Data Processing Agreement (DPA).
1. Purpose
This DPA governs how Foragence may process personal data on behalf of clients in accordance with applicable data protection laws, including GDPR.
2. Roles
- Client = Controller
- Foragence = Processor (where applicable)
In some cases, both parties may act as independent controllers.
3. Scope of Processing
We may process limited data necessary to:
- Provide services
- Communicate with clients
- Maintain operations
Exact data shared depends on what the client chooses to provide.
4. Nature of Data
Data may include:
- Business contact information
- Communication data
- Any information voluntarily provided by the client
We do not require specific categories of data and aim to minimize collection.
5. Client Responsibility
You are responsible for ensuring that:
- You have the right to share any data provided
- Your use of our services complies with applicable laws
6. Subprocessors
We may use third-party providers. These providers may process data under their own terms and are selected based on reasonable standards.
7. International Transfers
Data may be transferred across jurisdictions. We may use safeguards such as contractual protections and industry-standard mechanisms.
8. Security
We implement reasonable safeguards but cannot guarantee absolute security.
9. Data Subject Rights
We may assist, where appropriate, with requests related to access, deletion, and correction.
10. Data Breach
We may notify clients of material data breaches where required by law.
11. Termination
Upon termination, data may be deleted or retained as required for legal or operational reasons.