VehicoreVehicore
Get started free
Legal

Data Processing Agreement

This summary Data Processing Agreement outlines the core B2B processing terms for clients using Vehicore as a processor for AI-powered vehicle data workflows.

Category
Formal legal notice
Audience
Customers, visitors, and buyers
Last updated
March 16, 2026
In short
For B2B use, the client acts as controller and Vehicore acts as processor. This page summarizes the core processing responsibilities, security measures, sub-processors, international transfer safeguards, and breach-notification expectations.
1

Roles of the parties

Who acts as controller and who acts as processor.

Controller

Client

Processor

Vehicore B.V.

2

Subject matter

What the processing covers.

The subject matter of the processing is AI-powered vehicle data processing performed as part of the Vehicore services.

3

Duration

How long the processing arrangement lasts.

The duration of the processing corresponds to the duration of the service relationship.

4

Security measures

Examples of the technical and organizational controls applied.

  • Encryption
  • Access controls
  • Secure hosting
  • Role-based permissions
5

Sub-processors

Third parties that may support parts of the service.

  • Stripe
  • OpenAI
  • The applicable hosting provider
6

International transfers

Safeguards applied when restricted transfers are relevant.

Where applicable, Standard Contractual Clauses and other appropriate safeguards are used for restricted international transfers.

7

Assistance

How Vehicore supports controller obligations.

Vehicore will provide reasonable assistance with data subject rights requests and related controller obligations where required by applicable law.

8

Data breach notification

How incidents are communicated to clients.

Vehicore will notify the client of a personal data breach without undue delay and aims to do so within 72 hours where applicable.