AutoCleanCRM AI CRM Hygiene

Data Processing Addendum (DPA)

Effective date: March 1, 2026

This Data Processing Addendum ("DPA") applies when AutoCleanCRM processes personal data on behalf of a customer in connection with CRM data cleansing, deduplication, and related services. If you need a signed DPA, email contact@autocleancrm.com.

1. Processing scope

We may ingest CRM records, cleanse and deduplicate them, optionally enrich selected fields, and export cleaned records back to the CRM or to customer-approved destinations.

2. Security measures

  • Least-privilege access to CRM objects and fields.
  • Review-before-apply workflows and sandbox mode (where configured).
  • Audit logs for record changes (before/after diffs and reason codes).
  • Access controls for internal operators on a need-to-know basis.

3. Subprocessors

We may use subprocessors (such as hosting, monitoring, and email delivery providers) to operate the service. Subprocessor details are provided upon request.

4. Data retention

We retain data only as necessary to perform the agreed services and to maintain required audit logs. Exact retention periods can be configured in an order form or SOW.

5. Customer instructions

The customer controls the CRM data and provides instructions regarding what objects to process, what rules to apply, and whether changes are written back automatically.

6. Contact

For privacy, security, or DPA questions, email contact@autocleancrm.com.