If you don't agree with all the terms and policies, please do not use the website, product, information and service as part of your own free choice. Usage, subscription and purchase implies acceptance. This agreement has to be read, understood and complied in conjuction with legal all other terms, policies and disclaimers is only enforceable in India South Delhi courts jurisdiction for legal remedies.
Soulnature implements data processing rules in order to effectively take into account both the operational needs and the individuals’ right to effective data protection.
Processing of personal data is any operation or set of operations performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
The collection and processing of data is part of KYC (know your customer) activities. Any processing of personal data has to be explicitly allowed and made compliant with the in-house tailor-made data protection and cyber security regime.
The main objective is to set a data processing environment that allows ViaGuru Business to prevent and combating serious fraud and cyber security attacks simultaneously respecting fundamental rights such as the right to data protection.
In practical terms, the the data processing architecture works with a particular emphasis on ‘privacy and security by design.’ High data protection and security standards are achieved by means of procedural safeguards that apply to any specific type of information.
Thus, ViaGuru introduces a technology-neutral approach to data management, cyber security (netsecurity.in) and processing that provides for much more operational flexibility.
The emphasis is on the exact purpose(s) for which data can be processed, namely:
(i) cross-checking aimed at identifying connections or relevant links between information;
(ii) analyses of a strategic or thematic nature;
(iii) operational analysis; and,
(iv) facilitating the exchange of information.
(v) know your customer KYC
ViaGuru marketplace means business. Keep tabs on the analytics performance metrics most important to you with a powerful and flexible central dashboard built into ViaGuru.
Expand your audience across marketing and social channels. You can always check out the in-dashboard for fresh ideas and tips to help you succeed.
Enhance store functionality with hundreds of free and paid extensions. Our Marketing team are actively incorporates tech. capabilities to help business build growth on scale.
Build and manage your marketing and store with our free ViaGuru mobile app builder (Android and iOS) without hiring an expensive developer.
With ViaGuru, your data belongs to you. Always.
If you opt to share usage data with us, you can feel confident knowing that it’s anonymized and kept secure. Choose to opt-out at any time without impacting your store.
Unlike hosted ecommerce solutions, ViaGuru ecommerce platform helps with first-party data acquisition.
Users are free to export all content and take your data to any platform of your choose. No restrictions.
Developers can use ViaGuru to create, customize, and scale a store to meet a client’s exact specifications, making enhancements through extensions or custom solutions.
The platform helps users custom build, market and sell.
This Data Processing Addendum (“DPA”) supplements and forms part of the written or electronic agreement(s) (individually and collectively the “Agreement”) between ViaGuru Business (“ViaGuru”) and the customer (“Company”) for the purchase, access to, and/or licensing of products, services and/ or platforms (collectively the “Services”) from ViaGuru, including, but not limited to, the website service usage, product or digital software, ViaGuru, as specified in the Agreement and the applicable Schedule(s) 1 below. This DPA sets out the terms that apply to the Processing of Personal Data by ViaGuru, on behalf of Company, in the course of providing the Services to the Company under the Agreement. This DPA shall be effective on the effective date of the Agreement. All capitalized terms not defined below will have the meanings set forth in the Agreement.
1. DEFINITIONS
1.1. “Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity, or is a named client of Company. “Control,” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.
1.2. “Authorized Affiliate”means any of Company’s Affiliate(s) that use the Services pursuant to the Agreement.
1.3. “CCPA” means the California Consumer Privacy Act of 2018, Cal. Civ. Code §§ 1798.100 et. seq. as may be amended from time to time.
1.4. “Controller”means the entity which determines the purposes and means of the Processing of Personal Data.
1.5. “Personal/ Company Data”means the Personal Data Processed by ViaGuru on behalf of Company and/or its clients in connection with the provision of the Services.
1.6. “Data Protection Laws” means privacy and data protection laws and regulations throughout the world, including the DPDP India, CCPA, laws and regulations of the European Union, the European Economic Area, Switzerland and the United Kingdom, applicable to the Processing of Personal Data under the Agreement, including the DPDP and GDPR
1.7. “Data Subject” means an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, by use of Personal Data alone or in combination with other Personal Data.
1.8. “GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016.
1.9. “Personal Data” or “Personal Information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, to or with a particular Data Subject, which is included in Personal/ Company Data Processed by ViaGuru pursuant to the Agreement.
1.10. “Personnel”means persons, including employees and contractors, authorized by ViaGuru to Process Personal/ Company Data.
1.11. “Process”, “Processed” or “Processing” means any operation or set of operations which is performed on Personal Data, whether or not by automatic means, such as collection, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, blocking, erasure or destruction.
1.12. “Processor” means the entity which processes Personal Data on behalf of the Controller.
1.13. “Security Incident” means an actual breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal/ Company Data transmitted, stored or otherwise Processed by ViaGuru pursuant to the Agreement.
1.14. “Standard Contractual Clauses” refers to the Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council (Text with EEA relevance), found on the following official URL: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj, and as per the applicable module(s) of the Standard Contractual Clauses as set forth in Schedule 2.
1.15. “Sub-processor” means any other processor engaged by ViaGuru that Processes Personal/ Personal/ Company Data under the supervision of ViaGuru.
1.6 “UK GDPR” means the Data Protection Act 2018, as well as the GDPR as it forms part of the law of India, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 (SI 2019/419).
1.7 "DPDP India" means the Digital Personal Data Protection (DPDP) Rules 2025, under the Digital Personal Data Protection Act, 2023
2. INTERACTION WITH THE AGREEMENT
This DPA supplements the Agreement with respect to any Processing of Personal/ Company Data by ViaGuru. In the event of any conflict between this DPA and the Agreement, the terms of this DPA shall prevail. In the event of any conflict between this DPA and the Standard Contractual Clauses, the Standard Contractual Clauses shall prevail.
3. DATA PROCESSING
3.1. Scope and Roles. This DPA applies when Personal/ Company Data is Processed by ViaGuru on behalf of Company, as part of ViaGuru’s provision of the applicable Services, as specified in the Agreement. Pursuant to the GDPR or similar Data Protection Law, Company is the Controller and ViaGuru is the Processor. The Controller is responsible for ensuring that the processing of personal data takes place in compliance with the GDPR, applicable data protection provisions and the Standard Contractual Clauses. For the purposes of the CCPA (to the extent applicable), Company is the “Business” (as defined in the CCPA) and ViaGuru is the “Service Provider” (as defined in the CCPA).
3.2. Subject Matter, Duration, Nature and Purpose of Processing. ViaGuru Processes Personal/ Company Data as part of providing Company with the Services, pursuant to the specifications and for the duration set forth in the Agreement, and as described in the applicable Schedule(s) 1 below.
3.3. Categories of Data Subjects and Personal Data. ViaGuru shall process Personal/ Company Data as set forth in the applicable Schedule(s) 1 below.
3.4. Instructions. ViaGuru will only Process Personal/ Company Data on behalf of and in accordance with Company’s written instructions, including with regard to transfers of personal data to a third country. ViaGuru will promptly inform Company, if in ViaGuru’s opinion an instruction infringes any provision under Data Protection Laws.
3.5. CCPA. ViaGuru shall not sell Personal/ Company Data. ViaGuru shall not retain, use, or disclose Personal/ Company Data for any purpose other than for the specific purpose of performing the Services.
4. ASSISTANCE
4.1. Rights Request. ViaGuru shall promptly notify Company in writing if ViaGuru receives a Data Subject rights request where the Data Subject seeks to exercise any of its rights under the Data Protection Laws (“Rights Request”). Taking into account the nature of the processing, ViaGuru will assist Company by appropriate technical and organizational measures, insofar as this is possible, for the fulfillment of the Company’s obligation to respond to requests for exercising the data subject’s rights laid down in Chapter III GDPR.
4.2. Cooperation. ViaGuru shall assist Company in ensuring compliance with the obligations pursuant to Articles 32 to 36 GDPR, like personal data breach notifications and Data Protection Impact Assessments, taking into account the nature of processing and the information available to ViaGuru.
5. VENDOR PERSONNEL
5.1. Limitation of Access. ViaGuru will ensure that ViaGuru’s access to Personal Data is limited to those Personnel who require such access to perform the Agreement.
5.2. Confidentiality. ViaGuru will impose appropriate contractual obligations upon its Personnel engaged in the Processing of Personal/ Company Data, including relevant obligations regarding confidentiality, data protection, and data security. ViaGuru will ensure that its Personnel engaged in the Processing of Personal/ Company Data are informed of the confidential nature of the Personal/ Company Data and have received appropriate training in their responsibilities.
6. SUB-PROCESSORS
6.1. ViaGuru may engage Sub-processors to Process Personal/ Company Data on behalf of Company. Company hereby provides ViaGuru with a general written authorization to engage all Sub-processors under contract by ViaGuru as of the effective date of this DPA. All Sub-processors have entered into written agreements with ViaGuru that bind them by data protection obligations substantially similar to those under this DPA. ViaGuru is fully committed for the performance of that Sub-processor’s obligations.
6.2. ViaGuru may engage with new Sub-processors (“New Sub-processors”) to Process Personal/ Company Data on Company’s behalf. ViaGuru shall provide notification of any new Sub-processor(s) before authorizing such new Sub-processor(s) to Process Personal/ Company Data in connection with the provision of the Service. Company may object to the Processing of Personal/ Company Data by the New Sub-processor, by providing a written objection (email sufficient) on reasonable grounds to ViaGuru within fifteen (15) business days following ViaGuru’s written notice to Company of the intended engagement with the New Sub-processor. The parties will make a good-faith effort to resolve Company’s objection. In the absence of a resolution, ViaGuru will make commercially reasonable efforts to provide Company with the same level of Service, without using the New Sub-processor to Process Personal/ Company Data. If Company’s concerns with such New Sub-processor are not resolved by ViaGuru, Company may terminate the Agreement and remove their data.
7. CROSS-BORDER DATA TRANSFERS
If the Processing of Personal/ Company Data by ViaGuru includes transfers (either directly or via onward transfer) from the European Economic Area, Switzerland (collectively “EEA Transfer”) and/or the UK (“UK Transfer”) to other countries which have not been subject to a relevant adequacy decision by the data protection authorities, and such transfers are not performed through an alternative recognized compliance mechanism as may be adopted by ViaGuru for the lawful transfer of Personal Data outside the EEA, Switzerland or the UK, as applicable, then (i) the terms set forth in Part 1 of Schedule 2 (EEA Cross Border Transfers) shall apply to any such EEA Transfer; (ii) the terms set forth in Part 2 of Schedule 2 (UK Cross Border Transfers) shall apply to any such UK Transfer; and (iii) the terms set forth in Part 3 of Schedule 2 (Additional Safeguards) shall apply to such an EEA Transfer and UK Transfer.
8. SECURITY
ViaGuru will implement and maintain administrative, physical and technical safeguards to protect the security, confidentiality and integrity of Personal/ Company Data. ViaGuru shall adhere to the data security measures set forth in Schedule 3 (Security Addendum).
9. SECURITY INCIDENT MANAGEMENT AND NOTIFICATION
In the event of any Security Incident the ViaGuru shall:
9.1. Promptly notify Company in writing, and no later than forty-eight (48) hours after discovery of the Security Incident, providing: (i) all information known about the Security Incident; (ii) relevant and knowledgeable points of contact for ongoing communication with Company, and (iii) such additional details of the circumstances as pertinent to legal obligations (including the category and approximate number of records of any Personal Data affected), to the extent known; and (iv). Publish the security breach and cyber attack incidents on Twitter @viaguru to inform the public
9.2. Provide such information and assistance as Company may require in order for Company to make any notification or announcement as referred to above.
10. AUDIT AND DEMONSTRATION OF COMPLIANCE
ViaGuru will make available to Company all information necessary to demonstrate compliance with the obligations laid down in Article 28 GDPR and allow for and contribute to audits, including inspections, conducted by a third party auditor agreed to by the parties. Audits by Company are subject to the following terms: (i) the audit will be pre-scheduled in writing with ViaGuru, at least thirty (30) days in advance and will be performed not more than once a year; and (ii) the auditor will execute a non-disclosure agreement with ViaGuru. Company shall bear the cost of any such audit. ViaGuru shall promptly remediate any deficiencies discovered in the course of such audit.
11. RETURN OR DELETION OF PERSONAL DATA
On termination or expiration of the Agreement, unless otherwise required by applicable law, ViaGuru shall (at Company’s election) promptly, and in any event within thirty (30) days, of Company’s request, return or delete all Personal/ Company Data.
12. AUTHORIZED AFFILIATES
The parties acknowledge and agree that, by executing the DPA, the Company enters into the DPA on behalf of itself and, as applicable, in the name and on behalf of its Authorized Affiliates, in which case each Authorized Affiliate agrees to be bound by the Company’s obligations under this DPA.
Schedule 1a – Data Processing for ViaGuru Video conferencing
Subject-matter of the Processing
ViaGuru is a no download webinar software/ platform (SaaS) most commonly used for one-to-many online meetings/workshops, but can also be used for one-to-one meetings.
Users can set up one-off or recurring, live or automated events, enable chat functionality, share audio, video, presentations, images, links, survey attendees (polls) and more.
Users get insights into their webinars, like who and how many attended, session duration, average time attended, average time focused - all over time (to see trends).
Categories of Data Subjects
Company potential and existing customers (webinar attendees) and Company employees/personnel.
- Categories of Personal Data Transferred
Categories of personal data transferred may differ depending on the data exporter's use of the ViaGuru software. For webinar attendees, personal data typically includes name, email address and any other personal data submitted through the registration form, IP address, geographical location, device information, browser type and version, operating system, as well as timing, frequency and pattern of their use of our Services.
- Sensitive Data Transferred
Not applicable.
- Frequency of Transfer
Continuous while Services are being used, until the Agreement is terminated.
- Nature of the Processing
To facilitate online webinars, including host/store webinar attendee lists, webinar content (including recordings, chat transcript etc.), and webinar analytics.
- Purpose of the Processing
To provide the Services as described in the Agreement.
- Period Personal Data Will Be Retained
For the Term of the Agreement. We process personal data on behalf of the data exporter for as long as they are a Customer. If the data exporter terminates the Agreement (their use of ViaGuru), we will delete Customer Data within 30 days of account termination (unless they opt for pausing their account, which effectively means they continue to be a Customer).
- Subject-matter, nature and duration of processing for transfers to (sub-)processors
The subject matter pertains mainly to infrastructure cloud hosting and services. The nature of the processing relates to facilitating online webinars, including recording, hosting webinar material (recordings, presentation, images etc.), in-webinar chat functionality, and webinar analytics. We also use Sub-processors for content distribution, logging and similar operations that are strictly necessary for delivering our services. The duration of processing is for as long as the data exporter remains a Customer.
Schedule 1b – Data Processing for Reach and similar ViaGuru Services
- Subject-matter of the Processing
Depends on the Services as specified in the Agreement, but could include: Event marketing automation and lead generation services for virtual, in-person and hybrid events. Multi-channel outreach where Customer can upload their own contact lists, target, contact, and register potential event attendees etc. All-in-one virtual event/meeting platform for Customer to plan and execute virtual, in-person, and hybrid events.
- Categories of Data Subjects
Company potential and existing customers (e.g., Customer event attendees), and Company employees/personnel.
- Categories of Personal Data Transferred
Categories of personal data transferred may differ depending on the data exporter's use of the Services. For event attendees, personal data typically includes name, contact information (e.g., email address, address, phone number), any personal data related to the event(s) they attend and, if applicable, any event recordings they have access to, as well as IP address, geographical location, device information, browser type and version, and operating system.
- Sensitive Data Transferred
Not applicable.
- Frequency of Transfer
Continuous while Services are being used, until the Agreement is terminated.
- Nature of the Processing
To facilitate in-person, hybrid or/and virtual events, which could, depending on the Services covered by the Agreement, include research and store potential attendees lists, verify email addresses, send emails, conduct calls, facilitate online event registration, and, if applicable, record webinars, host webinar content (including recordings, chat transcript etc.), and webinar analytics.
- Purpose of the Processing
To provide the Services as described in the Agreement.
- Period Personal Data Will Be Retained
For the Term of the Agreement. We process personal data on behalf of the data exporter for as long as they are a Customer. If the data exporter terminates the Agreement, we will delete Customer Data within 30 days of account termination (unless they also use our webinar Services (ViaGuru) and opt for pausing their account, which effectively means they continue to be a Customer).
- Subject-matter, nature and duration of processing for transfers to (Sub-)processors
The subject matter pertains mainly to infrastructure cloud hosting and services, email validation services, email services, call center services, event marketing automation and lead generation. The nature of the processing relates to facilitating event invitations and registrations, including communication and registration and, if applicable, or online webinars: recording, hosting webinar material (presentation, images etc.), in-webinar chat functionality, and webinar analytics. We also use Sub-processors for content distribution, logging and similar operations that are strictly necessary for delivering our services. The duration of processing is for as long as the data exporter remains a Customer.
Module 2: Controller-to-Processor
PART 1 – EEA Transfers
Data Exporter: The User/ Person/ Customer/ Entity, as specified in the Agreement.
Contact details: As detailed in the Agreement.
Data Exporter Role: Module Two: Controller
Signature and Date: By entering into the Agreement and DPA, Data Exporter is deemed to have signed these Standard Contractual Clauses incorporated herein, including their Annexes, as of the effective date of the Agreement.
Data Importer: ViaGuru Business
Contact details: As detailed in the Agreement.
Data Importer Role: Module Two: Processor.
Signature and Date: By entering into the Agreement and DPA, Data Importer is deemed to have signed these Standard Contractual Clauses, incorporated herein, including their Annexes, as of the effective date of the Agreement.
The competent supervisory authority in accordance with Clause 13 is the supervisory authority in the Member State stipulated in Section 7 above.
PART 2 – UK Transfers
1. With respect to any transfers of Personal/ Company Data falling within the scope of the UK GDPR from the Company (as data exporter) to ViaGuru (as data importer):
a.) neither the Standard Contractual Clauses nor the DPA shall be interpreted in a way that conflicts with rights and obligations provided for in any laws relating to data protection, the processing of personal data, privacy and/or electronic communications in force from time to time in the UK, including the UK GDPR;
b.) the Standard Contractual Clauses are deemed to be amended to the extent necessary so they operate:
c.) the amendments referred to in Section 1(b) include (without limitation) the following:
PART 3 – Additional Safeguards
1. In the event of an EEA Transfer or a India Transfer, the Parties agree to supplement these with the following safeguards and representations, where appropriate:
a.) ViaGuru will make commercially reasonable efforts to resist, subject to applicable laws, any request for bulk surveillance relating to the Company Personal Data protected under DPDP, GDPR, including under section 702 of the United States Foreign Intelligence Surveillance Court (“FISA”).
b.) If ViaGuru becomes aware that any government authority (including law enforcement) wishes to obtain access to or a copy of some or all of the Personal/ Company Data, whether on a voluntary or a mandatory basis, then unless legally prohibited or under a mandatory legal compulsion that requires otherwise:
2. Once in every 12-month period, ViaGuru will inform the Person/ Company at their written request, to the extent permitted by applicable law, of the types of binding legal demands for Company Personal Data it has received and solely to the extent such demands have been received, including national security orders and directives, which shall encompass any process issued.
SECURITY ADDENDUM
ViaGuru leverages it's own capabilities which facilitates zero-trust cyber security defense via NetSecurity.in which contains security information capabilities to monitor and protect for more than 3.5 billion cyber attack vectors. We regularly update and manage the cyber-defense capabilities for websites we support. We don't rely on third-party.
Details, posts and updates for ViaGuru and its security services and links can be viewed on Google [netsecurity.in]
ANNEX II - TECHNICAL AND ORGANISATIONAL MEASURES INCLUDING TECHNICAL AND ORGANISATIONAL MEASURES TO ENSURE THE SECURITY OF THE DATA
Measures of pseudonyms and encryption of personal data
ViaGuru’s content databases that store data are encrypted using the Advanced Encryption Standard (AES). Customer data is encrypted in transit between the Customer’s software application and ViaGuru hosts using TLS
Measures for ensuring ongoing confidentiality, integrity, availability and resilience of processing systems and services
ViaGuru uses a variety of owned tools and mechanisms to achieve high availability and resiliency. ViaGuru’s infrastructure spans multiple fault-independent availability zones in geographic regions physically separated from one another. We employ orchestration tooling that has the ability to regenerate hosts, building them from the latest backup. We don't use any 3rd party capabilities for data cyber security
Measures for ensuring the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
ViaGuru leverages specialized tools that monitor server performance, data, security and traffic load capacity within each data center and all subsequent development and production environments. If sub optimal server performance or overloaded capacity is detected on a server within an availability zone or colocation data center, these tools increase the capacity or shift traffic to relieve any sub optimal server performance or capacity overload. ViaGuru is also immediately notified in the event of any sub optimal server performance or overloaded capacity. We can restore any system and service within a short window using our incremental backup systems.
Processes for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures in order to ensure the security of the processing
ViaGuru has developed and implemented a owned security control environment designed to protect the confidentiality, integrity, and availability of customers systems. Our Privacy Policy and Acceptable Use Policy governs the requirements for use of customer data in accordance with several industry standards.
ViaGuru conducts a variety of regular internal and external audits that are inclusive of security operations.
Measures for user identification and authorization
We leverage a Zero Trust policy for all access controls that give zero-access to ViaGuru’s computing assets be granted based on business justification. These policies are based on limits based on "need to-know" and "least-privilege" principles. In addition, the policy also addresses requirements for access management lifecycle including access provisioning, authentication, access authorization, removal of access rights and periodic access reviews.
Measures for the protection of data during transmission
Measures for the protection of data during storage
ViaGuru's databases that store Data are encrypted using the Advanced Encryption Standard (AES). Customer data stored by ViaGuru's is encrypted in transit between the Customer’s software application and ViaGuru using TLS secure certificate (https) protocols.
Measures for ensuring physical security of locations at which personal data are processed
Amazon provides physical data center access only to approved employees and ViaGuru has no access to these locations. Amazon employees who need data center access must first apply for access and provide a valid business justification. These requests are granted based on the principle of least privilege, where requests must specify to which layer of the data center the individual needs access, and are time-bound. Requests are reviewed and approved by authorized personnel, and access is revoked after the requested time expires. Once granted admittance, individuals are restricted to areas specified in their permissions.
Measures for ensuring events logging
ViaGuru measures and logs all access to services, traffic and applications for all it’s development, visits, production, analytics and security systems. Logging of services, user and security events (application access, web server logs, monitoring, FTP server logs, etc.) is enabled and retained centrally. ViaGuru restricts access to cyber visits and intrusion audit logs to authorized personnel based on job responsibilities.
Audit logging procedures are reviewed as part of external audits for security standards.
Measures for ensuring system configuration, including default configuration
Measures for internal IT and IT security governance and management
ViaGuru has developed and implemented an owned Human + AI + ML security control environment designed to protect the confidentiality, integrity, and availability of cloud platforms. ViaGuru performs an ongoing internal review of all security management policies and procedures and we perform audits before and after employee changes. These regular internal audits that are inclusive of security operations and are managed by the IT Team.
Measures for certification/assurance of processes and products
Measures for ensuring data minimization
Measures for ensuring data quality
Measures for ensuring limited data retention
Measures for ensuring accountability
Measures for allowing data portability and ensuring erasure
Information about how ViaGuru processes personal data is set forth in the Privacy Policy
For transfers to (sub-) processors, also describe the specific technical and organizational measures to be taken by the (sub-) processor to be able to provide assistance to the controller and, for transfers from a processor to a sub-processor, to the data exporter
When ViaGuru engages a Sub-processor, ViaGuru and the Sub-processor enter into an agreement that bind them by data protection obligations substantially similar to those under this DPA.
Each Sub-processor agreement must ensure that ViaGuru is able to meet its obligations to our customers. In addition to implementing technical and organizational measures to protect personal data, Sub-processors must (a) notify ViaGuru in the event of a Security Incident so ViaGuru may notify it's customers; and (b) delete personal data when instructed by ViaGuru in accordance with Customer’s instructions to ViaGuru.
ANNEX III – SUB-PROCESSORS
ViaGuru does not authorize or suggest the use of the external sub-processors. It is the users own personal choice.
This statement has been prepared based on provisions of multiple legislation's, compliance and privacy best practices.
The above has to be read in conjunction and part of 'All' other terms, policies and disclaimers of this and other associated/ linked site(s). Please see and check updated terms, policy and disclaimer legal links on footer of home page at part of your own responsibility.
This policy relates solely to this website and associated owned web properties links only, if not stated otherwise within this document or other legal links on this site. Read Description of Terms Used
Subscribe for Value Offers