TeleRadar
Home
Features
Pricing
Get Started
Features8 / 17
Message ForwardingAuto-forward messages across channels and chats, zero delay.
AI DigestsGPT-powered summaries from your Telegram channels.
Content FilteringFilter by keywords, media types, and custom rules.
Threat Hunting RulesDeploy 100+ custom rules to detect suspicious patterns.
Threat Search1,000 monthly credits for advanced threat intelligence queries.
Malware AnalysisScan suspicious files and links with integrated analysis.
Feed Sources50+ curated sources for comprehensive intelligence.
Subscription MonitoringPersistent monitoring for channels and threat indicators.
View all 17 features →
HomeFeaturesPricing
LoginSign Up
TermsPrivacyAcceptable UseDPASubprocessorsLaw EnforcementCookies

Data Processing Agreement

Effective date: June 24, 2026

Contents
  1. Scope and Applicability
  2. Definitions
  3. Roles of the Parties
  4. Processing Instructions
  5. Sub-processing
  6. Data Security
  7. Data Subject Requests
  8. Data Breach Notification
  9. Data Protection Impact Assessments
  10. International Transfers
  11. Audit Rights
  12. Deletion and Return of Data
  13. Term and Termination

1.Scope and Applicability

This Data Processing Agreement (“DPA”) forms part of the Terms of Service between TeleRadar (“Processor”) and the Customer (“Controller”). It applies whenever TeleRadar processes Personal Data on behalf of the Customer in connection with the Service.

This DPA is designed to meet the requirements of the EU General Data Protection Regulation (GDPR), the Turkish Personal Data Protection Law (KVKK), the California Consumer Privacy Act (CCPA), and the UK Data Protection Act 2018.

2.Definitions

“Personal Data” means any information relating to an identified or identifiable natural person that is processed by TeleRadar on behalf of the Customer through the Service.

“Processing” means any operation performed on Personal Data, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, erasure, or destruction.

“Sub-processor” means any third party engaged by TeleRadar to process Personal Data on behalf of the Customer. The current list is maintained at teleradar.org/subprocessors.

3.Roles of the Parties

The Customer acts as the Controller (or, where applicable, the Business under CCPA) and determines the purposes and means of processing. TeleRadar acts as the Processor (or Service Provider under CCPA) and processes Personal Data only on behalf of and in accordance with the Customer’s documented instructions.

4.Processing Instructions

TeleRadar will process Personal Data only in accordance with the Customer’s documented instructions, including with regard to transfers of data to a third country, unless required to do so by applicable law. In such a case, TeleRadar will inform the Customer of that legal requirement before processing, unless the law prohibits such notification.

The subject matter, duration, nature, and purpose of processing, as well as the categories of data subjects and types of Personal Data, are described in Annex 1 of this DPA (available upon request).

5.Sub-processing

The Customer provides general written authorization for TeleRadar to engage sub-processors. TeleRadar maintains a current list of sub-processors at teleradar.org/subprocessors.

TeleRadar will notify the Customer at least 30 days before adding or replacing a sub-processor. If the Customer objects to a new sub-processor on reasonable data protection grounds, the Customer may terminate the affected Service component without penalty within 30 days of the notification.

TeleRadar imposes the same data protection obligations on each sub-processor as set out in this DPA through a written contract.

6.Data Security

TeleRadar implements and maintains appropriate technical and organizational measures to protect Personal Data, including:

  • AES-256-GCM encryption at rest with per-tenant key isolation
  • TLS 1.3 encryption for all data in transit
  • Multi-factor authentication for all operator and administrative access
  • Role-based access control with least-privilege principles
  • Continuous monitoring, anomaly detection, and audit logging
  • 90-day key rotation cycle with HSM-rooted key management

A detailed overview of security controls is available at teleradar.org/security.

7.Data Subject Requests

TeleRadar will assist the Customer in responding to data subject requests (access, rectification, erasure, restriction, portability, and objection) by providing appropriate technical and organizational measures, insofar as this is possible.

If TeleRadar receives a data subject request directly, we will promptly redirect the individual to the Customer, unless legally prohibited from doing so.

8.Data Breach Notification

TeleRadar will notify the Customer without undue delay (and in any event within 72 hours) after becoming aware of a Personal Data breach. The notification will include:

  • A description of the nature of the breach, including categories and approximate number of data subjects affected
  • The name and contact details of the point of contact for further information
  • A description of the likely consequences of the breach
  • A description of the measures taken or proposed to address the breach

9.Data Protection Impact Assessments

TeleRadar will provide reasonable assistance to the Customer in conducting data protection impact assessments and prior consultations with supervisory authorities, where required under applicable data protection law, taking into account the nature of processing and the information available to TeleRadar.

10.International Transfers

TeleRadar processes data in Turkey (TR), the United States (US), and the European Union (EU). For transfers outside the EEA or Turkey, TeleRadar relies on:

  • EU Standard Contractual Clauses (SCCs) — Commission Implementing Decision (EU) 2021/914
  • UK International Data Transfer Agreement (IDTA) where applicable
  • Adequacy decisions where available

Copies of the executed SCCs are available upon request from privacy@teleradar.org.

11.Audit Rights

TeleRadar will make available to the Customer all information necessary to demonstrate compliance with this DPA and will allow for and contribute to audits, including inspections, conducted by the Customer or an independent auditor mandated by the Customer.

Audit requests must be submitted with at least 30 days’ written notice and shall be conducted during normal business hours, no more than once per year, unless a regulatory authority or data breach requires additional audits.

12.Deletion and Return of Data

Upon termination of the Service, TeleRadar will, at the Customer’s choice, delete or return all Personal Data within 30 days, unless applicable law requires continued storage. TeleRadar will certify the deletion in writing upon request.

13.Term and Termination

This DPA takes effect upon the Customer’s acceptance of the Terms of Service and remains in effect for as long as TeleRadar processes Personal Data on behalf of the Customer. The obligations imposed by this DPA survive termination of the agreement to the extent necessary to protect Personal Data.

DPA Inquiries

For questions about this DPA or to request a signed copy, contact privacy@teleradar.org.

CompliantGDPR
CompliantCCPA
EncryptionAES-256 · TLS 1.3
InfrastructureTR · US · EU
TeleRadar

The Telegram automation platform that never sleeps. Monitor, forward, and transform your message flow.

Product

FeaturesPricingAPI

Company

AboutContact

Resources

DocsSecurityDiscordStatus

Legal

Terms of ServicePrivacy PolicyAcceptable UseDPASubprocessorsLaw EnforcementCookie Policy

© 2024 TeleRadar. All rights reserved.