Legal

Data Processing Addendum

Last updated: June 2026

Draft — pending legal review. This document is provided as an operational aid and must be reviewed by a licensed attorney before it is relied upon. It is not legal advice.

This Data Processing Addendum ("DPA") supplements the subscription agreement between the customer (the "Customer") and myagentworks llc, a New Jersey limited liability company doing business as eterni ("eterni"), governing eterni's provision of the Services (the "Subscription Agreement"). Capitalized terms not defined here have the meaning given in the Subscription Agreement.

1. Scope & Roles

This DPA supplements the Subscription Agreement and governs eterni's processing of Customer Data on the Customer's behalf. With respect to Customer Data, the funeral home Customer is the controller (or business) and eterni / myagentworks llc is the processor (or service provider). eterni processes Customer Data only on the Customer's documented instructions, including those set out in the Subscription Agreement and this DPA, except where required to do otherwise by applicable law.

2. Subject Matter & Duration

eterni processes Customer Data for the term of the Subscription Agreement plus any wind-down period during which eterni makes Customer Data available for export or completes deletion as described in Section 10. Processing continues only for so long as necessary to provide the Services or as required by applicable law.

3. Nature & Purpose

eterni processes Customer Data for the purpose of providing the Services, which may include AI voice answering, call coverage, triage and escalation, CRM and contact management, case management (CaseView), website chat, billing, and customer support.

4. Categories of Data & Data Subjects

The data subjects whose personal data may be processed include callers, families and next-of-kin, decedents, and the funeral home's staff and users. The categories of data may include contact details, caller phone numbers, call audio and transcripts, case and decedent records, scheduling information, and account and billing data.

5. Subprocessors

eterni uses the subprocessors below to provide the Services. eterni remains responsible for their performance and imposes data-protection terms on them that are no less protective than those in this DPA.

SubprocessorPurposeData
ClerkIdentity & authenticationAccount emails, names, org IDs, optional phone
Supabase / AWSPrimary database hosting, US regionAll customer, case, call-metadata, and billing records
StripePayments & billingBilling contact, payment method, invoice data
ElevenLabsAI voice agentCall audio, transcripts, caller numbers
TwilioTelephony & SMSPhone numbers, call & SMS metadata and content
ResendTransactional emailRecipient email addresses, message content
n8nPost-call workflow automationCall transcripts, case data
Dropbox SignE-signatureSigner name/email, signed agreement PDFs
SentryError monitoringDiagnostic data that may include limited personal data
Vercel & Vercel BlobHosting, compute, logs, file storageApplication data, signed PDFs, uploaded documents, logos
Anthropic via Vercel AI GatewayAI text extractionCall transcripts, case text
UpstashRate-limitingIP address, user identifier
CloudflareWebhook routingCall webhook metadata
GoogleOptional social loginEmail, name, avatar

Customers may request the current subprocessor list and reasonable notice of new subprocessors by emailing support@myagentworks.ai.

6. Security Measures

eterni maintains technical and organizational measures designed to protect Customer Data, including:

  • Encryption in transit (TLS) and at rest;
  • Role-based access control;
  • Tenant isolation via row-level security;
  • Audit logging;
  • Least-privilege service credentials;
  • Secrets management.

7. Personal Data Breach

eterni notifies the Customer without undue delay, and no later than 72 hours after becoming aware of a personal data breach affecting Customer Data, providing the details then available and the remediation steps taken or planned.

8. Data Subject Requests

eterni provides reasonable assistance to help the Customer respond to data-subject requests for access, correction, deletion, and portability that the Customer is obligated to fulfill under applicable law.

9. International Transfers

Customer Data is hosted in the United States. Where applicable, transfer mechanisms such as the Standard Contractual Clauses apply to any cross-border transfer of personal data.

10. Return & Deletion

On termination of the Subscription Agreement, eterni makes Customer Data available for export for 30 days, then deletes it in the ordinary course of business, subject to legal retention obligations and routine backups that expire on their normal cycle.

11. Audits

eterni makes available to the Customer the information reasonably necessary to demonstrate compliance with this DPA.