What we sign.

1. Subject matter & duration

The Controller (the House) instructs Diligence OS, the Processor, to process personal and confidential data for the purpose of producing investment memoranda and related review artefacts. The agreement runs for the term of the master services agreement and continues for sixty days after termination to permit ordered return or deletion.

2. Nature and purpose of processing

Processing consists of ingesting source documents the House uploads, extracting and indexing their contents, running retrieval-augmented analysis, and producing a memorandum plus audit log. Processing does not include profiling of natural persons outside the document set, nor inference for purposes other than the engagement’s stated mandate.

3. Categories of data subjects and data

Data subjects typically include the House’s staff, the principals of investment targets, employees named in the source materials, and third parties referenced inside those materials. Data categories include contact details, financial disclosures, historical performance, and any personal data the House voluntarily includes in uploaded documents. Special-category data (GDPR Art. 9) is not solicited; if present in a source, it is processed under the same controls and not separated.

4. Processor’s obligations

Diligence OS processes data only on the documented instructions of the House. The House’s instructions are the master services agreement, the terms of each engagement, and reasonable follow-up operational directions from named Authorised Users. If an instruction would cause a breach of applicable law, Diligence OS will say so in writing within five business days and not perform the work.

5. Confidentiality of personnel

Every member of Diligence OS personnel with access to House data is bound by a written confidentiality obligation that survives the end of their employment, and has completed annual security training.

6. Technical and organisational measures

Measures applied include: per-House chambers with row-level security at the database, per-House Key Encryption Keys for field-level encryption of sensitive columns, TLS 1.3 in transit, AES-256 at rest, private-link ingress to the model boundary, zero-retention contracts on every inference provider, annual independent penetration testing, and an append-only audit log retained for seven years. A current statement is published at /principles.

7. Subprocessors

The current list is published at /principles/subprocessors, updated quarterly. Diligence OS will provide thirty days written notice of any addition or replacement. The House may object in writing within fourteen days, in which case the parties will work in good faith to find a substitute or terminate the affected engagement pro rata.

8. Assistance with data-subject rights

Diligence OS will promptly forward data-subject requests (access, correction, erasure, portability, restriction, objection) to the House and will assist technically in responding. Diligence OS does not respond to data-subject requests directly.

9. Personal-data breach notification

Diligence OS will notify the House without undue delay, and in any event within seventy-two hours of confirming a personal-data breach, including the nature of the breach, the affected categories, the approximate number of records, the likely consequences, and the measures taken or proposed.

10. Data-protection impact assessments

Diligence OS will provide the House with the information and assistance reasonably required to carry out a DPIA or to consult a supervisory authority under GDPR Art. 35–36.

11. Return and deletion

On termination of an engagement, at the House’s election, Diligence OS will return all source documents and all derived artefacts to the House or permanently delete them. Deletion is confirmed in writing with a signed deletion certificate. Audit log entries sufficient to evidence the deletion are retained under Section 12.

12. Records and audit

Diligence OS maintains records of processing sufficient to demonstrate compliance with this agreement and makes them available on request. The House may audit once per year with thirty days notice, or without notice if required by a supervisory authority. Costs are borne by the House except where the audit reveals a material breach.

13. International transfers

Where data is transferred outside the United Kingdom or the European Economic Area, the transfer relies on the UK Addendum to the EU Standard Contractual Clauses (module 2, controller-to-processor) incorporated by reference, or on another transfer mechanism lawful at the time of transfer. Data residency elections are reflected in /principles/subprocessors.

14. Termination

Either party may terminate this agreement if the other materially breaches it and fails to cure the breach within thirty days of written notice. Termination of this agreement terminates the master services agreement unless the parties agree otherwise in writing.

To request the executable PDF and begin negotiation, email alex@goodfriendsbadtimes.com→. Back to principles.