BetterLytix Tech LLC — Version 1.0

Last Update: November 26, 2025
Controller: BetterLytix Tech LLC

This Data Processing Agreement (“Agreement”, “DPA”) is entered into between:

(1) BetterLytix Tech LLC, a company registered in Nevis (“Controller”),
and
(2) The User, accessing or using BetterLytix services (“Data Subject”).

This DPA forms an integral part of the Terms & Conditions, Privacy Policy, and other compliance documents of BetterLytix Tech LLC.

1. Purpose of This Agreement

This DPA governs the processing of personal data performed by BetterLytix Tech LLC in connection with:

• user accounts
• membership management
• affiliate program administration
• customer support
• payment confirmation
• access to Telegram channels and dashboards

BetterLytix Tech LLC acts as the Data Controller, determining the purposes and means of processing.

External service providers (Stripe, Cloudflare, AWS, Telegram, etc.) act as Data Processors.

2. Definitions

• Personal Data: Any information relating to an identifiable individual.
• Processing: Any operation performed on personal data.
• Controller: Entity determining the purpose of processing (BetterLytix Tech LLC).
• Processor: Third-party service provider processing data on behalf of the Controller.
• Sub-Processor: A processor engaged by another processor.
• Data Subject: The user whose personal data is processed.

3. Nature and Purpose of Processing

BetterLytix processes personal data strictly for:

• account creation and platform access
• authentication (Telegram channels, dashboard)
• payment verification (no card data stored)
• fraud prevention
• customer support communication
• affiliate commission distribution
• compliance with legal obligations (AML/CFT laws)

No automated decision-making or profiling with legal effect is conducted.

4. Categories of Personal Data Processed

BetterLytix may process the following categories:

A. Identification Data

• Name
• Email
• Telegram username
• Country of residence

B. Transaction Data

• Payment confirmations
• Subscription dates
• Membership status
  (BetterLytix does not store payment card numbers)

C. Technical Data

• IP address
• Device/browser type
• Login timestamps
• Dashboard interaction data

D. Communication Data

• Support messages
• Service requests

BetterLytix does not collect sensitive personal data unless legally required.

5. Sub-Processors

BetterLytix may uses external service providers (“Sub-Processors”), including:

• Stripe (payment processing)
• CoinPayments or crypto PSPs
• Cloudflare (security, CDN)
• AWS / DigitalOcean (infrastructure)
• Telegram (communication channel)
• TwoCheckout / Paddle (optional future PSP)
• And others

All Sub-Processors act in accordance with Article 28 GDPR standards, SCCs, or equivalent safeguards.

A full list of Sub-Processors is maintained internally and can be requested.

6. International Data Transfers

Because BetterLytix is a global service, personal data may be processed or stored outside the user’s country, including:

• Nevis
• EU/EEA
• USA
• UAE
• Singapore

Transfers to non-EU countries follow:

• Standard Contractual Clauses (SCCs),
• Adequacy decisions, or
• Other approved transfer mechanisms.

By using the platform, the user acknowledges and accepts these transfers.

7. Security Measures

BetterLytix implements appropriate technical and organizational measures, including:

• SSL/TLS encryption
• Firewalls & DDoS protection
• Access control restrictions
• Server hardening
• Encrypted backups
• Employee confidentiality obligations

BetterLytix uses a privacy-by-design and data-minimization approach.

8. Data Retention

Personal data is kept only as long as required:

• Account data: up to 5 years after inactivity
• Payment/transaction records: 5 years (audit obligation)
• Technical logs: 12 months
• Support messages: 24 months
• Affiliate data: as required for tax compliance

Data is either deleted or irreversibly anonymized after expiry.

9. User Rights (GDPR-Aligned)

Users have the right to:

• Access their data
• Rectify inaccurate data
• Request erasure (“right to be forgotten”)
• Restrict processing
• Request data portability
• Object to processing

Requests can be submitted via email to the official support address.

BetterLytix will respond within a reasonable timeframe (max. 30 days).

10. Obligations of the Controller (BetterLytix)

BetterLytix agrees to:

• process personal data lawfully and transparently
• comply with applicable privacy laws
• use Sub-Processors only under proper safeguards
• maintain records of processing activities
• notify users in case of high-risk data breaches (if required by law)

11. Obligations of the Data Subject (User)

Users agree to:

• provide accurate information
• use the platform legally
• not share access credentials
• comply with local data protection laws
• secure their devices and accounts

12. Breach Notification

If a data breach occurs:

• BetterLytix will take immediate containment measures
• notify affected users if required
• cooperate with authorities where applicable

The threshold for notification follows GDPR Article 33–34 standards.

13. Termination

When a user deletes their account or terminates service:

• access is revoked immediately
• data is anonymized or deleted per retention rules
• Sub-Processors delete data upon instruction

Some data may remain archived only for legal compliance (tax & audit).

14. Governing Law

This DPA is governed by the laws of St. Kitts & Nevis.

For EU users, processing is interpreted in alignment with the GDPR to the extent applicable.

15. Severability

If any part of this DPA is found invalid, all remaining sections continue in full force.

16. Acceptance

By using BetterLytix services, the user acknowledges:

• they understand and accept this DPA,
• they understand their rights,
• they accept the use of Sub-Processors and international transfers.

17. Cross-Document Acceptance

By accessing or using any BetterLytix Tech LLC service, you confirm that you:

1. have read, understood, and accepted this document in full,
2. acknowledge that this document operates together with all other legal documents published by BetterLytix Tech LLC, including but not limited to:
   • • Terms & Conditions
     • Privacy & Cookies Policy
     • Data Processing Agreement (DPA)
     • Refund & Cancellation Policy
     • Acceptable Use Policy (AUP)
     • Risk Disclaimer
     • Affiliate Agreement
     • Tax Declaration
     • AML & CFT Compliance Statement
     • Compliance Statement
     • Terms of Access for Telegram
     • Cookie & Tracking Declaration
     • any additional legal documents, policies, guidelines, or statements that may be introduced in the future.

3. agree that each of these documents complements and reinforces the others as part of a unified legal framework,
4. acknowledge that all current and future BetterLytix legal documents are binding upon publication,
5. accept that updates or additions to any legal document apply automatically to your continued use of the platform,
6. agree that hyperlinks to such documents constitute valid and enforceable legal notice,
7. understand that using the platform requires full acceptance of ALL current and future linked policies without exception,
8. accept that any breach of any individual document may result in suspension, restriction, or termination of access,
9. agree that the governing law for all documents is St. Kitts & Nevis,
10. confirm that BetterLytix Tech LLC may modify, expand, or update these legal documents at any time,
11. agree that continued use after any modification constitutes automatic acceptance,
12. acknowledge that all cross-linked documents form the complete, binding legal agreement between you and BetterLytix Tech LLC.