Data Processing Agreement

Effective February 1, 2024

This Data Processing Agreement (“DPA”) is entered into by and between VirtuSpa (“Data Controller”) and any and all of our respective processors (“Data Processor”).

1. Definitions

a. “Data Controller” refers to VirtuSpa, the entity that determines the purposes and means of processing personal data.

b. “Data Processor” refers to the entity that processes personal data on behalf of the Data Controller.

2. Purpose and Scope

a. VirtuSpa engages [Data Processor Name] as a data processor to process personal data for the purposes specified in the underlying agreement between the parties.

b. This DPA sets out the terms and conditions for the processing of personal data by any and all of the Data Processors on behalf of VirtuSpa.

3. Obligations of the Data Processor

a. All Data Processors shall process personal data in accordance with the instructions provided by VirtuSpa.

b. All Data Processors shall implement appropriate technical and organizational measures to ensure the security and confidentiality of the personal data.

c. All Data Processors shall assist VirtuSpa in fulfilling its obligations with regard to data subject rights, data breach notifications, and other requirements under applicable data protection laws.

d. All Data Processors shall only engage sub-processors with the prior written consent of VirtuSpa and upon entering into a written agreement that imposes similar data protection obligations as set forth in this DPA.

4. Data Subject Rights

a. All Data Processors shall promptly notify VirtuSpa of any request received from data subjects in relation to their personal data and assist VirtuSpa in responding to such requests.

b. All Data Processors shall implement appropriate measures to assist VirtuSpa in fulfilling its obligations to data subjects regarding the exercise of their rights.

5. Security Measures

a. All Data Processors shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including measures to protect against unauthorized or unlawful processing, accidental loss, destruction, or damage of personal data.

b. All Data Processors shall promptly notify VirtuSpa of any personal data breach and assist VirtuSpa in fulfilling its data breach notification obligations.

6. Confidentiality

a. All Data Processors shall ensure that any person authorized to process personal data on its behalf is under an appropriate obligation of confidentiality.

7. Data Transfer

a. All Data Processors shall not transfer personal data outside of Delaware without the prior written consent of VirtuSpa.

b. If the transfer is authorized, All Data Processors shall implement appropriate safeguards to ensure the protection of personal data.

8. Duration and Termination

a. This DPA shall remain in effect as long as All Data Processors processes personal data on behalf of VirtuSpa or as otherwise specified in the underlying agreement.

b. Upon termination of the processing services, All Data Processors shall return or delete all personal data in its possession, unless otherwise required by applicable law.

9. Governing Law and Dispute Resolution

a. This DPA shall be governed by and construed in accordance with the laws of Delaware.

b. Any disputes arising out of or in connection with this DPA shall be subject to the exclusive jurisdiction of the courts of Delaware.

“Users” means all users that are authorized to access Customer’s account on the Services.

Contact Us

If you have any questions or concerns, please contact us at legal@virtuspa.ai.

Last Updated: March 7, 2024

Data Processing Agreement

Effective February 1, 2024

This Data Processing Agreement (“DPA”) is entered into by and between VirtuSpa (“Data Controller”) and any and all of our respective processors (“Data Processor”).

1. Definitions

a. “Data Controller” refers to VirtuSpa, the entity that determines the purposes and means of processing personal data.

b. “Data Processor” refers to the entity that processes personal data on behalf of the Data Controller.

2. Purpose and Scope

a. VirtuSpa engages [Data Processor Name] as a data processor to process personal data for the purposes specified in the underlying agreement between the parties.

b. This DPA sets out the terms and conditions for the processing of personal data by any and all of the Data Processors on behalf of VirtuSpa.

3. Obligations of the Data Processor

a. All Data Processors shall process personal data in accordance with the instructions provided by VirtuSpa.

b. All Data Processors shall implement appropriate technical and organizational measures to ensure the security and confidentiality of the personal data.

c. All Data Processors shall assist VirtuSpa in fulfilling its obligations with regard to data subject rights, data breach notifications, and other requirements under applicable data protection laws.

d. All Data Processors shall only engage sub-processors with the prior written consent of VirtuSpa and upon entering into a written agreement that imposes similar data protection obligations as set forth in this DPA.

4. Data Subject Rights

a. All Data Processors shall promptly notify VirtuSpa of any request received from data subjects in relation to their personal data and assist VirtuSpa in responding to such requests.

b. All Data Processors shall implement appropriate measures to assist VirtuSpa in fulfilling its obligations to data subjects regarding the exercise of their rights.

5. Security Measures

a. All Data Processors shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including measures to protect against unauthorized or unlawful processing, accidental loss, destruction, or damage of personal data.

b. All Data Processors shall promptly notify VirtuSpa of any personal data breach and assist VirtuSpa in fulfilling its data breach notification obligations.

6. Confidentiality

a. All Data Processors shall ensure that any person authorized to process personal data on its behalf is under an appropriate obligation of confidentiality.

7. Data Transfer

a. All Data Processors shall not transfer personal data outside of Delaware without the prior written consent of VirtuSpa.

b. If the transfer is authorized, All Data Processors shall implement appropriate safeguards to ensure the protection of personal data.

8. Duration and Termination

a. This DPA shall remain in effect as long as All Data Processors processes personal data on behalf of VirtuSpa or as otherwise specified in the underlying agreement.

b. Upon termination of the processing services, All Data Processors shall return or delete all personal data in its possession, unless otherwise required by applicable law.

9. Governing Law and Dispute Resolution

a. This DPA shall be governed by and construed in accordance with the laws of Delaware.

b. Any disputes arising out of or in connection with this DPA shall be subject to the exclusive jurisdiction of the courts of Delaware.

“Users” means all users that are authorized to access Customer’s account on the Services.

Contact Us

If you have any questions or concerns, please contact us at legal@virtuspa.ai.

Last Updated: March 7, 2024

Data Processing Agreement

Effective February 1, 2024

This Data Processing Agreement (“DPA”) is entered into by and between VirtuSpa (“Data Controller”) and any and all of our respective processors (“Data Processor”).

1. Definitions

a. “Data Controller” refers to VirtuSpa, the entity that determines the purposes and means of processing personal data.

b. “Data Processor” refers to the entity that processes personal data on behalf of the Data Controller.

2. Purpose and Scope

a. VirtuSpa engages [Data Processor Name] as a data processor to process personal data for the purposes specified in the underlying agreement between the parties.

b. This DPA sets out the terms and conditions for the processing of personal data by any and all of the Data Processors on behalf of VirtuSpa.

3. Obligations of the Data Processor

a. All Data Processors shall process personal data in accordance with the instructions provided by VirtuSpa.

b. All Data Processors shall implement appropriate technical and organizational measures to ensure the security and confidentiality of the personal data.

c. All Data Processors shall assist VirtuSpa in fulfilling its obligations with regard to data subject rights, data breach notifications, and other requirements under applicable data protection laws.

d. All Data Processors shall only engage sub-processors with the prior written consent of VirtuSpa and upon entering into a written agreement that imposes similar data protection obligations as set forth in this DPA.

4. Data Subject Rights

a. All Data Processors shall promptly notify VirtuSpa of any request received from data subjects in relation to their personal data and assist VirtuSpa in responding to such requests.

b. All Data Processors shall implement appropriate measures to assist VirtuSpa in fulfilling its obligations to data subjects regarding the exercise of their rights.

5. Security Measures

a. All Data Processors shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including measures to protect against unauthorized or unlawful processing, accidental loss, destruction, or damage of personal data.

b. All Data Processors shall promptly notify VirtuSpa of any personal data breach and assist VirtuSpa in fulfilling its data breach notification obligations.

6. Confidentiality

a. All Data Processors shall ensure that any person authorized to process personal data on its behalf is under an appropriate obligation of confidentiality.

7. Data Transfer

a. All Data Processors shall not transfer personal data outside of Delaware without the prior written consent of VirtuSpa.

b. If the transfer is authorized, All Data Processors shall implement appropriate safeguards to ensure the protection of personal data.

8. Duration and Termination

a. This DPA shall remain in effect as long as All Data Processors processes personal data on behalf of VirtuSpa or as otherwise specified in the underlying agreement.

b. Upon termination of the processing services, All Data Processors shall return or delete all personal data in its possession, unless otherwise required by applicable law.

9. Governing Law and Dispute Resolution

a. This DPA shall be governed by and construed in accordance with the laws of Delaware.

b. Any disputes arising out of or in connection with this DPA shall be subject to the exclusive jurisdiction of the courts of Delaware.

“Users” means all users that are authorized to access Customer’s account on the Services.

Contact Us

If you have any questions or concerns, please contact us at legal@virtuspa.ai.

Last Updated: March 7, 2024