Legal

Data Processing Addendum

Terms for when undef games processes personal data on behalf of a business or developer customer.

Effective date: June 28, 2026

This Data Processing Addendum (“DPA”) applies where MindTenet™ LLC (operating undef games, “Undef”, “Processor”) processes personal data on behalf of a business or developer customer (“Customer”, “Controller”) in providing our identity, billing, developer, or platform Services. It forms part of the agreement between Undef and the Customer (the “Agreement”). For consumers using our own Services, the Privacy Policy governs.

This is a standard-form DPA. For a signed DPA or one incorporating the EU Standard Contractual Clauses, contact [email protected].

1. Roles and scope

The Customer is the Controller and Undef is the Processor for personal data Undef processes to provide the Services (“Customer Personal Data”). Undef processes it only to provide the Services and on the Customer’s documented instructions, including as set out in the Agreement and this DPA.

2. Undef’s obligations

Undef will: (a) process Customer Personal Data only on documented instructions; (b) ensure personnel are bound by confidentiality; (c) implement appropriate technical and organizational security measures; (d) assist the Customer, taking into account the nature of processing, with data-subject requests and with security, breach-notification, and impact-assessment obligations; (e) notify the Customer without undue delay after becoming aware of a personal-data breach; and (f) at the Customer’s choice, delete or return Customer Personal Data at the end of the Services, except where retention is required by law.

3. Subprocessors

The Customer authorizes Undef to engage the subprocessors listed at /subprocessors/. Undef imposes data-protection terms on each subprocessor no less protective than this DPA and remains responsible for their performance. Undef will update the list and give the Customer a chance to object to material changes.

4. International transfers

Where Customer Personal Data is transferred across borders, the parties will rely on an appropriate transfer mechanism (such as the EU Standard Contractual Clauses or the UK IDTA), which are incorporated by reference where they apply.

5. Audits

Undef will make available information reasonably necessary to demonstrate compliance with this DPA and allow for audits, subject to reasonable confidentiality and security conditions.

6. Liability

Each party’s liability under this DPA is subject to the limitations and exclusions in the Agreement.

Contact: [email protected] — MindTenet™ LLC, 8225 SW Cirrus Dr, Beaverton, OR 97008, United States.