Data Processing Agreement
Swepay's standard DPA for B2B customers — what it covers and how to request a signed copy.
If you operate a regulated entity and Swepay processes personal data on your behalf as part of a paid product (Native Guard, CA Manager, Passkey), we will sign a DPA before go-live. This marketing site itself is not a data processor for any customer.
To request the current DPA text, email engineering@swepay.com.br with your company name, jurisdiction, and which Swepay product you are integrating. We respond within one business day with the document and a DocuSign link.
The agreement covers roles (Swepay as processor, you as controller), categories of data, security measures, sub-processor list, breach-notification SLA, audit rights, and termination — aligned to LGPD Art. 39 and GDPR Art. 28. A downloadable PDF is on the roadmap.