DPA Overview
Data Processing Addendum Overview
Summary of controller / processor roles, processing scope, and baseline security commitments for customer due-diligence.
Roles
Customer: data controller for end-user and lead data collected through their deployment.
Muum AI: processor for hosting, routing, analytics, and configured AI / integration workflows.
Processing Activities
- Capture lead and conversation data from customer-owned channels.
- Store lead profiles, conversation state, and operational metadata.
- Deliver configured payloads to downstream CRM, webhook, and messaging destinations.
- Maintain security and access-review traces without copying raw lead values into audit logs.
Baseline Commitments
- Owner-scoped data access enforced in application queries and row-level security policies.
- Deletion and erasure support for lead data and related traces.
- Hashed-IP access review logs for sensitive lead reads.
- Minimized logging and redaction rules for direct identifiers and free-text fields.