Data Processing Agreement
Last updated: 10/22/2025
Introduction
This Data Processing Agreement ("DPA") forms part of the service agreement between DeoForge and the client ("Controller") and governs the processing of personal data by DeoForge ("Processor") on behalf of the Controller.
Scope and Applicability
This DPA applies to all personal data processed by DeoForge in connection with the provision of staff augmentation services, including but not limited to:
- Employee and contractor information
- Client contact and business information
- Technical and usage data
Data Processing Obligations
DeoForge shall:
- Process personal data only on documented instructions from the Controller
- Ensure that persons authorized to process personal data are bound by confidentiality
- Implement appropriate technical and organizational measures to ensure data security
- Assist the Controller in responding to data subject requests
- Delete or return all personal data upon termination of services
Security Measures
DeoForge implements industry-standard security measures including encryption, access controls, regular security assessments, and employee training to protect personal data against unauthorized access, loss, or disclosure.
Sub-processors
DeoForge may engage sub-processors to assist in providing services. The Controller authorizes the engagement of sub-processors, provided that DeoForge ensures they are bound by data protection obligations equivalent to those in this DPA.
Data Breach Notification
DeoForge shall notify the Controller without undue delay upon becoming aware of any personal data breach, providing sufficient information to allow the Controller to meet any obligations to report or inform data subjects of the breach.
Contact
For questions about this Data Processing Agreement, contact us at hello@deoforge.com.