Last updated on Last updated: 21 Nov 2025
This Data Processing Addendum (“DPA”) forms part of the Terms of Service or other written or electronic agreement (“Agreement”) between the user (“Customer”) and Efficient Dollar (“Processor”, “we”, “us”, “our”) under which Efficient Dollar provides services to the Customer.
This DPA reflects the parties’ agreement on the processing of personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the UK GDPR, and similar regulations where applicable.
If there is any conflict between this DPA and the Agreement, this DPA shall prevail with respect to personal data processing.
For the purposes of this DPA:
The Customer is the Controller of Customer Data. The Customer determines the purposes and means of processing.
Efficient Dollar acts as the Processor, processing Customer Data solely on behalf of the Customer and only as instructed under the Agreement and this DPA.
Efficient Dollar processes Customer Data for the following purposes:
Efficient Dollar will not process Customer Data for any purposes other than those outlined above or as instructed by the Customer.
Efficient Dollar will process Customer Data:
Upon request, Customer Data will be deleted or returned, except where retention is required by law.
Depending on the Customer’s use of the service, Customer Data may include:
When the Customer connects financial accounts via Plaid, Customer Data may include:
Bank login credentials are never accessible to Efficient Dollar.
Efficient Dollar agrees to:
We process Customer Data only based on instructions from the Customer.
All persons authorized to process Customer Data are bound by confidentiality obligations.
We implement appropriate technical and organizational measures to ensure a level of security appropriate to risk. These include:
See our Security Practices page for additional details.
Efficient Dollar may engage Sub-processors to provide services. Current categories include:
Efficient Dollar ensures Sub-processors are bound by written agreements with security and privacy obligations no less protective than those in this DPA.
We assist the Customer in fulfilling GDPR obligations, including:
Efficient Dollar will notify the Customer without undue delay after becoming aware of a Personal Data Breach affecting Customer Data.
Upon Customer request or account deletion, Efficient Dollar will delete or return Customer Data, except where retention is legally required.
Customer Data may be transferred to and processed in the United States or other countries where Efficient Dollar or its Sub-processors operate.
Transfers will be conducted according to applicable data protection laws and safeguarded by appropriate mechanisms.
The Customer agrees to:
Efficient Dollar may use Sub-processors for certain processing activities. Upon request, we will provide a list of Sub-processor categories.
The Customer may object to new Sub-processors on reasonable grounds relating to data protection.
Efficient Dollar will:
Formal on-site audits may be permitted depending on the Agreement and at the Customer’s expense, provided they do not compromise security or confidentiality.
Liability under this DPA follows the limitations and exclusions set forth in the Agreement unless prohibited by applicable law.
This DPA remains in effect for as long as Efficient Dollar processes Customer Data under the Agreement.
Upon termination, Efficient Dollar will delete or return Customer Data in accordance with Section 6.7.
If you have questions about this DPA or how we process Customer Data, you can contact us at:
This DPA is effective from the date listed above and forms part of the Agreement between the Customer and Efficient Dollar.