Data Processing Agreement
1. Overview
This Data Processing Agreement ("DPA") is entered into between AutomationKaro and our customers. It describes how we process, store, and protect personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.
2. Scope
This DPA applies to the processing of personal data by AutomationKaro on behalf of customers. It governs the terms under which we act as a data processor for personal data provided by customers.
3. Data Processing Activities
As a data processor, AutomationKaro will:
- Process personal data only on documented instructions from the customer
- Ensure staff are bound by confidentiality obligations
- Implement appropriate technical and organizational security measures
- Not transfer personal data outside the EEA without appropriate safeguards
- Assist the customer in responding to data subject requests
- Return or delete personal data upon request
4. Security Measures
AutomationKaro implements comprehensive security measures including encryption, access controls, regular audits, and incident response procedures to protect personal data from unauthorized access, alteration, or destruction.
5. Sub-processors
AutomationKaro maintains a list of approved sub-processors and notifies customers of any changes to this list. Customers have the right to object to the use of new sub-processors.
6. Data Subject Rights
AutomationKaro will assist customers in fulfilling data subject rights requests including access, rectification, erasure, and portability rights.
7. Data Breach Notification
In the event of a suspected data breach, AutomationKaro will notify the customer without undue delay and provide reasonable assistance in meeting notification obligations.
8. Contact
For questions regarding this DPA, please contact our Data Protection Officer at dpo@automationkaro.com
Last updated: July 2026
