Data Processing Agreement.

How Allodis processes personal data on behalf of government jurisdictions.

Last updated: May 2026

Data processor: Inventur (Antigua) Ltd

1. Scope

This Data Processing Agreement (DPA) forms part of the Allodis subscription agreement and governs the processing of personal data by Inventur on behalf of the subscribing jurisdiction (the Controller).

2. Categories of data

  • Land record data: Parcel identifiers, coordinates, ownership records, RRR details
  • Identity data: Names, addresses, identification documents for KYC/KYB verification
  • Tax data: Property valuations, assessment records, payment histories
  • Operator data: Government employee names, roles, audit trail entries

3. Processing purposes

Personal data is processed solely to provide the Allodis land administration service as instructed by the Controller. Processing includes storage, retrieval, display, search indexing and audit logging.

4. Sub-processors

A current list of sub-processors is maintained at our sub-processors page. The Controller will be notified at least 30 days before any new sub-processor is engaged.

5. Data location

All data is stored within Microsoft Azure data centres. Primary: UK South. Disaster recovery: UK West. No data is transferred outside of the agreed processing locations without prior written consent.

6. Security measures

  • Encryption in transit (TLS 1.3) and at rest (AES-256)
  • Tenant-per-database isolation
  • Key Vault HSM for signing and encryption keys
  • Role-based access control with MFA enforcement
  • Immutable audit trail with hash chain integrity
  • Annual penetration testing and vulnerability scanning

7. Data subject rights

Inventur will assist the Controller in responding to data subject access requests, rectification requests, erasure requests and data portability requests within the timeframes required by applicable law.

8. Breach notification

Inventur will notify the Controller of any personal data breach without undue delay and in any event within 72 hours of becoming aware of the breach. Notification will include the nature of the breach, categories of data affected, and measures taken.

9. Data retention and deletion

Upon termination of the subscription, the Controller may export all data for 30 days. After this period, all personal data is securely deleted unless retention is required by law.

10. Audit rights

The Controller may audit Inventur's compliance with this DPA upon 30 days' written notice, no more than once per year. Inventur will make available all information necessary to demonstrate compliance.