Last updated:
1. Introduction
This Data Processing Agreement ("DPA") forms part of the agreement between Fintech Performance ("Processor") and its clients ("Controller") regarding the processing of personal data in relation to our services.
2. Definitions
"GDPR"
Means the General Data Protection Regulation (EU) 2016/679.
"Data Subject"
Means an identified or identifiable natural person whose personal data is processed.
"Personal Data"
Means any information relating to an identified or identifiable natural person.
"Processing"
Means any operation performed on personal data, such as collection, recording, organization, structuring, storage, etc.
3. Scope and Purpose
This DPA applies to the processing of personal data by Fintech Performance on behalf of the Controller in connection with the services provided under our main agreement.
We process personal data only for the purpose of providing our services and in accordance with the Controller's documented instructions.
4. Obligations of the Processor
As a processor, Fintech Performance commits to:
- Process personal data only on documented instructions from the Controller
- Ensure that persons authorized to process personal data have committed themselves to confidentiality
- Implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk
- Respect the conditions for engaging another processor
- Assist the Controller in ensuring compliance with the obligations pursuant to Articles 32 to 36 of the GDPR
- Delete or return all personal data to the Controller after the end of the provision of services
- Make available to the Controller all information necessary to demonstrate compliance with the obligations laid down in Article 28 of the GDPR
5. Sub-processing
Fintech Performance may engage sub-processors to perform specific processing activities. We will inform the Controller of any intended changes concerning the addition or replacement of sub-processors, giving the Controller the opportunity to object to such changes.
6. International Data Transfers
Fintech Performance will not transfer personal data to a third country or an international organization unless required to do so by Union or Member State law. In such a case, we will inform the Controller of that legal requirement before processing.
7. Data Subject Rights
Fintech Performance will assist the Controller in responding to requests by data subjects to exercise their rights under applicable data protection laws.
8. Data Breach Notification
Fintech Performance will notify the Controller without undue delay after becoming aware of a personal data breach. We will assist the Controller in ensuring compliance with their obligations regarding data breach notification to the supervisory authority and to the data subjects.
9. Audit Rights
Fintech Performance will make available to the Controller all information necessary to demonstrate compliance with the obligations laid down in this DPA and allow for and contribute to audits, including inspections, conducted by the Controller or another auditor mandated by the Controller.
10. Term and Termination
This DPA shall remain in effect for as long as Fintech Performance processes personal data on behalf of the Controller under the main agreement.
11. Contact Information
For questions about this DPA, please contact our Data Protection Officer:
Email: [email protected]
Contact Information
If you have any questions about our policies or need assistance, please contact our legal department:
Data Protection
All inquiries are handled in compliance with GDPR
Company Details
Registered Address
Fintech Marketing LL&POLO SLU
Carretera De Sispony 013 3 Camp de Baix
La Massana - AD400 - Andorra
Legal Information
NRT/Registration No: ®️ F-719472-W
Jurisdiction: 🇦🇩 Andorra
Information provided in accordance with applicable regulations.
Privacy Policy