Data Processing Addendum (DPA)
Last updated: 2026-06-01
1) Availability
A signed DPA with Memorajo LTD, the company that operates Nimriz, is available for B2B and enterprise customers, or for customers who need one for procurement or compliance review. To request one, email legal@nimriz.com.
2) Controller and processor roles
Nimriz is controller for its own website, dashboard, account administration, billing, product analytics, security, abuse prevention, platform reliability, subprocessors, legal, and operational processing.
For customer-controlled link analytics, conversion events, exports, webhooks, and integration deliveries performed on customer instructions, Nimriz acts as processor where the applicable product terms, DPA, or customer agreement says so. The customer remains controller for the campaign context it controls.
3) Processing scope (high level)
- Account, workspace, organization, membership, and settings data.
- Domain and link configuration required to operate redirects.
- Privacy-aware redirect analytics dimensions used for reporting, exports, integrations, security, and abuse prevention.
- Conversion events, attribution facts, webhook payloads, and integration deliveries configured by the customer.
- Consent-gated product analytics and CRM/support context for Nimriz website and dashboard operations.
Nimriz does not store raw IP addresses or full User-Agent strings in redirect analytics. Standard privacy may use daily-salted pseudonymous hashes to support per-day deduplication, unique-click reporting, security, and abuse detection. Strict privacy omits those hashes and selected granular fields such as city, colo, and sanitized referrer URL.
4) Customer instructions and assistance
Customer instructions are expressed through the product configuration, APIs, written agreements, and support requests. Customers are responsible for their campaign purposes, notices, legal basis, consent where required, destinations, pixels, conversion payloads, integrations, exports, webhooks, and downstream vendors.
Nimriz will provide reasonable assistance for data subject requests, deletion/export requests, security reviews, and subprocessor questions as described in the applicable agreement and required by law.
5) Subprocessors
Memorajo LTD relies on service providers to host and operate Nimriz. See the Subprocessors page for the current provider list, purposes, and location notes.
6) Security measures
We implement safety controls on link creation and redirect behavior, maintain privacy-aware analytics controls, limit raw identifier storage, and use access controls appropriate to the service. For an overview of controls, encryption, and incident handling, see Security.
7) Related terms
For the standard service terms that apply outside a negotiated DPA, see our Terms of Service, Privacy Policy, Refund Policy, and Legal Notice.