Data Processing Agreement (DPA)

1. Scope and Applicability

This Data Processing Agreement ("DPA") applies to the processing of personal data by Argus Group on behalf of our business clients/customers in the course of providing services. This DPA is integrated into, and forms part of, our Terms of Service.

2. Roles and Responsibilities

For the purposes of the GDPR and similar data protection regulations, the Client acts as the Data Controller, and Argus Group acts as the Data Processor. Each party warrants that it will comply with all applicable data protection laws in the performance of its obligations under this DPA.

3. Processing Activities

We process personal data solely in accordance with the Controller's documented instructions. This includes the provision of VPS hosting, managing resources, user accounts, and billing details. The categories of data processed include account metadata, server usage information, and billing information.

4. Technical and Organizational Security Measures

Argus Group implements and maintains appropriate technical and organizational measures to protect personal data against unauthorized or unlawful processing and against accidental loss, destruction, damage, alteration, or disclosure. These measures include encryption, access controls, network security, and secure system configurations.

5. Sub-processors

The Controller authorizes Argus Group to engage sub-processors (such as Stripe for billing, Ionos/VPS providers, and email delivery platforms) to carry out specific processing activities. We ask all sub-processors that enforce data protection obligations no less restrictive than those in this DPA.

6. Data Subject Rights & Security Incidents

Argus Group will assist the Controller in responding to data subject rights requests under GDPR. In the event of a confirmed personal data breach, we will notify the Controller without undue delay and provide reasonable cooperation to help mitigate risks.