Data Processing Agreement

Last Updated: 11.17.2025

 

1. Definitions

Defines Controller (Client), Processor (Data2Report LLC), Client Data, and Processing.

 

2. Purpose of Processing

Data is processed solely to calculate commissions, generate reports, and perform related analytics.

 

3. Responsibilities of the Controller (Client)

Client warrants legal rights to the data and accuracy of all submissions.

 

4. Responsibilities of the Processor

Data2Report processes data only under client instructions and maintains confidentiality.

 

5. Confidentiality

Employees and sub-contractors are bound by confidentiality.

 

6. Data Security Measures

Includes encryption where applicable, secure storage, and controlled access.

 

7. Subprocessing

No subprocessors unless required for secure storage or approved by the client.

 

8. Data Retention & Deletion

Data is kept only as long as needed. Clients may request deletion at any time.

 

9. Data Breach Notification

Client will be notified of confirmed breaches without undue delay.

 

10. Client Instructions

Processing only occurs according to documented instructions.

 

11. Limitations on Liability

Data2Report LLC is not liable for employee disputes, payroll inaccuracies, or indirect damages. Maximum liability is the amount paid.

 

12. Governing Law

This DPA is governed by Colorado law.

 

13. Effective Date

Effective upon first use of the Site or Services.