Data Processing Agreement

Updated: October 18, 2024

TheSimplfier.io uses https://Face2Face.io for facilitating real-time video chat and co-browsing sessions, tracking and identifying returning users for personalized interactions, improving the user experience through analytical data collection.

Below is the Data Processing Agreement between TheSimplfier.io and Face2Face.io

Effective Date: October 18, 2024

Parties:

- Controller: [TheSimplifier.io](https://face2face.io/)(Operated by DCN TRADE INVESTMENT SRL)
- Processor: [Face2Face.io](http://face2face.io/) (Operated by F2F Face2Face Technology Inc.)

1. Definitions

- Controller: The entity (TheSimplifier) that determines the purposes and means of processing personal data.
- Processor: [Face2Face.io](http://face2face.io/), acting on behalf of the Controller, processes personal data in accordance with this agreement.
- Personal Data: Any information relating to an identified or identifiable individual, as defined by applicable data protection laws.
- Data Subject: Any individual whose personal data is processed.

2. Scope and Purpose of Processing

The Processor ([Face2Face.io](http://face2face.io/)) shall process personal data on behalf of the Controller (TheSimplifier.io) for the purpose of:

- Facilitating real-time video chat and co-browsing sessions via [Face2Face.io](http://face2face.io/).
- Tracking and identifying returning users for personalized interactions.
- Improving the user experience through analytical data collection.

3. Duration of Processing

The Processor will process personal data for as long as the Controller uses [Face2Face.io](http://face2face.io/) services, or until this agreement is terminated.

4. Types of Data Processed

- User identification data.
- Website behavior data (tracking cookies).
- Video chat session data (optional based on customer preferences).

5. Obligations of the Processor

The Processor agrees to:

- Only process personal data as instructed by the Controller.
- Implement appropriate technical and organizational measures to ensure the security of personal data.
- Assist the Controller in complying with data subject requests (e.g., access, correction, deletion).
- Ensure all personnel handling personal data are subject to confidentiality obligations.
- Notify the Controller of any data breaches without undue delay.

6. Obligations of the Controller

The Controller agrees to:

- Comply with applicable data protection laws.
- Provide accurate instructions to the Processor regarding the processing of personal data.
- Implement appropriate safeguards when transferring personal data to the Processor.

7. Subprocessors

The Processor may engage subprocessors to assist with data processing (e.g., Upscope, Google Analytics). The Processor will ensure any subprocessors comply with the terms of this DPA.

8. International Data Transfers

The Processor will not transfer personal data outside the European Economic Area (EEA) without ensuring adequate safeguards, in compliance with GDPR.

9. Data Subject Rights

The Processor will assist the Controller in responding to requests from data subjects, such as access, correction, and deletion of personal data.

10. Data Breach Notifications

In the event of a personal data breach, the Processor will notify the Controller without undue delay, providing details of the breach and measures taken to mitigate the risks.

11. Termination

This DPA will remain in effect until the termination of the agreement between the Processor and the Controller. Upon termination, the Processor will delete or return all personal data to the Controller.

12. Governing Law

This DPA is governed by the laws of [Romania], and both parties agree to submit to the jurisdiction of [Romania].

---

Contact Us

If you have any questions or concerns about our Data Processing Agreement, please contact us at daniel@thesimplifier.io.