Data Processing

Last updated: June 1, 2026

If your organization processes personal data of EU/UK or California residents through ZipFencer and requires a Data Processing Addendum ("DPA") under GDPR Article 28, UK GDPR, or the CCPA service-provider provisions, we make one available on request.

Sub-processors

Our sub-processors are listed in the Privacy Policy (Section 4) and include Vercel (hosting), Supabase (database + auth), Stripe (payments), Resend (email), and Google (Maps, Geocoding, and optional OAuth sign-in).

Security

Customer data is encrypted in transit (HTTPS) and at rest. Row-level security scopes user data to its owner. Administrative access is limited and logged.

Request a DPA

Email contact@zipfencer.com with your legal entity name and signatory contact. We typically respond within five business days.