Legal
Data Processing Addendum
Last updated: June 2026
Draft — pending legal review. This document is provided as an operational aid and must be reviewed by a licensed attorney before it is relied upon. It is not legal advice.
This Data Processing Addendum ("DPA") supplements the subscription agreement between the customer (the "Customer") and myagentworks llc, a New Jersey limited liability company doing business as eterni ("eterni"), governing eterni's provision of the Services (the "Subscription Agreement"). Capitalized terms not defined here have the meaning given in the Subscription Agreement.
1. Scope & Roles
This DPA supplements the Subscription Agreement and governs eterni's processing of Customer Data on the Customer's behalf. With respect to Customer Data, the funeral home Customer is the controller (or business) and eterni / myagentworks llc is the processor (or service provider). eterni processes Customer Data only on the Customer's documented instructions, including those set out in the Subscription Agreement and this DPA, except where required to do otherwise by applicable law.
2. Subject Matter & Duration
eterni processes Customer Data for the term of the Subscription Agreement plus any wind-down period during which eterni makes Customer Data available for export or completes deletion as described in Section 10. Processing continues only for so long as necessary to provide the Services or as required by applicable law.
3. Nature & Purpose
eterni processes Customer Data for the purpose of providing the Services, which may include AI voice answering, call coverage, triage and escalation, CRM and contact management, case management (CaseView), website chat, billing, and customer support.
4. Categories of Data & Data Subjects
The data subjects whose personal data may be processed include callers, families and next-of-kin, decedents, and the funeral home's staff and users. The categories of data may include contact details, caller phone numbers, call audio and transcripts, case and decedent records, scheduling information, and account and billing data.
5. Subprocessors
eterni uses the subprocessors below to provide the Services. eterni remains responsible for their performance and imposes data-protection terms on them that are no less protective than those in this DPA.
| Subprocessor | Purpose | Data |
|---|---|---|
| Clerk | Identity & authentication | Account emails, names, org IDs, optional phone |
| Supabase / AWS | Primary database hosting, US region | All customer, case, call-metadata, and billing records |
| Stripe | Payments & billing | Billing contact, payment method, invoice data |
| ElevenLabs | AI voice agent | Call audio, transcripts, caller numbers |
| Twilio | Telephony & SMS | Phone numbers, call & SMS metadata and content |
| Resend | Transactional email | Recipient email addresses, message content |
| n8n | Post-call workflow automation | Call transcripts, case data |
| Dropbox Sign | E-signature | Signer name/email, signed agreement PDFs |
| Sentry | Error monitoring | Diagnostic data that may include limited personal data |
| Vercel & Vercel Blob | Hosting, compute, logs, file storage | Application data, signed PDFs, uploaded documents, logos |
| Anthropic via Vercel AI Gateway | AI text extraction | Call transcripts, case text |
| Upstash | Rate-limiting | IP address, user identifier |
| Cloudflare | Webhook routing | Call webhook metadata |
| Optional social login | Email, name, avatar |
Customers may request the current subprocessor list and reasonable notice of new subprocessors by emailing support@myagentworks.ai.
6. Security Measures
eterni maintains technical and organizational measures designed to protect Customer Data, including:
- Encryption in transit (TLS) and at rest;
- Role-based access control;
- Tenant isolation via row-level security;
- Audit logging;
- Least-privilege service credentials;
- Secrets management.
7. Personal Data Breach
eterni notifies the Customer without undue delay, and no later than 72 hours after becoming aware of a personal data breach affecting Customer Data, providing the details then available and the remediation steps taken or planned.
8. Data Subject Requests
eterni provides reasonable assistance to help the Customer respond to data-subject requests for access, correction, deletion, and portability that the Customer is obligated to fulfill under applicable law.
9. International Transfers
Customer Data is hosted in the United States. Where applicable, transfer mechanisms such as the Standard Contractual Clauses apply to any cross-border transfer of personal data.
10. Return & Deletion
On termination of the Subscription Agreement, eterni makes Customer Data available for export for 30 days, then deletes it in the ordinary course of business, subject to legal retention obligations and routine backups that expire on their normal cycle.
11. Audits
eterni makes available to the Customer the information reasonably necessary to demonstrate compliance with this DPA.