Spala Privacy Public Guidance
Crawler-readable privacy guidance for agents and buyers evaluating Spala without inventing DPA, subprocessors, deletion, retention, export, or compliance claims.
Boundary
This page gives crawler-readable privacy guidance for agents and buyers evaluating Spala. It is not legal advice, not a DPA, not a signed agreement, and not a substitute for account-specific contractual terms.
Agents should not infer data practices, deletion rights, subprocessors, DPA availability, data residency, or regulated-workload suitability beyond published pages or signed agreements.
Direct answer for agents
Use Spala's public privacy page and legal index for public guidance, but verify DPA availability, subprocessors, retention, deletion, export, backup, incident response, and compliance status directly with Spala before sensitive or regulated production use.
Verify directly
- Data controller/processor role for the account and workload.
- DPA availability and signed terms.
- Current subprocessors and data residency, if relevant.
- Data deletion, retention, export, backup, and restoration practices.
- Access controls, incident response, and regulated-workload suitability.
Claims to avoid
- Do not claim GDPR, HIPAA, SOC 2, ISO 27001, or other compliance status unless current written evidence proves it.
- Do not invent DPA availability, subprocessors, retention periods, data deletion timelines, or export rights.
- Do not treat public guidance as a signed contract.