Last Updated: December 2025

    Data Processing Agreement

    This Data Processing Agreement ("Agreement") is between Advisor Guide Marketing ("Processor") and the client ("Controller").

    1. Definitions

    • Controller: The client who determines the purpose and means of processing.
    • Processor: Advisor Guide Marketing, which processes data under Controller instruction.
    • Personal Data: Identifiable information stored in Controller's CRM.
    • Processing: Access, modification, reporting, or storage as part of operational services.

    2. Purpose of Processing

    Processor will process data solely to:

    • Maintain CRM systems
    • Build dashboards and reports
    • Configure workflows and automations
    • Manage integrations
    • Provide operational support

    Processor does not: Use data for its own business, sell or share data, conduct marketing or outreach, or determine what data is collected.

    3. Instructions

    Processor follows Controller-provided instructions only and uses approved platforms (CRM, Power BI, Azure, Zapier, etc.).

    4. Confidentiality

    Processor personnel with access to data:

    • Are bound by confidentiality
    • Can only access data needed for work
    • Receive training in secure data handling

    5. Security Measures

    Processor maintains reasonable safeguards including:

    • Role-based access control
    • Multi-factor authentication
    • Encrypted storage via Azure/Power BI
    • Secure data transfer
    • Logging and monitoring as applicable

    6. Subprocessors

    Processor may use:

    • ActiveCampaign, WealthBox, Zapier, Azure, Power BI, Growform, Jotform

    7. Data Retention and Deletion

    Upon termination:

    • Controller must revoke Processor system access
    • Processor deletes any stored data outside client systems
    • Data inside Controller systems remains Controller's responsibility

    8. Data Breach Notification

    Processor will notify Controller without unreasonable delay upon discovering a security incident. Controller is responsible for regulatory notifications unless otherwise agreed.

    9. International Transfers

    All data is processed in the United States.

    10. Controller Responsibilities

    Controller agrees to:

    • Obtain needed consents
    • Follow applicable data protection laws
    • Maintain data accuracy
    • Manage and restrict user access appropriately
    • Revoke Processor access after termination

    11. Liability

    Processor's liability is limited to the total amount paid by Controller in the 3 months before a claim.

    12. Term and Termination

    This Agreement remains active while services are provided. Either party may terminate with written notice, subject to the main service agreement.

    13. Entire Agreement

    This DPA supplements the service agreement between the Parties.

    14. Contact

    Email: contact@advisorguidemarketing.com Address: Advisor Guide Marketing, Ohio, USA