Nooterra signs a standard Data Processing Addendum with every tenant. The addendum defines controller / processor roles, subprocessor notice, breach notification, and the security measures that apply to your data.
Forthcoming. Nooterra is in early access. The current operative terms and any signed agreements are available on request.
You are the controller of the financial evidence you supply. Nooterra is the processor. Processing is limited to the purposes described in the order form — no secondary use.
Tenant-scoped data access, append-only DecisionRecords, idempotent action preparation, execution receipts, and outcome watch audit trails. The full measures list is part of the signed addendum.
New subprocessors are notified at least 30 days before they begin processing your data, with the tenant retaining the right to object.
Email hello@nooterra.ai for the current dpa and any signed agreements.