1. Parties and subject matter

The client company acts as Data Controller and MockdatScreen as Data Processor. The purpose is to regulate the processing required to provide the SaaS platform for projects, videos and documents.

2. Documented instructions

MockdatScreen will process data only under the Controller’s documented instructions: contract, account configuration, support tickets and actions performed in the platform.

3. Confidentiality

  • Authorised personnel are bound by confidentiality duties.
  • Internal access is limited to operational, support or security needs.
  • Confidentiality obligations survive termination of the contractual relationship.

4. Technical and organisational measures

  • Encryption in transit using TLS.
  • Secure authentication using httpOnly cookies and rotating refresh tokens.
  • RBAC access controls and company/project separation.
  • Consent records and relevant administrative action logs.

5. Sub-processors

Sub-processorService
Cloudflare R2File storage
Supabase / PostgreSQLDatabase
ResendTransactional email

6. Return or destruction

When the service ends, MockdatScreen will facilitate data export and, after the agreed period or under the Controller’s instruction, delete storage files and operational records while keeping only legally required evidence.

7. Security breaches

MockdatScreen will notify the Controller without undue delay and, in any event, within 24 hours after becoming aware of a breach affecting personal data.

© 2026 MockdatScreen. All rights reserved.