1. Parties and Definitions

This Data Processing Agreement (“DPA”) forms part of the contract between:

  • Controller: the Customer
  • Processor: ASTON H-S Ltd (Company No. 15866638), trading as Saont™

“Customer Data” means any personal data processed by Saont™ on behalf of the Customer.

Where the Customer is an agency, freelancer, consultant, contractor, developer, website provider, marketing provider, or similar service provider, “Customer Data” includes personal data processed through Client Workspaces, Saont Website Governance™, Saont Approval Workflows™, Saont Audit Trail™, Saont Team & Access™, and SaontDocs™ eligibility or configuration workflows on behalf of, or in relation to, Client Organisations.

2. Scope and Purpose

Processing is strictly limited to the provision of Saont™ services, including Saont Client Workspaces™, Saont Website Governance™, Saont Approval Workflows™, Saont Audit Trail™, Saont Team & Access™, Saont Operational Dashboards™, Saont Billing Infrastructure™, document delivery, support, service integrity, and platform security.

3. Processor Role

Saont™ acts as processor only to the extent it processes Customer Data on behalf of the Customer under documented instructions. Saont may separately act as controller for account administration, billing, security, fraud prevention, platform integrity, legal compliance, business operations, and other purposes described in the Privacy Policy.

Saont™ does not validate legal compliance, lawful basis, transparency, consent, authority, data accuracy, data minimisation, regulatory sufficiency, or jurisdictional suitability of Customer Data.

4. Instructions

Processing is carried out only on documented instructions from the Customer, except where applicable law requires otherwise.

Where Saont reasonably believes that an instruction infringes applicable law, creates material security risk, conflicts with another legal obligation, exceeds the scope of the Services, conflicts with documented contractual arrangements, or otherwise places Saont at material legal, regulatory, operational, or security risk, Saont may refuse, suspend, restrict, delay, or seek clarification regarding the instruction.

Saont is not responsible for verifying the legal validity, sufficiency, proportionality, necessity, or lawfulness of Customer instructions.

5. Confidentiality

All personnel authorised to process Customer Data are bound by confidentiality obligations.

6. Security Measures (Annex II)

  • Encryption in transit (TLS)
  • Role-based access control
  • Least privilege enforcement
  • Audit logging and traceability
  • Fail-closed integrity model
  • Domain-bound delivery enforcement
  • Cloudflare infrastructure protection
  • Clerk authentication systems
  • MongoDB secure storage (EU region)
  • Rate limiting and abuse detection

7. Subprocessors

The Customer provides general authorisation for Saont™ to engage subprocessors in connection with the provision, operation, maintenance, security, support, development, administration, and improvement of the Service.

Current subprocessors are identified at legal.saont.com/subprocessors. Saont™ may add, replace, remove, or modify subprocessors from time to time in accordance with its operational, technical, security, legal, regulatory, or business requirements.

Where required by applicable law, Saont™ shall ensure that appropriate contractual obligations are imposed upon subprocessors in relation to Customer Data.

8. Subprocessor Objections

Where required by applicable law, the Customer may object to a new subprocessor on reasonable data-protection grounds directly relating to the processing of Customer Data.

If Saont reasonably determines that the objection cannot be resolved through commercially reasonable measures, the Customer's sole remedy shall be to terminate the affected Service.

9. International Transfers

Where Customer Data is transferred outside the United Kingdom, Saont™ shall implement transfer mechanisms required by applicable data protection law, which may include the UK International Data Transfer Agreement (IDTA), the UK Addendum to the European Commission Standard Contractual Clauses, adequacy regulations, or other legally recognised transfer mechanisms.

The Customer acknowledges that international transfers may occur through approved subprocessors, infrastructure providers, support providers, security providers, communications providers, or other service providers used in connection with the Service.

10. Assistance

Saont™ provides infrastructure to support the Customer in meeting its obligations under applicable data protection laws, including UK GDPR, strictly in its capacity as a processor acting on documented instructions.

Such assistance may include:

  • providing structured intake, verification, and routing mechanisms for data subject rights requests;
  • recording, timestamping, and maintaining audit trails of request activity and related actions;
  • enabling controlled administrative workflows for the Customer to review, manage, and respond to requests;
  • applying limited automated actions to specific request types where predefined technical conditions and safeguards are met;
  • supporting the Customer in responding to regulatory enquiries, DPIAs, and security incidents.

Saont™ does not independently assess, validate, or determine the legal validity, scope, or outcome of any data subject rights request. Responsibility for reviewing, deciding upon, and fulfilling such requests remains solely with the Customer acting as data controller.

11. Breach Notification

Where required by applicable data protection law, Saont™ will notify the Customer without undue delay after becoming aware of a Personal Data Breach affecting Customer Data processed under this DPA.

Such notification may include information reasonably available to Saont™ at the time concerning the nature of the incident, categories of affected personal data, categories of affected data subjects, likely consequences, containment measures, remediation measures, investigation status, and recommended actions for the Customer.

The Customer acknowledges that information available immediately following discovery of a security incident may be incomplete, preliminary, or subject to change as investigations progress. Saont™ may provide supplemental updates as additional information becomes available.

Saont™ is not responsible for the Customer's obligations to assess, investigate, document, report, communicate, disclose, notify, or otherwise respond to any Personal Data Breach under applicable law. Such obligations remain the sole responsibility of the Customer acting as controller.

Notification by Saont™ of a Personal Data Breach does not constitute an admission of liability, fault, negligence, breach, wrongdoing, regulatory non-compliance, or legal responsibility.

12. Deletion, retention, preservation, and legal holds

Subject to applicable law, Customer instructions, contractual requirements, and technical limitations, Saont™ will delete, return, anonymise, restrict, archive, or otherwise handle Customer Data following termination of the applicable Service.

Saont™ may retain, preserve, archive, segregate, restrict, store, reproduce, process, transfer, disclose, or otherwise continue processing Customer Data where reasonably necessary for legal, regulatory, contractual, evidential, security, fraud-prevention, abuse-prevention, dispute-management, audit, investigation, insurance, business-continuity, intellectual-property-protection, confidential-information-protection, record-keeping, enforcement, or legal-hold purposes.

Where Saont reasonably considers that Customer Data may be relevant to an actual or anticipated claim, complaint, dispute, investigation, audit, regulatory enquiry, enforcement action, legal proceeding, security incident, fraud investigation, chargeback, ownership dispute, authority dispute, confidential-information matter, or intellectual-property matter, Saont may retain such data for as long as reasonably necessary.

Customer Data may remain within backups, archives, disaster-recovery systems, evidential stores, security systems, audit systems, investigation environments, fraud-prevention systems, and related operational systems for a period following deletion from active environments.

13. Audit Rights

Audit rights must be exercised reasonably, proportionately, and in a manner that does not unreasonably interfere with Saont's operations, security, confidentiality obligations, or obligations owed to other customers.

Saont may satisfy audit obligations through documentation, written responses, policies, certifications, summaries, security descriptions, subprocessor information, or other appropriate evidence.

14. Liability

Except to the extent required by applicable law, Saont™ shall not be liable for Customer misuse of the Service, unlawful instructions, incorrect data inputs, inaccurate Customer Data, Client Organisation actions, authority disputes, controller decisions, lawful-basis determinations, transparency decisions, retention decisions, transfer decisions, implementation decisions, governance decisions, approval decisions, publication decisions, or compliance decisions.

The liability limitations, exclusions, caps, protections, and allocation-of-responsibility provisions contained in the Terms of Service apply equally to this DPA and are incorporated by reference.

14A. Customer warranties and agency authority

The Customer represents, warrants, and undertakes that:

  • it has all rights, permissions, instructions, notices, lawful bases, and authority required to provide Customer Data to Saont™;
  • where it uses the Service for or in relation to a Client Organisation, it has authority from that Client Organisation to process the relevant data through Saont™;
  • its documented instructions are lawful, clear, complete, and consistent with applicable data protection laws;
  • it will not submit unnecessary, excessive, unlawful, inaccurate, or high-risk personal data into the Service;
  • it remains responsible for all controller obligations, including transparency, lawful basis, data subject rights, retention decisions, records of processing, DPIAs, and international transfer assessments where applicable.

To the maximum extent permitted by law, Saont shall not be liable for Customer instructions, Customer decisions, Client Organisation decisions, lawful-basis determinations, retention decisions, transparency decisions, consent decisions, implementation decisions, publication decisions, governance decisions, approval decisions, jurisdiction decisions, transfer decisions, or compliance decisions.

The liability limitations contained in the Terms of Service apply equally to this DPA and are incorporated by reference.

14AA. Reliance on Customer authority and instructions

Saont is entitled to rely upon instructions, permissions, approvals, authorisations, representations, and communications received from the Customer or any person appearing to act on the Customer's behalf.

Saont has no obligation to independently verify the Customer's authority, the authority of any Client Organisation representative, the validity of any instruction, or the contractual relationship between the Customer and any Client Organisation.

The Customer remains solely responsible for ensuring that all instructions provided to Saont are lawful, authorised, accurate, complete, and appropriately documented.

14B. International customers and local-law responsibility

This DPA is drafted primarily by reference to UK data protection law. Where the Customer, users, Client Organisations, data subjects, websites, domains, or processing activities are located outside the United Kingdom, the Customer remains responsible for determining whether additional or alternative local data protection, privacy, communications, consumer, employment, sector, secrecy, transfer, localisation, or retention laws apply.

Saont does not provide legal advice and does not determine whether the Service, Saont Website Governance™, or any Client Workspace configuration satisfies non-United Kingdom legal requirements. Any assistance provided by Saont is technical and operational only.

14C. Security limitations and shared responsibility

Saont maintains technical and organisational measures designed to protect Customer Data, but security is a shared responsibility. The Customer remains responsible for user access, device security, email security, account hygiene, role assignment, permissions, exported files, downloaded records, onward sharing, user-generated content, and actions taken by authorised users.

Saont is not responsible for security incidents, unauthorised access, data loss, disclosure, corruption, or misuse caused by Customer systems, Customer devices, compromised credentials, misconfigured DNS, user error, excessive permissions, unauthorised sharing, third-party client disputes, or Customer failure to follow security instructions.

14D. Audit and information request controls

Any audit, inspection, questionnaire, security review, evidence request, or information request must be reasonable, proportionate, directly related to Saont’s processor obligations, and subject to confidentiality, security, operational, and third-party restrictions. Saont may satisfy audit obligations by providing policies, summaries, certifications, subprocessor information, security descriptions, or written responses where appropriate.

Saont is not required to disclose trade secrets, source code, confidential architecture, vulnerability details, other customer data, commercially sensitive information, privileged material, or information that would weaken security or breach law. On-site audits require prior written agreement by Saont and may be subject to reasonable fees, scope limits, timing restrictions, and confidentiality controls.

Annex I – Processing Details

  • Subject matter: Saont™ platform
  • Duration: Service term
  • Nature: Storage, access, processing
  • Purpose: Governance infrastructure and workflows, approval workflows, auditability services, operational record keeping, account administration, and related service functionality.
  • Data subjects: Business users, customer representatives, agency users, freelancer users, consultants, contractors, Client Organisation contacts, client approvers, website contacts, support requestors, privacy-rights requestors, and individuals whose personal data is processed through Customer-controlled Service functionality.
  • Categories: Account data, authentication data, technical logs (including IP addresses, request metadata, and security records), governance records, approval records, audit records, Client Workspace data, Client Organisation data, support records, billing-adjacent records, data subject rights request data, operational records, and Customer Data submitted through Customer-controlled Service functionality.
  • Special categories: Not required