Data Processing Addendum
How Snohai protects, processes, and secures your data —
built for full compliance with India’s Digital Personal Data Protection Act, 2023.
- Process only on your documented instructions
- Security incident alerts without undue delay
- India-first hosting, audit rights included
- Sub-processors held to the same standard
Why a Formal DPA Matters
The risk of undefined data handling, vs. the protection a clear DPA provides
WITHOUT A DPA
-
Undefined data roles
Unclear who is liable for a breach
-
No breach notification SLA
Delayed response to incidents
-
Unverified sub-processors
No visibility into third parties
-
No audit rights
Cannot verify compliance claims
WITH SNOHAI DPA
-
Clear Fiduciary / Processor roles
Defined under the DPDPA
-
Notification without undue delay
Assistance with regulator filings
-
Vetted sub-processors
Held to the same DPA standard
-
Annual audit rights
Full transparency, your cost
How Your Data Flows Through Snohai
From submission to deletion — every stage covered by this DPA
1. Data submittedYou upload data via Snohai Products
2. Securely processedPer your documented instructions only
3. Retained as neededOnly for the term of the agreement
4. Incidents flaggedYou're alerted without undue delay
5. Deleted or returnedOn termination, at your request
Clear roles, clear accountability
You control the purpose and lawful basis for processing — Snohai never decides why data is collected.
Snohai processes only on your documented instructions, with confidentiality enforced across our team.
Data Principals’ rights requests are supported with the technical assistance you need to respond.
What Snohai Processes
Built into Snoh Fusion, Snoh Ava, and Snoh Docs
Snohai's Obligations as Processor
Built into every clause of this DPA
No delay
Security incident notification timeline
1x / year
Maximum audit frequency, your cost
100%
Sub-processors held to DPA standard
On request
Data deletion or return after termination
Before A DPA
- No defined retention policy.
- Unclear consent obligations.
- No transfer safeguards.
- Ambiguous governing law.
AFTER A DPA
- Defined retention & deletion.
- Roles split per DPDPA.
- SCCs for cross-border transfers.
- Governed by laws of India.
Personal Data Types Covered
DPA Snapshot
Key terms at a glance
Governing Law
India
Conflict Priority
DPA prevails
Amendments
Written only
Audit Rights
1x / year
In short: This DPA is governed by Indian law, takes precedence over the Main Agreement on data matters, forms the complete agreement on data processing, and can only be changed with signed written consent from both Snohai and the Customer.
Questions about this DPA?
Talk to our team about compliance, security, or data handling.