This Data Processing Agreement ("DPA") governs the processing of Personal Data by Hexibee on behalf of its customers.
1. Introduction
This DPA reflects the parties' agreement with respect to the processing of Personal Data under the Terms and Conditions of Use. It serves to ensure the protection of the rights of data subjects.
2. Definitions
Terms such as "Data Controller," "Data Processor," "Data Subject," and "Processing" have the meanings set forth in applicable Data Protection Laws (e.g., GDPR).
3. Roles of the Parties
The Customer acts as the Data Controller, and Hexibee acts as the Data Processor. Both parties agree to comply with their respective obligations under Data Protection Laws.
4. Processing of Personal Data
Hexibee shall only process Personal Data on documented instructions from the Customer, unless required to do so by applicable law.
5. Sub-processors
Hexibee may engage third-party sub-processors to assist in providing its services. A list of current sub-processors is available upon request.
6. Security Measures
Hexibee implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk.
7. Data Breach Notification
Hexibee shall notify the Customer without undue delay upon becoming aware of a Personal Data breach.