Detta Data Processing Agreement (DPA) reglerar AEO Pulses behandling av personuppgifter för kunders räkning, i enlighet med EU:s allmänna dataskyddsförordning (GDPR).
Based on EU Standard Contractual Clauses (SCCs)
Data Controller: the customer (you). Data Processor: AEO Pulse (operated by Acasting S.r.l.).
This DPA applies to all personal data processed by AEO Pulse on behalf of the customer in connection with the use of the AEO Pulse SaaS platform.
Processing is governed by EU Standard Contractual Clauses (SCCs) as adopted by the European Commission (Decision 2021/914).
Account information (name, email), brand data (names, domains, competitors), monitoring results (AI engine responses), audit logs, and usage analytics.
AEO Pulse will assist the customer in responding to data subject requests (access, rectification, erasure, portability) within 30 days.
AEO Pulse engages sub-processors as listed in the Sub-Processors page. Customers will be notified 30 days before any new sub-processor is engaged.
AEO Pulse implements technical and organizational measures as described in the Security Practices page, including encryption, RLS, RBAC, and audit logging.
AEO Pulse will notify the customer without undue delay (within 72 hours) upon becoming aware of a personal data breach.
Upon termination, AEO Pulse will return or delete all personal data within 30 days, unless EU or Member State law requires retention.
Customers may request audit reports annually. AEO Pulse will provide relevant security certifications and audit results upon request.