Data Processing Agreement

Learn how Click Fortify complies with GDPR and protects your data with secure policies, robust measures, and international data transfer protocols.

Introduction

This Data Processing Agreement (“DPA”) outlines ClickFORTIFY Inc.’s compliance with the General Data Protection Regulation (“GDPR”) and related data protection laws. This DPA serves as an addendum to our Terms of Service and governs how ClickFORTIFY processes data on behalf of our customers within the European Union (EU), European Economic Area (EEA), Switzerland, and the UK. This policy reflects our commitment to secure, lawful data processing.

1. Key Definitions

This section clarifies essential terms like "Controller," "Processor," and "Personal Data" as per GDPR guidelines. Customers are defined as Controllers, while ClickFORTIFY acts as a Processor for handling Personal Data securely. Full definitions are provided in the agreement for transparency and understanding.

2. Applicability of This Policy

This policy applies to all data processed by ClickFORTIFY on behalf of its customers, ensuring compliance with GDPR and related laws. Customers retain control over their data, while ClickFORTIFY commits to handling it responsibly and lawfully.

3. Sub-Processors

ClickFORTIFY uses trusted sub-processors for providing specific services. Each sub-processor undergoes rigorous evaluation for security and compliance. Customers will be notified of any changes in sub-processors and have the right to object under GDPR.

4. Security Measures

ClickFORTIFY employs advanced security measures, including encryption, pseudonymization, and intrusion detection, to ensure data safety. For detailed insights, please visit our Security Policy.

5. Data Subject Rights

ClickFORTIFY facilitates customer compliance with data subject requests, such as data access, correction, and deletion. We ensure transparent processes for responding to such requests promptly.

6. Data Transfers

ClickFORTIFY adheres to GDPR-compliant mechanisms, including the use of Standard Contractual Clauses, for international data transfers. Learn more about our compliance in our Data Security Policy.

7. Cooperation with Authorities

We cooperate with relevant data protection authorities to address compliance inquiries and audits .Customers can request additional support for data protection impact assessments (DPIAs).

8. Data Retention

Personal Data is deleted upon service deactivation, except where legal requirements mandate retention. Archived data is securely isolated to prevent unauthorized access.

9. Governing Law

This DPA is governed by the laws of Ireland and complies with the EU GDPR. Legal proceedings arising from this policy will be resolved in Irish courts.

10. Contact Us

For further details or to address any concerns, please reach out via our Contact Us page.