Data Processing Agreement (DPA)

This Data Processing Agreement (“Agreement”) is entered into between:

(1) DigitalPratap, a digital marketing agency operating from India (“Processor”), and
(2) The Client (“Controller”), who uses our digital marketing and web services.

This Agreement outlines how DigitalPratap processes, stores, and protects personal data on behalf of the Client.

1. Purpose

This DPA governs all processing of personal data performed by DigitalPratap on behalf of the Client, in relation to the provision of digital marketing, analytics, and website management services.

DigitalPratap will only process personal data in accordance with the Client’s instructions and applicable laws.

2. Definitions

  • Controller: The individual or entity that determines the purpose and means of personal data processing.

  • Processor: DigitalPratap, which processes personal data on behalf of the Controller.

  • Personal Data: Any information relating to an identifiable person.

  • Processing: Any operation performed on personal data, such as collection, storage, or deletion.

  • Data Subject: The individual whose personal data is being processed.

3. Scope of Processing

DigitalPratap may process personal data to:

  • Run marketing and advertising campaigns.

  • Manage website analytics, email lists, and CRM systems.

  • Provide SEO, automation, and customer engagement services.

  • Monitor and report campaign performance.

Processing is limited to the duration of the service agreement between the Client and DigitalPratap.

4. Data Confidentiality

DigitalPratap ensures that all employees, contractors, or partners authorized to process personal data are bound by strict confidentiality obligations.
No personal data will be shared with any third party without the Client’s written consent unless required by law.

5. Data Security

DigitalPratap implements strong technical and organizational measures to protect personal data, including:

  • Secure hosting and SSL encryption.

  • Password-protected systems and restricted access.

  • Regular data backups and monitoring.

  • Protection against unauthorized access, disclosure, or loss.

6. Sub-Processors

DigitalPratap may use trusted third-party tools (e.g., hosting providers, CRM, analytics tools) to support service delivery.
All sub-processors are carefully reviewed for GDPR and data security compliance.
A list of active sub-processors is available upon request.

7. International Data Transfers

If data is transferred outside India or the European Economic Area (EEA), DigitalPratap ensures such transfers comply with legal requirements through:

  • Standard contractual clauses.

  • Adequacy decisions or equivalent safeguards.

8. Data Subject Rights

DigitalPratap assists the Client in responding to any requests from data subjects, including:

  • Access, rectification, or deletion of data.

  • Restriction or objection to processing.

  • Data portability requests.

All such requests must be directed to the Client, who remains the data controller.

9. Data Breach Notification

In case of any data breach, DigitalPratap will:

  • Notify the Client within 48 hours of becoming aware of the incident.

  • Provide all relevant details, including the nature, cause, and potential impact.

  • Take immediate steps to mitigate damage and restore data security.

10. Data Retention and Deletion

After service completion, DigitalPratap will either:

  • Return all personal data to the Client, or

  • Permanently delete it from all systems, unless legal obligations require retention.

11. Audit Rights

The Client may request information to verify compliance with this DPA.
DigitalPratap will provide reasonable documentation or certifications to demonstrate adherence to security and privacy practices.

12. Liability

DigitalPratap is not liable for any damages resulting from the Client’s misuse of data or violation of applicable laws.
Each party’s total liability shall not exceed the total amount paid for services under the main contract.

13. Duration

This Agreement remains valid for as long as DigitalPratap processes personal data on behalf of the Client.
It automatically terminates upon completion or cancellation of services.

14. Governing Law

This Agreement is governed by the laws of India.
Any disputes shall be resolved in the courts of [Cuttack, India].

15. Contact Information

For any data protection queries, please contact:

DigitalPratap
Email: yoursdigitalpratap@gmail.com
Phone: +91-7978742114
Website: https://digitalpratap.com