MendzCo

Legal

Data Processing Addendum

Last updated 1 June 2026

This addendum forms part of the agreement between you (the controller) and MendzCo (the processor) for the personal data we process on your behalf.

1. Roles

You are the data controller for the operational and guest-availability data you connect. MendzCo acts as a processor, handling that data only on your documented instructions.

2. Scope of processing

We process the data needed to sync calendars, display sync health, send the alerts you configure, and publish the feeds you create. The subject matter is calendar availability and account data; the duration is the life of your account.

3. Confidentiality

Personnel authorised to process your data are bound by appropriate confidentiality obligations.

4. Security

We maintain technical and organisational measures appropriate to the risk, including encryption in transit, token-scoped feeds, and least-privilege access.

5. Sub-processors

We use vetted sub-processors (such as hosting and payment providers) under written terms that impose equivalent data-protection obligations. We will inform you of material changes to our sub-processors.

6. Data subject requests

We assist you in responding to data subject requests, and provide self-service export and deletion tools within the panel.

7. Breach notification

We will notify you without undue delay after becoming aware of a personal data breach affecting your data.

8. Deletion & return

On termination, we delete or return your personal data in line with the deletion process described in your settings, save where retention is required by law.

This document is a plain-language template provided for the MendzCo product and is not legal advice. Replace it with your own reviewed policy before relying on it commercially.