General Data Processing Agreement

1. Introduction

The purpose of this DPA is to reflect the parties’ agreement with regard to the processing of Personal Data in accordance with the requirements of Data Protection Regulations. In respect of the processing of Personal Data of theCustomer by ZAVEIT under the Agreement and General Terms, the parties acknowledge that the Customer is the Data Controller and ZAVEIT is the DataProcessor and both agree to comply with all corresponding obligations as per the Data Protection Regulations. The Customer gives instructions to ZAVEIT to process such Personal Data on its behalf as it is necessary for the purposes of the Terms of Services.  

A: Compliance with data protection regulations

Each party shall comply with its obligations under the Data Protection Regulations.
All capitalized words in the DPA shall have the meaning ascribed to them in the GDPR, the Data Protection Regulations and in the Terms of Services.  

B: Data processing operations under the dpa  

The Processor is obligated to process Personal Data exclusively for the purposes specified in the Services Ordered and to the extent required to carry out the Agreement. Data is supplied directly by the Controller to the processor's solution.

The categories of Personal Data transferred to the solution of the Processor may vary in accordance with the data systems and services with which the Controller has delegated interaction to the Processor. A general list of Personal Data category that may be stored in or accessed via Processor's solution is as follows:

•       Name of employees

•      Additional contact information for employees.  

The aforementioned categories of Personal Data typically pertain to personnel of the Controller or customers of the Controller; employees of other group companies, partners, and subcontractors of the Controller or customers of the Controller may also be included.

The processing is performed exclusively to enable the Controller to conduct an analysis of the information and generate and disseminate reports for its own benefit or that of its clients. A processor shall not perform data analysis on behalf of the controller, unless the controller specifically requests the processor to aid in the implementation or utilization of a particular functionality, among other things.

The Customer warrants to ZAVEIT that it is entitled to transfer the Personal Data to the ZAVEIT and/or the Sub-processor(s) in full compliance with Data Protection Regulations, including as needed, compliance to any prior required formalities and Data Subject rights, such as information and/or consent when such is required under DataProtection Regulations.  

The Customer acknowledges that it is and shall remain solely responsible for determining the purposes and the means ofZAVEIT’s processing the Personal Data. The Data Controller remains solely responsible for the accuracy and adequacy of the aforementioned instructions. Any changes to the instructions given or the security measures that are required by the Customer, including in order to comply with applicable data protection laws, shall be agreed to by the parties and/or via an amendment to this DPA. Any costs incurred by ZAVEIT in complying with such changes shall be borne by the Customer.  

The Customer undertakes that the Data Subjects have been informed or will be informed before the transfer of their Personal Data to ZAVEIT in the scope of the Services.  

The Product is not intended to process Special Categories of Personal Data. Therefore, the Customer undertakes to prevent any processing of Special Categories of Personal Data through the Product and the Services. However, at the Customer request, processing of Special Categories of Personal Data may be performed by ZAVEIT. In such case, the Processing shall be covered by a specific addendum to the DPA to be entered into between the Customer andZAVEIT.  

In case the Customer expressly requests the assistance of ZAVEIT for the fulfillment of its obligation under the Data Protection Regulations, then ZAVEIT shall address to the Customer the estimated costs for such assistance. Upon express acceptance of the estimated cost, ZAVEIT shall provide assistance pursuant to the instructions of the Customer and the terms of the present DPA.  

‍

3.1 Information You Provide to Us

When you register on our website or contact us through our career site, you must provide some information stored by us, such as name, e-mail address, address, and mobile number. We will also store information when you contact us later.

3.2 Information We Receive Through the Use of Our Services

When you use our services, we record information about which services you use and how you use them.

3.3 Your Device and Your Internet Connection

We can register information about the device you use, such as the manufacturer of the mobile/PC, operating system, and browser. We may also collect information about the connection to our services, such as IP addresses, network IDs, cookies, and unique identification files.

3.4 Use of Service

We register information about your use of the services, such as which pages you are on when you are on the pages and which functions you have used.

3.5 Cookies and Other Content Stored Locally

ZaveIT uses cookies to help ZaveIT identify and track visitors, their usage of ZaveIT’s website, and their website access preferences.

4. What Is the Information Used For?

We use personal information for the following purposes:

4.1 To Deliver and Improve Our Services

We use personal information to provide our services to you and to ensure the best possible user experience.

4.2 To Improve Digital Communication and Advertising

We use your personal information to improve our advertising and targeted advertising through social media.

4.3 To Compile Statistics and Understand Market Trends

We gather statistics and map market trends to improve and further develop our services.

4.4 To Prevent Misuse of Our Services

We use personal information to avoid the misuse of our services.

4.5 Recruitment

We use personal information to contact you who have contacted us regarding work.

5. Information Sharing

In some cases, we share personal information with other companies that perform services on our behalf.

5.1 When Others Perform Services on Our Behalf

For example, web and marketing agencies show you targeted marketing and create campaigns.

5.2 In Case of Suspicion of a Crime

Information can be handed over to public authorities upon request.

6. Deletion of Personal Information

You are entitled to have all our information about you deleted at your request unless ZaveIT is legally obliged to store this.

7. Security of Personal Information

We have implemented organizational and technical security measures to protect the personal information under our control against unauthorized access, collection, use, dissemination, disclosure, copying, modification, or disposal.