Data Processing
Agreement
Managed by TDSZONE. Defining the rigorous standards of data stewardship, processing security, and jurisdictional compliance for our elite financial ecosystem.
Scope of Processing
This Data Processing Agreement (βDPAβ) is between TDSZONE (βProcessorβ) and the Member (βControllerβ). It governs the processing of Personal Data required to provide the CCSahihai financial concierge services.
- check_circle Wealth Management Intelligence
- check_circle Compliance Auditing & Reporting
- check_circle Predictive Portfolio Modeling
Data Security Measures
Encryption Protocols
We utilize AES-256 bit encryption for all data at rest and TLS 1.3 for data in transit. Our keys are managed in a geographically distributed HSM infrastructure with strict zero-trust access.
Hardware Auth
Mandatory YubiKey or biometric authentication for all processing systems.
SOC2 Type II
Continuous auditing of our security controls and operational environment.
Physical Air-Gapping
Sensitive private keys and archival data are stored in physical vaults with no external network connectivity.
Sub-processors
| Partner Entity | Processing Activity | Jurisdiction |
|---|---|---|
| AWS Cloud Services | Infrastructure & Storage | EU (Frankfurt) |
| Stripe, Inc. | Subscription Billing | USA / Global |
| TDS Analytics Hub | Risk & Compliance Modeling | Switzerland |
| SendGrid (Twilio) | Member Communications | USA |
TDSZONE maintains strict DPA agreements with all listed sub-processors to ensure the same level of protection.
Breach Notification
72-Hour Response
In the unlikely event of a Personal Data Breach, TDSZONE will notify the Controller without undue delay, and in any case, within 72 hours of becoming aware of the breach.
history Incident History
TDSZONE maintains zero critical security incidents since inception. We prioritize transparency and continuous monitoring.
24/7 Security Operations Center
This agreement is legally binding and is automatically incorporated into our standard Terms of Service upon membership activation.