Data Processing Agreement
A data processing agreement is a legally binding contract that states the rights and obligations of CivilGEO (acting as a Data Processor) and your company (acting as a Data Controller) concerning the protection of personal data. It completes CivilGEO’s Terms and Conditions and applies to personal data processing activities subject to GDPR.
In accordance with GDPR Article 28, Section 3, our data processing agreement includes assurances that:
- CivilGEO agrees to process personal data only on written instructions of your company.
- Everyone who comes into contact with data at CivilGEO is sworn to confidentiality.
- CivilGEO uses appropriate technical and organizational measures to protect the security of the data.
- CivilGEO will not subcontract to another processor unless instructed to do so in writing by your company, in which case another DPA will need to be signed with the sub-processor (pursuant to Sections 2 and 4 of Article 28).
- CivilGEO will help your company uphold its obligations under the GDPR, particularly concerning data subjects’ rights.
- CivilGEO will help your company maintain GDPR compliance with regard to Article 32 (security of processing) and Article 36 (consulting with the data protection authority before undertaking high-risk processing).
You can download past versions of our data processing agreement in PDF format.
EN 
FR 
DE 
IT 
ES 
CN 
PL 
ID