Data Processing Addendum

SpendLens is operated by Rajdharma Technologies Pvt. Ltd. Business and enterprise customers may request a Data Processing Addendum for personal data processed through SpendLens.

Processing scope

SpendLens processes account information, authentication metadata, usage counters, billing status, connected cloud account metadata, read-only resource metadata, savings opportunities, ownership workflow records, verification results, optional fallback billing exports, and generated reports only to provide cloud savings detection, workflow, verification, reporting, support, security, and billing operations.

Subprocessors

Current subprocessors include Supabase for authentication and database services, AWS/EC2 and Nginx for backend hosting, Vercel for frontend hosting, Paddle for checkout, billing, tax, and invoices, Google Analytics for optional consent-based product analytics, and OpenAI or equivalent AI providers for optional explanation generation. Customers with data residency requirements should review the current subprocessor summary and request current hosting region details before production onboarding.

Security measures

We use TLS in transit, provider-managed encryption at rest, least-privilege access practices, authentication controls, read-only cloud access, server-side API key handling, optional file size limits, fallback file validation, and read-only processing of customer cloud data.

Request a DPA

To request a DPA, email info@rajdharma.co.in with your company name, billing email, jurisdiction, and requested processing terms.