Data Processing Addendum (DPA)

Version 0.1 · 2026-07-06 · Between the organization using the service ("Controller") and Ondřej Plevka, sole trader, Czech Republic ("Processor"). Applies whenever the service processes personal data on the Controller's behalf (Art. 28 GDPR).

1. Subject matter and instructions

Processing is limited to operating the live-translation service: relaying and translating event audio in real time, optional transcript archiving, operator account management, and usage metering. The Controller's documented instructions are given through the service's settings; the Processor processes no personal data for its own purposes beyond security and billing records.

2. Categories

Data subjects: speakers at the Controller's events; the Controller's operators and volunteers. Data: live speech audio (transient), caption text (only when archiving is enabled — off by default), operator account names, sender-device names, usage records. Speech at religious events may reveal special-category data (Art. 9); the Controller is responsible for the lawful basis of capturing and translating its event audio.

3. Security

TLS on all connections; per-organization isolation (separate service instances and data directories); per-device revocable sender credentials; operator authentication with hashed passwords; audit logging of control actions; EU-only hosting; nightly backups; access limited to the Processor.

4. Subprocessors

Authorized: Google (Gemini API, paid tier — no use of Controller data for model training per Google's paid-services terms), Hetzner Online GmbH (hosting, DE), Stripe (payments). Changes are announced 14 days in advance to the contact e-mail on file; the Controller may object on reasonable data-protection grounds.

5. Assistance, breaches, deletion

The Processor assists with data-subject requests and DPIAs to the extent the service holds relevant data; notifies the Controller of personal data breaches without undue delay; and on termination deletes the organization's instance data (transcripts, accounts, devices) except billing records retained under accounting law. Usage ledgers contain no audience personal data.

6. Audits

On request, the Processor provides a written description of measures and relevant logs; on-site audits are limited to once per year, at the Controller's cost, with 30 days' notice.

Draft note: working version for pilot organizations; legal review scheduled before general availability. Signed copies on request.