DPA

Cubewire Data Processing Addendum (DPA) outlining data protection and processing terms.

Data Processing Addendum (DPA)

This Data Processing Addendum (DPA) forms part of the agreement between Cubewire and its customers, outlining the terms and conditions for the processing and protection of personal data in accordance with applicable data protection laws.

Sample Data Processing Addendum (DPA)

1. Introduction

This Data Processing Addendum ("DPA") forms part of the agreement between Cubewire ("Processor") and its customer ("Controller") and sets out the terms for the processing of personal data in accordance with applicable data protection laws, including the GDPR.

2. Definitions

"Personal Data", "Processing", "Controller", "Processor", and "Data Subject" shall have the meanings given in the GDPR or applicable data protection law.

3. Data Processing

Cubewire will process personal data only on documented instructions from the Controller, including with regard to transfers of personal data to a third country or an international organization, unless required to do so by law.

4. Subprocessors

The Controller authorizes Cubewire to engage subprocessors for the provision of services. Cubewire will ensure that subprocessors are subject to data protection obligations no less protective than those set out in this DPA. A current list of subprocessors is available at Subprocessors.

5. Security

Cubewire will implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including measures to protect against unauthorized or unlawful processing and against accidental loss, destruction, or damage of personal data.

6. Data Subject Rights

Cubewire will assist the Controller, insofar as possible, in fulfilling its obligations to respond to requests for exercising the Data Subject's rights under applicable data protection laws.

7. Data Breach Notification

Cubewire will notify the Controller without undue delay after becoming aware of a personal data breach and will provide reasonable assistance in the investigation and mitigation of the breach.

8. Data Transfers

Any transfer of personal data to a third country or international organization by Cubewire shall be done in accordance with applicable data protection laws and subject to appropriate safeguards.

9. Term and Termination

This DPA shall remain in effect for as long as Cubewire processes personal data on behalf of the Controller. Upon termination, Cubewire will, at the choice of the Controller, delete or return all personal data, unless otherwise required by law.

10. Contact

For questions regarding this DPA, please contact support@cubewire.com.

Back to Trust Center