Skip to main content
TerraGridTechDigital receipts
ProductsFor POS companiesFor retailersUser WalletDevelopersResourcesCompanyContactPricing
Sign inRequest POS demo

Contracts

Data Processing Agreement

A standard B2B starting point that requires execution by the parties.

Version 1.0.0Effective 2026-07-17Last published 2026-07-17

On this page

Status and partiesScope, duration and rolesInstructions and customer dutiesConfidentiality and securitySubprocessors and transfersRights, incidents and compliance assistanceReturn and deletionAudit informationLiability, precedence and lawAnnex A — processing detailsAnnex B — security measures

Status and parties

This standard DPA is a starting point between TerraGrid Tech Private Limited and the business customer identified in an executed agreement. Viewing it alone does not execute or bind either party. Contact legal@terragridtech.com to execute a DPA.

Scope, duration and roles

It applies when TerraGridTech processes personal data on the customer’s documented instructions to provide receipt services, for the agreement’s duration plus lawful return, deletion and retention periods. The customer is controller/data fiduciary and TerraGridTech is processor/service provider for that data, unless a specific activity requires another lawful role.

Instructions and customer duties

TerraGridTech processes data only on documented instructions, including service configuration and lawful support requests, unless law requires otherwise. The customer must have authority and lawful grounds, give notices, minimise fields and avoid prohibited sensitive credentials.

Confidentiality and security

Authorised personnel are bound by confidentiality. Measures include encrypted transport, authentication, access controls, business isolation, restricted key visibility, audit logging, production-access controls, incident handling and secure development practices. These are risk-based controls, not a certification or disclosure of exploitable detail.

Subprocessors and transfers

Approved subprocessors are listed on the Subprocessor page. TerraGridTech remains responsible for required contractual protections. International transfers use appropriate safeguards where applicable, including applicable contractual clauses. Customer instructions cannot require unlawful transfer.

Rights, incidents and compliance assistance

Taking account of the processing and information available, TerraGridTech will reasonably assist with rights requests, security incidents, assessments and regulatory enquiries required by applicable law. Each party will notify the other through agreed channels without an unsupported universal deadline.

Return and deletion

At the customer’s lawful choice after service ends, TerraGridTech will return or delete processor data where practicable, except records retained for law, security, disputes, claims or legal holds. Retained data remains protected and limited to the retention purpose.

Audit information

TerraGridTech will provide reasonable existing compliance information and address justified questions. On-site or intrusive audits require advance agreement, confidentiality, security protections, reasonable scope and cost allocation, except where mandatory law requires otherwise.

Liability, precedence and law

Liability follows the commercial agreement and mandatory law. If this DPA conflicts with the commercial agreement on data processing, the executed DPA prevails for that issue; applicable transfer clauses prevail for covered transfers. Indian law governs except where mandatory data-protection law or transfer terms require otherwise.

Annex A — processing details

Subject: business receipt services. Nature: collection, validation, storage, transmission, retrieval, support, security and deletion. Data subjects may include customer personnel and receipt recipients. Data includes account, business, receipt, usage, device, audit and support information. Frequency and duration follow service use and the retention schedule.

Annex B — security measures

Measures include encrypted transport, identity and role controls, tenant/business isolation, secrets and key handling, logging, change review, backups where applicable, incident response, vendor review, vulnerability handling and personnel access restriction. Exact implementation may evolve without materially reducing required protection.

Legal and Privacy CentrePrivacy and Data RightsComplaints and Contact

TerraGridTech

TerraGrid Tech Private Limited

POS digital receipts for approved businesses and partners.

Registered office: Kaithal – 136042, Haryana, India

Available for appointments in Delhi, India.

Products

POS Digital ReceiptsMerchant POSUser WalletFuture solutions

Explore

DevelopersResourcesPartnersCompanyContact

Legal and privacy

Legal CentrePrivacyCookiesWebsite TermsProduct TermsSecuritySubprocessorsDPAAccessibilityAccount deletion

Account and contact

Admin sign incontact@terragridtech.comsupport@terragridtech.comCompany informationComplaints
© 2026 TerraGrid Tech Private LimitedCIN U62099HR2024PTC125054 · GSTIN 06AALCT2855L1ZU