Legal

Plain words. In writing.

We don't bury terms in 90-page PDFs. Pick a topic.

Customer-facing contracts

• Privacy Policy

  What we collect, why, and how to delete it. Multi-jurisdictional (EU / UK / CH / CA / BR / CA-QC / AU / JP / KR).
  →
• Terms of Service

  The customer contract. Liability, termination, export, operational responsibility.
  →
• Data Processing Addendum

  Art. 28 GDPR processor terms + 2021 SCCs + UK Addendum + Swiss overlay + CCPA service-provider clauses.
  →
• Subprocessors

  Every third party that touches your data, with regions and transfer mechanisms.
  →
• Service-Level Agreement

  Uptime commitments by plan; credit schedule; exclusions.
  →
• Acceptable Use Policy

  What you can and can't monitor with Sutrace; OT- and AI-specific provisions.
  →

Transparency + posture

• Security

  Annex II of our DPA — technical + organisational measures.
  →
• Cookie Policy

  First-party cookies + localStorage. No third-party trackers.
  →
• Accessibility

  WCAG 2.1 AA conformance + EAA / ADA posture + how to report a barrier.
  →
• Trust Center

  Live compliance readiness: SOC 2, ISO, NIS2, DORA, AI Act, IEC 62443.
  →
• CAIQ response

  Short-form answers to the most-asked procurement questions, mapped to CSA CAIQ v4.
  →

Questions: legal@sutrace.io · Privacy: privacy@sutrace.io · Security: security@sutrace.io · Accessibility: accessibility@sutrace.io