FIRST: PURPOSE OF THE DATA PROCESSING AGREEMENT: These clauses authorize the data processor, to process on behalf of the data controller, all personal data necessary to provide the service previously described.
SECOND: IDENTIFYING THE INFORMATION AFFECTED: To perform the services arising from compliance with the purpose of this processing contract, the data controller, provides the data processor, with the information described below: EMPLOYEES, CLIENTS (name, address, telephone number, e-mail)
THIRD: TERM OF THE CONTRACT: The term of this agreement shall be extended to the term of the main contract. Upon termination of this contract, the data processor must erase/return to the controller/return to another processor appointed by the controller.
FOURTH: CONFIDENTIALITY: Each Party must keep this Agreement and information it receives about the other Party and its business in connection with this Agreement (“Confidential Information”) confidential and must not use or disclose that Confidential Information without the prior written consent of the other Party except to the extent that:
(a) disclosure is required by law;
(b) the relevant information is already in the public domain.
FIFTH: OBLIGATIONS OF THE DATA PROCESSOR: The data processor and all their employees undertake to:
Use the personal data subject to processing, or those collected for inclusion, only for the purpose of this contract. In no case use data for personal purposes.
Keep a written record of all categories of the processing operations carried out on behalf of the controller.
Not disclose data to third parties, unless with express authorization from the data controller, when legally acceptable.
Maintain the duty of secrecy regarding the personal data accessed under this contract, even after its termination.
Guarantee that individuals authorized to process personal data expressly undertake in writing to respect confidentiality and to comply with the relevant security measures, of which they must be duly informed.
Keep documentation accrediting compliance with the obligation set forth above available for the controller The data processor, on behalf of the controller and within the period established, must resolve requests to exercise rights to access, rectification, erasure and opposition, restriction of processing, data portability and to not be subject to automated individual decisions, regarding data under this contract.
Right to information The data processor must provide information on the data processing operations they will carry out at the time of collecting the data. The processor must agree upon the wording and format of the information provided with the controller before they start collecting data.
Data security breach notifications The data processor shall notify the data controller, without undue delay, and in any case before the maximum period of 72 hours, and via e-mail with reading confirmation, of any breach they are aware of to the security of the personal data they hold, together with all relevant information to document and report the incident.
Provide the controller with all the information necessary to demonstrate compliance with their obligations, as well as to conduct audits and inspections carried out by the controller or another auditor authorized by them.
Destination of data Return personal data and, if appropriate, the media on which they are recorded, to the controller after completing the service. The return must include deleting all data from the computers used by the processor. However, the processor may store a copy with the data duly blocked while they may still be held liable for providing the service.
LIABILITY DISCLAIMER: The DATA PROCESSOR accepts no responsibility or liability whatsoever with regard to the origin of the information uploaded by the DATA CONTROLLER and specifically about its GPDR compliance collecting the personal data from the subjects.
OBLIGATIONS OF THE DATA CONTROLLER: The data controller must: Provide the processor with the data referred to in clause 2 of this document. Conduct a data protection impact assessment for the processing operations to be carried out by the processor. Carry out any relevant prior consultations. Ensure that the processor complies with the GDPR prior to and during processing.
GENERAL PROVISIONS: The non-requirement by any of the parties of any of their rights, in accordance with this contract, shall not be deemed to constitute a waiver of said rights in the future. The legal relationship that is established between the parties is governed by this single contract, being the only valid one between the parties and replacing any previous agreement or commitment regarding the same object, whether written or verbal, and only may be modified by an agreement signed by both parties.
If it were to prove that any of the stipulations contained in this contract is null, illegal or unenforceable, the validity, legality and enforceability of the rest of the stipulations will not be affected or harmed by it. This agreement and the relations between the controller and the data processor do not constitute in any case a partnership, joint venture, agency or work contract between the parties. The headings of the different clauses are for informational purposes only, and will not affect, qualify or extend the interpretation of this agreement.
Personal data collection and processing are aimed at maintaining business relationship and performance in tasks of information, training, counseling and other activities. Data only will be transferred to those entities that are necessary for the sole purpose of complying with the purpose stated above. Froged Technologies S.L. will adopt the necessary measures to ensure the security, integrity and confidentiality for data in accordance with the provisions in the EU General Data Protection Regulation (GDPR).
User may at any time exercise their rights in access, opposition, rectification, limitation, portability and cancellation recognized in Data Protection Regulation. User can exercise these rights free via email to: firstname.lastname@example.org or in the address: C/ Sierra De Yeguas, 9, C.P. 29016 – Málaga (Malaga).You represent that all information provided by him are true and correct and undertake to keep them updated, communicating changes to Froged Technologies S.L..
Purpose of the personal data treatment:
What purpose will we treat your personal data?
In Froged Technologies S.L., we will treat your personal data collected through the Website: http://www.froged.com, with the following purposes:1. In case of contracting the goods and services offered through: http://www.froged.com, to maintain the contractual relationship, as well as the management, administration, information, provision and improvement of the service.2. Sending requested information through the forms provided at http://www.froged.com.3. Send newsletters, as well as commercial communications of promotions and/or advertising of Froged Technologies S.L., and the sector. We remind you that you can oppose the sending of commercial communications by any means and at any time, by sending an email to the address indicated above. The fields from these registries are obligatory completion, being impossible to realize the expressed purposes if these data are not provided.
How long are the personal data collected retained?
Personal data provided will be kept as long as the commercial relationship is maintained or you do not request its deletion and during the period for which legal liabilities could arise for the services rendered.
Recipients: Data will not be communicated to any third party outside Froged Technologies S.L., except legal obligation. As treatment managers, we have hired following service providers, having committed to compliance with regulatory provisions, applicable in terms for data protection, at time for hiring
Data collected by service users: If user includes files that contain personal data on shared hosting servers, Froged Technologies S.L. is not responsible for the breach by the user of Data Protection Regulation.
Data retention in accordance with LSSI: Froged Technologies S.L. reports that, as a hosting service provider and under the provisions contained on Law34/2002, of July 11th, on the Information Society Services and Electronic Commerce (LSSI), retained in a maximum period for 12 months essential information to identify the source of data stored and the time when service started. Retention of such data does not affect secret in communications and may only be used within the framework for a criminal investigation or to safeguard public safety, making himself available to the judges and/or courts or the Ministry which thus requires. Data communication to State Forces will be under legal provisions on personal data protection.
Intellectual Property Rights
Froged Technologies S.L. owns all copyrights, intellectual property, industrial, “know how” and any other rights related to the content from the website http://www.froged.com and the services offered on it, as well as the programs necessary for its implementation and related information. No available any reproduction, publication and/or use for the contents strictly private, full or partial, at the websitewww.froged.com without a prior written consent.
Software Intellectual Property Rights
You should respect other programs made available by Froged Technologies S.L., while being free and/or publicly available. Froged Technologies S.L. has exploitation rights and intellectual property for software needed. User does not acquire any right or license by the contracted service, to the software necessary to provide service, or the technical information service trace, except for rights and licenses necessary in the fulfillment at contracted services and only for the duration thereof.
In any action that exceeds the contract performance, user will need written permission from Froged Technologies S.L., being forbidden to user for access, modify, view the configuration, structure and server’s files property of Froged Technologies S.L., assuming the civil and criminal liability arising from any incident that might involve on servers and security systems as a direct result for a negligence or malicious on his part.
Intellectual property content hosted
Use contrary to intellectual property law services provided by Froged Technologies S.L. and in particular:
• Use that is contrary to Spanish laws or which infringes the personal rights.
• Publication or transmission any content that, in Froged Technologies S.L. opinion, is violent, obscene, abusive, illegal, racist, xenophobic or defamatory.
• Cracks, software serial numbers or any other content that violates intellectual third parties property right.
• Collection and/or use personal data from other users without their express consent or contrary to the EU General Data Protection Regulation (GDPR) provisions.
• Use a domain mail server and e-mail addresses for sending unsolicited bulk. User has full responsibility in the content from its website, the information transmitted and stored, hypertext links, third party claims and legal actions in reference to intellectual property rights and minors protection. User is responsible regarding laws and regulations in force and rules that have to do with running online service, electronic commerce, copyright, maintain public order, and universal principles at Internet use. User indemnifies to Froged Technologies S.L. for expenses that generate some cause whose responsibility was attributable to user, including fees and legal expenses, even if a court decision is not final.
Information hosted protection
Froged Technologies S.L. backs content hosted on their servers, however not responsible for loss or accidental deletion data by users. Similarly, replacement does not guarantee total data deleted by users, since such data could have been deleted and/or modified during the period since the last backup. Services offered, except specific backup services, do not include replacement for the contents stored in the backups made by Froged Technologies S.L. when this loss is attributable to user; at this case, rate will be determined according to the complexity and volume for the recovery, always previous user acceptance. Replacement for deleted data is only included at cost in service when content loss is due to causes attributable to Froged Technologies S.L..
Pursuant to LSSI. Froged Technologies S.L. will not send advertising or promotional communications by email or other means electronic communication that have not been previously requested or expressly authorized by the recipient. In cases where there are some prior contractual relationships, Froged Technologies S.L. is allowed to send commercial communications relating to products or services which are similar to those initially made a contract with the customer. In any case, user can request that you do not get more commercial information through channels customer, upon proof of identity.