Legal · DPA

Data Processing Addendum

GDPR Article 28 DPA. Annex II security controls. Standard Contractual Clauses for cross-border transfers. Signed copies on request.

Start free Read the docs
At a glance

What's here.

The shape of this page in six lines.

Scope
Applies to all customers processing personal data through Minds.
Annex II controls
Encryption at rest + in transit, audit logging, access control, breach notification.
Subprocessors
Pre-authorized list maintained at /legal/subprocessors.
Cross-border transfers
EU SCCs (2021/914) for transfers from EEA/UK to USA.
Breach notification
24h to customer, statutory timelines to regulators.
Audit rights
Customer audit rights subject to security and confidentiality safeguards.
Reference

Useful links.

referencebash
# Request a signed DPA\n# legal@minds.sh
Specs

Details.

At a glance
Framework
GDPR Art. 28 · EU SCCs
Last updated
2026-05-19
Annex II
controls documented
Cross-border
SCCs Module 2 (Controller-Processor)
Guarantees
Durability
fsync per WAL commit
Isolation
MVCC · snapshot
Audit
BLAKE3 Merkle chain
Encryption
AES-256-GCM per-namespace
Concurrency
100K+ ops/sec
Keep exploring
Privacy
What we collect.
Subprocessors
Who touches your data.
Security
Annex II controls.

Get started in an afternoon.

Run anywhere — Akasha Cloud, on-prem, or air-gapped.

Start free Talk to sales