This Data Processing Agreement ("DPA") forms part of the Terms of Service between you ("Data Controller" or "Customer") and Khejan, LLC, doing business as HALO ("Data Processor" or "we/us") for the provision of the HALO application (the "Service").
This DPA is entered into pursuant to Article 28 of the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the UK GDPR.
1. Definitions
- Personal Data means any information relating to an identified or identifiable natural person as defined in Article 4(1) of the GDPR.
- Processing means any operation performed on Personal Data as defined in Article 4(2) of the GDPR.
- Data Subject means the individual to whom the Personal Data relates.
- Sub-processor means any third party engaged by the Data Processor to process Personal Data on behalf of the Data Controller.
- Data Breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data.
2. Scope and Purpose of Processing
2.1 Subject Matter
The Data Processor processes Personal Data on behalf of the Data Controller to provide the HALO personal life management Service, including health tracking, financial management, goal and habit tracking, task management, family organisation, and home management features.
2.2 Duration
Processing continues for the duration of the Data Controller's use of the Service and ceases within 30 days of account deletion.
2.3 Nature and Purpose
| Purpose |
Description |
| Service delivery | Storing and displaying user-entered data across all HALO modules |
| Authentication | Account creation, login, session management |
| Notifications | Delivering in-app and email notifications configured by the user |
| Calendar sync | Synchronising calendar events with connected external services (optional) |
| Payment processing | Managing subscriptions via Stripe (payment details processed by Stripe directly) |
2.4 Types of Personal Data
- Account data (name, email, hashed password)
- Health and wellbeing data (special category data under Article 9 GDPR)
- Financial data (accounts, transactions, budgets)
- Goals, habits, and tasks data
- Family member information
- Home management data
- Technical data (session cookies, server logs)
2.5 Categories of Data Subjects
- Registered users of the HALO Service
- Family members whose information is entered by registered users
3. Obligations of the Data Processor
The Data Processor shall:
3.1 Lawful Processing
- Process Personal Data only on documented instructions from the Data Controller, unless required by EU or Member State law
- Inform the Data Controller if, in its opinion, an instruction infringes the GDPR or other data protection provisions
3.2 Confidentiality
Ensure that persons authorised to process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
3.3 Security Measures
Implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
- Encryption in transit — TLS/HTTPS for all data transmission
- Encryption at rest — All stored data encrypted at rest
- Access controls — Role-based access limited to authorised personnel
- Password security — Passwords stored using strong one-way hashing
- DDoS protection — Cloudflare protection against distributed denial-of-service attacks
- Regular security reviews — Ongoing assessment and improvement of security measures
- Backup procedures — Encrypted backups with controlled rotation schedules
3.4 Sub-processors
- Not engage another processor without prior written authorisation of the Data Controller
- Where general written authorisation has been given, inform the Data Controller of any intended changes concerning the addition or replacement of other processors
Current Sub-processors:
| Sub-processor |
Purpose |
Data Processed |
Location |
| Stripe | Payment processing | Billing information, payment method details | USA (EU-US DPF certified) |
| Cloudflare | Security and CDN | IP addresses, request metadata | Global (SCCs in place) |
| Google | Calendar sync (optional) | Calendar event data, OAuth tokens | USA (EU-US DPF certified) |
3.5 Data Subject Rights
- Assist the Data Controller by appropriate technical and organisational measures for the fulfilment of the Data Controller's obligation to respond to requests for exercising the Data Subject's rights under Chapter III of the GDPR
- The Service provides built-in tools for data export, data correction, and account deletion
3.6 Data Breach Notification
- Notify the Data Controller without undue delay after becoming aware of a Data Breach
- Provide the notification within 72 hours of becoming aware of the breach
- Include in the notification: nature of the breach, categories and approximate number of Data Subjects concerned, likely consequences, and measures taken or proposed to address the breach
3.7 Data Protection Impact Assessments
Assist the Data Controller with data protection impact assessments and prior consultations with supervisory authorities, taking into account the nature of processing and the information available to the Data Processor.
3.8 Deletion and Return of Data
- At the choice of the Data Controller, delete or return all Personal Data after the end of the provision of services
- Account deletion removes all Personal Data within 30 days
- Data export is available in CSV/ZIP format through the Service settings at any time
3.9 Audits and Inspections
- Make available to the Data Controller all information necessary to demonstrate compliance with the obligations laid down in Article 28 of the GDPR
- Allow for and contribute to audits, including inspections, conducted by the Data Controller or another auditor mandated by the Data Controller
4. Obligations of the Data Controller
The Data Controller shall:
- Ensure that the processing of Personal Data has a lawful basis under the GDPR
- Provide documented instructions for the processing of Personal Data
- Ensure that Data Subjects have been informed about the processing in accordance with Articles 13 and 14 of the GDPR
- Obtain explicit consent from Data Subjects for the processing of special category data (health data)
5. International Data Transfers
Where Personal Data is transferred outside the EU/EEA, the Data Processor ensures appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- EU-US Data Privacy Framework certification where applicable
- Adequacy decisions where relevant
6. Liability
Each party's liability under this DPA is subject to the limitations and exclusions of liability set out in the Terms of Service, except that neither party's liability for breaches of data protection obligations is limited.
7. Term and Termination
- This DPA takes effect when the Data Controller creates an account and accepts the Terms of Service
- This DPA terminates automatically upon deletion of the Data Controller's account
- Obligations regarding deletion of Personal Data survive termination
8. Governing Law
This DPA is governed by and construed in accordance with the laws applicable to the Terms of Service. For EU/EEA Data Subjects, the GDPR takes precedence over conflicting provisions.
9. Contact
For questions or requests regarding this DPA:
Email: privacy@halo.fit