Privacy
Data Processing Addendum.
This DPA explains how LER Web Services handles customer personal data when services require us to process that data on a client's behalf.
Last updated June 20, 2026
This DPA applies only where a written agreement, proposal, or statement of work references it or where applicable privacy law requires processor terms.
Roles
The client is generally the controller, business, or data owner for customer personal data submitted to, stored in, or processed through the client website or systems. LER Web Services acts as a processor, service provider, or vendor when we process that data only to provide covered services.
Processing instructions
LER Web Services will process customer personal data only as reasonably necessary to provide the requested services, follow documented client instructions, maintain security, troubleshoot issues, comply with law, or protect the website and related systems.
Security measures
We use reasonable administrative, technical, and operational safeguards based on the nature of the services, such as access limitation, credential handling practices, secure transmission where available, backups where contracted, and separation of client project materials where practical.
Subprocessors
LER Web Services may use hosting, infrastructure, support, analytics, email, form, payment, accounting, security, project management, and communication vendors to provide services. Subprocessor details are described on the Subprocessors page.
Assistance and requests
When a client receives a valid request related to customer personal data, LER Web Services will provide reasonable assistance within the scope of the services and the available systems. Significant requests may require additional scope or fees.
Incident notice
If LER Web Services becomes aware of a confirmed security incident affecting customer personal data in systems we manage for the client, we will provide notice without unreasonable delay after confirming the relevant facts and scope.
Return or deletion
At the end of the covered services, LER Web Services will return, delete, or make available customer personal data in our reasonable control, unless retention is required for legal, billing, security, backup, or dispute-resolution purposes.
Conflicts
If this DPA conflicts with a signed client agreement, the signed agreement controls unless applicable law requires otherwise.