Last Updated: July 29, 2025
This Data Processing Agreement ("DPA") is entered into between SyncFlo Ai ("Processor") and the customer ("Controller") and is incorporated into the Terms of Service. This DPA reflects the parties’ agreement with regard to the processing of Personal Data.
"Personal Data" means any information relating to an identified or identifiable natural person.
"Data Subject" means the individual to whom Personal Data relates.
"Processing" means any operation or set of operations which is performed on Personal Data.
"Controller" means the entity which determines the purposes and means of the Processing of Personal Data.
"Processor" means the entity which Processes Personal Data on behalf of the Controller.
The Processor shall only process Personal Data on behalf of and in accordance with the Controller's documented instructions. The subject-matter, duration, nature, and purpose of the Processing, as well as the types of Personal Data and categories of Data Subjects, are determined by the services provided by the Processor.
The Processor shall, to the extent legally permitted, promptly notify the Controller if it receives a request from a Data Subject to exercise their rights (e.g., access, rectification, erasure). The Processor shall assist the Controller with appropriate technical and organizational measures for the fulfilment of the Controller's obligation to respond to such requests.
The Processor shall implement and maintain appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including measures to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
The Controller provides a general authorization for the Processor to engage sub-processors. The Processor shall maintain a list of sub-processors and shall inform the Controller of any intended changes concerning the addition or replacement of sub-processors.
This DPA shall remain in effect for as long as the Processor processes Personal Data on behalf of the Controller under the Terms of Service. Upon termination of the services, the Processor shall, at the Controller's choice, delete or return all Personal Data.
This DPA shall be governed by and construed in accordance with the laws of India, without regard to its conflict of law provisions.
If you have any questions about this DPA, please contact us