Data Processing

Effective Date: 2025

DATA PROCESSING ADDENDUM (DPA)

Effective Date: 2025

Processor: PGAGI Consultancy Pvt. Ltd. (Toingg) | Controller: Customer

1. Definitions

Definitions for Personal Data, Processing, Controller, Processor, Sub-Processor, and Applicable Laws (CCPA, TCPA, GDPR, etc.).

2. Purpose of Processing

Delivering AI services, running workflows, syncs, analytics, and support. No selling of data.

3. Roles and Responsibilities

Controller is responsible for consent and lawful use. Processor implements safeguards and follows instructions.

4. Types of Data Processed

Contact details, call audio, transcriptions, AI responses, memory, metadata.

5. Processing Instructions

Processing only as documented, per instructions, for contract duration, and compliance.

6. Sub-Processors

Toingg uses vetted providers (carriers, cloud, CRM partners). Customer notified of changes.

7. Data Residency

U.S. data hosted in U.S. infrastructure by default.

8. Security Measures

Technical controls (AES-256, TLS 1.2+, RBAC) and organizational controls (confidentiality, audits).

9. Data Retention & Deletion

Default 180 days. Customer may request deletion, export, or extended retention.

10. Data Breach Notification

Notification within 72 hours of confirmation.

11. Prohibited Processing Activities

No selling data, no advertising use, no training public AI models with customer data.

12. Audit Rights

Customer may request logs, security reviews, or third-party certifications.

13. Return or Deletion

Data returned or deleted upon termination.

14. International Transfers

Compliance with SCCs and U.S. residency rules.

Ready to Close more deals with AI?
Ready to Close more deals with AI?