Data Protection

This Data Processing Agreement ("Agreement") forms part of the agreement between the data controller Rezero Consulting Ltd ("Controller") and the data processor ("Processor") in relation to the ShuffleDesk service ("Service").

1. Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Processing: Any operation performed on Personal Data such as collection, use, storage, transfer, or deletion.
  • Data Controller: Rezero Consulting Ltd, which determines the purposes and means of processing Personal Data.
  • Data Processor: The party processing Personal Data on behalf of the Controller as instructed.
  • Data Subject: An individual whose Personal Data is processed.
  • Applicable Laws: GDPR, CCPA, and any other relevant data protection laws.

2. Purpose

The Processor shall process Personal Data only for the purposes of providing the ShuffleDesk service as documented in the main agreement and in accordance with Controller’s instructions.

3. Duration

This Agreement applies for the duration of the relationship between Controller and Processor and continues as long as Personal Data is processed.

4. Obligations of the Processor

  • Process Personal Data only on documented instructions from the Controller.
  • Implement appropriate technical and organizational measures to protect Personal Data.
  • Ensure confidentiality of personnel authorized to process Personal Data.
  • Assist Controller in fulfilling data subject rights under applicable laws.
  • Notify Controller without undue delay of any data breach affecting Personal Data.
  • Delete or return Personal Data upon termination of the service, unless retention is required by law.
  • Not engage sub-processors without Controller’s prior authorization and provide necessary information about such engagements.

5. Obligations of the Controller

  • Provide clear instructions regarding the processing of Personal Data.
  • Ensure compliance with applicable data protection laws.
  • Respond to data subject requests and cooperate with the Processor as needed.

6. Security Measures

The Processor agrees to implement and maintain appropriate technical and organizational security measures to protect Personal Data against unauthorized access, disclosure, alteration, or destruction.

7. International Data Transfers

Where applicable, transfers of Personal Data outside the UK, EEA, or California will be made in compliance with relevant laws, using appropriate safeguards such as standard contractual clauses or approved frameworks.

8. Sub-processors

The Processor shall inform the Controller of any intended changes concerning the addition or replacement of sub-processors, giving the Controller opportunity to object.

9. Liability and Indemnity

Both parties agree to comply with their respective legal obligations. The Processor shall be liable for damages resulting from breaches caused by its failure to comply with this Agreement.

10. Governing Law and Jurisdiction

This Agreement is governed by the laws of England and Wales. Any disputes arising in connection with this Agreement shall be subject to the exclusive jurisdiction of the courts of England and Wales.

11. Contact Information

  • Controller: Rezero Consulting Ltd
  • Address: Rezero Consulting Ltd : Ground Floor Dearing House, 1 Young Street, Broomhall, Sheffield, South Yorkshire, United Kingdom, S1 4UP
  • Email: hello@shuffledesk.io