Data Processing Agreement
1. Parties & relationship
"Customer" is the property management business (or individual landlord) holding a Summit Automations subscription.
"Summit" is Summit Automations, a sole-founder Utah operation.
For purposes of GDPR / CCPA-style data-protection law: Customer is the data controller of tenant data; Summit is the data processor. Summit only processes tenant data on Customer's instructions (provided implicitly by Customer's use of the product features).
2. Categories of data processed
| Category | Examples | Source |
|---|---|---|
| Tenant identity | Name, email, phone, status (active/applicant/past) | Customer-entered or forwarded from tenant email |
| Property + lease data | Addresses, units, lease terms, rent amounts | Customer-entered |
| Payment status | Rent due dates, amounts paid, payment methods on file | Customer-entered; Stripe for card processing only |
| Maintenance + communications | Tickets, vendor assignments, tenant email threads, AI replies | Inbound email forwarding + Customer dashboard activity |
| Screening data | Income, employer, credit score (when entered by Customer) | Customer-entered via the screening form |
Summit does not process tenant Social Security Numbers, drivers' license numbers, or full payment card numbers. Stripe handles all card data under its own PCI compliance.
3. Subprocessors
Summit relies on the following third-party services to operate the Service. Each receives only the data necessary for its function:
| Subprocessor | Purpose | Data shared | Location |
|---|---|---|---|
| Anthropic, PBC | AI model that drafts agent replies | Tenant message content + Customer-configured prompts | US |
| Stripe, Inc. | Subscription billing + tenant rent payments | Customer billing info; tenant payment method tokens (no full card numbers) | US |
| SendGrid (Twilio) | Inbound + outbound email infrastructure | Tenant email message bodies + addresses | US |
| Twilio, Inc. | SMS notifications when SMS automation is enabled | Tenant phone numbers + message bodies | US |
| Render (or successor host) | Application hosting + database | All Customer + tenant data (encrypted at rest) | US |
Customers are notified by email at least 30 days before any subprocessor change. The current list lives at this URL; the version date is at the top.
4. Commitments Summit makes
4.1 No sale of data
Summit does not sell, license, or rent tenant data — including names, contact info, payment patterns, lease terms, or communication content — to any third party for any purpose. This applies regardless of whether the data is identified or de-identified.
4.2 No model training
Summit does not train AI models on Customer tenant data. Anthropic's commercial API terms (which apply to Summit's use of Claude) state that customer content sent through the API is not used to train Anthropic's models. Summit does not run its own models and does not derive training datasets from Customer data.
4.3 No cross-operator access
Tenant data is scoped at the database query layer by Customer-account ownership. Summit's agent and tools cannot return one Customer's tenant data in response to another Customer's session. The owner-scoping is enforced in database.py at the SQL filter level and double-checked in tool handlers.
4.4 Security measures
- TLS in transit for all connections (HTTPS only on the public site and API).
- AES-256 encryption at rest via the hosting provider's managed Postgres.
- Bcrypt password hashing.
- JWT session tokens with 7-day expiry; revocation on logout.
- Stripe + Twilio + SendGrid + Anthropic credentials stored encrypted at the env-var level.
- Audit log on every mutation made by team members.
Summit is not SOC 2 certified as of this version. We pursue certification once revenue supports the engagement cost. If formal certification is a precondition for your contract, tell us — we'll let you know our current timeline.
4.5 Breach notification
In the event of a security incident affecting Customer data, Summit will notify the Customer's primary email contact within 72 hours of discovery, including: nature of the incident, data categories involved, mitigation taken, and steps the Customer should take.
4.6 Deletion + portability
Customer may request:
- Full export of all tenant + property + communication data in a machine-readable format (JSON or CSV). Provided within 14 days of request.
- Full deletion of the Customer account + all tenant data. Completed within 30 days; backups purged on standard retention cycle (max 60 days). Written confirmation provided.
5. Customer obligations
Customer agrees to:
- Have a lawful basis (lease, applicant intake, etc.) for the tenant data entered into Summit.
- Notify tenants that an AI agent processes their inbound email — Summit provides recommended notice language on request.
- Use Summit only for legitimate property-management purposes covered by the Subscription Agreement.
- Maintain account credentials securely. Customer is responsible for actions taken under its account credentials.
6. Termination
Either party may terminate the subscription per the Subscription Agreement's terms. On termination:
- Customer's access ends immediately.
- Customer has 30 days to request data export.
- After day 30, all Customer data is permanently deleted from production systems within 30 additional days. Backup purge completes within 60 days of deletion (90 days total from termination).
7. Governing law
This DPA is governed by the laws of the State of Utah, USA. Disputes are resolved in Salt Lake County, Utah courts.
8. Updates
Summit may update this DPA. Material changes are notified 30 days in advance by email. Continued use of the Service after the effective date constitutes acceptance.
9. Contact
For DPA questions, deletion requests, or to escalate a privacy concern:
summitautomationsslc@gmail.com
Summit Automations, Salt Lake City, UT 84101