2. Data Processing

    1. Scope and Roles. This DPA applies when We are processing Personal Data that is included in the Customer Data. In this context, We will act as “processor” to the Customer who may act either as “controller” or “processor” with respect to Personal Data (as each term is defined in the GDPR). 

    2. Customer Controls. The Service provides Customer with a number of controls, including security features and functionalities, that Customer may use to delete or restrict the use of Customer Data as described in the Service Description. Customer may use these controls as technical and organizational measures to assist it in connection with its obligations under the GDPR, including its obligations relating to responding to requests from data subjects.

    3. Details of Data Processing.

      • Subject matter. The subject matter of the data processing under this DPA is the Personal Data that is forming part of the Customer Data.

      • Duration. The duration of the data processing under this DPA is 30 days unless otherwise expressly agreed with the Customer. The Customer can delete all Customer Data at any time in the Service. 

      • Nature of processing. Instant and automatic transmission of messages between two integrated data systems chosen by the Customer. Transmitted messages are stored in the Service for 30 days for message conversation view. Data transmission is carried out automatically in accordance with the configuration provided by the Customer from time to time.

      • Purpose. The purpose of the data processing is to enable communication between two different data systems.

      • Type of Personal Data. The Personal Data is comprised of person and system identification data (eg. name, phone number, email address, office location, login information) included in the Customer Data, as determined by the Customer from time to time. No special categories of personal data (GDPR art. 9) is processed. 

      • Categories of data subjects. The data subjects may include the personnel and customers of the Customer and Customer’s integration counterparty, as well as the personnel of their customers and suppliers.

    4. Compliance with Laws. Each party will comply with all laws, rules and regulations applicable to it and binding on it in the performance of this DPA, including the GDPR.

    5. Access or Use. We will not access or use Customer Data, except as necessary to maintain or provide the Service, or as necessary to comply with the law or binding order of a governmental body.

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.