Last updated: June 13, 2026
Our Data Processing Agreement details how WebSandbox handles and protects personal data when acting as a data processor for our users, ensuring compliance with global data protection standards.
This Data Processing Agreement ("DPA") governs the processing of personal data by WebSandbox on behalf of our users. This agreement supplements our Privacy Policy and Terms of Service, and outlines our commitment to privacy and data protection laws, including the General Data Protection Regulation (GDPR).
For the purposes of this DPA and applicable data protection laws:
WebSandbox implements and maintains robust technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
Our security measures include encryption in transit, strict access controls, sandboxed execution environments (WebContainers), and regular security audits of our infrastructure.
To provide our services, WebSandbox may engage third-party subprocessors to process personal data. We ensure that all subprocessors are bound by written agreements that require them to provide at least the level of data protection required by this DPA.
Our current authorized subprocessors include:
We will notify users of any intended changes concerning the addition or replacement of subprocessors.
We will assist you, as the Data Controller, in fulfilling your obligations to respond to requests from data subjects exercising their rights under applicable data protection laws (such as the right to access, rectify, or delete data). If we receive a request directly from a data subject regarding data you control, we will promptly redirect the request to you.
If you have any questions, concerns, or feedback, feel free to reach out to us. We are always here to help.