Data Processing Agreement

Last Updated: December 2024

This Data Processing Agreement ("DPA") forms part of the agreement between SolidusGrid Ltd and Client for the provision of managed human infrastructure services.

1. Definitions

"Personal Data", "Data Subject", "Processing", "Controller", and "Processor" have the meanings given in the GDPR and UK GDPR.

2. Processing of Personal Data

SolidusGrid will process Personal Data only on documented instructions from the Client, unless required to do so by applicable law.

3. Security Measures

SolidusGrid implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, in accordance with ISO 27001 and SOC 2 Type II standards.

4. Sub-Processors

SolidusGrid may engage sub-processors to assist in providing services. A current list of sub-processors is available upon request.

5. Data Subject Rights

SolidusGrid will assist the Client in responding to Data Subject requests and will implement appropriate technical measures to facilitate such requests.

6. Contact

For DPA-related inquiries, contact: legal@solidusgrid.com