Data Processing Agreement (DPA)

Introduction

This Data Processing Agreement (“Agreement”), is read in conjunction with our Platform Terms of Service (https://workbounce.com/platform-terms) and Customer Terms of Service (https://workbounce.com/customer-terms) (as applicable), and constitutes the entire agreement between us in respect of how personal data is handled and processed where Workbounce is a data processor in respect of such processing as outlined in our Privacy and Cookies Policy (https://workbounce.com/privacy).

The following terminology applies to this Data Processing Agreement.

“User”, “You”, “Your”, and “Customer” refers to you, the person (natural or legal) accessing our website and Services, and accepting our Terms and this Data Processing Agreement.
“The Company”, “Workbounce”, “Ourselves”, and “We” refer to Workbounce Ltd registered at 71-75 Shelton Street, Covent Garden, London, England, WC2H 9JQ, under company registration number 12841553; and
“Party”, “Parties” or “Us” refer to both you and us, or either the User or ourselves.

In consideration of the Customer making the Customer's Personal Data available to the Company, the Company hereby agrees to process the Customer’s Personal Data in accordance with the terms and conditions of this Agreement. In case of any conflicts or inconsistencies between this Agreement and any other agreement, the provisions in this Agreement shall prevail.

THE PARTIES AGREE AS FOLLOWS

1. DEFINITIONS

Capitalised terms and expressions used in this Agreement shall have the following meanings:

“Appropriate Technical and Organisational Measures” means processes and procedures such that having regard to the state of technological development and the cost of implementation, and the nature of the Customer’s Personal Data, will ensure a level of security appropriate to the harm that might result from unauthorised or unlawful processing of, or accidental loss or destruction of, or damage to, the Customer’s Personal Data. Such measures shall comprise, as a minimum, those measures set out in Appendix 2 (Information Security) of the Agreement and any additional measures from time to time notified in writing by the Customer to the Company and reasonably agreed by the Parties;

“Controller and Processor” shall have the meaning given to it in the relevant Data Protection Laws;

“Data Protection Laws” means any law relating to the use of Personal Data, as applicable to the Parties, including:

(a) in the United Kingdom:

(i) the General Data Protection Regulation (EU) 2016/679 (GDPR) including as adopted by the United Kingdom as a result of its exit from the European Union (“UK GDPR”) and the Data Protection Act 2018, and/or any corresponding or equivalent national laws and regulation in the United Kingdom and/or any other applicable jurisdiction; and/or

(ii) Data Protection, Privacy and Electronic Communications (Amendments) (EU Exit) Regulations 2019, and/or any corresponding or equivalent national laws and regulation; and/or