Cursour Analytics Data Processing Agreement

Effective 17 May 2022

This Data Processing Agreement (“DPA”) is an addendum to the Terms of Service ("TOS") between Cursour Analytics and the customer.

This DPA is an amendment and is incorporated into the TOS.

By using our service you agree to the TOS and the DPA.


"Customer" refers to the user of Cursour Analytics service.

"Personal Data" refers to any information relating to an indentified or identifiable individual.

“Personal Data Breach” refers to a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise Processed by us and/or our Sub Processors in connection with the provision of our services. "Personal Data Breach" will not include unsuccessful attempts or activities that do not compromise the security of Personal Data, including unsuccessful log-in attempts, pings, port scans, denial of service attacks, and other network attacks on firewalls or networked systems.

"Data Processor" refers to a natural or legal person, public authority, agency or other body which Processes Personal Data on behalf of the Controller.

“Sub Processor” refers to any Processor engaged by us to assist in fulfilling our obligations with respect to the provision of the our service under the DPA

"Data Controller" refers to the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purpose and means of the processing of personal data.

"Data protection laws" refers to all applicable worldwide legislation relating to privacy and processing of data.

"Data subject" refers to the individual to whom personal data relate.

"Instructions" referers to the written, documented instructions issued by a Controller to a Processor, and directing the same to perform a specific or general action with regard to Personal Data (including, but not limited to, depersonalizing, blocking, deletion, making available).

Cursour Analytics Obligations

Compliance with Instructions: We will only Process Personal Data for the purposes described in this DPA or as otherwise agreed within the scope of your lawful Instructions, except where and to the extent otherwise required by applicable law.

Security: We will implement and maintain appropriate technical and organizational measures to protect Personal Data from Personal Data Breaches by following security best practices.

Confidentiality: We will ensure that any personnel whom we authorize to Process Personal Data on our behalf is subject to appropriate confidentiality obligations (whether a contractual or statutory duty) with respect to that Personal Data.

Personal Data Breaches: We will notify you without undue delay after we become aware of any Personal Data Breach and will provide timely information relating to the Personal Data Breach as it becomes known or reasonably requested by you.

Deletion: We will delete all Customer Data upon request and in accordance to the TOS, all data is deleted permanently and cannot be recovered.

Customer obligations

Compliance with Laws: You ensure that you have the rights to provide Cursour Analytics the Personal Data needed for the provision of our service and to comply with the Data Protection Laws applicable in your jurisdiction.

Sub Processors

You agree that we may engage Sub Processors to Process Personal Data on your behalf. We have currently appointed, as Sub Processor only IONOS Cloud GmbH, where we host our servers. Where we engage Sub Processors, we will impose data protection terms on the Sub Processors that provide at least the same level of protection for Personal Data as those in this DPA, to the extent applicable to the nature of the services provided by such Sub Processors. We will remain responsible for each Sub Processor’s compliance with the obligations of this DPA and for any acts or omissions of such Sub Processor that cause us to breach any of its obligations under this DPA.

Contact us

If you have any questions about the DPA, please contact us.