💡 Want a prompt that isn't here? Tell us — we build the vault around you.
← Back to NeLocker

Data Processing Addendum

Last updated: June 14, 2026

This Data Processing Addendum ("DPA") forms part of the Terms of Service between you ("Controller") and WeKnowTech, an LMK product ("NeLocker," "Processor") where NeLocker processes personal data on your behalf — for example when you gift seats to your team. It applies to the extent the GDPR, UK GDPR, or CCPA/CPRA governs that processing. Where this DPA and the Terms conflict on data protection, this DPA controls.

1. Roles & scope

You are the Controller of personal data you submit; NeLocker is the Processor. NeLocker processes personal data only to provide the Service, per your documented instructions (which include the Terms and your use of the Service), and as required by law.

2. Nature of the data

Subject matter: providing the NeLocker prompt-library service. Data subjects: you and any team members you invite. Categories: account identifiers (email), authentication data, billing metadata, and usage/preferences. We do not seek special-category data, and you should not submit it.

3. Subprocessors

We use the following subprocessors to run the Service. Each is bound by data-protection terms at least as protective as this DPA. We will give notice of material changes to this list.

SupabaseDatabase, authentication, and storage (hosting + access control)
VercelApplication hosting and delivery
StripePayment processing and subscription billing
ResendTransactional and notification email
AnthropicAI generation for certain on-site content (no customer personal data is sent for this)

4. Security

NeLocker maintains appropriate technical and organizational measures, including row-level access controls, encryption in transit, scoped server-side keys, and least-privilege access. See our Privacy Policy for more.

5. Data subject rights & assistance

Taking into account the nature of the processing, NeLocker will provide reasonable assistance to help you respond to data-subject requests (access, deletion, correction, portability) and to meet your security, breach-notification, and impact-assessment obligations.

6. International transfers

Where personal data is transferred across borders, the transfer relies on a lawful mechanism (such as the EU Standard Contractual Clauses) offered by the relevant subprocessor.

7. Deletion & return

On termination, NeLocker will delete or return personal data within a commercially reasonable period, except where retention is required by law.

8. Contact

For data-protection matters, contact hello@nelocker.com.

Questions about this policy? Contact support@nelocker.com.