Data Processing Agreement

Parties

This Data Processing Agreement (DPA) is entered into between:

• Data Controller: The business using Tyjera's services
• Data Processor: Tyjera App

Subject Matter

This DPA governs the processing of personal data by Tyjera on behalf of the data controller in connection with the provision of business management services.

Data Processor Obligations

• Process personal data only in accordance with documented instructions from the data controller
• Ensure that persons authorized to process personal data are bound by confidentiality obligations
• Implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk
• Assist the data controller in fulfilling their obligations under applicable data protection laws
• Notify the data controller without undue delay after becoming aware of a personal data breach

Security Measures

We implement the following security measures to protect personal data:

• Encryption of data in transit and at rest using industry-standard protocols
• Regular automated backups with secure storage and recovery procedures
• Role-based access controls and multi-factor authentication
• Regular security testing and vulnerability assessments

Subprocessors

We may engage subprocessors to assist in providing our services. All subprocessors are bound by the same data protection obligations as set out in this DPA.

Audit Rights

The data controller has the right to audit our compliance with this DPA, subject to reasonable notice and confidentiality obligations.

Liability

Each party's liability under this DPA is limited to direct damages and excludes indirect, consequential, or punitive damages, except where required by applicable law.