Data Processing Agreement.
This page describes how Moody Media AB acts as a data processor when delivering link building services to business clients (data controllers), and how to request a Data Processing Agreement (DPA) under GDPR Article 28.
Scope
Moody Media processes only the personal data needed to deliver services agreed with the client: typically the client’s contact details, billing data, and any campaign-specific data the client provides to us.
Subprocessors
- Simply.com / Cloudflare – hosting, CDN, security.
- Email provider – transactional and contact email delivery.
- Payment provider – invoicing and payment processing.
- Internal SEO tooling vendors (Ahrefs, Semrush, Moz, Majestic) – publisher vetting, no personal data shared.
Security
We apply industry-standard security: HTTPS everywhere, access control on internal systems, regular backups, and least-privilege access for staff. Incidents are reported to clients without undue delay.
How to sign a DPA
Email [email protected] with your legal entity details. We respond within 3 business days with our standard DPA template, which can be reviewed and signed digitally.
Last updated: 21 May 2026 · Reviewed by the Moody Media team