Data Processing Agreement
This Data Processing Agreement (“DPA”) forms part of the contract betweenQuotely (“Processor”), trading as Quotely, and the business user (“Controller”) when the Controller uses Quotely to store or transmit personal data about their customers.
1. Subject matter
Processor provides quote, invoice, customer, and communication tools. Controller determines the purposes and means of processing customer personal data (typically name and email) entered into the service.
2. Processor obligations
- Process personal data only on documented instructions from the Controller
- Ensure personnel are bound by confidentiality
- Implement appropriate technical and organisational security measures
- Assist Controller with data subject requests where feasible
- Delete or return data on termination, subject to legal retention requirements
- Make available information necessary to demonstrate compliance
3. Subprocessors
Controller authorises Processor to engage subprocessors listed at quotely.ie/subprocessors. Processor remains responsible for subprocessors and will provide notice of material changes.
4. International transfers
Where processing involves transfers outside the EEA, Processor relies on appropriate safeguards such as Standard Contractual Clauses as described in the Privacy Policy.
5. Security incidents
Processor will notify Controller without undue delay after becoming aware of a personal data breach affecting Controller data, and cooperate on mitigation and regulatory notifications as required by GDPR.
6. Acceptance
By creating a Quotely account and accepting the Terms of Service, Controller agrees to this DPA for customer data processed through the service.
Questions: privacy@quotely.ie