Data Processing Agreement (DPA) — Fiberlytix
Between: The Client (Data Controller)
And: MUSTPI SARL (EURL) — Fiberlytix (Data Processor)
1. Purpose
This agreement sets out the obligations of the parties when processing personal data carried out by Fiberlytix on behalf of the Client (OTDR file analysis).
2. Nature of Data Processed
The data processed are .sor files containing fiber optic measurements, including technical metadata, network point locations and potentially technician identifiers.
3. Security Measures (TOM)
Fiberlytix undertakes to implement the following measures:
- Data encryption at rest (AES-256) and in transit (TLS 1.3).
- Two-factor authentication (2FA/MFA) for all administrative access.
- Project isolation via Supabase (Row Level Security).
4. Processor Obligations
Fiberlytix will process data only according to the Client's instructions. In the event of a security breach, Fiberlytix will inform the Client without delay (maximum 48 hours).