Data Processing Agreement

Subject and Duration

The Processor will process the Controller's personal information for as long as the Controller uses the Processor's services or until the termination of the Privacy Policy. If services are discontinued or terminated, the Processor agrees to return or delete the personal data, subject to any legal requirements.

Nature and Purpose

The Processor will process personal data to provide services, including but not limited to:

• AI-driven content generation.
• Text translation, question-solving, and article writing.
• User-related functionalities such as user registration, membership handling, subscription management, and interaction with AI tools.

Type and Data Subject Categories

Personal Data: The data may include personal identifiers (e.g., name, email address), user account credentials, transaction data, and usage data (such as browsing history and interaction logs).

Data Subjects: The data subjects are the users of the Processor's services, who have voluntarily provided their data to create and manage their user accounts and use the services.

Act in accordance with the Controller's instructions

The Processor will only process personal data as per the Controller's explicit written instructions and for the agreed purposes.

Ensure confidentiality

The Processor will maintain strict confidentiality by ensuring that all individuals authorized to process personal data have signed confidentiality agreements, and that personal data is not disclosed to unauthorized persons or entities.

Implement technical and organizational security measures

The Processor will adopt adequate technical and organizational measures to ensure a level of security appropriate to the risk associated with processing the personal data.

Engage sub-processors only with consent

The Processor will not engage any sub-processor without the prior written consent of the Controller. Any sub-processors shall be bound by similar data processing obligations under GDPR.

Assist the Controller in fulfilling data subject rights

The Processor will assist the Controller in responding to data subject requests related to access, correction, deletion, and portability of personal data.

Help with GDPR compliance

The Processor will help the Controller with their obligations under the GDPR, including assisting with security, breach notifications, and data protection impact assessments (DPIAs).

Return or delete personal data upon termination

Upon the termination of the services, the Processor agrees to return all personal data or delete it, as instructed by the Controller, unless the Processor is required by law to retain such data.

Audit Rights and Documentation

The Processor will provide the Controller with all necessary documentation, allowing for audits or inspections to verify compliance with GDPR. If requested, the Processor will cooperate with audits conducted by the Controller or an external auditor designated by the Controller to ensure that the terms of the DPA are being met.

Breach Notification

If the Processor believes any instruction from the Controller may breach the GDPR, they will promptly inform the Controller of their concerns.

Governing Law and Jurisdiction

This DPA is made part of the Privacy Policy by reference and shall be governed by the same laws and jurisdiction as the Privacy Policy.