This Data Processing Amendment (“Amendment”) supplements and forms part of our Terms of Service and Privacy Policy. It describes how we process personal data as a data processor on behalf of our customers.
By using our services, you acknowledge that you have read and understood this Amendment and agree to be bound by its terms.
Definitions
For the purposes of this Amendment, the following terms shall have the meanings set forth below:
- “Controller” means the entity that determines the purposes and means of processing personal data
- “Processor” means the entity that processes personal data on behalf of the Controller
- “Personal Data” means any information relating to an identified or identifiable natural person
- “Processing” means any operation performed on personal data
Scope of Processing
We act as a data processor when processing personal data on behalf of our customers. The types of personal data we process include:
- Contact information (names, email addresses, phone numbers)
- Account information and user preferences
- Usage data and analytics information
- Technical data (IP addresses, device information)
Processing Purposes
We process personal data for the following purposes:
- Providing and maintaining our services
- Customer support and communication
- Service improvement and analytics
- Compliance with legal obligations
- Security and fraud prevention
Data Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:
- Encryption of data in transit and at rest
- Access controls and authentication mechanisms
- Regular security assessments and monitoring
- Employee training on data protection
- Incident response procedures
Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this Amendment, unless a longer retention period is required by law. Upon termination of services, we will delete or return personal data as requested by the data controller.
Sub-processors
We may engage third-party sub-processors to assist in providing our services. We ensure that all sub-processors are bound by appropriate data protection agreements and maintain the same level of data protection as outlined in this Amendment.
Data Subject Rights
We assist our customers in responding to data subject requests, including:
- Right of access to personal data
- Right to rectification of inaccurate data
- Right to erasure (“right to be forgotten”)
- Right to restrict processing
- Right to data portability
- Right to object to processing
International Transfers
When transferring personal data outside the European Economic Area, we ensure appropriate safeguards are in place, including standard contractual clauses or adequacy decisions by the European Commission.
Breach Notification
In the event of a personal data breach, we will notify the relevant data controller without undue delay and provide all necessary information to assist in breach notification obligations.
Contact Information
For questions about this Data Processing Amendment or our data processing practices, please contact us at:
- Email: privacy@sukrat.ai
- Address: c/o Registered Agent, Tailor Brands
- Location: Wilmington, Delaware, USA
This Amendment may be updated from time to time. We will notify you of any material changes through our website or by email.