Data Processing Agreement (DPA)

1. Purpose

The purpose of this DPA is to define the responsibilities of both parties regarding the processing, protection, and handling of personal data in connection with the use of BizInvoice services.

2. Roles of the Parties

3. Scope of Processing

BizInvoice may process personal data that customers store or manage within the platform, including:

The exact categories of data processed depend on how the Customer uses the platform.

4. Purpose of Processing

BizInvoice processes personal data solely for:

• check_circle Providing ERP and invoicing services
• check_circle Customer relationship management
• check_circle Inventory management
• check_circle Reporting and analytics
• check_circle Subscription management
• check_circle Customer support
• check_circle Security monitoring
• check_circle Backup and disaster recovery

BizInvoice will not process personal data for purposes unrelated to the delivery of its services.

5. Customer Responsibilities

The Customer is responsible for:

• check_circle Obtaining all necessary consents from individuals whose data is processed.
• check_circle Ensuring that personal data is collected lawfully.
• check_circle Providing accurate instructions regarding data processing.
• check_circle Complying with applicable privacy and data protection laws.

The Customer acknowledges that BizInvoice is not responsible for the legality of the Customer's data collection practices.

6. Confidentiality

BizInvoice shall ensure that all personnel authorized to process personal data:

• check_circle Are subject to confidentiality obligations.
• check_circle Receive appropriate security and privacy training.
• check_circle Access personal data only when necessary to perform their duties.

7. Security Measures

BizInvoice implements reasonable technical and organizational measures to protect personal data, including:

• check_circle HTTPS/SSL encryption
• check_circle Password hashing
• check_circle Secure authentication systems
• check_circle Access controls and permissions
• check_circle Firewalls and infrastructure security
• check_circle Regular software updates
• check_circle System monitoring and logging
• check_circle Data backup procedures

While we strive to maintain strong security, no system can guarantee absolute security.

8. Sub-Processors

BizInvoice may engage trusted third-party service providers ("Sub-Processors") to assist in providing services. Examples may include:

• check_circle Cloud Hosting Providers
• check_circle Payment Gateway Providers
• check_circle Email Service Providers
• check_circle SMS Providers
• check_circle WhatsApp Messaging Providers
• check_circle Customer Support Platforms
• check_circle Analytics Providers

BizInvoice shall take reasonable steps to ensure that such Sub-Processors provide appropriate data protection safeguards.

9. International Data Transfers

Personal data may be processed or stored in countries outside the Customer's jurisdiction if required by our infrastructure providers or service partners.

Where such transfers occur, BizInvoice will take reasonable measures to ensure appropriate safeguards are implemented.

10. Data Retention

BizInvoice will retain personal data only:

• check_circle For the duration of the Customer's active account;
• check_circle As required to provide services;
• check_circle As required by applicable laws;
• check_circle For legitimate backup, security, and business continuity purposes.

Upon account termination, data may be retained for a limited period before secure deletion, subject to legal and operational requirements.

11. Data Subject Requests

If BizInvoice receives a request from an individual seeking access, correction, deletion, or restriction of personal data controlled by a Customer, BizInvoice may:

• check_circle Forward the request to the Customer; or
• check_circle Assist the Customer in responding to the request where reasonably feasible.

The Customer remains responsible for responding to such requests.

12. Personal Data Breach Notification

In the event of a confirmed personal data breach affecting Customer data, BizInvoice will:

• check_circle Investigate the incident promptly.
• check_circle Take reasonable steps to mitigate risks.
• check_circle Notify affected Customers without undue delay where required by applicable law.

13. Audit Rights

Upon reasonable written request, BizInvoice may provide information regarding its security practices and compliance measures sufficient to demonstrate compliance with this DPA.

To protect the confidentiality and security of all customers, direct infrastructure audits may be limited or subject to reasonable restrictions.

14. Limitation of Liability

The liability of each party under this DPA shall be subject to the limitations of liability set forth in the BizInvoice Terms & Conditions.

Nothing in this DPA shall expand or increase either party's liability beyond those limitations.

15. Term and Termination

This DPA remains in effect for as long as BizInvoice processes personal data on behalf of the Customer.

Termination of the Customer's account or use of BizInvoice services will automatically terminate this DPA, except for obligations that survive termination under applicable law.

16. Governing Law

This DPA shall be governed by and interpreted in accordance with the laws of India.

Any disputes arising under this DPA shall be subject to the exclusive jurisdiction of the courts located in Surat, Gujarat, India.

17. Contact Information

For questions regarding this Data Processing Agreement or data protection matters, please contact: