion or return of personal data on termination, in line with the customer agreement and applicable law.