Skip to main content
We use cookies
We use cookies to ensure you get the best experience on our website. For more information on how we use cookies, please see our cookie policy.

By clicking “Accept”, you agree to our use of cookies.

Learn more

Data Processing Addendum

Last Updated: April 13, 2026

Commitment to Data Privacy

At Tolly, we understand that modern business software often processes sensitive customer, employee, and operational data. We are committed to maintaining the highest standards of data security and privacy for the custom systems we build.

Data Processing Agreements (DPA)

For clients subject to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), or similar data protection laws, Tolly offers a standard Data Processing Addendum (DPA).

Our DPA clearly outlines our security obligations, data breach notification protocols, and privacy commitments as a data processor. It ensures that the custom software systems we build remain fully compliant with your regulatory requirements.

Requesting a DPA

A customized DPA is typically provided alongside the Statement of Work (SOW) during the contracting phase of any new project. If you are an existing client or require a copy of our standard DPA for your compliance review prior to a project, please reach out to us via our contact form or directly through your dedicated account manager.