Data Processing Addendum

This Data Processing Addendum forms part of the Terms of Service where Resyno processes merchant-controlled end-customer personal data as processor.

If there is a conflict between this DPA and the Terms about processing merchant-controlled personal data, this DPA controls for that processing.

The merchant is controller for merchant-provided end-customer data and pass content.

Resyno is processor for merchant-controlled customer data used to create, deliver, update, register, or maintain Wallet passes.

Resyno is controller for account, billing, security, support, legal, and platform operations data.

Resyno processes pass content, Wallet operational data, public share links, QR behavior, generated previews, test-pass links, installation and update data, and related technical records.

Processing lasts for as long as the merchant uses the service and as needed for legal, security, billing, backup, dispute, or enforcement obligations.

Resyno processes data to create, test, sign, host, publish, deliver, update, register, maintain, troubleshoot, secure, support, and bill Apple Wallet passes and related merchant workflows.

Data may include pass text, offers, discounts, QR destinations, links, terms, brand assets, images, logos, colors, customer-facing pass data, Apple Wallet device identifiers, APNs push tokens, pass serial numbers, Pass Type IDs, install, unregister, update status, timestamps, generated preview data, public link and QR technical records, and support context.

Data subjects may include merchant users, merchant end customers or pass recipients, support contacts, and people whose information is included by the merchant in pass content or support requests.

Resyno processes merchant-controlled data only on documented merchant instructions, including the Terms, this DPA, product settings, pass settings, public URL settings, support requests, and lawful use of the service.

Resyno may refuse or suspend instructions that appear unlawful, unsafe, abusive, technically harmful, or inconsistent with these Terms.

Authorized people processing data for Resyno are subject to confidentiality obligations.

Access to production systems and sensitive operational data is limited to people and systems with a business need where implemented.

Resyno uses security measures appropriate for the MVP service, including authenticated access, company scoping, database RLS where implemented, restricted service-role usage, encrypted secrets and certificates where implemented, least privilege where implemented, validation at mutation boundaries, audit logging for sensitive operations where implemented, backups where applicable, abuse prevention, dependency updates, and security monitoring or incident response where applicable. No internet service can be guaranteed to be absolutely secure.

The merchant gives Resyno general authorization to use subprocessors needed to provide, secure, support, bill, deliver, or operate the service.

Current subprocessors include Supabase for authentication, database, storage, and security; Stripe for billing, checkout, invoices, subscriptions, tax, fraud prevention, and payment workflows; Apple Wallet/APNs for Wallet pass delivery, registration, and updates; Resend for transactional email; and Vercel for hosting, deployment, security, edge routing, and scheduled jobs where deployed.

Resyno may add or replace subprocessors by updating this DPA, the policy pages, the app, or by email notice. Merchants may object where required by law if a new subprocessor creates material data protection risk.

Data may be processed outside the European Economic Area.

Where required, transfers may rely on Standard Contractual Clauses, adequacy decisions, Data Privacy Framework participation where applicable, or equivalent safeguards.

Resyno will provide reasonable assistance with data subject requests involving merchant-controlled data.

End-customer requests may be directed to the merchant where the merchant controls the relevant data.

For the MVP, requests are handled through resyno.support@gmail.com.

On termination or request, Resyno will delete or return merchant-controlled data where reasonably possible.

Deletion and return are subject to backups, legal obligations, security logs, billing records, historical public URL aliases, Wallet technical records, and technical limitations.

Existing Wallet passes may remain on end-user devices unless removed by the user or invalidated or expired where supported.

Resyno does not guarantee remote removal from Apple Wallet devices.

Resyno will provide reasonable written information needed to demonstrate compliance where required by law.

The MVP does not include broad on-site audits unless legally required or separately agreed.

Audit rights must be exercised in a way that protects Resyno, other merchants, subprocessors, security, confidential information, and service availability.

Resyno will notify the merchant without undue delay after becoming aware of a personal data breach affecting merchant-controlled data, where required by law.

The merchant is responsible for notifying its end customers, regulators, or other parties where the merchant is legally required to do so.

The merchant must not submit sensitive personal data, payment card data, bank details, government ID numbers, passwords, medical data, biometric data, children's data, or other high-risk data into pass fields.