Customer Data Processing Addendum

1. Roles and Scope

• The retirement village operator remains the controller of customer personal information.
• Apworth acts as the processor for data handled through the hosted platform.
• The scope covers resident profiles, staff accounts, messages, calendars, service requests, operational notes, prospect records, audit logs, and technical support metadata.

2. Processing Purpose

• Provide the hosted Apworth service and enforce access controls.
• Store, retrieve, and display customer-entered records.
• Deliver support, troubleshooting, security monitoring, backups, and restoration workflows.

3. Security and Assistance

Apworth maintains administrative, technical, and organisational safeguards appropriate to the service risk profile, including the controls listed in the Security Schedule.

• Reasonable assistance is available for access, correction, deletion, export, and privacy assessment requests.
• Security incidents affecting customer data are notified without undue delay after confirmation.
• Customers can request written responses to reasonable security questionnaires and proportionate supporting evidence.

4. Subprocessors and Data Lifecycle

• Approved subprocessors may be used to operate the service and are listed in the public subprocessor register.
• Customer data can be exported in machine-readable form, typically JSON or CSV, on request.
• Deletion and retention follow the commercial agreement and backup policy that applies to the customer environment.