Data processing terms for customer organizations
Last updated: February 16, 2026. This page summarizes Axon's DPA coverage and execution process for business customers.
On this page
Quick links to each section
Purpose
Axon's Data Processing Addendum (DPA) defines data protection obligations when Axon processes personal data on behalf of customer organizations.
The DPA is intended for business customers that require processor terms under GDPR, UK GDPR, and similar frameworks.
Controller and Processor Roles
In most customer deployments, the customer acts as controller (or business) and Axon acts as processor (or service provider) for customer data processed in the platform.
Each party remains responsible for legal obligations tied to its role.
Processing Details
The DPA covers categories of data, processing purposes, data subject categories, confidentiality commitments, and deletion/return obligations at end of service.
It also includes requirements for assisting customers with data subject requests and security incidents as required by law.
Subprocessors and Transfers
Axon uses vetted subprocessors to deliver the service. Subprocessor usage and updates are documented in the subprocessor list.
Where cross-border transfers apply, the DPA includes contractual safeguards for international data transfers.
Security Commitments
The DPA references Axon's technical and organizational measures, including access control, encryption in transit, auditability features, and incident response practices.
How To Request a DPA
To request Axon's current DPA template or executed DPA process, contact us using the legal/compliance email below and include your organization name and contracting entity details.
Contact
For legal, privacy, or compliance requests
Email: axon@xdbx.eu
Product URL: https://axon.xdbx.eu
Related docs: Subprocessor List, Privacy Policy, Legal Center.
This page is a product-facing legal summary and should be reviewed by your legal counsel for jurisdiction-specific requirements.