Data Processing Agreement
‍

Introduction

‍
This Data Processing Agreement ("DPA") forms part of, and is subject to, the Terms of Use available at thecirqle.com/termsofuse between Ballerton B.V. d.b.a. The Cirqle ("The Cirqle", "we", "us") and the customer ("Customer", "you") who has subscribed to or otherwise uses the Platform. This DPA sets out the terms on which The Cirqle processes Personal Data on behalf of the Customer in connection with the provision of the Platform, including the Model Context Protocol connector ("MCP Connector"). By using the Platform, you agree to this DPA in addition to the Terms of Use and the Privacy Policy available at thecirqle.com/privacy.
‍

‍
Definitions

‍
"Applicable Data Protection Law" means the EU General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR"), the UK GDPR and Data Protection Act 2018, and any other applicable data protection and privacy laws in force from time to time, including the California Consumer Privacy Act where relevant.

‍
"Controller", "Processor", "Data Subject", "Personal Data", "Processing", and "Sub-processor" have the meanings given to them in the GDPR.

‍
"Customer Personal Data" means any Personal Data that The Cirqle Processes on behalf of the Customer in connection with the Platform.
"MCP Connector" means The Cirqle's Model Context Protocol server, which provides authenticated, read-only programmatic access to Customer Personal Data and other Customer data on the Platform for use by AI systems chosen by the Customer.

‍
"Platform" has the meaning given in the Terms of Use.

‍
"Standard Contractual Clauses" means the standard contractual clauses for the transfer of personal data to third countries adopted by the European Commission under Commission Implementing Decision (EU) 2021/914.

‍
"Sub-processor" means any third party engaged by The Cirqle to Process Customer Personal Data on its behalf.
‍

‍
Roles of the parties

‍
The Customer is the Controller of Customer Personal Data. The Cirqle is the Processor of Customer Personal Data and acts only on documented instructions from the Customer, including as set out in the Terms of Use, this DPA, and the Customer's configuration of the Platform.

‍
Where the Customer uses the MCP Connector to retrieve Customer Personal Data into a third-party AI system or large language model service ("Customer-Chosen AI System"), the Customer remains the Controller of that Personal Data. The Cirqle is not a party to the relationship between the Customer and the Customer-Chosen AI System and has no visibility or control over the processing of Customer Personal Data by the Customer-Chosen AI System once retrieved.
‍

‍
Scope and purpose of processing

‍
The Cirqle Processes Customer Personal Data only for the following purposes:

providing the Platform and its features to the Customer in accordance with the Terms of Use;
providing the MCP Connector to the Customer where the Customer has enabled it;
complying with reasonable instructions from the Customer that are consistent with the Terms of Use;
complying with applicable law.

‍

The categories of Personal Data Processed and the categories of Data Subjects are set out in Schedule 1 to this DPA.
‍

‍
Duration of processing

‍
The Cirqle will Process Customer Personal Data for the duration of the Customer's subscription to the Platform and for any period thereafter required to comply with applicable law or as otherwise set out in the Terms of Use.
‍

‍
Customer obligations

‍
The Customer warrants that:

‍

it has a lawful basis under Applicable Data Protection Law for the Processing of Customer Personal Data by The Cirqle and, where applicable, by any Customer-Chosen AI System;
it has provided all required notices to and obtained all required consents from Data Subjects;
its instructions to The Cirqle, including its use of the MCP Connector, comply with Applicable Data Protection Law;
where it enables the MCP Connector, it has assessed the risks of transferring Customer Personal Data to its Customer-Chosen AI System and has entered into appropriate data protection arrangements with that provider.

‍

‍
The Cirqle's obligations
‍

The Cirqle will:

‍

Process Customer Personal Data only on documented instructions from the Customer;
ensure that personnel authorised to Process Customer Personal Data are bound by appropriate confidentiality obligations;
implement appropriate technical and organisational measures to protect Customer Personal Data as set out in Schedule 2;
assist the Customer, taking into account the nature of the Processing, in responding to requests from Data Subjects exercising their rights under Applicable Data Protection Law;
assist the Customer in ensuring compliance with its obligations under Articles 32 to 36 of the GDPR, taking into account the nature of the Processing and the information available to The Cirqle;
at the choice of the Customer, delete or return all Customer Personal Data at the end of the provision of the Platform, unless storage is required by applicable law;
make available to the Customer all information necessary to demonstrate compliance with this DPA and Article 28 of the GDPR.

‍

‍
Sub-processors

‍
The Customer provides general authorisation for The Cirqle to engage Sub-processors to Process Customer Personal Data, subject to the conditions set out in this section.

‍
The current list of Sub-processors is set out in Schedule 3 and is updated from time to time at thecirqle.com/sub-processors. The Cirqle will notify the Customer of any intended additions or replacements of Sub-processors with at least 30 days' notice, giving the Customer the opportunity to object on reasonable data protection grounds.

‍
The Cirqle imposes data protection obligations on its Sub-processors that are no less protective than those set out in this DPA, and remains liable to the Customer for the performance of its Sub-processors.
‍

‍
International transfers

‍
Where Customer Personal Data is transferred outside the European Economic Area or the United Kingdom, The Cirqle ensures that the transfer is made subject to appropriate safeguards under Applicable Data Protection Law, including the Standard Contractual Clauses where required.

‍
Where the Customer uses the MCP Connector to retrieve Customer Personal Data into a Customer-Chosen AI System located outside the European Economic Area, the Customer is responsible for ensuring that appropriate safeguards are in place for that transfer.
‍

‍
Security of processing

‍
The Cirqle implements and maintains appropriate technical and organisational measures designed to protect Customer Personal Data against unauthorised or unlawful Processing and against accidental loss, destruction, damage, alteration or disclosure. These measures are set out in Schedule 2 and include encryption in transit and at rest, access controls, logical separation of Customer data, audit logging, and personnel training.
‍

‍
Personal Data Breach notification

‍
The Cirqle will notify the Customer without undue delay, and in any event within 72 hours, after becoming aware of a Personal Data Breach affecting Customer Personal Data. The notification will include the information reasonably required by the Customer to comply with its own notification obligations under Applicable Data Protection Law.
‍

‍
Audits

‍
The Cirqle will, on reasonable prior written request and no more than once per calendar year, make available to the Customer information reasonably necessary to demonstrate compliance with this DPA. Where an on-site audit is required to satisfy a specific regulatory requirement, the parties will agree the scope, timing, and conditions of the audit in advance, including reasonable confidentiality and cost-sharing arrangements.
‍

‍
MCP Connector

‍
This section applies in addition to the other provisions of this DPA where the Customer enables and uses the MCP Connector.

The MCP Connector provides authenticated, read-only access to data associated with the Customer's account on the Platform, including Customer Personal Data, for the purpose of allowing the Customer's chosen AI systems to retrieve that data.

‍
Access to the MCP Connector is controlled by a Bearer token issued by The Cirqle to the Customer. The token is scoped to a single Customer account and cannot be used to retrieve data belonging to any other customer of The Cirqle. The Customer is responsible for the security of the token and for restricting its distribution within the Customer's organisation.

‍
The Cirqle enforces logical separation of customer data at the database query level. The scope of any MCP Connector request is determined by The Cirqle's backend from the Bearer token presented and cannot be modified by parameters supplied by the requesting AI system.

‍
The MCP Connector is read-only. It does not support the creation, modification, or deletion of data on the Platform.
The Cirqle logs all MCP Connector requests for security, audit, and abuse-prevention purposes. Logs are retained for 90 days unless a longer period is required by applicable law or to investigate a security incident.

‍
The Cirqle does not control, and is not responsible for, the processing of Customer Personal Data by any Customer-Chosen AI System after retrieval through the MCP Connector. The Customer acknowledges that the data protection, retention, and training practices of the Customer-Chosen AI System are governed by the agreement between the Customer and that provider.

‍
The Customer is solely responsible for ensuring that its Customer-Chosen AI System provides data protection guarantees appropriate to the Customer Personal Data being Processed, including, where relevant, ensuring that the Customer-Chosen AI System does not use Customer Personal Data to train models, offers appropriate data retention controls, and is subject to a data processing agreement between the Customer and that provider.

‍
The Cirqle may suspend or revoke access to the MCP Connector at any time, including by revoking Bearer tokens, where it reasonably believes that continued access poses a risk to the security or integrity of the Platform or to the rights of Data Subjects.

‍

‍
Liability

‍
The liability of each party under this DPA is subject to the limitations and exclusions of liability set out in the Terms of Use. Nothing in this DPA limits any liability that cannot be limited under Applicable Data Protection Law.
‍

‍
Term and termination

‍
This DPA takes effect on the date the Customer first uses the Platform after this DPA is published and continues for the duration of the Customer's use of the Platform. Termination of the Terms of Use will terminate this DPA. On termination, The Cirqle will handle Customer Personal Data in accordance with the obligations set out above.
‍

‍
Changes to this DPA

‍
The Cirqle may update this DPA from time to time to reflect changes in the Platform, in Applicable Data Protection Law, or in The Cirqle's processing practices. Material changes will be notified to the Customer by email or in-app notification with reasonable advance notice.
‍

‍
Governing law and jurisdiction

‍
This DPA is governed by Dutch law. Disputes arising out of or in connection with this DPA are subject to the exclusive jurisdiction of the courts of the Netherlands.
‍

‍
Contact

‍
Questions about this DPA, or requests under Applicable Data Protection Law, should be addressed to privacy@thecirqle.com.
‍

‍
Schedule 1: Details of Processing

‍
Subject matter of Processing: The provision of the Platform and the MCP Connector to the Customer.

‍
Nature and purpose of Processing: Hosting, storing, retrieving, displaying, analysing, and transmitting Customer Personal Data to enable the Customer to identify, contract, manage, and report on creator marketing campaigns, and to retrieve such data through the MCP Connector where enabled.

‍
Categories of Data Subjects:

‍

The Customer's employees and authorised users;
Creators with whom the Customer engages through the Platform;
Audience members of creators where audience data is provided to the Platform by integrated social media services;
Other individuals whose Personal Data is provided to the Platform by or on behalf of the Customer.

‍

Categories of Personal Data:

‍

Identification and contact data (names, email addresses, phone numbers, addresses);
Account and authentication data;
Social media profile data and content metadata;
Audience demographic and engagement data;
Campaign performance and analytics data;
Communications between the Customer and creators;
Payment and contracting data.

‍

Duration of Processing: For the duration of the Customer's use of the Platform and any subsequent period required by law.
‍

‍
Schedule 2: Technical and Organisational Measures

‍
The Cirqle implements the following measures, which may be updated from time to time to reflect changes in technology and best practice:

‍

Access control. Role-based access controls for personnel; least-privilege principles; multi-factor authentication for administrative access.
Encryption. Encryption of Customer Personal Data in transit using industry-standard protocols; encryption at rest of data stored in production databases.

‍
Logical separation. Customer data is logically separated and scoped per customer account. MCP Connector requests are scoped at the database query level and cannot be expanded by parameters supplied by external systems.

‍
Authentication. Bearer-token-based authentication for the MCP Connector. Tokens are revocable and scoped to a single customer account.

‍
Logging and monitoring. Audit logging of access to Customer Personal Data, including all MCP Connector requests. Logs are monitored for anomalous activity.

‍
Sub-processor due diligence. Pre-engagement security assessment of Sub-processors and contractual data protection obligations.
Personnel. Confidentiality obligations and data protection training for personnel with access to Customer Personal Data.

‍
Incident response. Documented incident response procedures, including notification timelines aligned with Article 33 of the GDPR.
Backup and recovery. Regular backups of production data and documented recovery procedures.

‍
Vulnerability management. Regular vulnerability assessments and patch management of production infrastructure.

‍

‍
Schedule 3: Sub-processors

‍
The current list of Sub-processors is maintained by the team, please contact privacy@thecirqle.com for more information. It includes hosting, infrastructure, analytics, and operational service providers engaged by The Cirqle to deliver the Platform.
‍
Last updated: 26th May 2026

‍