Data Processing Agreement (DPA)

This DPA forms part of the Terms of Service between Customer and Raqib.

1. Definitions

1. Controller: The Customer
2. Processor: Raqib
3. Personal Data: As defined under GDPR or applicable law
4. Processing: Any operation performed on Personal Data

2. Nature and Purpose

The purpose of data processing is to deliver training, simulations, and usage tracking within the Raqib platform.

3. Scope of Processing

Types of personal data:

1. Name, email, title
2. Activity logs
3. Performance data

Special categories: None processed intentionally

4. Obligations of Processor (Raqib)

Raqib agrees to:

1. Only process data as instructed
2. Ensure staff confidentiality
3. Implement technical and organizational security
4. Notify the Customer of data breaches within 72 hours
5. Cooperate with audits or requests from supervisory authorities

5. Subprocessors

Raqib uses subprocessors listed here. We ensure they meet equivalent security and privacy standards. Customer will be notified of changes.

6. International Transfers

Transfers outside the EEA will be made with appropriate safeguards, such as SCCs.

7. Rights of Data Subjects

Raqib will assist the Customer in responding to:

1. Access requests
2. Rectification, erasure, or portability
3. Objections to processing

8. Termination & Deletion

Upon termination, Raqib will delete or return personal data unless legally required to retain it.

9. Liability & Indemnity

Both parties agree to indemnify each other in case of breach of this DPA causing lawful damages.