Last updated: June 2026
This Data Processing Agreement ("DPA") forms part of the Terms of Service between you ("Controller") and WrapIQ ("Processor") regarding the processing of personal and business data within WrapIQ.
You are the Data Controller of the employee compensation data and personal information you enter. We act as the Data Processor, processing this data only on your documented instructions to provide the Service.
We process the following categories of data on your behalf: employee names, labor categories, salary figures, bill rates, and indirect cost rate assumptions. Processing is limited to storage, calculation, and display within the Service.
We treat all compensation and financial data as confidential. Access is restricted to authorized personnel bound by confidentiality obligations, and only as necessary to operate and support the Service.
We engage the following sub-processors, each bound by data protection obligations: Cloudflare (hosting & storage), Stripe (payments), Resend (email), and Anthropic (AI document analysis). Uploaded financial documents are transmitted to Anthropic for analysis but are not retained.
We will assist you in responding to requests from individuals to access, correct, or delete their personal data, to the extent such data is within the Service.
In the event of a personal data breach affecting your data, we will notify you without undue delay and within 72 hours of becoming aware, providing available details and remediation steps.
Upon termination of your subscription, or upon your request, we will delete your organization's data from our production systems. Backups are purged on a rolling basis.
Data protection inquiries: privacy@wrapai.com