Data Processing Agreement
This page is an overview of how processing works for managed Tracehold deployments — the paid Insight and Governance plans. In those deployments your organisation is the data controller and Tracehold is the processor under Article 28 of the GDPR. Because detection runs on the device and only metadata reaches the backend — the type of a finding, never the value behind it — the data we process on your behalf is deliberately minimal.
- You are the controller; we are the processor. We only process personal data on your documented instructions.
- We process detection metadata, not content. Type of finding, severity and timestamp — never the prompt content by default.
- Encrypted in transit and at rest, isolated per customer, with any reveal of retained text audited and permission-controlled.
- EU data residency (built and hosted in the European Union, in France, on Contabo and OVH infrastructure), with an optional full self-host where data never leaves your premises.
- A signable DPA is available on request for Insight and Governance.
1. Roles & scope
This Data Processing Agreement overview applies between Tracehold B.V. ("Tracehold", "we", "us"), formerly Verifia, established in the European Union at Werfkade 25, 1033 TA Amsterdam, Netherlands, and the organisation that subscribes to a managed Tracehold plan ("you", the "Customer").
For managed deployments — the paid Insight and Governance plans:
- the Customer is the data controller: you decide why and how personal data is processed through your deployment;
- Tracehold is the data processor: we process personal data only on your documented instructions, as set out in the DPA and the configuration of your deployment.
This page does not cover the free browser extension, which runs entirely on the device, needs no account and sends nothing to a backend — there is no controller–processor relationship there. For how the free extension and this website handle information, see the Privacy Policy. Where you choose to self-host the full stack, personal data stays on your infrastructure and Tracehold typically does not act as a processor of that data at all; the self-host terms govern instead.
2. Subject matter & duration
The subject matter of the processing is the provision of the Tracehold managed AI-DLP service: detecting sensitive data before it reaches AI tools, recording an audit trail of findings, and producing the compliance reports and regulation mapping (covering GDPR, the EU AI Act, NIS2 and DORA) that the service provides.
The duration of the processing matches the term of your subscription. We process personal data for the duration of the subscription — for as long as your managed deployment is active — plus a limited wind-down period of up to 30 days to return or delete data as described in §10. Specific retention windows are set in your configuration and recorded in the signable DPA, which governs where applicable.
3. Nature & purpose of processing
The nature of the processing is automated, on-device detection followed by the transmission of metadata about findings to your Tracehold backend. The detection itself runs on the device; the network carries the result of a check, not the content that was checked.
The purpose is strictly to deliver the service you have subscribed to:
- to detect and prevent sensitive data from leaving for AI tools (across 2,200+ AI tools/sites, using 3,400+ detection patterns);
- to give your security and compliance teams an audit trail of findings; and
- to produce the compliance reports and regulation mapping covering GDPR, the EU AI Act, NIS2 and DORA.
We do not use the personal data we process on your behalf for any other purpose, we do not sell it, and we do not use it to train AI or machine-learning models.
4. Categories of personal data & data subjects
Categories of personal data
Because detection runs on the device and the prompt never leaves the browser by default, the personal data we process as your processor is limited to detection metadata:
- the type of sensitive item detected (for example, "an API key" or "a personal identifier") — not the value itself;
- the severity of the finding;
- a timestamp;
- the AI tool or site involved and the user/account the finding relates to, for your audit trail.
By default we do not process prompt content at all. On desktop endpoints, your organisation may choose to retain the exact text behind an alert so an admin can tell a real leak from a false alarm. Where you enable that option, that text is encrypted and can only be revealed through an audited, permission-controlled action (see §7). That retained text may incidentally contain whatever your staff typed; its scope and retention are configured by you, the controller.
Categories of data subjects
The data subjects are primarily the Customer's staff — your employees, contractors and other authorised users whose interactions with AI tools are protected by the deployment. To the extent any personal data appears within retained text under the optional setting above, additional data subjects (for example, third parties mentioned by your staff) may be involved; minimising this is within your control as the controller.
5. Processor obligations & confidentiality
As your processor, and consistent with Article 28 GDPR, Tracehold commits to:
- process only on your documented instructions, including for international transfers, unless required to do otherwise by EU or Member State law (in which case we will inform you, where legally permitted);
- confidentiality: ensure that personnel authorised to process the data are bound by appropriate confidentiality obligations;
- implement and maintain appropriate technical and organisational security measures (see §7);
- engage sub-processors only under the conditions in §6;
- assist you with data-subject requests and with your obligations on security, breach notification and data-protection impact assessments (see §9);
- return or delete personal data at the end of the service, at your choice (see §10);
- make available the information needed to demonstrate compliance and allow for and contribute to audits (see §9); and
- notify you without undue delay, and in any event within 72 hours, after becoming aware of a personal-data breach affecting your data.
Our internal tooling is deliberately limited: it is least-privilege, read-only where possible, audited, and cannot open encrypted content — so the protection holds even from the inside.
6. Sub-processors
We use a small number of vetted infrastructure sub-processors to run the managed service. Each is engaged under a written contract imposing data-protection obligations no less protective than those in our DPA, and each operates within the EU on our instructions and only to the extent needed to provide the service.
The current list — and how we notify you of any intended additions or replacements so you can object — is maintained on our sub-processors page. Our hosting is provided by Contabo and OVH, in European Union (France) regions. System and transactional email is sent from Tracehold's own self-hosted mail infrastructure in the EU, so no third-party email provider acts as a sub-processor; we use no third-party error-monitoring or analytics sub-processor.
7. Security measures
Security is the product, so it is built in rather than bolted on. The technical and organisational measures appropriate to this processing include:
Encryption
Detection metadata and any retained text are encrypted in transit and at rest. Credentials and connections to your other systems are masked, never returned in plain text.
Isolation
Every customer's data is fully isolated in its own walled-off space, enforced deep in the system. The default is "deny": one organisation can never reach another's data.
Audited reveal
Where you retain the text behind an alert, it stays encrypted until an authorised admin reveals it. Each reveal needs a specific permission and is logged — who looked, when, at what.
Signed, verified updates
The browser extension, the endpoint agents and the detection rules are signed before they leave us and verified before they are applied. Nothing unsigned is accepted, and an old version cannot be slipped back in.
Identity & least privilege
Sign-in integrates with Microsoft Entra ID and Okta, hardened with brute-force protection and optional multi-factor. Internal access is least-privilege, read-only where possible, and audited.
On certifications, we describe our status plainly: ISO 27001 certification is in progress (not yet certified); for ENS, PCI-DSS and SOC 2 we are aligned with / mapped to the frameworks but not certified. You can read more on our Security page.
8. International transfers
Tracehold is built and hosted in the European Union, with EU data residency (primary region: the European Union, in France, on Contabo and OVH infrastructure). Processing of your data under this DPA takes place within the EU, so the tool that protects your data does not create a new cross-border transfer problem.
If your configuration ever required a transfer outside the EU/EEA, it would only happen on your documented instructions and under an appropriate transfer mechanism — the European Commission's Standard Contractual Clauses — with supplementary measures as needed. Organisations that prefer to keep everything on their own infrastructure can self-host the entire stack, in which case data never leaves their premises and no transfer arises.
9. Audits & assistance
We make available the information reasonably necessary to demonstrate compliance with our Article 28 obligations, and we allow for and contribute to audits, including inspections, conducted by you or an auditor you mandate, on at least 30 days' prior written notice and no more than once per year (or following a substantiated personal-data breach), subject to confidentiality and to not compromising the security or isolation of other customers.
Taking into account the nature of the processing and the limited information available to us as a processor, we will assist you:
- in responding to data-subject requests (access, rectification, erasure, restriction, objection, portability) relating to data in your deployment;
- with your obligations on security of processing, breach notification and communication to data subjects; and
- with data-protection impact assessments and any prior consultation with a supervisory authority.
10. Data return & deletion
On termination or expiry of the managed service, and at your choice, we will return the personal data we process on your behalf, or delete it, and delete existing copies, unless EU or Member State law requires us to retain it.
Because detection runs on the device and the prompt never leaves the browser by default, the volume we hold is intrinsically small. Any retained text you enabled is deleted within 30 days of termination, or on the schedule set in your configuration if shorter. Uninstalling endpoints and revoking access removes the client side under your control.
11. Liability
The allocation of liability between controller and processor — including any caps, exclusions and the interaction with the liability terms of your main subscription agreement — is governed by the liability provisions of the master subscription agreement and the signable DPA, following the apportionment principles of Article 82 GDPR. This overview page creates no contractual liability on its own.
The DPA is governed by the laws of the Netherlands, with disputes subject to the courts identified there.
A signable DPA — available on request
A complete, signable Data Processing Agreement — including the Article 28 clauses, the technical and organisational measures, the sub-processor list and any Standard Contractual Clauses where relevant — is available on request for the Insight and Governance plans.
- Request a DPA or ask a question: dpo@tracehold.com
- Privacy enquiries: privacy@tracehold.com
- General: hello@tracehold.com
- Sub-processors: see the current list
- Post: Tracehold B.V., Werfkade 25, 1033 TA Amsterdam, Netherlands
Tracehold is built and hosted in the European Union, in France, on Contabo and OVH infrastructure, with EU data residency and an optional full self-host. See our Security and Privacy Terms DPA Subprocessors pages for more.