Data Processing Agreement (DPA)

This Data Processing Agreement (DPA) is an addendum to the Terms and Conditions between Everryn Digital (“we,” “us,” or “our”) and the customer (“you” or “your”) who uses our SaaS services. This DPA governs the processing of personal data in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

1. Definitions

• Data Controller: The entity that determines the purposes and means of processing personal data.
• Data Processor: Everryn Digital, as it processes personal data on behalf of the customer.
• Personal Data: Any information relating to an identified or identifiable individual.
• Processing: Any operation performed on personal data, such as collection, storage, or deletion.

2. Scope of Processing

• Purpose: Everryn Digital processes personal data to deliver SaaS services as defined in the Terms and Conditions.
• Data Categories: Personal data may include names, contact information, payment details, and any other data provided through the platform.
• Duration: Personal data will be processed only for the duration of the agreement or as required by law.

3. Obligations of the Data Processor (Everryn Digital)

• Compliance: Process personal data in accordance with applicable data protection laws.
• Instructions: Only process personal data based on documented instructions from the Data Controller.
• Security: Implement appropriate technical and organizational measures to protect personal data.
• Confidentiality: Ensure that employees or agents handling personal data are bound by confidentiality agreements.
• Sub-processors: Engage sub-processors only with prior authorization and ensure they meet the same data protection standards.

4. Obligations of the Data Controller (Customer)

• Lawful Basis: Ensure that the collection and processing of personal data have a legal basis.
• Accuracy: Ensure the accuracy and completeness of personal data shared with Everryn Digital.
• Instructions: Provide clear instructions regarding data processing activities.

5. Data Subject Rights

Everryn Digital will assist you in responding to requests from data subjects, including but not limited to:

• Accessing their personal data.
• Correcting or deleting inaccurate data.
• Restricting or objecting to data processing.

All requests must be communicated to Everryn Digital promptly.

6. Data Transfers

• Personal data will not be transferred to third countries outside the European Economic Area (EEA) unless such transfers comply with GDPR requirements (e.g., through Standard Contractual Clauses or adequacy decisions).

7. Security Measures

Everryn Digital will implement and maintain security measures, including but not limited to:

• Data encryption during transmission and storage.
• Access controls to limit data access to authorized personnel only.
• Regular audits and vulnerability assessments.

8. Breach Notification

In the event of a data breach, Everryn Digital will:

• Notify the Data Controller without undue delay.
• Provide details of the breach, including its nature, scope, and remedial measures taken.

9. Data Retention and Deletion

Upon termination of the agreement or at the Data Controller’s request, Everryn Digital will delete or return all personal data unless retention is required by law.

10. Audit Rights

The Data Controller has the right to audit Everryn Digital’s data processing activities to ensure compliance with this DPA. Such audits must be conducted with reasonable notice and during normal business hours.

11. Liability

Each party’s liability under this DPA is governed by the liability provisions outlined in the main Terms and Conditions.

12. Updates to the DPA

Everryn Digital reserves the right to update this DPA to reflect changes in applicable data protection laws or our data processing practices. Updates will be communicated in writing.

Contact Information

For questions about this DPA or data protection practices, please contact:
Email: dpo@everryn.com

By using Everryn Digital’s services, you agree to this Data Processing Agreement.