Last updated: 29 May 2026
This Data Processing Agreement ("Agreement") is entered into between:
Easycore Ltd
14 Ladeside Drive
Blackburn
EH47 7JS Bathgate
West Lothian
United Kingdom
and
Customers using Easycore services ("Controller").
For the purposes of data protection laws including UK GDPR and the Data Protection Act 2018:
Easycore processes personal data only on behalf of the Customer and according to their instructions.
Easycore processes data solely to provide its services, including:
AI processing activities covered by this Agreement are performed on infrastructure operated by Easycore Ltd within the United Kingdom and do not rely on external AI inference providers.
The categories of individuals whose data may be processed include:
The following data types may be processed:
Processing activities may include:
These actions are necessary to operate the Easycore platform.
Easycore may use trusted third-party subprocessors to operate services.
Current subprocessors include:
| Subprocessor | Service |
|---|---|
| Stripe | Payment processing |
| Twilio | SMS and WhatsApp messaging services |
| Meta Platforms Inc. | Facebook Messenger |
| Analytics (Google Analytics) and mobile push notifications (Firebase Cloud Messaging) | |
| Apple | Mobile push notifications to iOS devices, where the iOS app is offered; delivered via Firebase Cloud Messaging's APNs bridge |
| Website hosting provider | Static website and frontend hosting services |
| Infrastructure provider | Application gateway and infrastructure hosting services |
Each provider processes data according to their own privacy and security policies.
Easycore infrastructure is primarily located in the United Kingdom.
Some subprocessors may process data outside the UK or European Economic Area.
When such transfers occur, they rely on appropriate safeguards such as:
Easycore implements appropriate technical and organisational measures including:
Easycore will assist customers in fulfilling data subject requests including:
Customers remain responsible for responding to such requests.
In the event of a personal data breach affecting personal data processed on behalf of a Customer, Easycore will notify the affected Customer (acting as Controller) without undue delay after becoming aware of the breach, and will provide reasonable assistance and information to help the Customer meet its own breach-notification obligations to the Information Commissioner's Office (ICO) and to affected data subjects.
Upon termination of services, customers may request deletion of stored personal data, unless retention is required by law.
This Agreement remains valid for as long as Easycore processes personal data on behalf of the customer.
Liability under this Agreement is subject to the limitations and exclusions set out in section 11 of the Easycore Ltd Terms of Service, except to the extent such liability cannot lawfully be excluded or limited. Each party remains responsible for losses caused by its own breach of applicable data protection law.