Data Processing Addendum
This DPA forms part of the Terms between Vela ("Processor") and the Business Customer ("Controller") and governs personal data the Processor processes on the Controller's behalf when routing traffic through the Vela B2B residential proxy.
1.Subject matter, nature & purpose
Transit-only processing — establishing a SOCKS5 / HTTP CONNECT session from the Controller's client through a residential exit node, plus per-byte metering, billing and security operations.
2.Roles & obligations
The Controller is data controller for traffic it sends; Vela processes it solely on documented instructions. Personnel are bound by confidentiality; technical and organisational measures are documented in the Security page.
3.Sub-processors
| Sub-processor | Purpose | Location |
|---|---|---|
| Ultimate VPS | Privacy-focused server hosting and control-plane infrastructure | Non-EU hosting region (jurisdictional separation; GDPR/DPA commitments retained) |
| Stripe Payments Europe | Payment processing | IE / global |
| Cloudflare | DNS, edge TLS (marketing only) | Global |
| Residential exit-node operators | Last-mile egress under consent | UK + EU |
4.Personal data breach
The Processor will notify the Controller without undue delay and within 72 hours of becoming aware of a breach affecting Controller Personal Data.