Messagebird Data Processing Agreement

We use Amazon Web Services (AWS) to host the application servers needed to run SpinOffice CRM. All customer databases, email messages and files are stored and managed securely in AWS. The data centres we use are located in the EU and our network is a private network that no one else has access to. Our virtual private network spans two AWS data centers in an area of availability. This allows us to host our servers in two separate data centers. If there is a problem in a data center, the other will take over and users will be able to continue working. Zendesk Host (Store) Parent Hub Support Support Request Data on our behalf. The client has the right to conduct an audit of MMDSmart to determine the extent to which MMDSmart complies with the provisions of that authority. This review is carried out by an independent third party and, on a date jointly set by the two parties, takes place within two months of a first written request. The external auditor must sign an NDA, including the obligation not to disclose activity-sensitive data in the audit report, for example. B the names of MMDSmart counterparties. The audit is carried out during normal working days and normal working hours and without interruption of MMDSmart`s activity.

The client may not perform more than one examination every two years. MMDSmart provides the statutory auditor with access to facilities, personnel, policies and documents reasonably necessary for review, at the prior written and detailed request of the statutory auditor; provided that institutions, staff, directives and documents are or must be placed under the control of MMDSmart, MMDSmart is not limited by law in providing such access. The client bears audit costs, including the appointment and remuneration of the legal auditor and MMDSmart fees that are performed to facilitate the legal auditor. Removing the reporting requirementA processing officer will be pleased to learn that, in many cases, the obligation to notify a data protection authority or obtain authorization is removed. This decision is made to save money and time. Instead of notification, the new directive requires processing managers to develop appropriate procedures for large-scale processing in the form of new technologies. As a global cloud-based company, our use of the Internet almost always involves the international transfer of personal data within and outside the EEA. When, as a processor, an SMS and related personal data are transferred to a country outside the EEA, this is always determined by our client`s use in his or her role as manager. Once you transmit data, either by entering the services or by importing it from a third-party source, that data will be stored in our Microsoft-hosted database. When you register on our site, we ask for certain personal information such as your email address, your company, your name and the content of your requests.