DPA Overview

Data Processing Addendum Overview

Summary of controller / processor roles, processing scope, and baseline security commitments for customer due-diligence.

Roles

Customer: data controller for end-user and lead data collected through their deployment.

Muum AI: processor for hosting, routing, analytics, and configured AI / integration workflows.

Processing Activities

  • Capture lead and conversation data from customer-owned channels.
  • Store lead profiles, conversation state, and operational metadata.
  • Deliver configured payloads to downstream CRM, webhook, and messaging destinations.
  • Maintain security and access-review traces without copying raw lead values into audit logs.

Baseline Commitments

  • Owner-scoped data access enforced in application queries and row-level security policies.
  • Deletion and erasure support for lead data and related traces.
  • Hashed-IP access review logs for sensitive lead reads.
  • Minimized logging and redaction rules for direct identifiers and free-text fields.