Lizzink Data Processing Addendum

Effective Date: June 12, 2026

This Data Processing Addendum (“DPA”) applies when Brilliant Empire LLC d/b/a Lizzink (“Lizzink,” “we,” “our,” or “us”) processes personal data on behalf of business customers using Lizzink.com and related services (the “Service”).

This DPA supplements the Terms of Service and Privacy Policy.

1. Roles

For customer-uploaded contact records and related business data, the customer is the data controller and Lizzink acts as a data processor.

For account, billing, and platform operation data, Lizzink may act as an independent controller as described in our Privacy Policy.

2. Scope of Processing

Lizzink may process personal data to:

  • Provide and maintain the Service
  • Host and display customer profile and contact data
  • Enable NFC, QR, and sharing functionality
  • Provide support and security monitoring
  • Comply with legal obligations

3. Customer Instructions

Lizzink will process personal data only on documented instructions from the customer, including through account configuration and use of Service features, unless required by law.

4. Confidentiality

Lizzink ensures personnel authorized to process personal data are bound by confidentiality obligations.

5. Security Measures

Lizzink implements appropriate technical and organizational measures to protect personal data, including access controls, encryption in transit where applicable, and administrative safeguards.

6. Subprocessors

Lizzink may engage subprocessors to support the Service. Our current subprocessors include:

  • Supabase — database, authentication, and file storage
  • Vercel — website and application hosting
  • Resend — transactional email delivery
  • Sentry — error monitoring and diagnostics
  • Stripe — payment processing (when enabled)

We may update this list as our infrastructure changes. A current list is also available upon request at support@lizzink.com.

7. International Transfers

Personal data may be processed in the United States and other countries where Lizzink or its subprocessors operate.

Where required, Lizzink will implement appropriate transfer mechanisms.

8. Data Subject Requests

Lizzink will reasonably assist customers in responding to data subject requests under applicable privacy laws, to the extent permitted by law and technically feasible.

9. Security Incidents

Lizzink will notify customers without undue delay after becoming aware of a personal data breach affecting customer data, where legally required.

10. Deletion and Return

Upon termination of the Service, Lizzink will delete or return personal data processed on behalf of the customer, subject to legal retention requirements and backup cycles.

11. Audits

Upon reasonable request, Lizzink will provide information necessary to demonstrate compliance with this DPA, subject to confidentiality and security restrictions.

12. Contact

For DPA questions or to request subprocessors information, contact:

Brilliant Empire LLC d/b/a Lizzink

Email: support@lizzink.com

Website: Lizzink.com