Data Processing Addendum
Effective April 27, 2026
This starter DPA page summarizes the current data processing posture for Studio customers evaluating SceneLock for team or client workflows.
Roles
For customer project inputs, brand assets, scripts, and uploaded media, the customer is generally the controller or business owner of the content and SceneLock acts as a processor or service provider.
For account, billing, security, and product operations data, SceneLock may act as an independent controller where needed to operate and protect the service.
Processing purpose
SceneLock processes customer data to provide account access, quote generation, provider routing, rendering, editing, export, publishing, billing, support, abuse prevention, and reliability monitoring.
Subprocessors
SceneLock uses infrastructure, payment, storage, logging, and AI provider subprocessors. BYO provider accounts are customer-selected destinations for approved workflows.
Studio customers can request the current subprocessor list and security summary at support@scenelock.app.
Deletion and export
SceneLock supports project export through JSON manifests and can process deletion requests through support. Ledger, billing, and security records may be retained where needed for business integrity.