This Data Processing Agreement ("DPA") describes how RosterLedger ("Processor") processes personal information on behalf of a team or sports association ("Controller") that uses the Service. It forms part of, and is governed by, our Terms of Service. Associations that require a counter-signed copy may contact us at support@getrosterledger.com.
1. Roles of the parties
With respect to the team data entered into the Service (roster, contributions, sponsors, reimbursements, receipts, and ledger), the Controller determines the purposes and means of processing, and RosterLedger acts as Processor, processing that data only on the Controller's documented instructions — which include using the Service as intended.
2. Nature and purpose of processing
- Purpose: to provide team-treasury and bookkeeping functionality.
- Categories of data subjects: treasurers and other team officials, parents/guardians, sponsors, and players (who may be minors).
- Categories of personal data: names, contact details, roles, financial contributions and payment status, and information contained in uploaded receipts.
- Duration:for the term of the Controller's use of the Service, subject to Section 7.
3. Processor obligations
- Process personal data only on the Controller's instructions.
- Ensure persons authorized to process the data are bound by confidentiality.
- Implement appropriate technical and organizational security measures (Section 5).
- Not sell personal data or use it for our own marketing or advertising.
4. Sub-processors
The Controller authorizes RosterLedger to engage the following sub-processors, each bound by data-protection obligations no less protective than this DPA:
- Supabase — database, authentication, and file storage.
- Vercel — application hosting and content delivery.
- Stripe — subscription billing and payment processing.
- Resend — transactional email delivery.
We will give notice of any new sub-processor before it begins processing personal data, giving the Controller the opportunity to object.
5. Security measures
- Encryption of data in transit and at rest.
- Row-level access controls that isolate each team's data from every other team.
- Passwordless authentication and least-privilege access to systems.
- Restricted, audited use of administrative credentials.
6. Assistance to the Controller
Taking into account the nature of the processing, RosterLedger will assist the Controller in responding to requests from data subjects (access, correction, export, and deletion) — the Service's built-in export and delete tools provide much of this directly — and in meeting the Controller's security, breach-notification, and impact-assessment obligations.
7. Return and deletion of data
The Controller may export its data at any time. On termination, or on the Controller's request, RosterLedger will delete the team's personal data, including uploaded receipt files, except where retention is required by law.
8. Personal data breach
RosterLedger will notify the Controller without undue delay after becoming aware of a personal data breach affecting the Controller's data, and will provide information reasonably available to help the Controller meet its own notification obligations.
9. International transfers
Where personal data is transferred to a country other than the Controller's own, RosterLedger and its sub-processors apply appropriate safeguards for that transfer.
10. Governing law
This DPA is governed by the laws of the Province of Ontario and the federal laws of Canada applicable there.