Data Processing Addendum

Definitions

• “Personal Data” means any information relating to an identified or identifiable natural person.
• “Controller” means the entity determining the purposes and means of processing Personal Data.
• “Processor” means the entity processing Personal Data on behalf of the Controller.

Scope & Purpose

Watchlog processes Personal Data solely for the purpose of providing, maintaining, and improving the services as described in the Terms of Service.

Responsibilities of the Parties

• Customer acts as the Controller and is responsible for the legality of the Personal Data provided.
• Watchlog acts as the Processor and processes Personal Data only in accordance with Customer’s instructions.

Security Measures

Watchlog implements appropriate technical and organizational measures to protect Personal Data against unauthorized access, alteration, disclosure, or destruction.

Subprocessors

Watchlog may engage subprocessors to provide parts of the service, ensuring they meet the same data protection obligations.

Data Subject Rights

Watchlog assists the Customer in fulfilling data subject rights requests under applicable data protection laws.

Data Deletion

Upon termination of the agreement, Watchlog will delete or return Personal Data as instructed by the Customer, unless retention is required by law.

Changes to this Addendum

This DPA may be updated from time to time. Continued use of the services constitutes acceptance of the changes.