Data Processing Agreement (DPA) Template
2026-07-07 — v0.1 — 2026-07
Draft — legal review required before signing
This Data Processing Agreement (DPA) template, pursuant to Art. 28 GDPR, governs the relationship between the subscriber (controller) and Entexia d.o.o. (processor).
1. Subject Matter and Duration
The processor processes personal data on behalf of the controller for the purpose of providing the Entexia SaaS platform. This agreement is valid for the duration of the subscription.
2. Nature and Purpose of Processing
Storage, display and processing of data entered by the controller into the platform (HR, customers, transactions). No proprietary commercial processing.
3. Types of Personal Data
Contact data, transaction data, HR data — depending on the modules activated by the controller.
4. Security Measures
Encryption in transit (TLS), physical database isolation per company, 2FA, audit log, daily backups in EU.
5. Sub-processors
The sub-processor list is publicly available at /privacy. The controller is notified of any change with 30 days' notice.
6. Data Subject Rights
The processor assists the controller in fulfilling data subject requests within 72 hours.
7. Location of Processing
Processing takes place exclusively in the EU (Hetzner DE). No transfers outside the EU except listed sub-processors with SCCs.
Request a signed DPA
Enterprise kupci prejmejo podpisan DPA pred prvim klicem.