Data Processing Agreement

Data Processing Agreement under Article 28 GDPR.

Last updated: January 1, 2026

Data Processing Agreement

This DPA is part of the Terms of Service between Wysor IT Solutions UG (haftungsbeschränkt) ("Processor") and the Customer ("Controller").

1. Scope

This DPA applies when Wysor processes personal data on behalf of the Customer. The Customer is the Controller; Wysor is the Processor.

2. Processing Details

  • Subject: Personal data processed through the Wysor platform
  • Duration: Term of the agreement
  • Purpose: Providing the Services
  • Data types: As determined by Customer's use of the Services
  • Data subjects: Customer's users and contacts

3. Customer Responsibilities

The Customer ensures it has lawful basis to provide data to Wysor and that its instructions comply with applicable law.

4. Processor Obligations

Wysor will:

  • Process data only on Customer's documented instructions
  • Ensure staff confidentiality
  • Implement appropriate security measures
  • Assist with data subject requests
  • Delete or return data upon termination
  • Allow for audits

5. Subprocessors

Wysor may use subprocessors listed at wysor.io/subprocessors. We notify customers before adding new subprocessors. Customers may object within 14 days.

6. International Transfers

Data is processed in the EU. For non-EU subprocessors, EU Standard Contractual Clauses apply.

7. Security

Wysor maintains appropriate technical and organizational measures including encryption, access controls, and monitoring.

8. Data Breaches

Wysor notifies the Customer within 48 hours of becoming aware of a personal data breach.

9. Data Subject Rights

Wysor assists the Customer in responding to data subject requests (access, deletion, portability, etc.).

10. Audits

Wysor provides information needed for compliance verification. Audits require 30 days notice.

11. Termination

Upon termination, Wysor deletes or returns all personal data at Customer's choice, unless retention is legally required.

12. Liability

Subject to the limitations in the Terms of Service.

13. Governing Law

German law. Jurisdiction: Hamburg, Germany.

Wysor IT Solutions UG (haftungsbeschränkt) c/o Postflex #9898, Emsdettener Str. 10, 48268 Greven, Germany Email: [email protected]

Last Updated: January 1, 2026