Data Processing Agreement

1. Overview

This Data Processing Agreement ("DPA") is entered into between AutomationKaro and our customers. It describes how we process, store, and protect personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

2. Scope

This DPA applies to the processing of personal data by AutomationKaro on behalf of customers. It governs the terms under which we act as a data processor for personal data provided by customers.

3. Data Processing Activities

As a data processor, AutomationKaro will:

  • Process personal data only on documented instructions from the customer
  • Ensure staff are bound by confidentiality obligations
  • Implement appropriate technical and organizational security measures
  • Not transfer personal data outside the EEA without appropriate safeguards
  • Assist the customer in responding to data subject requests
  • Return or delete personal data upon request

4. Security Measures

AutomationKaro implements comprehensive security measures including encryption, access controls, regular audits, and incident response procedures to protect personal data from unauthorized access, alteration, or destruction.

5. Sub-processors

AutomationKaro maintains a list of approved sub-processors and notifies customers of any changes to this list. Customers have the right to object to the use of new sub-processors.

6. Data Subject Rights

AutomationKaro will assist customers in fulfilling data subject rights requests including access, rectification, erasure, and portability rights.

7. Data Breach Notification

In the event of a suspected data breach, AutomationKaro will notify the customer without undue delay and provide reasonable assistance in meeting notification obligations.

8. Contact

For questions regarding this DPA, please contact our Data Protection Officer at dpo@automationkaro.com

Last updated: July 2026

Built with v0