Order By Phone
Email Marketing Profits Logo
Send An Email

Data Processing Terms

Last Updated: 27th March 2025

This Data Processing Agreement (the "Agreement") sets out the terms and conditions under which Email Marketing Profits ("the Data Processor") will process data on behalf of our clients ("the Data Controller").

These terms are designed to ensure compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

1. Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Data Controller: The entity that determines the purposes and means of processing personal data.
  • Data Processor: The entity that processes personal data on behalf of the Data Controller.
  • Processing: Any operation or set of operations performed on personal data, such as collection, storage, retrieval, or destruction.
  • Sub-Processor: A third-party Data Processor engaged by the Data Processor to assist in processing personal data.


2. Purpose of Processing

The Data Processor shall process personal data on behalf of the Data Controller solely for the purposes outlined in the service Agreement/Project Agreement between the parties.

3. Data Processor’s Obligations

The Data Processor agrees to:


  • Process personal data only in accordance with the written instructions of the Data Controller.
  • Implement appropriate technical and organizational measures to ensure the security of personal data.
  • Ensure that all personnel who have access to personal data are bound by confidentiality obligations.
  • Assist the Data Controller in complying with requests from data subjects (e.g., access, rectification, erasure).
  • Notify the Data Controller without undue delay in the event of a data breach or security incident.
  • Return or delete all personal data upon termination of the Agreement, as requested by the Data Controller.


4. Data Controller’s Obligations

The Data Controller agrees to:

  • Provide clear instructions to the Data Processor regarding the processing of personal data.
  • Ensure that the personal data provided to the Data Processor complies with applicable data protection laws and that necessary consent is obtained from data subjects where required.
  • Respond to requests from data subjects (e.g., for access or deletion of their personal data).
  • Cooperate with the Data Processor to ensure that the rights of data subjects are respected.


5. Sub-Processors


  • The Data Processor may engage sub-processors to assist in processing personal data, provided that:
  • The Data Processor obtains prior written consent from the Data Controller to use a sub-processor.
  • The sub-processor is bound by a written agreement that imposes obligations that are consistent with this Agreement.
  • The Data Processor remains liable for the actions of any sub-processor.


6. Data Security

The Data Processor agrees to implement and maintain appropriate technical and organizational measures to ensure the security of personal data, including but not limited to:


  • Encryption of personal data during transmission and storage.
  • Access controls to restrict access to personal data to authorized personnel only.
  • Regular security audits to ensure the effectiveness of security measures.
  • Data backups to prevent data loss.


7. Data Retention and Deletion


  • The Data Processor shall retain personal data only for as long as necessary to fulfill the purpose of processing as set out in this Agreement or as required by applicable laws.
  • Upon termination of this Agreement, the Data Processor shall return or securely delete all personal data, unless retention is required by law.


8. Data Subject Rights


  • The Data Processor shall assist the Data Controller in responding to requests from data subjects for access, rectification, erasure, or portability of their personal data.
  • The Data Processor shall notify the Data Controller without delay if any request from a data subject is received directly by the Data Processor.


9. Cross-Border Data Transfers


  • If personal data is transferred outside the European Economic Area (EEA), the Data Processor shall ensure that appropriate safeguards are in place, such as the use of Standard Contractual Clauses, or the transfer is subject to an adequacy decision from the European Commission.


10. Audits and Inspections


  • The Data Controller has the right to audit the Data Processor’s compliance with this Agreement. The Data Processor shall make available all relevant information to demonstrate compliance and allow for audits, including access to relevant records and systems.


11. Liability and Indemnity


  • The Data Processor will be liable for any damage caused by the processing of personal data that infringes the GDPR or this Agreement.
  • The Data Controller will be liable for ensuring that the processing of personal data complies with applicable laws and regulations.



12. Changes to this Agreement


  • Any changes to this Data Processing Agreement must be agreed in writing by both parties.
  • The Data Processor reserves the right to update this Agreement to reflect changes in the law or its data processing practices.


13. Governing Law and Jurisdiction

This Agreement shall be governed by and construed in accordance with the laws of the United Kingdom. Any disputes arising out of or in connection with this Agreement shall be subject to the exclusive jurisdiction of the courts of the United Kingdom.

14. Contact Information

If you have any questions or concerns about how we handle your personal data, please contact us at:

info@emailmarketingprofits.com

Copyright © 2025 Email Marketing Profits. All Rights Reserved. ICO Registration No ZB880715.

Privacy Policy - Cookie Policy - Data Processing - Members Area