DATA PROCESSING ADDENDUM · v1.1 · MAY 2026

How Teho processes approved Study data.

A summary of the DPA that accompanies every Master Services Agreement.

← Back to teho.ai Visit the Trust Centre

Status: Public legal-supporting summary. The executed DPA controls. The full DPA, deployment-specific subprocessor list, transfer mechanisms, and Standard Contractual Clauses are shared during contracting; any stronger contractual wording requires legal review.

1. Roles

For all observation activities under a Teho engagement, the client is the Data Controller and TEHO INTELLIGENCE LTD is the Data Processor. Both parties commit to processing personal data only on documented instructions, in line with UK GDPR and the Data Protection Act 2018.

2. What gets processed

The signals named in the engagement contract and deployment-control pack. Typical deployments include approved work-pattern signals such as application context, active-window title metadata, timestamps, duration, interaction-pattern labels, calendar metadata, ticket-system events, and communications timing. Optional screenshot, semantic, or LLM-enabled classification paths are included only where explicitly approved for the Study.

The agent is not designed to capture keystroke transcripts, credentials, microphone audio, camera video, or open-ended device history.

3. Where it gets processed

The Activity Analysis baseline is UK-hosted. Deployment-specific data flows are named before contract signature, including any optional evidence or LLM-classification paths. If screenshots, semantic evidence, or LLM classification are enabled, the relevant vendor, data category, region, and transfer mechanism are listed in the DPA/subprocessor schedule.

4. Sub-processors

The starting subprocessor schedule normally includes:

Sub-processor	Purpose	Region
Google Cloud	API, worker execution, database, object storage, secrets	UK regions
OpenAI	Optional classification path when enabled by deployment settings	Named per deployment
Engagement tools	Commercial and delivery documentation where used	Named per deployment

The final subprocessor list is narrowed to the client's actual deployment scope before signature and is not changed mid-pilot without notice. Optional evidence paths should not be treated as active unless they are named in that deployment-specific schedule.

5. Retention

Retention is configurable and agreed before deployment. Screenshot artefacts, if enabled, can be purged after successful classification or retained for the agreed window. Storage lifecycle controls and periodic purge jobs support deletion. Destruction evidence is available on request.

6. Data subject rights

The client remains the Controller and manages employee notices, rights requests, lawful basis, and internal HR process. Teho supports the Controller using the deployment manifest, data-flow summary, retention settings, and reporting posture agreed for the Study. Teho outputs are designed for team-level work redesign and are not automated employment-decision scores.

7. Security

See Security & data residency for the technical and organisational measures in place.

8. Notification

Personal data breaches are notified to the Controller without undue delay and within 24 hours of discovery. Privacy contact: info@teho.ai.