Data Processing Agreement

The legal framework for how we process data on behalf of our customers.

Data Processing Agreement

Last updated: March 04, 2026

This Data Processing Agreement ("DPA") reflects the requirements of the European Data Protection Laws and the California Consumer Privacy Act ("CCPA") for the processing of Personal Data by Yozigo on behalf of the Customer.

1. Definitions

"Customer Data" means any personal data that Yozigo processes on behalf of the Customer via the Service.
"Data Protection Laws" means all laws and regulations applicable to the processing of personal data under this DPA, including GDPR and CCPA.
"Processor" means Yozigo.
"Controller" means the Customer.

2. Processing of Personal Data

Yozigo will process Customer Data only on the documented instructions of the Customer for the implementation, maintenance, and provision of the Service. Yozigo shall not retain, use, or disclose Customer Data for any purpose other than for the specific purpose of performing the Service.

3. Security

Yozigo shall implement and maintain appropriate technical and organizational measures to protect Customer Data against unauthorized or unlawful processing and against accidental loss, destruction, damage, theft, alteration, or disclosure. These measures shall be appropriate to the harm which might result from any unauthorized or unlawful processing.

4. Sub-processors

The Customer gives general authorization to Yozigo to engage sub-processors to provide the Service. Yozigo shall ensure that such sub-processors are bound by data protection obligations that are at least as protective as those in this DPA.

5. Data Subject Rights

Taking into account the nature of the processing, Yozigo shall assist the Customer by appropriate technical and organizational measures for the fulfillment of the Customer's obligation to respond to requests for exercising the data subject's rights.

6. Personal Data Breach

Yozigo shall notify the Customer without undue delay upon Yozigo becoming aware of a personal data breach affecting Customer Data, providing the Customer with sufficient information to allow the Customer to meet any obligations to report or inform data subjects of the personal data breach.

7. Return and Deletion

Upon termination of the Service, Yozigo shall, at the choice of the Customer, delete or return all Customer Data to the Customer, unless applicable law requires storage of the personal data.

8. Governing Law

This DPA shall be governed by and construed in accordance with the governing law of the Terms of Service.

9. Contact

For inquiries regarding our data processing practices, please contact:
iam-security@yozigo.com

← Back to Home