Data Processing Addendum (DPA)
Published on 16 November, 2023 | Data protection | 122 views | 2 minutes read
Operated by Global Digital Identity LTD
Last updated: 10 July 2025
This Data Processing Addendum (DPA) is an integral part of the Terms of Use and other policies of the .com.rich platform. It governs the processing of personal data of third parties carried out through the services provided by Global Digital Identity LTD, particularly in cases where the user (Controller) uses the platform to store or manage data from their own clients, visitors, or contacts.
1. DEFINITIONS
- Controller (User): The natural or legal person who determines the purposes and means of processing personal data using the .com.rich platform.
- Processor (Company): Global Digital Identity LTD, which processes data on behalf of the Controller.
- Personal Data: Any information relating to an identified or identifiable natural person.
- Processing: Any operation performed on personal data, including collection, storage, use, sharing, and deletion.
- Sub-processors: Third parties engaged by the Company to support data processing, such as hosting, cloud services, and identity verification providers.
2. SCOPE AND PURPOSE
This addendum applies solely to the processing of personal data carried out on behalf of the User. Global Digital Identity LTD acts as a Processor and commits to processing such data only in accordance with the User’s documented instructions, unless otherwise required by law.
3. COMPANY OBLIGATIONS
Global Digital Identity LTD agrees to:
- Process data only for purposes authorized by the User
- Implement appropriate technical and organizational measures to protect personal data
- Ensure that employees and Sub-processors are bound by confidentiality obligations
- Assist the Controller in fulfilling their legal obligations (e.g., data subject rights)
- Notify the Controller of any data breach within 72 hours of becoming aware
- Delete or return personal data upon termination of the agreement, as instructed
4. SUB-PROCESSORS
The Company may engage Sub-processors to deliver services. An updated list will be available upon formal request. The Company ensures that all Sub-processors comply with equivalent obligations under this DPA.
5. DATA SUBJECT RIGHTS
The Company agrees to assist the User, within technical feasibility, to:
- Respond to data subjects’ requests for access, correction, deletion, or portability
- Address objections or restrictions to processing
- Provide transparency to data subjects where required by law
6. INTERNATIONAL TRANSFERS
Transfers of personal data outside the United Kingdom or the European Economic Area shall be carried out only with appropriate safeguards, such as Standard Contractual Clauses or adequacy decisions.
7. TERM
This DPA remains in effect as long as there is a contractual relationship between the User and the Company, or as long as the Company processes data on behalf of the User.
8. PRIORITY AND INTEGRATION
In case of conflict between this addendum and the general Terms of Use, this DPA shall prevail solely with respect to the processing of third-party personal data.
9. LANGUAGE AND PRECEDENCE
In the event of any discrepancy between translations, the English version shall prevail for all legal purposes.
10. CONTACT
Global Digital Identity LTD
Company No. 16339013 – Companies House UK
71–75 Shelton Street, Covent Garden, London WC2H 9JQ – United Kingdom