Fleet data processing agreement (template)
Placeholder for B2B fleet contracts · May 2026
This page summarises the DPA schedule Hypernest Innovations Limited will provide to fleet customers. A signed PDF will be issued before enterprise onboarding. Until then, use this outline for procurement and legal review.
1. Roles
The fleet customer is the controller for driver and employee personal data. Hypernest is the processor, processing data only on documented instructions via EnforceIQ Labs.
2. Subject matter & duration
Processing is limited to PCN compliance workflow: notice ingestion, deadline tracking, driver assignment, appeal preparation, and audit logging. Duration matches the subscription term plus any agreed wind-down period.
3. Security measures
Measures are described in the EnforceIQ Labs security architecture: tenant isolation (RLS), encryption in transit and at rest, RBAC, audit events, and incident response runbook. See security documentation provided at onboarding.
4. Subprocessors
Subprocessors are listed in the subprocessor register (Vercel, Neon, Clerk, Stripe, Resend, AWS S3, Upstash, optional Sentry). Hypernest will notify controllers of material changes with opportunity to object.
5. Breach notification
Hypernest will notify the controller without undue delay and within 48 hours of becoming aware of a personal data breach affecting controller data.
6. Deletion & return
On termination, Hypernest will delete or return personal data per controller instructions within 30 days, except where law requires retention.
Signed DPA (placeholder)
A Word/PDF template will be available from [email protected] for founding fleet pilots. This web page is not a contract — it is a transparency summary for Art 28 due diligence.
Hypernest Innovations Limited · EnforceIQ Labs