Data Processing Agreement

This Data Processing Agreement (“DPA”) supplements the Terms of Service and applies to customers who are subject to data protection laws such as the GDPR or CCPA and who use Condor Intel to process personal data on their behalf.

• Controller – the entity that determines the purposes and means of processing personal data
• Processor – Condor Intel, acting on behalf of the Controller
• Data Subject – the identified or identifiable individual whose personal data is processed
• Personal Data – any information relating to an identified or identifiable Data Subject

Condor Intel will process personal data only on documented instructions from the Controller, unless required to do so by applicable law. Condor Intel will immediately inform the Controller if it believes an instruction infringes applicable data protection law.

Condor Intel implements appropriate technical and organisational measures as described in our Security page to ensure a level of security appropriate to the risk.

Condor Intel may engage sub-processors to assist in providing the Service. We maintain an up-to-date list of sub-processors and will notify Controllers of any intended additions or replacements, providing an opportunity to object.

Condor Intel will assist the Controller in fulfilling obligations to respond to Data Subject requests (access, rectification, erasure, portability, objection) within the timeframes required by applicable law.

Where personal data is transferred outside the EEA or UK, such transfers will be made pursuant to Standard Contractual Clauses or another lawful transfer mechanism.

Enterprise customers requiring a signed DPA should contact us at legal@condorintel.com. We will provide a countersigned agreement within 5 business days.