Data Processing Agreement (DPA)

Effective date: 22 january 2025

This Data Processing Agreement (“Agreement”) forms part of the Terms and Conditions and Privacy Policy between SINNERS PROJECTS AT SRL (“Processor,” “we,” “us,” “our”) and the Client (“Controller” or “you”) for the provision of services by WPSolvent.com involving the processing of personal data.

1. Definitions

1.1 Applicable Data Protection Laws

Refers to all data protection laws and regulations applicable to the processing of personal data under this Agreement, including but not limited to the General Data Protection Regulation (GDPR) (EU 2016/679).

1.2 Personal Data

Any information relating to an identified or identifiable natural person processed under this Agreement.

1.3 Processing

Any operation or set of operations performed on personal data, such as collection, storage, alteration, or deletion.

1.4 Sub-Processor

Any third party engaged by the Processor to process personal data on behalf of the Controller.

2. Scope and Purpose

This Agreement governs the processing of personal data by the Processor on behalf of the Controller in connection with the services provided by WPSolvent.com.

The Processor shall process personal data exclusively for the following purposes:

  • Maintaining and optimizing WordPress websites.
  • Monitoring and ensuring website security.
  • Performing backups and restorations as required.

3. Processor Obligations

The Processor agrees to:

  • Process personal data only on documented instructions from the Controller, including transfers of personal data to a third country, unless required by law.
  • Ensure that persons authorized to process personal data are bound by confidentiality.
  • Implement appropriate technical and organizational measures to protect personal data from unauthorized access, loss, or damage.
  • Assist the Controller in fulfilling their obligations under Applicable Data Protection Laws, including responding to data subject requests and ensuring security.
  • Notify the Controller promptly in the event of a data breach.
  • Maintain records of processing activities to demonstrate compliance.

4. Sub-Processors

The Controller authorizes the Processor to engage sub-processors for specific tasks, provided that:

  • The sub-processor is bound by similar data protection obligations as those in this Agreement.
  • The Processor remains liable for the actions of the sub-processor.

A list of current sub-processors includes:

  • Google (Google Analytics): For website analytics purposes.

The Processor will inform the Controller of any intended changes to sub-processors, giving the Controller the opportunity to object.

5. Controller Obligations

The Controller agrees to:

  • Ensure that all personal data provided to the Processor has been collected lawfully and in compliance with Applicable Data Protection Laws.
  • Provide clear instructions to the Processor regarding the processing of personal data.
  • Respond promptly to any requests from the Processor regarding compliance with Applicable Data Protection Laws.

6. Security Measures

The Processor implements appropriate technical and organizational measures to ensure the security of personal data, including but not limited to:

  • Data encryption during transmission (e.g., HTTPS).
  • Regular security audits and vulnerability assessments.
  • Access controls to restrict unauthorized access.

7. Data Breach Notification

In the event of a data breach, the Processor will:

  1. Notify the Controller without undue delay upon becoming aware of the breach.
  2. Provide sufficient information to assist the Controller in meeting their legal obligations.
  3. Take appropriate measures to mitigate the effects of the breach and prevent future incidents.

8. Data Transfers

The Processor will not transfer personal data to a third country or international organization unless:

  • The transfer is to a country deemed to provide an adequate level of data protection by the European Commission.
  • Appropriate safeguards are in place, such as standard contractual clauses.

9. Termination

Upon termination of the services, the Processor will, at the Controller’s choice:

  • Return all personal data to the Controller.
  • Delete all personal data, unless retention is required by law.

10. Liability and Indemnification

The Processor shall be liable for damages caused by processing personal data in violation of this Agreement or Applicable Data Protection Laws. The Controller agrees to indemnify and hold harmless the Processor from any claims arising from the Controller’s failure to comply with Applicable Data Protection Laws.

11. Governing Law

This Agreement is governed by the laws of Romania. Any disputes shall be subject to the exclusive jurisdiction of the courts of Romania.

12. Contact Information

If you have any questions about this Agreement, please contact us:

SINNERS PROJECTS AT SRL
Email: support@wpsolvent.com

By using our services, you acknowledge that you have read, understood, and agreed to this Data Processing Agreement.

Support You Can Trust,
When You Need It

Don’t let technical issues slow you down. Contact us and get expert support from a team that cares about your business.
contact us
how it works Pricing blog about us contact
terms and conditions cookies Refund policy DPA privacy policy

Perfected by Sinners Projects