Umwelt.AI

    Data Processing Agreement

    Version 1.0 - October 2024

    This Data Processing Agreement ("DPA") forms part of the Master Services Agreement between Umwelt Peopletech Solutions Private Limited ("Umwelt") and the customer ("Controller") for the provision of employee engagement services.

    Download Complete DPA Document

    For the complete Data Processing Agreement including all schedules and annexures, please download the official PDF document.

    Download DPA (PDF)View in Browser

    Summary

    This DPA sets out the terms and conditions under which Umwelt will process personal data on behalf of the Controller in connection with the Services provided under the Master Services Agreement.

    Key Terms

    1. Definitions

    • "Personal Data" means any information relating to an identified or identifiable natural person.
    • "Processing" means any operation performed on Personal Data, such as collection, recording, organization, storage, adaptation, retrieval, use, disclosure, or erasure.
    • "Sub-processor" means any third party engaged by Umwelt to process Personal Data on behalf of the Controller.
    • "Data Subject" means the individual to whom the Personal Data relates.

    2. Scope of Processing

    Umwelt will process Personal Data only for the purpose of providing the Services as described in the Master Services Agreement and in accordance with the Controller's documented instructions.

    3. Data Security

    Umwelt implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

    • Encryption of Personal Data at rest and in transit
    • Regular security assessments and penetration testing
    • Access controls and authentication mechanisms
    • Employee training on data protection
    • Incident response procedures

    4. Sub-processors

    Umwelt may engage Sub-processors to assist in providing the Services. Umwelt will ensure that Sub-processors are bound by data protection obligations substantially similar to those set out in this DPA.

    5. Data Subject Rights

    Umwelt will assist the Controller in responding to requests from Data Subjects exercising their rights under applicable data protection laws, including rights of access, rectification, erasure, restriction, portability, and objection.

    6. Data Breach Notification

    Umwelt will notify the Controller without undue delay upon becoming aware of a Personal Data breach and will provide reasonable assistance in the investigation and remediation of any such breach.

    7. Data Retention and Deletion

    Upon termination of the Services or upon the Controller's request, Umwelt will delete or return all Personal Data to the Controller, unless retention is required by applicable law.

    8. International Data Transfers

    If Personal Data is transferred outside of the European Economic Area, Umwelt will ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

    GDPR Compliance

    Umwelt is committed to compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. Our DPA is designed to meet the requirements of Article 28 of the GDPR regarding processors.

    Contact Information

    For questions regarding this DPA or data protection matters, please contact:

    Data Protection Contact:
    Email: himanshu.s@umwelt.ai

    Umwelt Peopletech Solutions Private Limited
    SCF-09, Floor-5, Faridabad Crown Plaza
    Faridabad, Haryana 121001
    India