Loading...
Data Processing Agreement
Last updated:
1. Parties
This Data Processing Agreement ("DPA") forms part of the Terms of Service between Donny Wonny ("Data Controller") and the user ("Data Subject"). This DPA governs the processing of personal data by our authorized sub-processors in connection with providing the Donny Wonny service.
2. Sub-processors
We use the following sub-processors to deliver our services. Each has been vetted for GDPR compliance:
| Sub-processor | Purpose | Data Categories | Location |
|---|---|---|---|
| Google Firebase / Firestore | Authentication, database, hosting | Account data, app data | US (us-central1, Iowa) |
| Stripe | Payment processing, mentor Stripe Connect payouts | Payment info, billing address | US / EU |
| OpenAI | AI companion interactions | Chat / journal text content (sent under OpenAI's API no-training-by-default terms) | US |
| Google Cloud Translation v3 | Translate-on-display for opted-in users (see Privacy Policy β Translation) | Text content of public posts, comments on posts and family activities, mentor bios, mentor circle posts and comments, and direct messages; end-to-end encrypted messages only when the user explicitly opts in | US (multi-region) |
| Sentry | Error monitoring & crash reporting | Technical logs, device info | US |
| SendGrid | Transactional email | Email address, display name | US |
3. Data Processing Purposes
- Providing and maintaining the Donny Wonny companion service
- Processing subscription payments and managing billing
- Delivering AI-powered companion interactions and mood analysis
- Sending transactional emails (account verification, receipts, safety alerts)
- Monitoring application health and diagnosing errors
- Managing Donny Den membership, feeds, and community moderation
- Tracking Journey progress scores, follower relationships, and growth milestones
- Storing Blueprint subscription records and personality configuration copies
- Recording Spark Series subscription progress and daily completion data
- Processing group, circle, and couples community interactions
4. Security Measures
All sub-processors implement:
- AES-256-GCM encryption for data at rest
- TLS 1.2+ encryption for data in transit
- SOC 2 Type II compliance or equivalent (Google Firebase, Stripe, and OpenAI each maintain their own independent certifications)
- Security audit programs maintained by each sub-processor under their own certification obligations
- Data breach notification within 72 hours (GDPR Art. 33)
5. Data Subject Rights
You may exercise your rights under GDPR Articles 15β22 (access, rectification, erasure, restriction, portability, objection) by visiting our Data Deletion page or contacting privacy@donnywonny.com. We will relay requests to relevant sub-processors within 30 days.
6. International Transfers
Donny Wonny LLC is based in the United States and our entire production infrastructure runs in US-region Google Cloud Platform: cloud database in a US multi-region (Iowa, South Carolina, Oklahoma), cloud storage and application servers in Iowa. We do not operate separate regional data centers. Personal data of EU, EEA, UK, and Swiss data subjects is therefore transferred to the United States.
For each transfer we rely on one of:
- EU-US Data Privacy Framework (DPF) β adequacy decision adopted by the European Commission in July 2023. Used for our DPF-certified sub-processors (Google Cloud, Stripe, Vercel β verify at dataprivacyframework.gov).
- UK Extension to the EU-US Data Privacy Framework(the βUK Data Bridgeβ) β active since 12 October 2023. Provides the UK GDPR-equivalent adequacy basis for UK residents.
- 2021 EU Standard Contractual Clauses (SCCs) β Implementing Decision (EU) 2021/914 β incorporated into our DPA with non-DPF-certified sub-processors (currently OpenAI, SendGrid/Twilio, RevenueCat, Sentry).
- UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU SCCs β applied alongside the EU SCCs for UK-origin transfers to sub-processors that have not separately certified under the UK Extension to the DPF.
For each non-adequacy-decision sub-processor we maintain an internal Transfer Impact Assessment (TIA) that evaluates the destination-country legal regime, the data category transferred, and the supplementary measures in place (encryption at rest + in transit, access controls, sub-processor audit reports). The TIA is part of our Article 30 Record of Processing Activities and is available to supervisory authorities on request via our EU/UK Article 27 representatives.
7. Data Retention
Personal data is retained only for as long as necessary to fulfill the purposes described above, or as required by law. When you request account deletion, deletion is scheduled with a 30-day cancellation window. After that window, personal data is removed from our active systems within 30 days and from backups within approximately 90 days. Sub-processors operate under their own published retention terms; we relay deletion requests to them where they hold copies of your data.
8. Contact
For questions about this DPA or to exercise rights as a data subject, contact our privacy team at privacy@donnywonny.com. We are a small team and we do not currently maintain a separate, formally appointed Data Protection Officer (DPO) role under GDPR Art. 37 β privacy@donnywonny.com is our accountable contact for these matters.