Data Processing Agreement


Effective Date: October 1, 2024

This Data Processing Agreement (“DPA”) is made and entered into between:

PrimeProspects (“Data Processor”), located at 1061 Andrassy ut 1, Budapest, Hungary,
and
[Client’s Company Name] (“Data Controller”), located at [Client’s Address].

This DPA supplements the Terms of Service and governs the processing of personal data on behalf of the Client by PrimeProspects in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Definitions

  • Data Controller: The party that determines the purposes and means of processing personal data.
  • Data Processor: PrimeProspects, which processes personal data on behalf of the Data Controller.
  • Personal Data: Any information relating to an identified or identifiable natural person processed under this Agreement.
  • Sub-Processor: Any third party engaged by the Data Processor to process personal data.

2. Scope of Processing

  • Purpose: PrimeProspects processes personal data solely for the purpose of delivering B2B lead generation services to the Data Controller.
  • Data Categories: Personal data processed may include names, contact details, job titles, business information, and other relevant data for lead generation purposes.
  • Duration: Processing will continue for as long as PrimeProspects provides services to the Data Controller unless otherwise agreed.

3. Roles and Responsibilities

  • Data Controller: Responsible for ensuring that the collection, sharing, and processing of personal data comply with applicable laws, including informing data subjects of the processing.
  • Data Processor: Acts only on the instructions of the Data Controller and complies with the obligations in this DPA and applicable data protection laws.

4. Obligations of the Data Processor

  • Confidentiality: PrimeProspects ensures that all personnel authorized to process personal data are under confidentiality obligations.
  • Security: PrimeProspects implements appropriate technical and organizational measures to protect personal data, including encryption, secure data storage, and access control.
  • Breach Notification: PrimeProspects will notify the Data Controller without undue delay after becoming aware of any data breach affecting personal data, providing sufficient information to help the Data Controller meet any regulatory obligations.
  • Assistance: PrimeProspects will assist the Data Controller in fulfilling their obligations related to data subject rights, including requests for data access, correction, deletion, or portability.

5. Use of Sub-Processors

  • Sub-Processor Approval: PrimeProspects may engage sub-processors to carry out specific processing activities. A list of sub-processors will be provided, and the Data Controller will be notified of any changes.
  • Liability: PrimeProspects remains fully liable for the actions or omissions of its sub-processors.

6. Data Transfers Outside the EU

  • Cross-Border Transfers: Personal data may be transferred outside of the European Economic Area (EEA) only if adequate safeguards, such as standard contractual clauses or binding corporate rules, are in place to ensure data protection.

7. Data Subject Rights

  • Right to Access and Deletion: PrimeProspects will assist the Data Controller in responding to requests from data subjects to exercise their rights under GDPR, including access, rectification, and deletion.
  • Data Portability: PrimeProspects will provide assistance in enabling the Data Controller to comply with data portability requests.

8. Data Retention and Return/Destruction

  • Retention: PrimeProspects will retain personal data only for the duration necessary to fulfill the purposes outlined in this DPA.
  • Return or Destruction: Upon termination of the agreement or upon request, PrimeProspects will return or securely destroy all personal data, unless retention is required by law.

9. Termination

  • Termination: This DPA will remain in force for the duration of the service agreement between PrimeProspects and the Data Controller. Upon termination of services, the Data Processor’s obligations will continue with respect to any personal data still retained.

10. Dispute Resolution

  • Jurisdiction: This Agreement is governed by the laws of Hungary. Any disputes arising from this Agreement will be resolved through arbitration or mediation in Hungary.

11. Modifications

PrimeProspects reserves the right to modify this DPA to comply with changes in legal or regulatory obligations. The Data Controller will be notified of significant changes.

12. Contact Information

For any questions or issues related to this DPA, please contact: Email: support@primeprospects.eu
Mailing Address: 1061 Andrassy ut 1, Budapest, Hungary