LOG IN
Access Your Portal and Reconnect Instantly
SIGN UP
Step into Your New Experience—Sign Up Now
This Data Processing Agreement ("Agreement") outlines the terms and conditions governing the processing of personal data on the new payment gateway website. It establishes the framework to ensure compliance with relevant data protection laws and regulations.
Data Controller
The "Data Controller" refers to the entity responsible for determining the purposes and means of the processing of personal data. In the context of the new payment gateway website, the company operating the website assumes the role of the Data Controller, outlining its obligations and responsibilities under this Agreement.
Data Processor
As the "Data Processor," the payment gateway provider commits to processing personal data on behalf of the Data Controller, adhering to the instructions provided and ensuring the implementation of appropriate security measures to safeguard the data.
Personal Data
This section defines the types of personal data processed by the payment gateway, ensuring clarity on the nature and scope of the information involved in the processing activities. It encompasses details such as user account information, transaction history, and any other data essential for the platform's operation.
Processing Activities
The Agreement delineates the specific processing activities carried out by the payment gateway, clarifying the lawful basis for processing, purposes of processing, and the duration for which the data will be retained.
Data Security Measures
To uphold the integrity and confidentiality of personal data, this section outlines the comprehensive security measures implemented by the payment gateway, covering encryption, access controls, and other safeguards to mitigate the risk of unauthorized access or data breaches.
Confidentiality
Both parties commit to maintaining the confidentiality of the processed data, restricting access to authorized personnel only. The Agreement outlines procedures for handling confidential information and necessitates the signing of confidentiality agreements by employees involved in data processing.
Data Subject Rights
Acknowledging the rights of data subjects, the Agreement ensures that individuals have the ability to exercise their rights regarding their personal data, including the right to access, rectification, and erasure.
Data Breach Response
In the unfortunate event of a data breach, the Agreement establishes a protocol for prompt notification and collaboration between the Data Controller and Data Processor to mitigate potential risks and uphold transparency with affected parties.
Subprocessing
This section addresses the engagement of sub processors by the Data Processor, ensuring that any third-party entities involved in data processing adhere to the same data protection standards outlined in this Agreement.
International Data Transfers
For international data transfers, the Agreement ensures compliance with applicable data protection laws, incorporating mechanisms such as Standard Contractual Clauses or other approved transfer mechanisms.
Compliance with Laws
Both parties commit to complying with relevant data protection laws and regulations, providing a framework for ongoing cooperation and adherence to evolving legal requirements.
Audit Rights
To ensure compliance with the Agreement, the Data Controller retains the right to conduct audits or assessments of the Data Processor's data processing activities, subject to reasonable notice and confidentiality obligations.
Data Deletion
Upon termination of the agreement or as per the Data Controller's instructions, the Data Processor commits to promptly deleting or returning all personal data processed during the contractual period.
Data Retention
This section establishes clear guidelines for the retention of personal data, specifying the duration for which the data will be stored and the conditions under which it will be deleted.
Notification Obligations
In the event of any changes or incidents impacting data processing, both parties commit to promptly notifying each other, fostering transparency and collaboration in managing potential risks.
Liability
The Agreement defines the liability of each party in case of breaches or non-compliance, outlining the responsibilities and potential consequences for any failure to adhere to the agreed-upon terms.
Indemnification
To mitigate risks and liabilities, the Agreement includes provisions for indemnification, specifying the circumstances under which one party agrees to compensate the other for losses arising from data processing activities.
Governing Law
The Agreement stipulates the governing law under which any disputes or legal issues arising from the processing of personal data will be resolved, providing clarity on the applicable legal framework.
Amendments to the Agreement
This section outlines the process for amending the Agreement, ensuring that any changes are made in writing and agreed upon by both parties to accommodate evolving business needs or regulatory requirements.