Data Processing Agreement

Latynex Trade OÜ · Estonia, European Union
Effective date: 1 June 2025 · Last updated: 1 June 2025
In accordance with GDPR Article 28
Contact: info@latynextrade.com
Note: This Data Processing Agreement ("DPA") applies when Latynex Trade OÜ processes personal data on behalf of a client (acting as data controller) in the course of providing AI services, website services, or automation systems. For a project-specific, signed DPA, please contact us at info@latynextrade.com.

1. Definitions

In this Agreement:

2. Subject Matter and Duration

This DPA governs the processing of personal data by Latynex (as Processor) on behalf of the client (as Controller) in connection with the provision of Services. The duration of processing corresponds to the term of the applicable service agreement, unless otherwise agreed.

3. Nature and Purpose of Processing

The nature and purpose of processing is to provide AI-powered website and automation services, including:

4. Types of Personal Data Processed

Depending on the services provided, processing may involve the following categories of personal data:

We do not process special categories of personal data (as defined in GDPR Article 9) unless explicitly agreed in writing.

5. Obligations of the Processor (Latynex)

As Processor, Latynex agrees to:

6. Sub-processors

Latynex uses the following categories of sub-processors in the delivery of its Services:

Latynex will notify the Controller of any intended changes to sub-processors and provide an opportunity to object. All sub-processors are bound by data processing agreements that impose obligations equivalent to those in this DPA.

7. International Data Transfers

Where personal data is transferred outside the European Economic Area, Latynex ensures that appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) as approved by the European Commission, or other valid transfer mechanisms under GDPR Chapter V.

8. Security Measures

Latynex implements the following technical and organisational measures:

9. Data Subject Rights

Latynex will assist the Controller in responding to requests from data subjects exercising their rights under GDPR (Articles 15–22). Where Latynex receives a data subject request directly, it will forward it to the Controller without responding independently, unless required by law.

10. Data Breach Notification

In the event of a personal data breach affecting Controller data, Latynex will notify the Controller without undue delay (and where feasible, within 72 hours of becoming aware), providing information to enable the Controller to fulfil its obligations under GDPR Article 33.

11. Termination and Return of Data

Upon expiry or termination of the service agreement, Latynex will, at the Controller's choice, return or securely delete all personal data processed on the Controller's behalf, unless applicable law requires retention.

12. Governing Law

This DPA is governed by the laws of Estonia. Disputes arising from this DPA shall be subject to the jurisdiction of Estonian courts.

13. Contact and Signed DPA Requests

For a project-specific, countersigned DPA or questions regarding data processing:

Latynex Trade OÜ
Estonia, European Union
Email: info@latynextrade.com
Telegram: @latynextrade