Data

Data Processing Terms

These terms outline the basic controller/processor relationship for business owners using TRISLON to collect leads and manage customer workflows.

Last updated: 20 June 2026Company: TRISLONContact: support@your-domain.comAddress: Company address to be added before public launchSite: https://trislon.com

Roles

The business owner is generally the controller for their customer, lead, booking, review, campaign, and mini-site data. TRISLON acts as a processor when it stores, processes, and helps manage that data on the owner's instructions.

Processing purpose

  • Host and publish mini-sites.
  • Capture, store, and manage leads, bookings, reviews, chatbot context, campaigns, content, and analytics.
  • Generate AI-assisted outputs requested by the owner.
  • Provide billing, security, support, reliability, backups, and service operations.

Sub-processors

The owner gives TRISLON general authorisation to use sub-processors needed to provide the service. These may include hosting providers, Supabase/PostgreSQL, Stripe, Firebase, OpenAI, Resend, Telegram, Cloudflare R2, Cloudflare Turnstile, analytics, and error-monitoring providers when configured. TRISLON remains responsible for imposing appropriate data-protection obligations on sub-processors.

Processor commitments

  • Process customer personal data only on documented instructions from the owner, including as needed to provide the configured service, unless law requires otherwise.
  • Ensure people authorised to process the data are subject to confidentiality obligations and use appropriate technical and organisational security measures.
  • Provide reasonable assistance with data-subject requests, security incidents, data-protection impact assessments, and regulator consultations where applicable.
  • Notify the owner without undue delay after becoming aware of a personal-data breach affecting data processed for that owner.
  • On termination or a verified request, delete or return customer personal data where reasonably available, except where law requires retention.
  • Make information reasonably necessary to demonstrate these commitments available and support proportionate audits subject to confidentiality, security, and cost arrangements.

Security and international transfers

TRISLON uses measures such as access controls, server-side validation, rate limiting, secure session cookies, billing-webhook verification, and database constraints. International transfers are handled using an applicable UK adequacy regulation or appropriate safeguards where required.

This page is a practical launch template. Review it with qualified counsel before relying on it as your final legal wording.