RHM DigitalRHM Digital← Back to home

Legal

Data Processing Agreement

Last updated: July 2026

This Data Processing Agreement ("DPA") forms part of the agreement between RHM Digital B.V. ("Processor", "we") and the business customer using our platform ("Controller", "you") whenever RHM Digital processes personal data on your behalf, as described in Article 28 of the GDPR.

⚖ Lawyer Review Recommended: this DPA is a general framework suitable for most B2B customers. Enterprise customers with their own DPA template should contact us at info@rhmdigital.com to negotiate a customer-specific version.

1. Subject matter and duration

RHM Digital processes personal data on your behalf for the duration of your subscription, for the purpose of providing the AI visibility platform described in our Terms of Service.

2. Nature and purpose of processing

We process account data, workspace configuration, and usage data as described in our Privacy Policy, solely to operate the service, generate AI visibility measurements, and provide support.

3. Categories of data subjects

  • Your employees and authorized users who hold an RHM Digital account
  • Where relevant, individuals named in content you submit for AI visibility measurement

4. Subprocessors

You provide general authorization for RHM Digital to engage the subprocessors listed on our Subprocessors page. We will impose data protection obligations on subprocessors that are materially equivalent to those in this DPA, and remain liable for their performance.

5. Processor obligations

  • Process personal data only on your documented instructions, unless required to do otherwise by law
  • Ensure persons authorized to process personal data are bound by confidentiality
  • Implement appropriate technical and organizational security measures, as described in our Security Overview
  • Assist you in responding to data subject requests, to the extent reasonably possible
  • Notify you without undue delay after becoming aware of a personal data breach
  • Delete or return personal data at the end of the service, subject to legal retention obligations
  • Make available information necessary to demonstrate compliance with this DPA

6. International transfers

Some subprocessors, including AI model providers, are located outside the European Economic Area. Where this is the case, transfers are made subject to the European Commission's Standard Contractual Clauses or another valid transfer mechanism recognized under the GDPR.

7. Audits

On reasonable written request, and no more than once per year, we will provide information reasonably necessary to demonstrate compliance with this DPA. On-site audits may be arranged by mutual agreement and at your cost.

8. Precedence

In the event of a conflict between this DPA and our Terms of Service, this DPA prevails with respect to the processing of personal data.

9. Contact

For a signed copy of this DPA, contact info@rhmdigital.com.

Related documents

Privacy Policy
How we collect, use, and protect your personal data.
Cookie Policy
Which cookies we use and why.
Data Processing
Vendors that process data on our behalf.
Subprocessors
The full list of vendors we work with.
Data Retention Policy
How long we keep each category of data.
© 2026 RHM Digital
Legal CenterPrivacyTermsSecurityDPAAI TransparencyResponsible AIData RetentionService LevelCookie PolicyCopyrightContact