⚠ COUNSEL-REVIEW DRAFT — NOT CONTRACT-READY
This Data Processing Addendum is a structured draft for external counsel review. It must not be executed, circulated as final, or relied upon by a counterparty until counsel sign-off. Gate 4 (Procurement) cannot close until that review is complete. Sections marked [COUNSEL] require counsel input on jurisdiction-specific terms.
Data Processing Addendum
Afrimintel (operated from Mauritius, VAT-registered) · DRAFT v0.1 · 2026-06-21 · pending external counsel
1 · Parties & scope
This Addendum supplements the Afrimintel Institutional Terms of Service and governs any processing of personal data carried out by Afrimintel ("Processor") on behalf of an Institutional subscriber ("Controller") in connection with the Services. Where the parties' roles differ for a given processing activity, the role is determined by the factual circumstances, not the label.
[COUNSEL] Confirm controller/processor characterisation for each data flow; Afrimintel's core dataset is public-record mineral intelligence and is generally not personal data — the personal-data surface is limited to account, billing, and support interactions.
2 · Subject-matter & nature of processing
Processing is limited to: (a) account and authentication data; (b) billing data (processed by the payment provider; see §6); (c) support correspondence; and (d) usage analytics. Afrimintel's mineral-intelligence dataset is derived from public-record and licensed sources and does not, in the ordinary course, contain Controller personal data.
3 · Processor obligations
- Process personal data only on documented instructions from the Controller, including for transfers, unless required by applicable law (in which case Afrimintel notifies the Controller unless legally prohibited).
- Ensure persons authorised to process are bound by confidentiality.
- Implement appropriate technical and organisational measures (see §5).
- Assist the Controller with data-subject requests and with security, breach-notification, and impact-assessment obligations, taking into account the nature of processing.
- At the Controller's choice, delete or return personal data at the end of the Services, save where retention is legally required.
- Make available information necessary to demonstrate compliance and allow for audits, subject to reasonable confidentiality and security conditions.
4 · Sub-processors
The Controller authorises the use of the sub-processors listed below. Afrimintel remains liable for their performance and will give notice of intended changes, allowing the Controller to object.
- Netlify — static hosting / CDN.
- Stripe — payment processing (billing data; routed via UK Ltd).
- Brevo — transactional email (account / support correspondence).
- Plausible — privacy-preserving, cookieless analytics (no personal-data sale; EU-hosted).
- Anthropic — AI API provider under published terms, for the "Ask Afrimintel" feature, accessed server-side via a hardened proxy; the API key is never browser-exposed. Anthropic is a paid API provider under published terms only — not a data-sharing partnership.
[COUNSEL] Confirm each sub-processor's current DPA terms and data-residency representations; confirm Stripe UK-routing characterisation; confirm Anthropic API data-handling terms against the current published policy.
5 · Security measures
- Server-side secrets (API keys) never exposed to the browser; the AI proxy is rate-limited, CSRF-protected, and origin-allowlisted.
- Transport encryption (TLS) for all data in transit.
- Least-privilege access to operational systems; single operator mailbox under access control.
- Append-only audit logging of data corrections; public audit log for dataset changes.
[COUNSEL] Map these to the Controller's required Annex II (TOMs) format; add breach-notification timelines per applicable law.
6 · International transfers
Where personal data is transferred out of the Controller's jurisdiction, the parties will rely on a valid transfer mechanism (e.g. Standard Contractual Clauses or an adequacy decision, as applicable).
[COUNSEL] Select and attach the operative transfer mechanism per Controller jurisdiction (UK IDTA / EU SCCs / other); Mauritius operating-jurisdiction interaction to be confirmed.
7 · Breach notification
Afrimintel will notify the Controller without undue delay after becoming aware of a personal-data breach affecting the Controller's data, with the information reasonably available, and will cooperate in remediation.
[COUNSEL] Insert specific notification window and content requirements.
8 · Term, deletion, liability
This Addendum runs for the term of the Services. On termination, personal data is deleted or returned per §3. Liability and indemnity are governed by the Terms of Service, as amended by counsel.
[COUNSEL] Reconcile liability caps with the Terms; confirm governing law / forum.
9 · Status
This draft is the in-container artefact for Gate 4. It is not final. Closing Gate 4 requires: (1) external counsel review and sign-off on the [COUNSEL] items above; (2) reconciliation with the Terms of Service and Privacy Policy; (3) execution-ready versioning. Until then the kit's Procurement gate remains open by design.