Data Processing Agreement (DPA)

This Data Processing Agreement ("DPA") forms part of the Terms of Service between Squid Solutions B.V. ("Data Processor") and the Customer ("Data Controller").

1. Scope and Applicability

This DPA applies to the processing of personal data subject to the General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR") and applicable Dutch privacy laws (Uitvoeringswet Algemene verordening gegevensbescherming) by the Data Processor on behalf of the Data Controller.

2. Processing of Personal Data

The Data Processor shall process Personal Data solely for the provision of the services as stipulated in the Terms of Service and in accordance with the documented instructions of the Data Controller. The subject matter, nature, purpose, and duration of the processing, as well as the types of personal data and categories of data subjects, are described in Annex 1 to this DPA.

3. Subprocessors

The Data Controller grants the Data Processor general authorization to engage subprocessors. The Data Processor shall inform the Data Controller of any intended changes concerning the addition or replacement of subprocessors, thereby giving the Data Controller the opportunity to object to such changes.

4. Security Measures

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing, the Data Processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk.

5. Governing Law and Jurisdiction

This DPA is governed by the laws of The Netherlands. Any disputes arising from or related to this DPA shall be submitted to the competent court in The Netherlands.

Squid Solutions B.V.
Goudvinklaan 92, 3722VE Bilthoven
42033298
Email: legal@squidsupport.ai