Login

Data Processing Addendum

  • Home
  • Data Processing Addendum

Data Processing Addendum

8.1 Purpose

This Data Processing Addendum applies where Efiko.pro processes personal data on behalf of a user, business, professional, customer, or tenant in connection with the platform.

8.2 Roles of the Parties

Depending on the context:

  1. The user may act as a controller of visitor, customer, appointment, or profile data.
  2. Efiko.pro may act as a processor when processing such data on the user’s behalf.
  3. Efiko.pro may act as an independent controller for account, billing, security, compliance, and platform administration data.

For GDPR-covered processing, Article 28 requires processor arrangements to be governed by a contract or other legal act setting out matters such as subject matter, duration, purpose, data types, categories of data subjects, and obligations of the controller.

8.3 Subject Matter of Processing

Processing relates to the provision of Efiko.pro services, including professional profiles, tenant websites, CVs, vCards, QR codes, bookings, customer panels, analytics, domains, and dashboards.

8.4 Duration of Processing

Processing continues for the duration of the user’s account, subscription, or service relationship, and for any required retention period after termination.

8.5 Nature and Purpose of Processing

Efiko.pro may collect, store, host, transmit, display, secure, analyse, back up, delete, or otherwise process data to provide the platform.

8.6 Categories of Data Subjects

Data subjects may include:

  1. Users.
  2. Visitors.
  3. Customers.
  4. Appointment requesters.
  5. Subscribers.
  6. Support contacts.
  7. Professional referees.
  8. Credential subjects.
  9. Billing contacts.

8.7 Types of Personal Data

Personal data may include:

  1. Names.
  2. Email addresses.
  3. Phone numbers.
  4. Profile photos.
  5. Biographies.
  6. Professional history.
  7. Credentials.
  8. CV details.
  9. Booking information.
  10. Customer records.
  11. IP addresses.
  12. Technical logs.
  13. Payment-related records.
  14. Communication records.

8.8 Efiko.pro Obligations

Efiko.pro will:

  1. Process personal data only for platform purposes or documented instructions.
  2. Apply reasonable security measures.
  3. Limit access to authorised personnel.
  4. Assist with data subject requests where reasonably possible.
  5. Notify users of relevant data incidents where required.
  6. Use subprocessors where necessary to deliver the platform.
  7. Maintain reasonable confidentiality obligations.
  8. Delete, return, or anonymise data where required and technically feasible.

8.9 User Obligations

Users must:

  1. Have lawful grounds to collect and process visitor/customer data.
  2. Provide appropriate privacy notices.
  3. Obtain consent where required.
  4. Avoid uploading unlawful or excessive personal data.
  5. Keep account access secure.
  6. Respond to visitor/customer privacy requests where applicable.
  7. Comply with relevant privacy and data protection laws.

8.10 Subprocessors

Efiko.pro may use subprocessors such as hosting providers, email providers, payment processors, analytics services, security tools, support platforms, and plugin providers.

8.11 Security

Efiko.pro will maintain reasonable technical and organisational measures appropriate to the platform’s nature, risk, and scale.


Your experience on this site will be improved by allowing cookies.