Data Processing Addendum
Last updated: 2026-05-01. Effective from: 2026-05-01.
Operator. This Data Processing Addendum (the "DPA") is offered by ФОП Даценко А.В. (A.V. Datsenko, sole proprietor registered in Ukraine), РНОКПП 3339403456 ("CallPing", "we", "us", "our"). Mailing address: Plytkova str. 65/106, Kharkiv, Kharkivska oblast, 61047, Ukraine. For data-protection inquiries, contact [email protected].
This DPA forms part of the Terms of Service (the "Agreement") between CallPing and the customer that has accepted those Terms (the "Customer", "you"). It applies whenever the Customer is a business and CallPing processes personal data on the Customer's behalf in the course of providing the Service. The DPA applies automatically as part of the Agreement when the Customer creates a business account; no separate signature flow is required, although the Customer may download or print this page for its own records.
In the event of any conflict between the Agreement and this DPA on a data-processing matter, this DPA prevails (mirroring Terms of Service §8b). In the event of any conflict between this DPA and the Standard Contractual Clauses incorporated under §6, the Standard Contractual Clauses prevail.
This DPA is published at https://callping.app/legal/dpa. The current sub-processor list is available at Privacy Policy §6 and reproduced in Annex 2 below for the Customer's convenience.
§1. Definitions
Capitalised terms used and not otherwise defined in this DPA have the meanings given in the Agreement, in EU Regulation 2016/679 ("GDPR"), in the United Kingdom General Data Protection Regulation as it forms part of UK domestic law ("UK GDPR"), or in the Law of Ukraine "On the Protection of Personal Data" ("Ukrainian Data Protection Law"). For the avoidance of doubt:
- "Applicable Data Protection Law" means the GDPR, the UK GDPR, the Ukrainian Data Protection Law, and any other data-protection or privacy law applicable to the Processing of Customer Personal Data under this DPA.
- "Controller", "Processor", "Personal Data", "Data Subject", "Processing", "Sub-processor", "Supervisory Authority", and "Standard Contractual Clauses" or "SCCs" have the meanings given in the GDPR (or, where the context relates to UK personal data, the UK GDPR).
- "Customer Personal Data" means Personal Data Processed by CallPing on behalf of the Customer in connection with the Service. The categories of Customer Personal Data are described in Annex 1.
- "Service" means the CallPing webhook-to-phone-call alerting service, as described in the Agreement and at
callping.app. - "EU SCCs" means the Standard Contractual Clauses approved by Commission Implementing Decision (EU) 2021/914 of 4 June 2021, in the version current at the time of any cross-border transfer to which they apply.
- "UK Addendum" means the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses (Version B1.0) issued by the UK Information Commissioner's Office and effective from 21 March 2022, as the same may be updated.
- "UK IDTA" means the International Data Transfer Agreement issued by the UK Information Commissioner's Office and effective from 21 March 2022, as the same may be updated.
For the purposes of this DPA, the Customer is the Controller and CallPing is the Processor. Where the Customer is itself a Processor on behalf of an upstream Controller (for example, a managed-service provider engaging CallPing on behalf of an end-customer), the Customer remains the contracting party with CallPing under this DPA, and the Customer represents that it has all rights and authorisations from its own Controller(s) needed to engage CallPing as a Sub-processor under this DPA.
§2. Subject-matter, duration, nature, and purpose of Processing
Subject-matter. Processing of Customer Personal Data necessary for CallPing to provide the Service to the Customer in accordance with the Agreement.
Duration. Processing continues for the term of the Agreement plus any post-termination period required for return or deletion of Customer Personal Data under §4.7.
Nature and purpose. CallPing Processes Customer Personal Data to: (a) place outbound phone calls in response to webhook events submitted by the Customer; (b) maintain account, scenario, schedule, and routing-rule configuration; (c) generate call records and audit logs; (d) deliver email, SMS, or in-app communications related to the Service; (e) maintain security, prevent abuse, and meet legal, accounting, or tax obligations.
Categories of Personal Data and Data Subjects are listed in Annex 1.
§3. Customer instructions and lawfulness
Documented instructions. CallPing Processes Customer Personal Data only on the Customer's documented instructions, including with regard to international transfers (see §6). The Agreement, the Customer's configuration of the Service (scenarios, endpoints, phone numbers, routing rules), and this DPA together constitute the Customer's complete and final documented instructions to CallPing for the Processing of Customer Personal Data.
CallPing will inform the Customer if, in CallPing's opinion, an instruction infringes Applicable Data Protection Law, except where applicable law prohibits CallPing from doing so on important grounds of public interest.
Lawfulness of Customer instructions. The Customer is responsible for the lawfulness of its instructions to CallPing — including, but not limited to, the lawfulness of the legal basis for Processing under Article 6 GDPR, the consent obligations under TCPA / ePrivacy / CASL / CRTC for the recipients the Customer instructs CallPing to call, and the cross-border transfer mechanisms appropriate to the Customer's own controller-side analysis.
Compliance with law. CallPing complies with Applicable Data Protection Law in respect of its own activities as Processor. The Customer complies with Applicable Data Protection Law in respect of its own activities as Controller.
§4. Processor obligations (GDPR Article 28(3))
4.1 Documented instructions
CallPing Processes Customer Personal Data only on the documented instructions of the Customer, including with regard to international transfers, except where required to do so by law applicable to CallPing. In such a case, CallPing will (where law permits) inform the Customer of that legal requirement before Processing.
4.2 Confidentiality of personnel
CallPing ensures that personnel authorised to Process Customer Personal Data are subject to confidentiality undertakings or are under appropriate statutory obligations of confidentiality.
4.3 Security measures (GDPR Article 32)
CallPing implements appropriate technical and organisational measures ("TOMs") to ensure a level of security appropriate to the risk, taking into account the state of the art, the costs of implementation, and the nature, scope, context, and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. The current TOMs are summarised in Annex 3 and described in detail in the Security and Trust page.
4.4 Sub-processors (GDPR Article 28(2) and (4))
CallPing's engagement of Sub-processors is governed by §5 below. CallPing imposes data-protection terms on each Sub-processor that are no less protective than those in this DPA, and remains liable to the Customer for the acts and omissions of its Sub-processors as if those acts and omissions were CallPing's own.
4.5 Data Subject rights assistance
CallPing assists the Customer, by appropriate technical and organisational measures, insofar as is possible, in the fulfilment of the Customer's obligations to respond to requests for the exercise of Data Subject rights under Chapter III of the GDPR. Where CallPing receives a Data Subject rights request directly from a Data Subject in respect of Customer Personal Data, CallPing will (a) acknowledge receipt and (b) refer the Data Subject to the Customer as Controller, unless the Customer has otherwise instructed CallPing in writing.
4.6 Articles 32–34 assistance
CallPing assists the Customer in ensuring compliance with the obligations under Articles 32 to 36 of the GDPR (security of Processing, breach notification, communication to Data Subjects, data-protection impact assessment, and prior consultation with the Supervisory Authority), taking into account the nature of the Processing and the information available to CallPing.
4.7 Deletion or return at end of services
At the Customer's choice, CallPing deletes or returns all Customer Personal Data after the end of the provision of the Service, and deletes existing copies, unless applicable law requires storage of the Customer Personal Data. Default behaviour absent Customer instruction: CallPing deletes Customer Personal Data within 30 days of termination of the Agreement, except for: (a) backup copies in CallPing's normal backup-retention cycle (deleted within 90 days as those backups age out), and (b) records CallPing is required to retain under applicable law (in particular Article 44.3 of the Tax Code of Ukraine, which requires retention of primary documents and tax records for 1,095 days).
4.8 Information and audit obligations
See §8 below.
§5. Sub-processors
5.1 General authorisation
The Customer grants CallPing a general authorisation to engage Sub-processors to Process Customer Personal Data, subject to this §5.
5.2 Current Sub-processors
The current list of CallPing Sub-processors is set out in Annex 2 below and is also published in Privacy Policy §6. CallPing keeps the published list current.
5.3 Notice of new or replacement Sub-processors
CallPing notifies the Customer of any intended addition or replacement of a Sub-processor with at least 30 days' advance notice, by email to the Customer's account-administrator email address and/or by an in-product notice. The Customer may object to a new or replacement Sub-processor on reasonable data-protection grounds within that 30-day period by written notice to [email protected].
5.4 Customer right to object
Where the Customer objects on reasonable data-protection grounds and CallPing is unable, within a reasonable time, to either (a) make a change to the Service that avoids the use of the proposed Sub-processor, or (b) propose an alternative measure that addresses the Customer's data-protection concern, the Customer may terminate the Agreement without penalty by giving written notice to [email protected], and CallPing will refund any prepaid fees pro-rated to the date of termination.
5.5 Sub-processor flow-down
CallPing concludes a written agreement with each Sub-processor that imposes on the Sub-processor the same data-protection obligations as those imposed on CallPing under this DPA, in particular providing sufficient guarantees to implement appropriate technical and organisational measures.
§6. International transfers
6.1 Cross-border transfers from the EEA, UK, and Switzerland
CallPing's primary infrastructure (Cloudflare Workers, D1, KV, Queues) is globally distributed. Some Sub-processors are located outside the European Economic Area, the United Kingdom, and Switzerland (see Annex 2). Where CallPing or any Sub-processor Processes Customer Personal Data in a country outside the EEA, the United Kingdom, or Switzerland that is not subject to an adequacy decision under Article 45 GDPR (or the equivalent UK rules), CallPing relies on appropriate safeguards under Article 46 GDPR (or UK equivalent) as follows:
6.2 EU SCCs (Module 2)
The EU Standard Contractual Clauses (Module 2: Controller-to-Processor) are incorporated into this DPA by reference and apply to any transfer of Customer Personal Data from the EEA to a third country that is not subject to an adequacy decision. The Customer (as data exporter) and CallPing (as data importer) are deemed to have signed the EU SCCs on the Effective Date of this DPA. The following options apply:
- Clause 7 (Docking clause): does not apply. New parties may join only by separate written addendum.
- Clause 9 (Sub-processors): Option 2 (general written authorisation) applies. CallPing's notice obligation under §5.3 above (30 days) replaces the period in Clause 9(a) where the relevant Supervisory Authority does not require otherwise.
- Clause 11 (Redress): the optional independent dispute resolution body sub-clause does not apply.
- Clause 17 (Governing law): Option 1 — Republic of Ireland. The choice of Irish law for the EU SCCs is independent of the choice of Ukrainian law in the Agreement; this is a deliberate convention to align the SCCs with EEA enforcement practice.
- Clause 18 (Jurisdiction): Irish courts. EEA Data Subjects retain the rights under Clause 18(c) and (d).
- Annex I.A (List of parties): the Customer is the data exporter and is the Controller in respect of Customer Personal Data; CallPing (ФОП Даценко А.В., Plytkova str. 65/106, Kharkiv, 61047, Ukraine) is the data importer and is the Processor.
- Annex I.B (Description of transfer): see Annex 1 of this DPA.
- Annex I.C (Competent supervisory authority): the supervisory authority of the EEA member state in which the Customer is established, or, where the Customer is established outside the EEA but the Processing relates to the offering of goods or services to Data Subjects in the EEA, the supervisory authority of the relevant member state.
- Annex II (TOMs): see Annex 3 of this DPA, supplemented by the Security and Trust page.
- Annex III (Sub-processors): see Annex 2 of this DPA.
6.3 UK transfers
Transfers of UK personal data are governed by the UK Addendum to the EU SCCs (Version B1.0). The UK Addendum is incorporated into this DPA by reference and applies in addition to the EU SCCs above, with the conventional UK-specific selections (Tables 1–3 populated from this DPA, Table 4 marked "Importer").
6.4 Swiss transfers
Transfers of personal data subject to the Swiss Federal Act on Data Protection (FADP) are subject to the EU SCCs as adapted for Switzerland in accordance with the guidance of the Swiss Federal Data Protection and Information Commissioner.
6.5 EU-US Data Privacy Framework
Where a Sub-processor in the United States has self-certified to the EU-US Data Privacy Framework (or the UK Extension or the Swiss-US framework), the Customer agrees that CallPing may rely on the framework as the relevant transfer mechanism for Processing by that Sub-processor for so long as the framework remains in force and the Sub-processor's certification remains current. Annex 2 indicates which Sub-processors currently rely on this mechanism.
6.6 Customer co-operation
The Customer agrees to co-operate with CallPing on transfer mechanisms — including by accepting any updated Standard Contractual Clauses or addenda issued by relevant regulators within a reasonable time, where CallPing in good faith determines that an update is required to maintain a lawful transfer basis.
§7. Personal-data breach
7.1 Notification trigger
CallPing notifies the Customer without undue delay after becoming aware of a Personal Data Breach affecting Customer Personal Data. CallPing's internal target is to notify the Customer within 72 hours of CallPing becoming aware of a confirmed Personal Data Breach, mirroring the GDPR Article 33 supervisory-authority deadline.
7.2 Notification content
To the extent the information is then known and may lawfully be shared, CallPing's notification will include:
- the nature of the Personal Data Breach including, where possible, the categories and approximate number of Data Subjects concerned and the categories and approximate number of personal-data records concerned;
- the name and contact details of CallPing's data-protection contact (see Annex 4);
- the likely consequences of the Personal Data Breach;
- the measures taken or proposed to be taken to address the Personal Data Breach, including, where appropriate, measures to mitigate its possible adverse effects.
If, and to the extent that, it is not possible to provide all of the information at the same time, the information may be provided in phases without further undue delay.
7.3 Customer's onward obligations
The notification under §7.1 does not constitute an admission of fault or liability by CallPing. CallPing's notification is intended to enable the Customer to meet its own notification obligations under Articles 33 (notification to the Supervisory Authority) and 34 (communication to Data Subjects) of the GDPR, where applicable to the Customer as Controller. The Customer remains responsible for those notifications.
7.4 Co-operation with sub-processors
Where the Personal Data Breach originates with a Sub-processor, CallPing co-ordinates with the Sub-processor to obtain the information required to make the notification under §7.2.
§8. Audits
8.1 Right of audit
The Customer has the right, on reasonable prior written notice, to audit CallPing's compliance with this DPA, including by inspections conducted by the Customer or an auditor mandated by the Customer (subject to §8.2).
8.2 Audit process
To provide reasonable assurance to multiple Customers without imposing disproportionate burden, the parties agree:
(a) Notice. The Customer gives at least 30 days' prior written notice of any audit, except in the case of a credible Supervisory Authority requirement or a confirmed material breach of this DPA, in which case shorter notice may be accepted.
(b) Frequency. The Customer may exercise the audit right once per twelve-month period, except where (i) a competent Supervisory Authority requires more frequent inspection, or (ii) a confirmed Personal Data Breach has occurred since the last audit.
(c) Scope and conduct. Audits are conducted during CallPing's normal business hours, in a manner that minimises disruption to CallPing's operations. The auditor must be independent and bound by appropriate confidentiality obligations and must not be a competitor of CallPing. CallPing may reasonably refuse a particular auditor and, if it does so, will propose an alternative auditor of comparable standing within 14 days.
(d) Cost. Each party bears its own costs of an audit, except where the audit reveals a material breach of this DPA by CallPing, in which case CallPing reimburses the Customer's reasonable audit costs.
(e) Confidentiality. All information obtained or generated during an audit is the Confidential Information of CallPing and may be used by the Customer solely for the purposes of demonstrating CallPing's compliance with this DPA.
8.3 Independent third-party audit reports
In place of an audit conducted by the Customer or its mandated auditor under §8.1, the Customer agrees to accept relevant third-party certifications and audit reports that CallPing makes available — for example, SOC 2 Type II reports, ISO/IEC 27001 certificates, or other recognised industry-standard reports — when held. CallPing makes a reasonable effort to maintain such certifications as the business scales; CallPing does not currently hold a SOC 2 Type II report or ISO/IEC 27001 certification at the present scale of operations and will inform Customers proactively if and when such reports become available.
§9. Data Subject requests assistance
To the extent the Customer cannot itself respond to a Data Subject request using functionality made available in the Service, CallPing assists the Customer to respond to such requests as required by Applicable Data Protection Law, taking into account the nature of the Processing and the information available to CallPing. Where the Customer identifies an in-Service function that materially impedes its ability to respond to Data Subject requests, the Customer may notify CallPing at [email protected] and CallPing will assess what changes (if any) are reasonable and appropriate.
§10. Liability
The liability provisions of the Agreement (in particular Terms of Service §12 — Limitation of Liability) apply to this DPA. Nothing in this DPA limits or excludes any liability of either party that cannot be limited or excluded by Applicable Data Protection Law, including liability for breach of mandatory rights of Data Subjects.
§11. Term and termination
11.1 Effective date and duration
This DPA enters into force on the date the Customer creates a business account and continues for the duration of the Agreement and for any post-termination period required for the return or deletion of Customer Personal Data under §4.7.
11.2 Survival
§4.7 (return/deletion), §6 (international transfers — to the extent any post-termination Processing remains), §7 (breach notification — to the extent any incident is then unresolved), §8 (audits — for a period of 12 months after termination), §9 (Data Subject requests assistance — for a period of 12 months after termination), §10 (liability), §12 (governing law), and §13 (acceptance and conflict) survive termination.
§12. Governing law
This DPA is governed by the laws of Ukraine, consistent with the choice of governing law in Terms of Service §14, except that:
(a) the EU SCCs incorporated under §6.2 are governed by the law of the Republic of Ireland (Clause 17, Option 1 of the EU SCCs);
(b) the UK Addendum is governed by the laws of England and Wales;
(c) mandatory consumer-protection rights of EEA / UK / Ukrainian Data Subjects are preserved as required by Brussels Ibis Regulation Articles 17–19 and equivalent UK rules. EU/UK consumer Data Subjects retain the right to bring proceedings in the courts of their country of habitual residence.
§13. Acceptance, conflict, and changes
13.1 Auto-application
This DPA applies automatically as part of the Agreement when the Customer creates a business account. No separate signature flow is required.
13.2 Available for download
This DPA is published at https://callping.app/legal/dpa and may be downloaded as part of the Customer's records.
13.3 Conflict-resolution
In the event of any conflict between the Agreement (excluding this DPA) and this DPA on a data-processing matter, this DPA prevails. In the event of any conflict between this DPA and the EU SCCs (or UK Addendum, or Swiss-adapted SCCs), the SCCs prevail to the extent of the conflict.
13.4 Changes
CallPing may update this DPA from time to time — for example, to reflect new transfer-mechanism requirements, regulatory guidance, or material changes in Sub-processors. CallPing will update the "Last updated" date at the top of this page and, for material changes, notify the Customer's account-administrator email at least 30 days in advance, except where a shorter period is required by law. EU/UK consumer Data Subjects' rights under Brussels Ibis 17–19 and the consumer-law termination right in Terms of Service §15 apply equally to material changes to this DPA.
§14. Notices
Notices to CallPing under this DPA: [email protected] (with copy to [email protected]). Postal notices to: ФОП Даценко А.В., Plytkova str. 65/106, Kharkiv, Kharkivska oblast, 61047, Ukraine.
Notices to the Customer under this DPA: the email address(es) listed as account-administrator email(s) in the Customer's CallPing account, plus any in-product notification surface CallPing may operate.
Annex 1 — Description of Processing
Categories of Data Subjects.
- Customer's authorised users — individuals to whom the Customer has granted access to the Service (administrators, operators, on-call recipients).
- Recipients of CallPing-placed phone calls — individuals whose phone numbers the Customer has configured CallPing to call as part of an alerting workflow. These are indirect Data Subjects from CallPing's perspective; the Article 14 disclosure pattern is described in Privacy Policy §2.2.
- Customer's webhook source systems' personnel — where webhook payloads contain personal data (for example, employee names embedded in alert text from a monitoring system).
Categories of Personal Data.
- Account contact data — email address, optional display name, password (stored as a PBKDF2 hash).
- Phone numbers in E.164 format that the Customer configures as alerting destinations.
- Webhook payload metadata — severity, message text, source-system identifiers.
- Authentication metadata — IP address, user-agent string, last-seen timestamp.
- Call-event records — request ID, status, duration, PBX/trunk, disposition.
- Audit-log entries — phone activations / deactivations, scenario edits, role changes.
CallPing does not Process sensitive (Article 9) or criminal-conviction (Article 10) personal data in the ordinary course of operating the Service. The Customer is responsible for ensuring that webhook payloads it submits do not contain such data unless the Customer has its own lawful basis and CallPing has been informed.
Frequency of transfer. Continuous, throughout the Service term.
Nature of Processing. Storage, transmission, computation, security monitoring, billing reconciliation.
Purpose(s) of transfer and further Processing. Provision of the Service to the Customer; security; abuse prevention; tax and accounting reconciliation; fulfilment of CallPing's own legal obligations.
Period for which Personal Data will be retained. As described in Privacy Policy §7. Granular per-call records: 12 months. Aggregate billing records: as required for Paddle MoR reconciliation and Ukrainian Tax Code Article 44.3 (1,095 days). Audit log: 90 days. Backups: 90 days.
Annex 2 — Sub-processors
The following are CallPing's current Sub-processors. The current list is also maintained in Privacy Policy §6 and is updated automatically when changes occur.
| Sub-processor | Role | Location | Transfer mechanism (where applicable) |
|---|---|---|---|
| Cloudflare, Inc. | Workers (compute), D1 (database), KV (cache), Queues (delivery) — primary platform | USA (with global edge network) | EU SCCs Module 2 + EU-US Data Privacy Framework |
| Resend, Inc. | Transactional email (verification, password reset, support notifications) | USA | EU SCCs Module 2 |
| Paddle.com Market Ltd / Paddle.com Inc. | Merchant of record — billing, VAT, invoicing, refunds; independent data controller for payment data — see Privacy Policy §2.3 | UK / Ireland | Independent controller; Paddle's own DPA + SCCs apply to its onward sub-processors |
| Twilio, Inc. | SIP trunk (USA-based; outbound calls) | USA | EU SCCs Module 2 + EU-US Data Privacy Framework |
| Telnyx LLC | SIP trunk (USA-based; outbound calls) | USA | EU SCCs Module 2 |
| Zadarma Project LLC | SIP trunk (Cyprus / international; +380 destinations only — Layer 2B geo-fence) | Cyprus | DPA pursued as belt-and-braces; no EU/UK personal data flows in normal operation (see Privacy Policy §5) |
| Intertelecom (UMC) LLC | SIP trunk (Ukraine; +380 destinations only — Layer 2B geo-fence) | Ukraine | Ukrainian Data Protection Law applies; no EU/UK personal data flows in normal operation |
| Airtable, Inc. | Optional internal support workflow (ticket triage) | USA | EU SCCs Module 2 + EU-US Data Privacy Framework |
Material change notification. Per §5.3, CallPing notifies the Customer at least 30 days in advance of any change to this list. The Customer's right to object is set out in §5.4.
Annex 3 — Technical and Organisational Measures (TOMs)
The TOMs implemented by CallPing are summarised below. Detailed descriptions are maintained in the Security and Trust page.
3.1 Pseudonymisation and encryption. Customer Personal Data in transit between CallPing surfaces is encrypted using TLS 1.2 or higher. Customer passwords are stored as PBKDF2 hashes (never in plaintext). At-rest encryption is provided by Cloudflare (D1, KV, Queues) and by individual Sub-processors per their own published security standards.
3.2 Confidentiality, integrity, availability, resilience of Processing systems. Multi-region PBX infrastructure (5 servers across 4 cloud providers, 4 SIP trunks); SIP failover; per-phone PBX blacklist; Layer 2B country-aware routing as a Chapter V geo-fence; Cloudflare DDoS mitigation at the edge.
3.3 Restoration of availability and access following an incident. Cloudflare D1 and KV provide point-in-time backup-and-restore capabilities with documented RTO/RPO targets. CallPing maintains an internal incident-response process with documented escalation paths.
3.4 Process for regular testing, assessment, and evaluation of TOM effectiveness. Quarterly internal review of TOMs. Penetration testing on a risk-prioritised cadence. Continuous threat-detection monitoring via Cloudflare and Worker observability.
3.5 Identification and authentication of users. Strong password requirements; PBKDF2 storage; TOTP 2FA available; session tokens issued via custom HMAC-SHA256 JWT; HttpOnly cookie-based session with CSRF protection; step-up reauth on destructive actions.
3.6 Protection of data during transmission. TLS 1.2+ on all surfaces; HSTS preload; secure-cookie flags.
3.7 Protection of data during storage. Cloudflare D1 / KV at-rest encryption; PBKDF2 password hashing; secrets managed via Cloudflare Workers Secrets (never committed to source control).
3.8 Ensuring physical security of premises Processing personal data. Provided by infrastructure Sub-processors (Cloudflare, AWS, Google Cloud, Azure, Oracle Cloud); see their respective compliance certifications.
3.9 Ensuring events logging. Audit log table for security-relevant events; Cloudflare Workers logs for request-level telemetry; PBX call-event logs for telephony-side disposition; centralised admin dashboard surfaces.
3.10 Ensuring system configuration, including default configuration. Infrastructure-as-code via Wrangler; secrets rotated under documented operational procedures; PBX configuration tracked.
3.11 Internal IT and IT security governance and management. Documented internal policies on access control, secrets management, change management, incident response. Background checks on operational personnel where required by applicable law.
3.12 Certification / assurance of processes and products. No SOC 2 Type II / ISO 27001 certification at the current scale; the Security and Trust page describes the practices that would form the substance of such a certification when scaling justifies the investment.
3.13 Ensuring data minimisation. CallPing does not retain webhook payload contents beyond what is necessary for operational purposes; granular per-call records purged at 12 months.
3.14 Ensuring data quality. Customer can update phone numbers, scenarios, and configuration data at any time through the portal; CallPing validates phone-number format and blocks emergency / premium / toll-free / short-code numbers via src/utils/phone-blocking.ts.
3.15 Ensuring limited data retention. Per Privacy Policy §7.
3.16 Ensuring accountability. This DPA, the Privacy Policy, the Cookie Policy, the AUP, and the Terms of Service collectively document CallPing's accountability framework. Audit-log retention, breach-notification SLAs, and Sub-processor change notifications are operational expressions of that framework.
3.17 Allowing data portability and ensuring erasure. Customer can export configuration data at any time via the portal API. On termination, CallPing deletes Customer Personal Data within 30 days (subject to backup-retention cycle and statutory retention obligations) per §4.7.
Annex 4 — Data-protection contact
- Data-protection contact: Anton Datsenko ([email protected]).
- No formal Article 37 DPO appointed. The mandatory criteria (public-authority status, large-scale regular and systematic monitoring, large-scale Article 9/10 Processing) do not apply at the current scale. The assessment is documented internally and is available on request.
- Postal address: ФОП Даценко А.В., Plytkova str. 65/106, Kharkiv, Kharkivska oblast, 61047, Ukraine.
End of Data Processing Addendum.