Data Processing Addendum (DPA)

This Data Processing Addendum forms part of the agreement between 3Be and its customers. It sets out how 3Be processes personal data on behalf of customers in connection with the Wizard platform, in accordance with applicable data protection legislation including the General Data Protection Regulation (GDPR).

Scope and Applicability

This DPA applies where 3Be processes personal data as a data processor on behalf of the customer (the data controller). It covers all processing activities carried out in connection with the Wizard platform and related services.

Key Sections

• Definitions — Defined terms used throughout this agreement, aligned with GDPR terminology.
• Processing Obligations — 3Be processes personal data only on documented instructions from the customer and ensures personnel are bound by confidentiality.
• Security Measures — Technical and organisational measures implemented to protect personal data, including encryption, access controls and regular testing.
• International Transfers — Safeguards applied when personal data is transferred outside the European Economic Area.
• Sub-Processors — Conditions under which 3Be engages third-party sub-processors, including prior notification and contractual protections. See the Sub-Processor List for current providers.
• Data Subject Rights — How 3Be supports customers in responding to data subject access requests and other rights under GDPR.
• Audit Rights — The customer's right to audit 3Be's compliance with this DPA.
• Term and Termination — Duration of the DPA and obligations upon termination, including data deletion and return.