Data processing Addendum

Created on 20 February, 2025Trust Center • 60 views • 2 minutes read

Review the Data Processing Addendum of 1Link.ng to understand how we process, protect, and manage personal data in compliance with GDPR, CCPA, and other data protection laws.

Data Processing Addendum for 1Link.ng

Effective Date: [Insert Date]

This Data Processing Addendum ("DPA") is an agreement between 1Link.ng ("Company") and the user ("Data Controller") that governs the processing of personal data in compliance with applicable data protection laws.

1. Definitions

  • "Personal Data" means any information relating to an identified or identifiable individual.
  • "Processing" means any operation performed on Personal Data, including collection, storage, use, disclosure, or deletion.
  • "Data Controller" refers to the entity that determines the purposes and means of Personal Data processing.
  • "Data Processor" refers to 1Link.ng, which processes Personal Data on behalf of the Data Controller.
  • "Applicable Laws" includes GDPR, CCPA, and any relevant data protection regulations.

2. Scope and Purpose

  • The Data Processor shall process Personal Data solely for the purpose of providing the services outlined in the agreement between the parties.
  • The Data Controller retains full responsibility for ensuring that Personal Data is collected and processed lawfully.

3. Data Processing Obligations

  • The Data Processor shall process Personal Data only in accordance with documented instructions from the Data Controller.
  • The Data Processor shall ensure that appropriate technical and organizational measures are in place to protect Personal Data.
  • The Data Processor shall not sell, rent, or otherwise disclose Personal Data to third parties without prior consent, except as required by law.

4. Security Measures

  • The Data Processor shall implement necessary security measures to prevent unauthorized access, loss, or alteration of Personal Data.
  • The Data Processor shall regularly review and update security practices to comply with industry standards.

5. Subprocessors

  • The Data Processor may engage subprocessors only with prior written consent from the Data Controller.
  • Subprocessors shall be bound by the same data protection obligations as the Data Processor.

6. Data Subject Rights

  • The Data Processor shall assist the Data Controller in responding to data subject requests regarding access, rectification, deletion, or portability of their Personal Data.
  • The Data Processor shall notify the Data Controller of any data subject request within a reasonable timeframe.

7. Data Breach Notification

  • The Data Processor shall notify the Data Controller without undue delay if a data breach occurs.
  • The notification shall include details of the breach, its impact, and any remedial measures taken.

8. Data Retention and Deletion

  • Upon termination of the agreement, the Data Processor shall either delete or return all Personal Data, unless required by law to retain it.

9. Compliance and Audits

  • The Data Processor shall maintain records of processing activities and provide them to the Data Controller upon request.
  • The Data Processor shall allow for audits or inspections by the Data Controller to verify compliance with this DPA.

10. Governing Law and Jurisdiction

  • This DPA shall be governed by the laws of [Insert Jurisdiction].
  • Any disputes arising under this DPA shall be resolved in the courts of [Insert Jurisdiction].

11. Contact Information For any inquiries regarding this DPA, please contact us at [Insert Contact Information].