> ## Documentation Index > Fetch the complete documentation index at: https://recurr.dev/docs/llms.txt > Use this file to discover all available pages before exploring further. # For your legal team > The contractual stack: MSA, DPA, data handling, termination + portability, IP ownership, indemnification, jurisdictional notes. Consolidated entry point for legal review. This page is the legal team's map of the Recurr engagement: what contracts apply, what data flows, what survives termination, where IP sits, and how indemnification works. The detailed terms live in the MSA itself — this page is the navigable summary. ## The contractual stack Three documents govern a Recurr migration engagement: ### Master Service Agreement (MSA) The primary contract between Recurr Pty Ltd and the customer. Covers: * Scope of services (Migration Program, platform fee period, lifecycle motions) * Fee structure (pilot deposit, Migration Program fee, platform fee, performance pricing) * Term + renewal mechanics * Termination triggers + notice periods * Confidentiality * Indemnification framework * Governing law + dispute resolution * IP ownership Standard MSA template is available on request during the Migration Review. Customer-specific MSA terms are negotiated during the pilot scoping phase. ### Data Processing Addendum (DPA) Attached to the MSA. Covers Recurr's role as a data processor for subscriber PII, including: * Categories of personal data processed * Subprocessor list * Cross-border transfer mechanics (Standard Contractual Clauses where applicable) * Data subject rights handling * Breach notification process * Audit rights The DPA is GDPR-aligned and CCPA-aligned by default. Customer-specific regulatory addenda (HIPAA, GLBA, etc.) are negotiated at contract time. ### Stripe Connect Terms The customer signs Stripe Connect's terms directly — Recurr is not in this contractual path. This puts the customer in direct contractual relationship with Stripe as the payment rail; Recurr acts as a Stripe Connect platform. ## Data handling + PII flow ### What PII Recurr processes * Subscriber email (raw + SHA256-hashed) * Subscriber identifier from the app's auth system * Subscription state (plan, status, period) * Payment metadata (no card details — those live with Stripe) * Optional: attribution metadata if provided by the customer's MMP Recurr does **not** process card numbers, CVV, or any PCI scope data directly — Stripe handles all card-data processing under PCI DSS Level 1. ### Where data lives * **Production data**: US-East (AWS region us-east-1) today; multi-region scoped post-customer-5 * **Backups**: encrypted, cross-region for disaster recovery * **Logs**: 90-day retention by default, configurable per customer ### Retention policy * Subscription state: retained for the duration of the engagement + 30 days post-termination for data-export purposes * Webhook events: 90-day default retention; longer retention configurable * Subscriber PII: deleted on customer instruction (right-to-be-forgotten requests routed through customer to Recurr) ### Subprocessor list Recurr's subprocessors fall into two categories: **Processors handling subscriber data** (named in the DPA): * **Stripe** — payment processing * **Supabase** — managed Postgres + auth (subscriber records, subscription state) * **Vercel** — hosting for customer-facing surfaces (branded checkout, billing portal, help center) * **Resend** — transactional email delivery * **AWS** — underlying infrastructure **Internal tooling** (operational only, no subscriber PII by default): * **Sentry** — error monitoring; subscriber identifiers excluded from logs * **PostHog** — Recurr's own product analytics for the tenant dashboard * **Google Workspace** — internal operations Customers receive 30-day advance notice of additions to the subscriber-data subprocessor list. Internal tooling changes are not subject to notification. ## Termination + portability ### Termination triggers Either party may terminate for material breach with 30 days' cure period. Standard MSA terms also include: * Customer convenience termination at end of annual term with 60 days' notice * Recurr operational termination only for cause (non-payment, breach, regulatory) ### What survives termination Critically, the **customer's Stripe Connect account is in the customer's name** — not Recurr's. Subscriptions live in the customer's Stripe account directly. Recurr is the operational interface for managing them. If Recurr ceases to operate or the engagement terminates: 1. Subscriptions continue billing through Stripe uninterrupted — payment processing, billing schedule, and subscription state are native to your Stripe account, not Recurr's infrastructure 2. Account control transitions to the customer via Stripe's standard platform-disconnection process — direct for engagements on Stripe Standard Connect, mediated through Stripe support for embedded-dashboard engagements 3. The only thing affected is the operational interface (Recurr's dashboard); the underlying billing rail is untouched This is structural, not contractual. There is no migration-of-data step required to recover from a Recurr-disappearance scenario. ### Data export on termination On termination, Recurr exports: * Full subscriber + subscription state (CSV + JSON) * Historical webhook events (queryable via replay API for the retention window) * Operator dashboard activity log Export delivered within 30 days of termination. Customer retains export indefinitely. ### Notice periods | Termination type | Notice | | --------------------------- | ---------------------------------- | | End of term (convenience) | 60 days | | Material breach (with cure) | 30 days from cure-period close | | Customer non-payment | 60 days from payment due date | | Regulatory / legal mandate | Immediate, with notice to customer | ## IP ownership Three buckets: * **Customer data** (subscribers, subscriptions, events, customer-uploaded content) — **customer property**. Recurr has a license to process for service delivery; no other rights. * **Customer brand** (logos, brand colors, brand voice, custom messaging) — **customer property**. Used on Recurr-hosted surfaces (checkout, portal, help center) under license for service delivery; license terminates on engagement termination. * **Recurr platform** (software, infrastructure, methodology, documentation) — **Recurr property**. Customer has a service-delivery license; no rights to the underlying platform. **Aggregate/anonymized data** — Recurr may use aggregated, anonymized data (e.g., industry benchmarks, methodology improvements) without naming customers. Customer-specific identifying details are never used in external materials without explicit consent. ## Indemnification framework Standard mutual indemnification with caps: ### Recurr indemnifies the customer for * Third-party claims arising from Recurr's gross negligence or willful misconduct * IP infringement claims relating to the Recurr platform (excluding customer-supplied content) * Data breaches caused by Recurr's failure to maintain its security posture per the DPA ### Customer indemnifies Recurr for * Third-party claims arising from customer-supplied content (subscriber data, brand assets, custom messaging) * Customer's misuse of the platform * Customer's regulatory non-compliance for matters outside Recurr's scope ### Caps + carve-outs * Standard cap: fees paid in the prior 12 months * Uncapped carve-outs: data breach (Recurr's caused), gross negligence, willful misconduct, IP infringement Specific caps and carve-outs are negotiable at MSA execution. ## Jurisdictional notes ### Recurr entity **Recurr Pty Ltd** — Australian Pty Ltd company. ABN: 31 693 957 809. Registered office: Australia. Banking + invoicing details on the engagement-specific invoice. ### Governing law Default: customer's preferred jurisdiction. Most engagements settle on Delaware (US customers), England + Wales (UK customers), or New South Wales (AU customers). ### Insurance posture Recurr maintains commercial cyber + tech E\&O insurance scaled to ICP band: * Pre-customer #1: $2M/$2M aggregate (Cyber + Tech E\&O combined) * Band 2 customers: $5M/$5M * Band 3 customers: $10M Cyber + $5M Tech E\&O + Crime coverage Customer named as additional insured on request. Certificate of insurance available during contract negotiation. ## Cross-references * [Compliance posture →](/trust/compliance-posture) — GDPR, CCPA, SOC 2 status * [Data handling →](/trust/data-handling) — full PII flow + retention detail * [Portability + reversibility →](/trust/portability-and-reversibility) — exit mechanics * [Risk register →](/trust/risk-register) — what could go wrong, including legal-adjacent * [Procurement →](/for-your-role/procurement) — vendor risk + insurance + entity info