Data processing contract

between Webnode as a processor and User as a controller in compliance with the article 28 of GDPR.

The subject of processing: We will process the data that you store on our servers. This could include personal data of people visiting websites you created with Webnode according to the rules stated in this Contract.

Processing time: Webnode processes personal data for the duration of the contract until the User cancels its account and subsequently for the time necessary to ensure the safety of the service and the fulfillment of the obligations arising from the special legal regulations. Subsequently, all saved user data are deleted.

Nature and purpose of processing: The purpose of the processing is to fulfil the obligations under the Contract, in particular the provision of storage space for the purpose of storing user data via Webnode.

Type and category of processed personal data: We process personal information you store on our servers.

Our responsibilities as a personal data processor: We undertake to:

a) Process personal data only based on the user's documented instructions;

b) Ensure that our authorized personnel who is in contact with personal data is committed to confidentiality;

c) Make appropriate technical and organizational safeguards to ensure a level of security appropriate to the risk involved. When assessing an appropriate level of security, we take into account, in particular, the risks involved in the processing, accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to transferred, stored or otherwise processed personal data. Technical data security is described in the Privacy Policy;

d) Take into account the nature of the processing and to assist the User through appropriate technical and organizational measures in fulfilling the User's obligation to respond to requests for the exercise of data subjects' rights set forth in Chapter III of the GDPR (Data subject rights);

e) Assist the User in complying with the obligations under Articles 32 to 36 of the GDPR (Privacy of Personal Data), taking into account the nature of the processing of the information available to Webnode;

f) Report to the User any personal data breach without undue delay;

g) Provide the User with all the information necessary to demonstrate that the above obligations have been met and enable the User to check compliance with the above obligations. All the information about the processing of personal data by Webnode is stated in the Privacy Policy.

Other processors: The user agrees that Webnode will involve other processors in the processing of personal data you store on our servers. The list of processors is stated in the Privacy Policy.