Data Processing Agreement

Placeholder Image for blogs


This Data Processing Agreement (hereinafter referred to as the "Agreement") establishes the responsibilities and obligations between Teqhire ehf, located at Katrinartun 4, 105 Reykjavik, Iceland, ID: 5311130710 (hereinafter referred to as the "Company") and a generic service provider (hereinafter referred to as the "Service Provider"). Collectively, the Company and the Service Provider may be called the "Parties" or individually as a "Party."

Definitions

This Agreement regulates the handling and security measures concerning the Company's Personal Data managed by the Service Provider.

Roles and Data Management Instructions

The Parties acknowledge that:

1- The Service Provider is a data processor of the Company's Personal Data.
2- The Company serves as a data controller and, where applicable, as a data processor.
3- Each Party will adhere to the obligations applicable to them under relevant laws concerning the handling of the Company's Personal Data.

If acting as a data processor, the Company assures the Service Provider that all directions regarding the Company's Personal Data, including the designation of the Service Provider as another processor, are authorized by the appropriate data controller.

Upon agreement, the Company instructs the Service Provider to process the Company's Personal Data strictly according to applicable laws:

a. To deliver the contracted services,
b. As specified through the Company's utilization of these services,
c. As detailed in this Agreement, including these stipulations,
d. As outlined in any other written directives issued by the Company and recognized by the Service Provider as binding instructions under this Agreement.

Data Processing Duration

The processing of the Company's Personal Data will continue for the term of this Agreement and will extend until all the Company's Personal Data is deleted in accordance with these provisions.

Purpose and Method of Data Processing

The Service Provider will use automated means to handle the company's personal data and deliver the contracted services to the Company.

Types of Personal Data

The Personal Data may include but is not limited to, data collected through the Service Provider's systems during operation, login information, identification details, types and activities of users, contact information, communication logs, and records of voice and images.

Categories of Data Subjects

The Personal Data pertains to:
- Individuals from whom the Service Provider collects personal data in the course of providing services;
- Individuals whose personal data is transferred to the Service Provider in connection with the services by or on behalf of the Company.

This may include the Company’s employees, board members, or clients depending on the service nature.

Rights and Responsibilities of the Parties

Should any third party, particularly a data subject or regulatory authority, request information from a Party concerning data processing under this Agreement, or if any claims or rights are exercised against a Party in this regard, the Party must promptly inform the other Party of such proceedings.

The Company is responsible for all obligations related to the processing of Personal Data, including informing data subjects about the data processing, obtaining necessary consents, addressing data subjects' requests regarding their rights, and fulfilling all notification requirements towards regulatory authorities, especially in case of data breaches.

The Company alone is responsible for determining whether the security measures and commitments by the Service Provider under this Agreement satisfy the Company's needs concerning legal security obligations.

Final Provisions

This Agreement has been drafted in English. All obligations of the Service Provider towards the Company under this Agreement shall be performed in English.

Should any provision of this Agreement be found invalid or unenforceable, it will not affect the remainder. Within 14 days of such determination, the parties will replace any invalid or unenforceable provision with one that is valid and enforceable, and that achieves, to the extent possible, the parties' original objectives and intent.

Changes to applicable laws or their interpretation may prompt the Service Provider to modify this Agreement reasonably. Any amendments will be communicated via the Service Provider's website and email to the last known address used by the Company. If not rejected within one month by the Company, the amendments will be deemed accepted. Rejection of amendments by the Company within this time frame will lead to termination of this Agreement, with a two-month notice period, during which the last agreed-upon terms will apply. Termination of this Agreement under these conditions does not affect the termination of the overarching Service Agreement; however, if no new data processing terms are agreed upon within two months, either Party may terminate the Service Agreement by written notice effective immediately.