(1) Natural or legal person concluding this Data Processing Agreement (“Data Controller”), and
(2) DataImpulse (“Data Processor”)
The Data Controller and Data Processor are hereinafter collectively referred to as the “Parties” and individually as a “Party.”
Taking into account that:
- Data Processor provides proxy infrastructure solutions, including residential, mobile and datacenter IP addresses and proxy management (“Services”).
- Data Controller intends to utilize Data Processor’s Services.
- The Parties have entered into terms under which the Data Processor provides these Services (as described in the Terms of Service).
- To provide these Services, the Data Processor processes Personal Data on behalf of and in the interest of the Data Controller.
The Parties agree as follows:
1. Definitions
1.1. Unless otherwise specified, the terms used in this Data Processing Agreement shall have the following meanings:
- Applicable Data Protection Laws: Any national or international data protection laws or regulations applicable during the term of this Data Processing Agreement.
- Data Controller: An entity or individual that determines the purposes and means of processing Personal Data and accepts the Terms of Service.
- Data Processor: DataImpulse, processing Personal Data on behalf of the Data Controller under this Agreement.
- Personal Data: Any information relating to an identified or identifiable natural person.
- Sub-processor: A third-party subcontractor engaged by the Data Processor to process Personal Data.
- Services: Proxy infrastructure solutions provided by DataImpulse, accessible via www.dataimpulse.com.
2. Obligations of the Parties
2.1. Responsibilities of the Data Controller: The Data Controller ensures compliance with all applicable data protection laws, including:
- Providing necessary privacy notices and obtaining any required consents for Data Processor to process Personal Data.
- Ensuring the legality of instructions provided to the Data Processor.
2.2. Responsibilities of the Data Processor:
- Processing Personal Data solely based on the documented instructions of the Data Controller.
- Informing the Data Controller if an instruction violates applicable data protection laws.
- Ensuring that Sub-processors adhere to equivalent data protection standards.
2.3. The Data Processor shall not be responsible for verifying the compliance of the Data Controller’s instructions but will notify the Data Controller of any evident violations.
2.4. Any use of DataImpulse Services for activities that are illegal, fraudulent, or abusive is strictly prohibited. The Data Processor reserves the right to investigate such activities and report them to competent authorities. Upon official request, the Data Processor may provide the complete history of activities deemed illegal and conducted through its platform.
3. Data Processing Instructions
3.1. Data Processor agrees to process Personal Data only as instructed by the Data Controller, including with respect to transfers to third countries.
3.2. Processing Details:
- Subject Matter: Provision of Services to the Data Controller.
- Purpose: Enabling the Data Controller to use the Services for its operations.
- Categories of Data Subjects: Individuals whose Personal Data the Data Controller processes using the Services.
- Types of Personal Data: Data that the Data Controller uploads or processes using the Services.
- Duration: For as long as the Data Controller utilizes the Services.
3.3. The Data Processor shall comply with applicable data protection laws and adopt industry-standard security measures.
3.4. The Data Controller authorizes the Data Processor to engage Sub-processors for specific tasks with a maintained and accessible list of such Sub-processors.
3.5. The Data Processor confirms that payment data related to Services is processed exclusively by third-party payment processors (e.g., Stripe, FastSpring, Cryptomus) in compliance with their respective data protection and security policies.
3.6. The Data Processor acknowledges that cookies and related tracking technologies may process Personal Data to enhance the Services’ functionality. Such processing is conducted in compliance with the Data Controller’s instructions and applicable data protection laws.
4. Cooperation
4.1. The Data Processor shall assist the Data Controller in responding to data subject requests and fulfilling obligations under applicable laws, such as data correction, restriction, or erasure.
4.2. The Data Processor will forward any direct requests from data subjects or authorities to the Data Controller for resolution.
4.3. The Data Controller may verify compliance by the Data Processor through agreed-upon audits or measures.
4.4. The Data Processor will support data protection impact assessments and consultations with authorities, as required.
5. Liability
5.1. Each Party’s liability shall be limited as per the terms set forth in the Agreement.
5.2. The Data Processor may recover reasonable costs incurred due to:
- Inaccurate or unlawful instructions from the Data Controller.
- Unfounded or excessive requests for assistance.
6. Data Security Measures
6.1. The Data Processor shall implement technical and organizational measures to safeguard Personal Data from unauthorized access, modification, or destruction.
6.2. Access to Personal Data shall be restricted to authorized personnel, who must comply with confidentiality obligations.
6.3. The Data Processor shall notify the Data Controller promptly in the event of a Personal Data breach.
6.4. Sub-processors engaged by the Data Processor must adhere to equivalent security measures.
7. Final Provisions
7.1. This Data Processing Agreement shall remain in effect while the Data Processor processes Personal Data on behalf of the Data Controller.
7.2. Upon termination of the Agreement, the Data Processor shall delete or return all Personal Data as instructed by the Data Controller.
7.3. This Data Processing Agreement is an integral part of the Terms of Service. The Terms of Service shall govern matters not covered here.