GDPR Data Processing Agreement
GDPR Data Processing Agreement
Effective Date: 23rd of May 2018
Last Updated: 5th of March 2025
Company Name: SMISS OÜ
1. Purpose of the Agreement
This Data Processing Agreement (“DPA”) governs the processing of personal data by SMISS OÜ on behalf of users from the European Economic Area (EEA) in compliance with the General Data Protection Regulation (GDPR).
2. Roles and Responsibilities
- Data Controller: User of the website.
- Data Processor: SMISS OÜ.
3. Data Processing Details
- Purpose: To provide and improve our services.
- Categories of Data: Personal information such as name, email, IP address.
- Duration: As long as necessary for the purposes outlined in our Privacy Policy.
4. Data Subject Rights
- Right to access, rectify, delete, restrict, and object to data processing.
- Requests can be made via email: contact@smissltd.com.
5. Security Measures
- Data encryption (SSL), access control, and regular security audits.
- Compliance with GDPR Article 32 (Security of processing).
6. International Data Transfers
- Compliance with Standard Contractual Clauses (SCCs) approved by the European Commission for data transfers outside the EEA.
7. Data Breach Notification
In case of a data breach, SMISS OÜ will notify affected users within 72 hours of becoming aware of the breach.
Let's talk
