Get AI Infrastructure Assessment
Legal

Data Processing Agreement

Last Updated: 15 June 2025

1. Introduction

This Data Processing Agreement ("DPA") governs the processing of personal data by AIsend (Pty) Ltd ("Processor") on behalf of clients ("Controller") when using Aisend's services.

2. Client Data Handling

The Processor shall process personal data only on documented instructions from the Controller, unless required to do so by applicable law. The Processor shall:

  • Process data only for the purposes specified in the agreement
  • Ensure that persons authorised to process the data are bound by confidentiality
  • Implement appropriate technical and organisational security measures
  • Notify the Controller of any data breaches without undue delay

3. Processor Responsibilities

The Processor shall:

  • Maintain a record of all processing activities
  • Cooperate with the Controller regarding data subject requests
  • Conduct data protection impact assessments when required
  • Delete or return all personal data at the end of services
  • Make available all information necessary to demonstrate compliance

4. Security Obligations

The Processor shall implement and maintain appropriate technical and organisational security measures, including:

  • Encryption of personal data in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security testing and vulnerability assessments
  • Incident response and business continuity procedures
  • Employee training on data protection

5. Third-Party Services

The Processor may engage sub-processors to process personal data. Current sub-processors include cloud hosting providers, analytics services, and communication tools. The Processor shall:

  • Maintain an up-to-date list of sub-processors
  • Notify the Controller of any changes to sub-processors
  • Enter into written agreements with sub-processors imposing equivalent data protection obligations
  • Remain fully liable for sub-processor compliance

6. Data Subject Rights

The Processor shall assist the Controller in responding to data subject requests under applicable data protection law, including requests for access, correction, deletion, and portability.

7. Duration and Termination

This DPA remains in effect for the duration of the services agreement. Upon termination, the Processor shall delete or return all personal data as directed by the Controller, unless retention is required by law.

8. Governing Law

This DPA is governed by the laws of the Republic of South Africa.

Built For Businesses Preparing For The AI Economy

AI Visibility Infrastructure
Operational Intelligence Infrastructure
Execution Infrastructure
© 2026 AIsend (Pty) Ltd. All Rights Reserved. Aisend is building the infrastructure layer between businesses and artificial intelligence. Privacy Policy | Terms | Security
💬 Chat with Zara