Data Processing Agreement

1. Definitions

In this DPA:

• "Controller" means the Customer who determines the purposes and means of processing personal data.
• "Processor" means Innerkore Technologies Private Limited that processes personal data on behalf of the Controller.
• "Personal Data" means any information relating to an identified or identifiable natural person.
• "Processing" means any operation performed on personal data.
• "Data Subject" means the individual to whom the personal data relates.

2. Scope and Purpose

This DPA applies to all processing of personal data by the Processor on behalf of the Controller in connection with the services provided under the Terms of Service. The purpose of processing is to provide the agreed services.

3. Categories of Personal Data

The personal data processed may include:

• Contact information (names, email addresses, phone numbers)
• Professional information (job titles, company details)
• Usage data (IP addresses, browsing patterns, device information)
• Any other personal data provided by the Controller for processing

4. Obligations of the Processor

The Processor shall:

• Process personal data only in accordance with the Controller's documented instructions
• Implement appropriate technical and organizational measures to ensure data security
• Ensure that persons authorized to process personal data are bound by confidentiality
• Assist the Controller in responding to data subject rights requests
• Notify the Controller of any personal data breaches without undue delay
• Cooperate with supervisory authorities regarding data protection compliance
• Delete or return personal data at the end of the service term

5. Security Measures

The Processor implements the following security measures:

• Encryption of data in transit and at rest
• Access controls and authentication mechanisms
• Regular security audits and vulnerability assessments
• Incident response procedures
• Regular backups and disaster recovery procedures

6. Sub-Processing

The Processor may engage sub-processors to assist in processing personal data. The Processor shall maintain an up-to-date list of sub-processors and provide this to the Controller upon request. The Processor shall ensure that sub-processors are bound by equivalent data protection obligations.

7. International Data Transfers

Personal data may be transferred to countries outside the EU/EEA. Such transfers shall be made in compliance with GDPR requirements, using appropriate safeguards such as Standard Contractual Clauses.

8. Data Subject Rights

The Processor shall assist the Controller in fulfilling data subject rights including:

• Right to access personal data
• Right to rectification
• Right to erasure
• Right to restriction of processing
• Right to data portability
• Right to object

9. Breach Notification

The Processor shall notify the Controller of any personal data breach without undue delay after becoming aware of the breach. The notification shall include the nature of the breach, categories of data affected, and measures taken to mitigate the breach.

10. Data Protection Impact Assessment

Where processing is likely to result in high risk to data subjects' rights, the Processor shall assist the Controller in conducting data protection impact assessments and consulting with supervisory authorities.

11. Audit Rights

The Controller shall have the right to audit the Processor's compliance with this DPA. Audits shall be conducted with reasonable notice and shall not unreasonably interfere with the Processor's operations.

12. Termination

Upon termination of the services, the Processor shall delete or return all personal data to the Controller, unless retention is required by applicable law.

13. Liability

Each party shall be liable for damages caused by their breach of this DPA in accordance with applicable law. The Processor's liability shall be limited to the amount specified in the Terms of Service.

14. Governing Law

This DPA shall be governed by the laws of India and subject to the jurisdiction of the courts in Delhi, India.

15. Contact Information