Data Processing Agreement

1. Overview

Mission Control acts as a data processor for customer data processed through the platform. Customers determine the data they connect, upload, submit, or generate through Mission Control, and Mission Control processes that data to provide, secure, maintain, and support the services.

2. Scope of Processing

Processing may include the collection, hosting, transmission, organization, analysis, retrieval, generation, deletion, and protection of customer data required to operate Mission Control. This may include:

• Account information used to create, administer, and secure user access.
• Connected social platform data from authorized integrations.
• Campaign and analytics data used for reporting and operational visibility.
• Uploaded content submitted by users for workspace collaboration or analysis.
• AI-generated outputs created through platform features.
• Support communications related to service delivery and issue resolution.

3. Categories of Data

Customer data processed by Mission Control may include:

• Identifiers.
• Email addresses.
• Usage data.
• Connected platform metadata.
• Billing information.
• Content submitted by users.

4. Purpose of Processing

Mission Control processes customer data for limited business purposes tied to providing and operating the services, including:

• Providing platform functionality and connected reporting workflows.
• Authentication, account access, and user permission management.
• Analytics, measurement, and service performance monitoring, subject to cookie consent controls described in the Cookie Policy where applicable.
• Customer support, troubleshooting, and account communications.
• Infrastructure security, abuse prevention, logging, and audit readiness.
• AI-assisted features that summarize, classify, generate, or recommend operational actions.

5. Security Measures

Mission Control maintains administrative, technical, and organizational safeguards designed to protect customer data. Measures include encrypted connections using HTTPS/TLS, access controls, least-privilege access practices, monitoring and logging, infrastructure protections, and vendor management for service providers that support the platform.

6. Subprocessors

Mission Control may use vetted subprocessors to provide infrastructure, analytics, communications, payments, AI functionality, and customer operations. Mission Control maintains a current list of subprocessors at /legal/subprocessors, with cookie-specific vendor context in the Cookie Policy.

7. International Transfers

Customer data may be processed in the United States and through approved subprocessors that support Mission Control operations. Where required, Mission Control relies on appropriate contractual, technical, and organizational safeguards for cross-border processing.

8. Data Retention

Customer data is retained only as long as necessary for operational, legal, and security purposes. Retention periods may depend on the customer relationship, account status, backup practices, audit requirements, dispute resolution, and applicable law.

9. Customer Rights

Customers and authorized users may request access, correction, deletion, or withdrawal of consent where applicable. Mission Control may verify the request and coordinate with the customer account owner or administrator when requests relate to workspace data controlled by a customer organization.

10. Incident Notification

Mission Control will notify affected customers of confirmed security incidents involving customer data as required by law and consistent with applicable contractual obligations.

11. Contact Information

For privacy, data protection, or DPA inquiries, contact privacy@runmctrl.com.