Back to site
Legal

Data Processing Agreement

Last updated: July 3, 2026

This Data Processing Agreement (DPA) is entered into by and between Klariqo (India) and the legal entity accessing or using Klariqo's services (Client), and governs the processing of Personal Data in connection with the services provided under the Klariqo Terms of Service.

1. Scope, Roles & Interpretation

Parties and Roles

The parties agree that for the purposes of processing Personal Data under this DPA, the Client acts as the Controller and Klariqo acts as the Processor of the Personal Data.

Definitions

Scope

This DPA applies to the processing of Personal Data of the Client's callers, customers, and representatives in connection with Klariqo's Managed Voice AI and Compliance and QA Layer services.

2. Details of Processing

Subject Matter

The processing of Personal Data by Klariqo to provide conversational AI, automated call transcription, post-call recording ingestion, quality assurance (QA) evaluation, and the generation of signed, tamper-evident evidence records (vCons).

Nature and Purpose

Duration of Processing

The processing of Personal Data shall continue for the duration of the Client's active subscription, plus the standard deletion window of 30 days following the termination of the subscription, unless a longer retention period is explicitly requested by the Client or required by applicable law.

Categories of Data Subjects

The Client's callers, customers, consumer leads, employees, agents, or other representatives whose voices, interactions, or details are processed through the Klariqo platform.

Categories of Personal Data

3. Processor Obligations

Documented Instructions

Klariqo shall process Personal Data only on the documented, written instructions of the Client, including instructions configured in the Client's dashboard, API integrations, and as set forth in this DPA and the Terms of Service. Klariqo shall immediately inform the Client if, in its opinion, an instruction infringes applicable data protection laws.

Confidentiality of Personnel

Klariqo shall ensure that all employees, contractors, and agents authorized to process Personal Data are bound by strict contractual or statutory confidentiality obligations.

Security Measures

Klariqo shall implement and maintain appropriate technical and organizational security measures designed to protect Personal Data against unauthorized access, alteration, disclosure, accidental loss, or destruction. These measures include:

Assistance with Data Subject Requests

Klariqo shall, taking into account the nature of the processing, implement technical and organizational measures to assist the Client in fulfilling its obligations to respond to data subjects exercising their rights under applicable privacy laws (such as access, deletion, and rectification).

Personal Data Breach Notification

Klariqo shall notify the Client in writing without undue delay, and in any event within 72 hours, after becoming aware of any accidental, unauthorized, or unlawful acquisition, disclosure, loss, or destruction of Personal Data processed under this DPA.

4. Sub-Processors

General Authorization

The Client grants general written authorization to Klariqo to engage the sub-processors listed in Section 5 of the Klariqo Privacy Policy to perform infrastructure and specialized service delivery functions.

Notice of Changes

Klariqo shall provide at least 30 days advance notice to the Client of any planned additions or replacements to its sub-processor list. The Client may object to the change on reasonable data-protection grounds by notifying Klariqo in writing within 15 days of receiving the notice.

Sub-Processor Agreements

Klariqo shall bind all engaged sub-processors to written agreements containing data-protection terms that are no less protective than those set forth in this DPA. Klariqo remains fully liable to the Client for the performance of its sub-processors' obligations.

Zero-Knowledge Witnessing

The Client acknowledges that JLINC, as a cryptographic witnessing partner, receives only zero-knowledge hashes and cryptographic signatures of compliance records. JLINC never receives raw audio, caller identities, transcript text, or QA scores.

5. International Data Transfers

US Processing Infrastructure

The Client acknowledges that Personal Data processed under this DPA is transferred to and processed on cloud infrastructure located in the United States.

Transfer Safeguards

To the extent that the transfer of Personal Data from the European Economic Area (EEA), United Kingdom (UK), or Switzerland to India or the United States requires appropriate transfer mechanisms under applicable laws, the parties agree that the Standard Contractual Clauses (SCCs) approved by the European Commission, or equivalent regulatory agreements, shall apply and are incorporated by reference.

6. Audit & Information Rights

Information Provision

Klariqo shall make available to the Client, upon reasonable written request, all information necessary to demonstrate compliance with the obligations set forth in this DPA.

Audits and Inspections

7. Deletion or Return of Data

Upon the termination of your subscription, Klariqo shall, at the choice of the Client, delete or return all Personal Data in its possession within 30 days, except where applicable local, state, or federal law requires ongoing retention of certain billing, corporate, or tax records.

The Client may elect to continue storing its signed vCon evidence records with Klariqo post-termination under an active, standalone evidence storage plan.

8. Limitation of Liability

The parties agree that any liability arising under or in connection with this DPA, whether in contract, tort, or under any other theory of liability, shall be subject to the limitations, exclusions, and aggregate caps set forth in the Limitation of Liability section of the Klariqo Terms of Service.

9. CCPA & CPRA Specific Terms

To the extent that CCPA or CPRA applies to the processing of Personal Data under this Agreement, Klariqo agrees that:

© 2026 Klariqo Privacy · Terms · Refunds · AI transparency · DPA · [email protected]