Data Processing Amendment (DPA)

Helprace’s Data Processing Amendment v. 2.0

Last revised on March 19, 2026, effective as of March 19, 2026

Introduction to this Amendment

This Data Processing Amendment (“DPA”) forms part of the agreement between Helprace, Inc. (“Helprace”, “we”, “us” or “our”) and the customer entity using the Helprace Service (“Customer”). This DPA applies where Helprace processes Personal Data on behalf of Customer in connection with the Helprace Service.

This DPA supplements the Terms of Service. If there is a conflict between this DPA and the Terms of Service with respect to processing of Personal Data, this DPA will control to the extent of that conflict.

Definitions

“Applicable Data Protection Law” means data protection and privacy laws applicable to the processing of Personal Data under the agreement, including, where applicable, the GDPR, the UK GDPR, and similar laws.

“Controller”, “Processor”, “Data Subject”, “Personal Data”, “Processing”, and “Subprocessor” have the meanings given to them by Applicable Data Protection Law.

“Customer Data” means Personal Data submitted to or collected through the Helprace Service by or on behalf of Customer.

“Security Incident” means a confirmed breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Customer Data processed by Helprace. Security Incident does not include unsuccessful attempts or activities that do not compromise the security of Customer Data, such as unsuccessful login attempts, pings, port scans, denial of service attempts, or other network attacks on firewalls or networked systems.

1. Roles and Scope

  1. Customer is the Controller of Customer Data, and Helprace is the Processor of Customer Data, except to the extent Helprace acts as an independent Controller for its own account, billing, security, abuse prevention, legal compliance, and direct business relationship data as described in the Privacy Policy.

  2. This DPA applies only to Customer Data processed by Helprace on behalf of Customer in connection with the Helprace Service.

2. Customer Instructions and Processing

  1. Helprace will process Customer Data only on documented instructions from Customer, including as necessary to provide the Helprace Service, comply with the agreement, and comply with applicable law.

  2. Customer instructs Helprace to process Customer Data as necessary to provide, secure, support and improve the Helprace Service, and as further described in the agreement and Customer’s use of the service features and settings.

  3. Customer is responsible for the lawfulness of the Customer Data and the means by which Customer acquired the Customer Data, including providing any required notices and obtaining any required consents or other legal basis for processing.

3. Confidentiality and Personnel

  1. Helprace will ensure that persons authorized to process Customer Data are bound by appropriate confidentiality obligations.

  2. Access to Customer Data will be limited to personnel and service providers who require access for the purposes described in this DPA.

4. Security

  1. Helprace will implement and maintain reasonable and appropriate technical and organizational measures designed to protect Customer Data against unauthorized or unlawful processing and against accidental loss, destruction, damage, alteration or disclosure.

  2. Additional information regarding Helprace’s security practices is available in the Security Policy.

5. Subprocessors

  1. Customer authorizes Helprace to engage Subprocessors to process Customer Data on Helprace’s behalf, provided that such Subprocessors are bound by written obligations that are materially no less protective than those in this DPA.

  2. Helprace remains responsible for its Subprocessors’ processing of Customer Data to the extent required by Applicable Data Protection Law.

  3. Helprace may make available information about categories of Subprocessors or a current Subprocessor list upon request or through a separate public page if published.

6. International Transfers

  1. Customer authorizes Helprace and its Subprocessors to process Customer Data in the United States and in other countries where Helprace or its Subprocessors operate, provided that Helprace will implement appropriate safeguards for cross-border transfers where required by Applicable Data Protection Law.

  2. To the extent required by Applicable Data Protection Law, the parties will cooperate in good faith to implement an appropriate transfer mechanism.

7. Assistance to Customer

  1. Taking into account the nature of the processing and the information available to Helprace, Helprace will provide reasonable assistance to Customer in responding to requests from Data Subjects to exercise their rights under Applicable Data Protection Law.

  2. Helprace will provide reasonable assistance to Customer with data protection impact assessments, prior consultations, and similar obligations, in each case only to the extent required by Applicable Data Protection Law and reasonably possible in light of the nature of the processing and the information available to Helprace.

8. Security Incident Notification

  1. If Helprace becomes aware of a Security Incident affecting Customer Data, Helprace will notify Customer without undue delay and will provide information reasonably available to Helprace concerning the Security Incident.

  2. Helprace’s notification of or response to a Security Incident will not be construed as an acknowledgment of fault or liability.

9. Deletion and Return of Customer Data

  1. Upon termination or expiration of the agreement, Helprace will delete or return Customer Data in accordance with the agreement and Helprace’s retention and backup practices, unless retention is required by applicable law.

  2. Residual copies of Customer Data may remain in backup or archival systems for a limited period before being overwritten or deleted in the normal course.

10. Audits and Information

  1. Helprace will make available information reasonably necessary to demonstrate compliance with this DPA.

  2. Where required by Applicable Data Protection Law, Helprace will allow and contribute to reasonable audits or inspections by Customer or an independent auditor mandated by Customer, subject to reasonable advance notice, confidentiality obligations, scope limitations, and safeguards for the security and confidentiality of other customers and Helprace systems.

11. Liability

Each party’s liability arising under this DPA is subject to the exclusions and limitations of liability set out in the agreement, to the extent permitted by Applicable Data Protection Law.

12. Duration

This DPA remains in effect for as long as Helprace processes Customer Data on behalf of Customer under the agreement.

Helprace Legal

Help Desk by Helprace

100% uptime the last 12 months
We care about security & privacy