Data Processing
Agreement.
Our compliance framework for securely processing personal data on your behalf.
1. Controller & Processor Responsibilities
Where InnovaSocials processes personal data on behalf of your business (e.g., managing your customer lists via our CRM systems), you act as the Data Controller, and InnovaSocials acts as the Data Processor under UK GDPR.
We are committed to processing data only on your documented instructions and ensuring strict confidentiality.
2. Security Measures & Breach Notifications
We enforce strict technical and organizational Security Measures to prevent unauthorized access. In the unlikely event of a data breach impacting your customer data, we guarantee prompt Breach Notifications to you without undue delay, allowing you to fulfil your regulatory responsibilities.
3. Sub-Processors & Data Transfers
We utilize vetted Sub-Processors (such as premium telecommunications providers and cloud hosts) to deliver functionality. We ensure any Data Transfers outside the UK are protected by standardized safeguards.
Certain features rely upon third-party infrastructure, telecommunications services, artificial intelligence technologies, hosting providers, and software integrations. Service availability may be affected by outages, changes, limitations, or restrictions imposed by such providers.
4. Data Retention & Subject Rights
We assist you in responding to Subject Rights requests regarding data housed within our platforms. Upon termination of our agreement, Data Retention policies dictate that we safely delete or return your processing data, barring any overriding legal retention requirements.