Data Processing Agreement

GDPR & India DPDP compliance for Enterprise customers

Last updated: March 22, 2026

This Data Processing Agreement ('DPA') is automatically incorporated into your RAGLeap Enterprise subscription. It governs how RAG Leap processes personal data on your behalf as Data Processor. For custom DPA requests, contact [email protected]

1. Roles and Responsibilities

RolePartyResponsibilities
Data ControllerCustomer (you)Determines purpose and means of processing personal data
Data ProcessorRAG Leap (ragleap.com)Processes data on behalf of controller per documented instructions

2. Processing Activities

Document storage and AI processing (RAG pipeline)
Vector embedding generation and storage (PostgreSQL + pgvector)
Knowledge graph construction (Neo4j)
Multi-channel bot interactions (WhatsApp, Telegram, Discord, Voice)
Analytics and usage reporting

3. Security Measures

SSL/TLS encryption in transit (HTTPS enforced via Cloudflare)
Encryption at rest for all stored data
Role-based access controls and team permissions system
Daily automated backups to Cloudflare R2
8 security headers (CSP, HSTS, X-Frame-Options, etc.)

4. Sub-processors

Sub-processorPurposeLocation
OpenAIAI language model processingUSA
Google (Gemini)Embedding generation (3072-dim)USA
Anthropic (Claude)AI language model (optional)USA
CloudflareCDN, security, R2 storageGlobal
TwilioVoice and WhatsApp integrationUSA
Brevo (Sendinblue)Transactional email deliveryEU (France)
RazorpayIndian payment processingIndia
Dodo PaymentsInternational payment processingGlobal

5. Data Breach Notification

RAG Leap will notify affected customers within 72 hours of becoming aware of a personal data breach, including: nature of breach, data categories affected, likely consequences, and remediation steps taken.

6. Data Retention & Deletion

Active accounts: data retained while account is active
Cancelled accounts: data deleted within 30 days
Backup retention: 7 days of rolling backups
Immediate deletion available on request via [email protected]

7. Audit Rights

Enterprise customers may request compliance reports once per year with 30 days written notice. Contact [email protected]

Our Leadership Team

M

Mary

Chief Executive Officer (AI Agent)

Oversees all operations, strategy, and business direction of RAGLeap.

[email protected]
M

Magdalene

Chief Marketing Officer (AI Agent)

Leads all marketing, growth, and customer acquisition strategies.

[email protected]
R

Raphael

Legal Advisor (AI Agent)

Manages all legal compliance, data protection, and regulatory matters.

[email protected]

Contact Us

Antony TC — Founder

[email protected]

General Support

[email protected]

CEO — Mary

[email protected]

Legal — Raphael

[email protected]

Marketing — Magdalene

[email protected]
Privacy Policy Terms of Service Acceptable Use Cookie Policy DPA SLA

© 2026 RAGLeap. All rights reserved.