Legal
Data Processing Agreement.
Customers who require a signed DPA - typically dealerships with European or California-resident customers, or dealer groups bound by an enterprise procurement process - can request our standard agreement here.
Request a DPA
Email privacy@unifiedgarage.com with:
- Your dealership's legal entity name
- The signing authority's name and title
- Whether you need PIPEDA-only or GDPR-flavored language
We respond within 1 business day with our standard template. Custom redlines for enterprise dealer groups (10+ rooftops) are reviewed by our counsel; expect 5-10 business days for those.
Our standard DPA covers:
- Roles: dealership as data controller, UnifiedGarage as processor
- Scope: customer PII, deal data, service histories, payment metadata (excluding card numbers - those go through Stripe directly)
- Subprocessors: as listed at /subprocessors
- Security measures: as documented at /security
- Data subject rights: deletion, export, correction within 30 days of written request
- Breach notification: within 72 hours of confirmation
- Term: matches the underlying subscription
For privacy questions outside the DPA scope, see our privacy policy.