Try for free
Try for free

Data Processing Addendum

Effective Date: January 23, 2024

This Data Processing Addendum (“DPA”) is entered into between Hivemanager Inc. (“Hivemanager”) and the customer (hereinafter referred to as the “Customer”), collectively referred to as the “Parties,” and forms an integral part of the Agreement between the Parties.

Background
Hivemanager provides certain services (“Services”) to the Customer that may involve the processing of personal data on behalf of the Customer. This DPA reflects the Parties’ agreement with regard to the processing of such personal data.

Definitions
2.1 “Personal Data” means any information relating to an identified or identifiable natural person (“Data Subject”) processed by Hivemanager on behalf of the Customer as part of the Services.

2.2 “Data Processing” means any operation or set of operations which is performed on Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.

2.3 “Data Controller” means the Customer, who determines the purposes and means of the processing of Personal Data.

2.4 “Data Processor” means Hivemanager, which processes Personal Data on behalf of the Data Controller.

3.0 Data Processing
3.1 Roles of the Parties

3.1.1 The Customer acts as the Data Controller and retains control over the Personal Data, including its determination of the purposes for which the Personal Data is processed.

3.1.2 Hivemanager acts as the Data Processor and processes Personal Data on behalf of the Customer as necessary to provide the Services in accordance with the Agreement.

3.2 Scope of Data Processing

3.2.1 Hivemanager shall process Personal Data only to the extent necessary for the provision of the Services and in accordance with the Customer’s documented instructions, including any transfer of Personal Data to a third country or international organization, unless required to do so by applicable laws.

3.2.2 Hivemanager shall promptly inform the Customer if, in its opinion, an instruction infringes applicable data protection laws.

3.3 Confidentiality of Personal Data

Hivemanager shall ensure that any personnel authorized to process Personal Data are bound by appropriate confidentiality obligations.

3.4 Security Measures

Hivemanager shall implement appropriate technical and organizational measures to ensure the security, confidentiality, and integrity of Personal Data, taking into account the state of the art, the costs of implementation, and the nature, scope, context, and purposes of processing.

3.5 Sub-processors

Hivemanager may engage sub-processors for the processing of Personal Data provided that Hivemanager notifies the Customer of any intended changes concerning the addition or replacement of sub-processors, giving the Customer the opportunity to object to such changes.

3.6 Data Subject Rights

Hivemanager shall, to the extent legally permitted, assist the Customer in fulfilling its obligations to respond to requests from Data Subjects, including rights of access, rectification, erasure, and data portability.

3.7 Data Protection Impact Assessment and Prior Consultation

Hivemanager shall, to the extent reasonably possible, assist the Customer in carrying out data protection impact assessments and prior consultations with data protection authorities, as required by applicable data protection laws.

3.8 Data Breach Notification

Hivemanager shall notify the Customer without undue delay upon becoming aware of a Personal Data breach, providing information necessary to allow the Customer to meet any obligations to report or inform Data Subjects of the breach under applicable data protection laws.

4.0 Data Deletion or Return
Upon termination of the Agreement, Hivemanager shall, at the Customer’s choice, delete or return all Personal Data to the Customer and delete all existing copies unless required to retain such data by applicable laws.

5.0 Audit and Certification
Upon request, Hivemanager shall provide the Customer with information necessary to demonstrate compliance with the obligations laid down in this DPA, and allow for and contribute to audits, including inspections, conducted by the Customer or another auditor mandated by the Customer. Hivemanager shall also provide the Customer with reasonable assistance in ensuring compliance with its obligations to audit third-party sub-processors.

6.0 Governing Law and Jurisdiction
This DPA is governed by and construed in accordance with the laws of the Province of [Province Name], Canada, and the Parties submit to the exclusive jurisdiction of the courts of [City Name], [Province Name], Canada for any disputes arising under this DPA.

7.0 Entire Agreement
This DPA constitutes the entire agreement between the Parties with respect to the subject matter hereof and supersedes all prior and contemporaneous agreements, understandings, negotiations, and discussions, whether oral or written.

Effective Date: January 23, 2024

Run your whole business online with easy to Book, Schedule, Invoice, Chart, and receive payments online software.  Try Hivemanager Today for Free

Instagram Facebook-f Twitter Linkedin
  • Core features
  • We Support
  • What's the Buzz
  • About