Special Offer for New Members: Get an Extra 15% Discount in your cart at GlobeTier!
00D
00H
00M
00S
Register Now
WhatsApp Live Support Support Ticket Blog
Register
0 Login

Data Processing Agreement (DPA)

Defining the technical and legal framework for data processing between GlobeTier and our clients.

1. Parties and Definitions

This Data Processing Agreement (“DPA”) regulates the obligations between the Data Controller (who determines the purposes and means of processing) and the Data Processor (who processes data on behalf of the controller), in compliance with the General Data Protection Regulation (“GDPR”).

Data Controller: Any individual or legal entity (“Client”) using GlobeTier services (hosting, servers, etc.) who collects or processes personal data of their own end-users within these services. The Client receives services under the Terms of Service.

Data Processor: GlobeTier Infrastructure Solutions (“GlobeTier”). GlobeTier processes personal data solely for the purpose of fulfilling the service and according to the instructions of the Data Controller.

Sub-processor: Refers to any third party (e.g., data centers, infrastructure providers) engaged by GlobeTier to carry out specific processing activities on behalf of the Client.

2. Scope and Purpose of Processing

GlobeTier processes personal data that the Data Controller hosts, transmits, or manages within GlobeTier’s infrastructure (web hosting, VPS, dedicated servers, email, and backups) only for technical delivery, secure storage, and redundancy purposes.

The content, categories, and purposes of processing the personal data collected via the Client’s website or applications are determined solely by the Client. GlobeTier acts only as an infrastructure provider and does not use this data for its own commercial purposes, profiling, or advertising. The Client remains responsible for ensuring that the data stored on their systems complies with global privacy laws.

3. Instructions and Security Measures

Compliance with Instructions

GlobeTier processes personal data only in accordance with the Client's written instructions, which include the Terms of Service, order specifications, and support tickets. If GlobeTier believes an instruction violates GDPR or other privacy laws, it will notify the Client.

Security Measures

GlobeTier implements appropriate technical and administrative measures to ensure the confidentiality, integrity, and availability of processed data. These measures include access controls, encryption (in transit and, where applicable, at rest), secure network architecture, logging, and confidentiality agreements with personnel. The Client is responsible for securing their own account credentials and application-level vulnerabilities.

4. Sub-processors and Breach Notification

Sub-processors

GlobeTier may engage sub-processors (such as data centers and network providers) to deliver its services. These sub-processors are bound by data protection obligations equivalent to those in this DPA. GlobeTier remains liable for the performance of its sub-processors' obligations.

Breach Notification

In the event of a confirmed personal data breach (unauthorized access or data leakage), GlobeTier will notify the Data Controller without undue delay. The notification will describe the nature of the breach, affected data categories, and the measures taken to mitigate the impact. The obligation to notify regulatory authorities or data subjects lies with the Data Controller.

5. Data Subject Rights and Termination

Data Subject Requests

Requests from individuals regarding their rights (access, correction, deletion) should be directed to the Data Controller. GlobeTier will provide reasonable technical assistance to help the Client fulfill these requests.

Termination – Data Deletion

Upon termination of the service, GlobeTier will, at the Client's request, return or delete the processed personal data, unless legal retention obligations apply. If no instructions are received within 30 days of termination, GlobeTier reserves the right to permanently delete or anonymize the data. Backup limitations specified in the Backup Policy apply.

6. Validity and Contact

This DPA is effective upon the Client's acceptance of the GlobeTier Terms of Service. In case of conflict between this DPA and the Terms of Service, the data protection provisions of this DPA shall prevail. This agreement is governed by the laws of the jurisdiction where GlobeTier is incorporated.

For inquiries regarding data processing, please contact privacy@globetier.com. For information on how GlobeTier processes its own data, please see our Data Protection Notice.