1. Introduction
This Data Processing Agreement ("DPA") forms part of the Terms of Service between LeadAgent ("Processor") and the Customer ("Controller") for the processing of personal data in connection with the Services.
2. Definitions
- "Personal Data" means any information relating to an identified or identifiable natural person
- "Processing" means any operation performed on Personal Data
- "Data Subject" means the individual to whom Personal Data relates
- "GDPR" means the General Data Protection Regulation (EU) 2016/679
3. Processing of Personal Data
The Processor shall:
- Process Personal Data only on documented instructions from the Controller
- Ensure that persons authorized to process Personal Data have committed themselves to confidentiality
- Implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk
- Assist the Controller in responding to requests from Data Subjects
4. Subprocessors
The Processor may engage subprocessors to process Personal Data. The Processor shall:
- Inform the Controller of any intended changes concerning subprocessors
- Impose the same data protection obligations on subprocessors
- Remain fully liable to the Controller for the performance of subprocessors' obligations
5. Data Subject Rights
The Processor shall assist the Controller in fulfilling Data Subject requests, including:
- Right to access
- Right to rectification
- Right to erasure
- Right to data portability
- Right to object to processing
6. Security Measures
The Processor implements the following security measures:
- Encryption of personal data
- Regular security assessments
- Access controls and authentication
- Backup and disaster recovery procedures
- Employee training on data protection
7. Data Breach Notification
The Processor shall notify the Controller without undue delay after becoming aware of a personal data breach, providing relevant information about the breach, including:
- Nature of the breach
- Categories and number of Data Subjects affected
- Likely consequences of the breach
- Measures taken to address the breach
8. Contact Information
For any questions regarding this DPA, please contact:
Data Protection Officer
Email: dpo@leadagent.com
Address: [Your Company Address]