Data Processing Terms

These data processing terms (the Terms) set out how we, Logit.io Limited (Logit.io, we or us) process Your Personal Data which you (the Customer or you) supply to us in connection with your use of The Logit.io Platform (the Software).

The Terms also set out your obligations to us in respect of Your Data which you provide to us.

These Terms apply for the duration of the contract between us and you (the Contract) in respect of your use of the Software.

In these Terms, the phrases controller, processor, data subject, personal data, processing and appropriate technical and organisational measures have the meanings given to them in the Data Protection Legislation. In addition, the following definitions apply:

Data Processing

1. Logit.io and the Customer both agree that they shall, for the duration of the Contract, comply with their respective obligations under the DP Laws.
2. Without prejudice to the generality of paragraph 1.1, you will ensure that you have all necessary appropriate consents and notices in place to enable the lawful transfer of Your Personal Data to us for the duration and purpose of the Contract.
3. We each hereby record our intention that, in respect of Your Personal Data supplied in connection with the Contract, you will be the controller and we will be the processor.
4. You are solely responsible for and warrant the accuracy and completeness of Your Data.
5. We will, in relation to Your Personal Data which is processed in connection with the Contract:
   1. Only process Your Personal Data for the purpose set out in the Appendix and not for any other purpose, unless we are acting on your written instructions or we are otherwise required to do so by Applicable Law, in which case we will inform you of such Applicable Law before processing (unless that Applicable Law prohibits such information on important grounds of public interest);
   2. Ensure that we have in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, Your Personal Data (appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected);
   3. Take all measures required relating to data security, which may include pseudonymising and encrypting Your Personal Data, utilising back-up facilities and regularly evaluating our technical and organisational measures;
   4. Ensure that all personnel who have access to and/or process Your Personal Data are obliged to keep the same confidential;
   5. Not transfer any of Your Personal Data outside of the European Economic Area without your prior written consent and compliance with the relevant requirements of GDPR in relation to such transfers;
   6. Assist you (at your cost) in responding to any request from a data subject and in ensuring compliance with your obligations under the DP Laws concerning security, breach notifications, impact assessments and consultations;
   7. Notify you without undue delay on becoming aware of a personal data breach;
   8. At your written direction, delete or return Your Personal Data to you (unless we are required by Applicable Law to store Your Personal Data); and
   9. Maintain complete and accurate records and information to demonstrate compliance with this paragraph 1.5 and the DP Laws and make such information available to you and allow for and contribute to audits, including inspections, conducted by you or another auditor mandated by you.
6. Agree that we may appoint suitably qualified sub-contractors to process Your Personal Data without your prior written consent, provided we impose contractual terms on the sub-contractor which are no less onerous than these Terms.
7. General description of the scope, nature and purpose of processing by you, the duration of the processing and the types of personal data is set out in the Appendix.