Data Processing Agreement (DPA)
Last updated: 2026-05-15
1. What is a DPA
A Data Processing Agreement (DPA) is a contract required under GDPR Article 28 between a data controller (your company) and a data processor (Next Interaction OÜ, the provider of Jutusta). The agreement governs how Jutusta processes personal data on behalf of your company.
2. Who needs a DPA
A DPA is required if you use the Jutusta API or web service to process personal data as part of your business operations — for example, transcribing employee meetings, analysing customer service recordings, or adding voice services to your product.
Individual users who use the service for personal purposes do not need a DPA — the Privacy Policy applies directly in that case.
3. What the DPA covers
Our standard DPA covers the requirements of GDPR Article 28:
- subject matter, duration, nature and purpose of processing;
- types of personal data processed and categories of data subjects;
- rights and obligations of the controller;
- obligations of the processor (confidentiality, security, sub-processors);
- list of sub-processors (see Sub-processors) and notice procedure for changes;
- assistance with data subject rights;
- security requirements and breach notification (within 72 hours);
- audit rights;
- return or deletion of data on termination;
- Standard Contractual Clauses (SCC) for international transfers (applies where sub-processors outside the EU are used).
4. How to request a DPA
Send an email to dpa [ät] jutusta [punkt] ee and include:
- company full name and registry code;
- registered address;
- name and email of contact person;
- brief description of how you intend to use Jutusta.
We will send you a PDF ready for signing within 5 business days. The agreement is signed electronically (e.g., via Smart-ID, Mobiil-ID or SignNow).
5. Contact
Next Interaction OÜ
Registry code: 14100426
Villardi tn 32-14, Tallinn 10142, Estonia
Email: dpa [ät] jutusta [punkt] ee