Home/Legal

Data Processing Agreement

Last updated: March 2026

This Data Processing Agreement forms part of the Terms of Service between COD CONFIRM OÜ and the customer using the Service. This agreement describes how personal and operational data is processed when using cod-stock.app.

GDPR Compliant

This DPA is designed to meet the requirements of the General Data Protection Regulation (GDPR).

1Roles of the Parties

For the purposes of applicable data protection laws including the GDPR:

Data Controller

Customer

Determines the purposes and means of processing

Data Processor

COD CONFIRM OÜ

Processes data on behalf of the Controller

The Processor processes data only on behalf of and under the instructions of the Customer.

2Nature and Purpose of Processing

The Service provides software tools for inventory monitoring, stock analysis, and operational recommendations.

Processing of data occurs solely for the purpose of:

Inventory analytics
Warehouse data sync
Stock alerts & insights
Platform operation

3Categories of Data Processed

Account Data

NameEmailPhoneCompany name

Operational Data

Inventory quantitiesProduct SKUsWarehouse data

Data We Do NOT Process

Customer namesShipping addressesPayment cardsOrder-level data

4Sub-processors

To operate the Service, the Processor relies on the following sub-processors:

VercelHosting infrastructure
USA / EU
StripePayment processing
USA / EU
PayPalPayment processing
USA / EU

These providers may process limited data as required to deliver their services.

5Data Storage and Transfers

Data may be stored and processed on infrastructure operated by third-party providers.

Depending on the infrastructure used by these providers, data may be processed in different jurisdictions including the United States or the European Union.

6Security Measures

The Processor implements reasonable technical and organizational measures designed to protect data processed through the Service.

Encryption
Access Control
Secure Hosting

Security measures follow industry-standard practices, but no system can guarantee absolute security.

7Data Retention and Deletion

Customer data is retained for as long as the account remains active.

Upon account deletion, associated data will be deleted within 30 days, unless retention is required for legal or operational reasons.

8Customer Responsibilities

The Customer is responsible for:

  • Ensuring they have the legal right to provide data to the Service
  • Ensuring compliance with applicable data protection laws
  • Managing any personal data under their control

9Assistance and Data Subject Rights

The Processor will reasonably assist the Customer in responding to requests related to:

  • Access to personal data
  • Correction of data
  • Deletion of data

Requests may be sent to:

support@cod-stock.app

10Updates to this Agreement

We may update this DPA from time to time to reflect legal or operational changes.

The updated version will be published on the website.

© 2026 COD CONFIRM OÜ. All rights reserved.

Legal NoticeTerms of ServicePrivacy Policy