Skip to main content

Data Processing Addendum

v1.0.0

This page explains how business customers can request a data processing addendum for ChangeSentry. It is an overview, not a signed DPA. ChangeSentry is operated by ParamountTD LLC, doing business as ChangeSentry, P.O Box 123, Phoenix AZ, 85001. Contact us to request a signed DPA template.

1. When a DPA applies

A DPA may be appropriate when a business customer uses ChangeSentry to process personal data in monitored page content or related monitor configuration and ChangeSentry acts as that customer's processor or service provider. ChangeSentry generally remains a controller or business for account, billing, support, security, website visitor, and product analytics data.

2. Customer instructions

Customer instructions are limited to lawful use of the service, settings configured in the product, written support instructions we accept, and any signed DPA or order form. Customers are responsible for confirming they have authority to monitor configured pages, process the resulting content, and send alerts to chosen destinations.

3. Processing activities

  • Creating and managing monitors, selectors, intervals, tags, and alert channels.
  • Crawling configured URLs and processing extracted text, titles, hashes, and diffs.
  • Generating change history, notifications, and AI-assisted summaries where enabled.
  • Providing support, troubleshooting, security controls, abuse prevention, and logs.
  • Deleting, exporting, or restricting account data where required and technically feasible.

4. Subprocessors

ChangeSentry uses vendors and subprocessors to provide the service. The current public inventory is available on the Subprocessors and Vendors page. Material changes may be announced through reasonable notice, such as website, product, account, or email notice depending on the change.

5. International transfers

ChangeSentry and its vendors may process data in the United States and other countries. Where required, signed DPA terms may include Standard Contractual Clauses, the UK International Data Transfer Addendum or equivalent terms, and other appropriate transfer safeguards. Customers should request transfer-term review before submitting regulated or sensitive data.

6. Security and assistance

ChangeSentry uses managed infrastructure, HTTPS in production, authentication controls, crawler safeguards, rate limits, audit logging where applicable, and managed encryption at rest. Production notification secrets should be encrypted when the required secret configuration is present. ChangeSentry will provide reasonable assistance with data subject requests, deletion, export, security questionnaires, and incident review as required by a signed DPA and applicable law.

7. Return and deletion

Account deletion currently includes a 30-day recovery window and may anonymize selected fields, pause or delete monitors, and retain records required for billing, tax, legal, security, audit, abuse-prevention, backup, or dispute purposes. Signed DPA terms should define return/deletion assistance and any practical limits.

8. How to request a DPA

  1. Email privacy@changesentry.com from your business email address.
  2. Include your organization name, account email, requested legal entity, and deadline.
  3. Attach your preferred DPA or ask for ChangeSentry's standard template.
  4. Include any required transfer terms, security questionnaire, or subprocessor review requirements.

9. Related pages

Review the Privacy Policy, GDPR overview, Subprocessors and Vendors, and Security pages for related operational detail.