Data Processing Agreement

Last updated: January 2026

This Data Processing Agreement ("DPA") forms part of the Master Terms & Conditions between MergeGuard and the merchant ("Controller") and governs the processing of personal data by MergeGuard ("Processor") on behalf of the Controller.

1. Definitions

  • "Personal Data" means any information relating to an identified or identifiable natural person.
  • "Processing" means any operation performed on Personal Data.
  • "Data Subject" means the individual whose Personal Data is processed.

2. Scope of Processing

The Processor shall process Personal Data only:

  • On documented instructions from the Controller
  • For the purposes of providing the Services
  • In accordance with applicable data protection laws

3. Security Measures

The Processor shall implement appropriate technical and organizational measures including:

  • Encryption of Personal Data in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security assessments and penetration testing
  • Incident detection and response capabilities

4. Sub-Processors

The Controller authorizes the Processor to engage sub-processors subject to:

  • Equivalent data protection obligations
  • Prior notification of material changes
  • Processor remaining liable for sub-processor compliance

5. Data Subject Rights

The Processor shall assist the Controller in responding to Data Subject requests to exercise their rights under applicable law.

6. Data Breach Notification

The Processor shall notify the Controller without undue delay upon becoming aware of a Personal Data breach and shall provide all necessary information to enable the Controller to meet its notification obligations.

7. Deletion and Return of Data

Upon termination of the Services, the Processor shall, at the Controller's choice, delete or return all Personal Data and delete existing copies unless retention is required by applicable law.

8. Contact Information

dpa@mergeguard.store

Questions about our policies?

Contact our legal team for clarification.

Contact Us