Auth0 Home Blog Docs

Is there a Data Processing Agreement/Addendum on its way?


Hi. To comply with the upcoming GDPR, we are required to sign or at least confirm Data Processing Agreements/Addendums with all the services that we use (Auth0, Amazon…). Is Auth0 working on formulating a DPA or is it not deemed necessary? Thanks you!

Kind regards,



We will have an updated policy this week.


It says in this doc that the DPA is only available for Enterprise customers. Is that the current position that Auth0 is taking? The last time I checked the Enterprise Tier was starting at 18K annually, which is currently outside of our budget. Is there a more cost-friendly solution that is being considered for non-enterprise customers?


The full statement is:

Auth0 is responsible for:

Following the data processor’s instructions as explicated in the Subscription Agreement (SA) and Data Processing Addendum (DPA) (for enterprise customers) or Terms of Service (for self-service customers)

depending on if you’re a enterprise customer or self-service customer is where you’ll find the updated terms.


Thanks for clarifying.