Last updated July 3, 2026
Data Processing Agreement
When Wisemation sources and processes prospect data on your instructions, you are the controller and we are your processor. This DPA sets out how that works, in line with Article 28 GDPR.
1. Parties and scope
This Data Processing Agreement (“DPA”) is part of the Terms of Service between you (the customer, acting as controller) and Markeodigital, business ID 2882675-2, operating Wisemation (acting as processor). It applies whenever Wisemation processes personal data on your behalf — primarily the prospect data sourced, enriched, and used for outreach at your instruction.
2. What we process for you
Data subjects — business contacts who match the target profile you define (your prospects), and contacts you upload.Data categories — name, role, employer, business contact details (business email, LinkedIn profile URL), publicly available professional information, and website content of the companies concerned.Nature and purpose — searching, verifying, enriching, storing, and generating outreach drafts; optionally delivering messages through channels you connect.Duration — for as long as you use the Service, plus the deletion window below.
3. Our obligations as processor
We process personal data only on your documented instructions (given through the product or in writing), ensure the people processing it are bound by confidentiality, apply the security measures described in our Privacy Policy, and notify you without undue delay after becoming aware of a personal data breach affecting your data.
4. Your obligations as controller
You are responsible for having a valid legal basis for the outreach you run (for B2B prospecting in the EU, typically legitimate interest), for the content you send, and for honoring the rights of your prospects. Wisemation provides suppression tooling to make opt-outs stick across your campaigns.
5. Sub-processors
You authorize the sub-processors listed at /subprocessors. We remain responsible for their performance, bind them to equivalent data-protection obligations, and give you at least 14 days’ notice before adding or replacing one, during which you may object on reasonable data-protection grounds. If we can’t resolve an objection, you may terminate the affected service.
6. International transfers
Where processing involves transfers outside the EEA, we rely on the EU–US Data Privacy Framework or European Commission Standard Contractual Clauses, as applicable to each sub-processor.
7. Data subject requests
If a prospect contacts us directly to exercise their rights, we handle erasure and suppression ourselves and inform you where relevant. For other requests addressed to you, we provide reasonable assistance — the product lets you view, export, and delete prospect data per campaign.
8. Deletion and return
When your account is deleted, we delete the personal data we process for you within 30 days, except suppression entries (kept so opt-outs remain effective) and records we must retain by law. Before deleting your account, you can export your lead data from the product.
9. Audits
We make available the information reasonably necessary to demonstrate compliance with this DPA — including summaries of our providers’ third-party audit reports — and allow audits where required by law, on reasonable notice and at your cost.
10. Contact
Questions about this DPA, or need a countersigned copy? Email hello@wisemation.com.