Data Processing Agreement
GDPR Article 28 Compliant ยท Available for immediate signature
SuperEngage acts as a data processor when processing personal data on behalf of our customers (the data controller). This DPA sets out the terms under which we process that data, in compliance with GDPR Article 28 and applicable data protection legislation.
Scope
This DPA applies to all personal data processed by SuperEngage on behalf of the Customer in connection with the SuperEngage platform and services.
Processing instructions
SuperEngage will process personal data only on documented instructions from the Customer, unless required to do so by applicable law.
Confidentiality
SuperEngage ensures that persons authorised to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
Security measures
SuperEngage implements appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including: AES-256 encryption at rest, TLS 1.3 in transit, role-based access control, annual penetration testing, and ISO 27001 certification.
Sub-processors
SuperEngage uses the following categories of sub-processors: cloud infrastructure (data hosting and compute), CRM software (lead management), and analytics (website usage). A full list is available on request. SuperEngage will notify Customers of material changes to sub-processors with reasonable notice.
Data subject rights
SuperEngage will assist the Customer in responding to data subject rights requests (access, rectification, erasure, restriction, portability) within commercially reasonable timeframes.
Breach notification
SuperEngage will notify the Customer without undue delay (and within 72 hours where feasible) after becoming aware of a personal data breach.
Data return and deletion
Upon termination of services, SuperEngage will, at the Customer's choice, return or delete personal data within 30 days, and delete existing copies unless applicable law requires retention.
Need a signed DPA for your vendor onboarding? We'll turn it around within 2 business days.
Request Signed DPA โ