← Back to Home

Data Processing Agreement

Last updated: August 15, 2025

1. Introduction

This Data Processing Agreement ("DPA") is entered into between CleanApp ("Data Processor" or "we") and the user of the CleanApp application ("Data Controller" or "you") in accordance with Article 28 of the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Definitions

For the purposes of this DPA:

• "GDPR" means the General Data Protection Regulation (EU) 2016/679
• "Personal Data" means any information relating to an identified or identifiable natural person
• "Processing" means any operation performed on Personal Data
• "Data Controller" means the entity determining the purposes and means of Processing Personal Data
• "Data Processor" means the entity Processing Personal Data on behalf of the Data Controller

3. Scope and Nature of Processing

3.1 Local Processing Only

CleanApp is designed to process all data locally on your device. We do not:

• Collect Personal Data from your device
• Transmit Personal Data to external servers
• Store Personal Data on our servers
• Access your photos, contacts, or other personal files

3.2 Processing Activities

The following processing activities occur locally on your device:

Processing Activity	Purpose	Data Location
Storage Analysis	Identify files for potential removal	Local device only
Photo Analysis	Detect duplicate photos	Local device only
Contact Management	Organize and deduplicate contacts	Local device only
Performance Monitoring	Analyze device performance	Local device only

4. Data Controller Responsibilities

As the Data Controller, you are responsible for:

• Ensuring you have a legal basis for Processing Personal Data
• Complying with applicable data protection laws
• Providing appropriate information to data subjects
• Handling data subject rights requests
• Maintaining the security of your device

5. Data Processor Responsibilities

As the Data Processor, we commit to:

• Processing Personal Data only as instructed by you
• Ensuring all Processing occurs locally on your device
• Not collecting or transmitting Personal Data
• Implementing appropriate security measures
• Assisting with data protection impact assessments if requested

6. Technical and Organizational Measures

Since all Processing occurs locally on your device, the following measures apply:

• Access Control: Your device's built-in security measures
• Data Encryption: Your device's encryption capabilities
• Backup Security: Your device's backup and recovery systems
• Network Security: No network transmission of Personal Data

7. Data Subject Rights

Since we do not collect or store Personal Data, data subject rights are primarily managed by you as the Data Controller:

• Right of Access: You control access to data on your device
• Right to Rectification: You can modify data directly on your device
• Right to Erasure: You can delete data from your device
• Right to Portability: You can export data from your device
• Right to Object: You can stop using the app at any time

8. Data Breach Notification

Since we do not collect or store Personal Data, the risk of data breaches on our systems is minimal. However, if you experience a security incident on your device:

• You are responsible for notifying relevant authorities if required
• You should assess the impact on Personal Data stored on your device
• We can provide technical assistance if requested

9. Subprocessors

We do not use subprocessors for Personal Data Processing since all Processing occurs locally on your device. The only third-party services we may use are:

• App Store: For app distribution and subscription management
• Analytics Services: For anonymous app usage statistics (no Personal Data)

10. International Transfers

No international transfers of Personal Data occur since all Processing is local to your device. However, if you use the app while traveling:

• Your device's local laws apply to data Processing
• No data is transferred to or from our servers
• You remain responsible for compliance with local laws

11. Duration and Termination

This DPA remains in effect for as long as you use CleanApp. Upon termination:

• All local Processing stops immediately
• No Personal Data is retained by us
• You should delete the app from your device
• Your device's security measures continue to protect your data

12. Audit Rights

Since we do not collect or store Personal Data, traditional audit rights do not apply. However, you may:

• Review our Privacy Policy and Terms of Service
• Contact us with questions about our data practices
• Request information about our technical architecture

13. Liability

Our liability under this DPA is limited to:

• Breaches of our obligations as Data Processor
• Direct damages caused by our Processing activities
• The amount paid for the app or subscription, if any

14. Governing Law

This DPA shall be governed by the same law as our Terms of Service. For EU users, GDPR provisions shall apply where applicable.

15. Contact Information

For questions about this DPA or data protection matters:

• Email: [email protected]
• Data Protection Officer: [email protected]
• Website: http://cleanapp.hayalisleri.com/

16. Changes to This DPA

We may update this DPA to reflect changes in our data processing practices or legal requirements. We will notify you of significant changes through the app or our website.