Data Processing Agreement (DPA)

Last updated: December 12, 2024

1. Introduction

This Data Processing Agreement (“DPA”) forms part of the Terms of Use and Privacy Policy of https://wildpilgrim.com (the “Website”). This DPA outlines the roles and responsibilities of both the Data Controller (you, the user) and the Data Processor (Wild Pilgrim) concerning the processing of personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Definitions

  • Data Controller: The entity that determines the purposes and means of processing personal data.
  • Data Processor: The entity that processes personal data on behalf of the Data Controller.
  • Personal Data: Any information relating to an identified or identifiable individual.
  • Processing: Any operation performed on personal data, such as collection, storage, or analysis.
  • Sub-processor: A third party engaged by the Data Processor to assist in processing personal data.

3. Scope and Purpose

The Data Processor processes Personal Data on behalf of the Data Controller solely for the purposes outlined in the Privacy Policy. This includes:

  • Managing newsletter subscriptions.
  • Processing user-generated content (e.g., comments).
  • Improving Website functionality and user experience.

The Data Processor will not process Personal Data for any purpose other than those explicitly stated.

4. Obligations of the Data Processor

The Data Processor agrees to:

  • Process Personal Data in compliance with applicable data protection laws.
  • Implement appropriate technical and organizational measures to ensure data security.
  • Assist the Data Controller in fulfilling their obligations under GDPR (e.g., responding to data subject requests).
  • Ensure that personnel authorized to process Personal Data are bound by confidentiality agreements.
  • Notify the Data Controller of any data breaches without undue delay.

5. Sub-processors

The Data Processor may engage Sub-processors to assist with processing Personal Data. A list of Sub-processors will be provided upon request. The Data Processor will ensure that Sub-processors are contractually obligated to comply with the same data protection standards.

6. Data Subject Rights

The Data Processor will assist the Data Controller in responding to requests from data subjects, including:

  • Access, rectification, or erasure of Personal Data.
  • Restriction or objection to processing.
  • Data portability requests.

7. Data Transfers

The Data Processor will ensure that any transfer of Personal Data outside the European Economic Area (EEA) complies with GDPR requirements, such as through the use of standard contractual clauses.

8. Data Retention

Personal Data will be retained only for as long as necessary to fulfill the purposes outlined in the Privacy Policy, or as required by applicable laws.

9. Data Breach Notification

In the event of a data breach, the Data Processor will:

  • Notify the Data Controller without undue delay.
  • Provide details of the breach, including its nature, impact, and any remedial actions taken.

10. Termination

Upon termination of services, the Data Processor will delete or return all Personal Data to the Data Controller, unless retention is required by law.

11. Governing Law

This DPA is governed by the laws of Ireland. Any disputes will be resolved exclusively in Irish courts.

12. Contact Information

For questions about this DPA, contact us at: