Documents
Legal Documents
Data Processing Agreement

Data Processing Agreement

This Data Processing Agreement (“Agreement”) is entered into between the user (“Data Controller”) and Xapion, Inc., a company incorporated in Delaware, and website at https://xapion.com (“Data Processor”).

Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Processing: Any operation performed on personal data, whether by automated means.

Purpose

The purpose of this Agreement is to ensure that the Data Processor processes the Personal Data in compliance with the obligations of data protection laws and regulations.

Data Processor’s Obligations

  • The Data Processor shall process Personal Data only on documented instructions from the Data Controller.
  • The Data Processor shall ensure that persons authorized to process the Personal Data have committed themselves to confidentiality.
  • The Data Processor shall implement appropriate technical and organizational measures to ensure the security of the Personal Data.
  • The Data Processor shall assist the Data Controller in ensuring compliance with its obligations concerning the security of processing, the notification of personal data breaches, data protection impact assessments, and prior consultations.

Sub-processing

The Data Processor shall not engage another processor without prior specific or general written authorization of the Data Controller.

Data Transfers

The Data Processor shall not transfer Personal Data to a third country or an international organization without ensuring that the necessary safeguards are in place.

Data Subject’s Rights

The Data Processor shall assist the Data Controller in facilitating the exercise of data subject rights, including access, rectification, erasure, data portability, and objection to processing.

Termination

Upon termination of the agreement or upon request, the Data Processor shall, at the choice of the Data Controller, delete or return all the Personal Data and delete existing copies unless the law requires storage of the data.

Audits and Inspections

The Data Processor shall make available to the Data Controller all necessary information to demonstrate compliance with the obligations laid down in this Agreement and allow for and contribute to audits and inspections.

Liability

The Data Processor shall be liable for the damages caused by processing only where it has not complied with obligations specifically directed to processors or where it has acted outside or contrary to lawful instructions of the Data Controller.

Governing Law

This Agreement shall be governed by the laws of the State of Delaware.

Amendments

Any changes to this Agreement must be agreed upon in writing by both parties.

Contact

For any inquiries or concerns related to this Agreement, please contact [email protected].

Privacy PolicyCookie Policy