Swipe Data Processing Agreement

Effective Date: August 11,2023

This Data Processing Agreement ("Agreement") is entered into between Swipe Credit ("Data Processor") and [Your Company Name] ("Data Controller"), collectively referred to as the "Parties."

1. Definitions

  • "Data Processor" refers to Swipe Credit, including its employees, affiliates, and partners.

  • "Data Controller" refers to [Your Company Name], the entity that determines the purposes and means of processing personal data.

  • "Personal Data" refers to any information relating to an identified or identifiable natural person.

  • "Processing" refers to any operation or set of operations performed on personal data, including collection, recording, organization, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, erasure, or destruction.

2. Scope and Purpose

a. The Data Controller engages the Data Processor to process certain personal data on its behalf for the purpose of providing financial and credit-related services as outlined in the main agreement between the Parties.

b. The Data Processor agrees to process the personal data only as necessary for the provision of the services and in accordance with the instructions provided by the Data Controller.

3. Liability and Limitation of Liability

a. The Data Processor shall process personal data in accordance with applicable data protection laws and regulations. However, the Data Processor shall not be liable for any unauthorized access, use, or disclosure of personal data resulting from factors beyond its control, including but not limited to security breaches, cyberattacks, or force majeure events.

b. The Data Processor shall not be liable for any indirect, incidental, consequential, or exemplary damages arising from the processing of personal data, including but not limited to loss of profits, data, or business opportunities.

4. Security Measures

a. The Data Processor shall implement appropriate technical and organizational measures to ensure the security of personal data processed under this Agreement. However, the Data Processor's liability for security breaches shall be limited as outlined in Section 3 above.

b. The Data Processor shall promptly notify the Data Controller in the event of any known or suspected security breach involving personal data, including unauthorized access, loss, or disclosure.

5. Subprocessing

a. The Data Processor may engage sub-processors to assist in the provision of services. The Data Processor shall ensure that any sub-processor it engages provides sufficient guarantees to implement appropriate technical and organizational measures to ensure the protection of personal data.

b. The Data Processor shall remain fully liable to the Data Controller for the actions and omissions of its sub-processors.

6. Data Subject Rights

a. The Data Processor shall provide reasonable assistance to the Data Controller in responding to data subject requests, including access, rectification, erasure, and objection.

b. The Data Processor shall not be liable for any failure to comply with data subject requests to the extent that such failure is attributable to the Data Controller's instructions or the nature of the data processed.

7. Governing Law

This Agreement shall be governed by and construed in accordance with the laws of [Insert Jurisdiction], without regard to its conflict of law principles.

8. Contact Information

If you have any questions or concerns about this Data Processing Agreement, please contact us at support@swipecredit.com.

By entering into this Data Processing Agreement, the Parties acknowledge that they have read, understood, and agreed to the terms outlined herein.