LodgesMaster DPA

This Data Processing Agreement is made between Lodges Master and users of our services. This Agreement outlines how personal data will be processed, stored, and protected in compliance with applicable data protection laws.

1. Definitions

  • Data Controller: The entity that determines the purposes and means of processing personal data.
  • Data Processor: The entity that processes personal data on behalf of the data controller.
  • Personal Data: Any information related to an identified or identifiable individual.
  • Processing: Any operation performed on personal data, including collection, storage, alteration, and deletion.

2. Scope of Data Processing

The Company processes personal data only as necessary to provide services to the Customer, in accordance with the terms of this Agreement and any instructions given by the Customer.

3. Categories of Data Processed

We may process the following types of personal data on behalf of the Customer:

  • Guest and hotel manager information, such as names, contact details, room numbers, and service requests.
  • Data related to the usage of the Lodges Master app, including order history and room inspection details.

4. Obligations of the Company

As the Data Processor, we commit to:

  • Process personal data solely for the purpose of providing the service, based on your instructions.
  • Implement appropriate technical and organizational measures to ensure data security and prevent unauthorized access, loss, or damage.
  • Assist you in responding to data subject requests, such as access, correction, or deletion of personal data.
  • Notify you of any data breach without undue delay and assist with mitigation efforts.
  • Ensure confidentiality and that all personnel authorized to process personal data are bound by confidentiality agreements.

5. Sub-Processors

We may engage third-party sub-processors to assist with data processing. A list of sub-processors will be made available upon request, and we will notify you of any intended changes to these sub-processors.

6. Data Transfers

In the event of international data transfers outside the European Economic Area (EEA), we will ensure that such transfers comply with applicable data protection laws, including the use of appropriate safeguards such as Standard Contractual Clauses (SCCs).

7. Data Retention

We will retain personal data only for as long as is necessary to fulfill the purposes for which it was collected, or as required by law. Upon termination of this Agreement, personal data will be returned or deleted, unless otherwise required by law.

8. Rights of the Data Subject

You are responsible for ensuring that data subjects have been informed of their rights under applicable data protection laws, including the right to access, correct, or delete their personal data.

9. Liability

Each party’s liability arising out of or related to this Agreement shall be limited to the extent permitted by applicable law.

10. Governing Law

This Agreement is governed by and construed in accordance with [Insert Governing Law Jurisdiction].

11. Contact Us

For any questions regarding this DPA, please contact us at [Insert Contact Information].