ENTERPRISE DATA PROCESSING AGREEMENT (DPA)

This Data Processing Agreement ("DPA") forms part of the Terms of Use between:

Controller: Customer / User of Linkasoarus
Processor: Swanson International DBA Linkasoarus
Address: 400 Gilead Rd #86, Huntersville, NC 28078
Email: info@Linkasoarus.com
Phone: 704-666-2158
Effective Date: April 20, 2026

1. DEFINITIONS

"Controller" - determines purposes and means of processing.

"Processor" - processes personal data on behalf of Controller.

"Subprocessor" - third party engaged by Processor.

"Personal Data" - any information relating to an identifiable individual.

"Processing" - any operation performed on Personal Data.

2. SCOPE & ROLE OF PARTIES

Controller = Customer

Processor = Linkasoarus

Processor processes data solely to provide SaaS platform services.

3. PROCESSING DETAILS (ANNEX I)

Categories of Data Subjects:

  • Franchise owners
  • Employees / team members
  • Social media users (limited public data)

Categories of Personal Data:

  • Name
  • Email
  • Account credentials
  • Social media profile data
  • Usage / analytics data

Processing Activities:

  • Account management
  • Content sharing
  • Social integrations
  • Analytics & platform optimization

4. LAWFUL BASIS

Controller is responsible for ensuring lawful basis under GDPR/RODO:

  • Consent
  • Contract
  • Legitimate interest

5. PROCESSOR OBLIGATIONS

Processor shall:

  • Process only on documented instructions
  • Ensure confidentiality
  • Implement security measures
  • Assist with data subject rights
  • Assist with DPIAs where required

6. SECURITY MEASURES (ANNEX II)

Processor implements:

  • Encryption (in transit + at rest where applicable)
  • Role-based access controls
  • Secure cloud hosting (AWS)
  • Monitoring & logging systems
  • Incident response procedures
  • Regular backups

7. SUBPROCESSORS (ANNEX III)

Approved subprocessors include:

  • AWS (hosting)
  • Elavon (payments)
  • Analytics providers

Processor will:

  • Maintain subprocessor list
  • Impose contractual obligations
  • Provide notice of changes

8. INTERNATIONAL TRANSFERS

Transfers outside EEA are safeguarded using:

  • Standard Contractual Clauses (SCCs)
  • Equivalent safeguards

9. DATA SUBJECT RIGHTS

Processor assists Controller with:

  • Access requests
  • Deletion
  • Correction
  • Portability
  • Objection

10. DATA BREACH

Processor shall:

  • Notify Controller without undue delay
  • Provide incident details
  • Assist with regulatory reporting (72-hour rule)

11. RETENTION & DELETION

Upon termination:

  • Data deleted within 30 days
  • Or returned if requested
  • Legal retention exceptions may apply

12. AUDIT RIGHTS

Controller may request:

  • Security documentation
  • Compliance certifications
  • Reasonable audits (non-disruptive)

13. LIABILITY

Each party liable for own compliance obligations.

Nothing limits liability where prohibited by law.

14. GOVERNING LAW

North Carolina law applies, subject to mandatory international data protection laws.

15. CONTACT

Swanson International DBA Linkasoarus
400 Gilead Rd #86
Huntersville, NC 28078
info@Linkasoarus.com
704-666-2158