Data Processing Addendum
How W3 Dev LLC processes personal data.
This Data Processing Addendum ("DPA") forms part of the agreement between the customer ("Controller") and W3 Dev LLC ("Processor") for the provision ofRouterMCP (the "Service").
Subject Matter and Duration
Processing of personal data is limited to operating and supporting the Service for the term of the underlying agreement.
Nature and Purpose
Provision of a managed router for Model Context Protocol (MCP) tools, including storage of configuration metadata, access controls, and operational logs.
Categories of Data and Data Subjects
- Personal data: account identifiers (e.g., email), access metadata.
- Data subjects: Customer personnel and authorized users.
Processor Obligations
- Process personal data only on documented instructions of Controller.
- Ensure personnel confidentiality and appropriate training.
- Implement appropriate technical and organizational measures.
- Assist Controller with data subject requests and security notifications.
Security Measures
Security includes encryption in transit, encryption at rest where supported, access controls, audit logging, and regular vulnerability remediation. See Security.
Subprocessors
Processor may engage subprocessors subject to written agreements requiring equivalent data protection. Controller authorizes use of such subprocessors; a current list is available on request.
International Transfers
Transfers will be protected by appropriate safeguards consistent with applicable law.
Return or Deletion
Upon termination, Processor will delete personal data within a reasonable period unless retention is required by law or expressly requested for return.
Audit and Cooperation
Processor will provide information necessary to demonstrate compliance and reasonably cooperate with supervisory authorities, subject to confidentiality.
Effective date: October 3, 2025