Legal
Last updated: 17 July 2026
This DPA governs BITS Blackrock IT Solutions LLC’s processing of personal data on behalf of the Subscriber under GDPR Art. 28 and equivalent provisions of regional data-protection law (including PDPL). It forms part of the Terms of Service.
The Subscriber is the controller of personal data it enters into SentiQore (including data entered on behalf of its own clients). BITS Blackrock IT Solutions LLC is the processor, acting only on the Subscriber’s documented instructions — which include operating the Service as configured.
The Subscriber authorises the sub-processors below. We impose data-protection obligations on each that are no less protective than this DPA, remain responsible for their performance, and will give reasonable notice of intended changes.
| Sub-processor | Purpose | Location |
|---|---|---|
| Hetzner Online GmbH | Hosting | Germany (EU) |
| Supabase | Database & storage | EU (Frankfurt) |
| Clerk | Authentication & identity | USA — SCCs |
| Anthropic | AI inference (Rasid) | USA — SCCs, no training on customer content |
| Lemon Squeezy | Payments (Merchant of Record) | USA — PCI-DSS |
| Sentry | Error monitoring | USA — SCCs, PII minimised |
Where personal data is transferred outside the Subscriber’s region, the transfer is covered by Standard Contractual Clauses or an equivalent approved safeguard, as reflected in the sub-processor table.
We will notify the Subscriber without undue delay, and in any event within 72 hoursof becoming aware of a personal data breach affecting Subscriber data, with the information reasonably available to support the Subscriber’s own obligations.
On termination, and at the Subscriber’s choice, we will return or delete Subscriber personal data within 30 days, except where retention is required by law.
A countersigned copy is available on request at privacy@bits-solution.com. Accepting the Terms of Service incorporates this DPA where the Subscriber acts as a controller under GDPR or PDPL.