Data Processing Addendum (DPA)

This Data Processing Addendum ("DPA") forms part of the Terms of Service between RenoGlance and the Customer for the purchase of services from RenoGlance.

1. Definitions

"Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means.

"Controller" means the entity which determines the purposes and means of the processing of personal data.

"Processor" means the entity which processes personal data on behalf of the controller.

2. Processing of Personal Data

RenoGlance shall process Customer Personal Data only on documented instructions from the Customer, including with regard to transfers of personal data to a third country or an international organization, unless required to do so by applicable law.

3. Confidentiality

RenoGlance ensures that persons authorized to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

4. Security of Processing

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, RenoGlance shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

5. Sub-processors

Customer provides general authorization for RenoGlance to engage sub-processors to process personal data on Customer's behalf. RenoGlance shall inform the Customer of any intended changes concerning the addition or replacement of other sub-processors.

6. Data Subject Rights

RenoGlance shall assist the Customer by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of the Customer's obligation to respond to requests for exercising the data subject's rights.