top of page

Data Processing Agreement, DPA

Effective Date: 22.08.2024

This Data Processing Agreement ("DPA") forms part of the [Master Service Agreement / Terms of Service] between [Client Name] ("Controller") and Flamba ("Processor") (together, the "Parties"). This DPA governs the processing of personal data by Flamba in connection with the services provided to the Controller through the website [www.flamba.co.il] (the "Site").

1. Definitions

  • Controller: The entity that determines the purposes and means of processing personal data.

  • Processor: The entity that processes personal data on behalf of the Controller.

  • Personal Data: Any information relating to an identified or identifiable natural person.

  • Processing: Any operation or set of operations performed on personal data, such as collection, storage, use, or deletion.

2. Purpose of the Agreement

The purpose of this DPA is to outline the responsibilities of both the Controller and Processor concerning the processing of personal data in accordance with applicable data protection laws, including but not limited to the GDPR and Israeli privacy laws.

3. Scope and Processing of Personal Data

The Processor shall process personal data only as necessary to provide services outlined in the [Master Service Agreement / Terms of Service]. The processing activities include, but are not limited to:

  • Collection, storage, and organization of personal data related to users of the Site.

  • Providing access to the Controller to manage user data.

  • Processing data related to user interactions on the Site (e.g., registration, communication, etc.).

4. Obligations of the Controller

The Controller agrees to:

  • Provide clear instructions regarding the processing of personal data.

  • Ensure that all personal data is collected in compliance with applicable data protection laws.

  • Maintain accurate records of data subjects’ consent where applicable.

5. Obligations of the Processor

The Processor agrees to:

  • Process personal data only under the documented instructions of the Controller unless required by law.

  • Implement appropriate technical and organizational measures to protect personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage.

  • Assist the Controller in complying with data protection obligations, including data subject rights, data breaches, and impact assessments.

6. Data Transfers

The Processor will not transfer personal data outside of the European Economic Area (EEA) or Israel without the prior written consent of the Controller, unless required by law.

7. Subprocessors

The Processor may engage subprocessors to assist in the provision of the services. The Processor shall enter into a written agreement with any subprocessors that imposes the same data protection obligations as set out in this DPA.

8. Data Subject Rights

The Processor will assist the Controller in responding to any requests from data subjects to exercise their rights under applicable data protection laws, including access, correction, deletion, and objection rights.

9. Data Retention

The Processor will retain personal data only as long as necessary to fulfill the purposes for which it was collected or as required by law.

10. Data Breaches

In the event of a personal data breach, the Processor will notify the Controller without undue delay and provide all necessary information regarding the breach, including its potential impact and the measures taken to address the breach.

11. Termination

This DPA will terminate automatically upon the termination or expiration of the [Master Service Agreement / Terms of Service]. Upon termination, the Processor shall return or delete all personal data in its possession unless otherwise required by law.

12. Governing Law

This DPA is governed by the laws of the State of Israel. Any disputes arising from or in connection with this DPA shall be subject to the exclusive jurisdiction of the courts of Israel.

13. Contact Information

If you have any questions about this DPA, please contact us at via chat.

bottom of page