1. Introduction

• This Data Processing Agreement (“Agreement”) forms part of the Terms and Conditions between Buzzserve Technologies Pvt. Ltd. (“Buzzserve”) and the user (“Client” or “Influencer”).
• The Agreement outlines the rights and obligations of both parties regarding the processing of personal data in compliance with applicable data protection laws.
• By using the Buzzserve platform, you agree to this Data Processing Agreement and acknowledge the responsibilities defined herein.
• This Agreement ensures that personal data is processed securely, lawfully, and transparently at all times.

2. Definitions

• “Data Controller” means the entity that determines the purposes and means of processing personal data. In this case, the Client or Brand acts as the Controller.
• “Data Processor” refers to Buzzserve, which processes personal data on behalf of the Controller.
• “Personal Data” means any information that can identify an individual, such as name, email, or social media profile.
• “Processing” includes any operation performed on personal data, such as collection, recording, storage, use, or deletion.

3. Purpose of Processing

• Buzzserve processes personal data solely to enable collaboration between brands and influencers on marketing campaigns.
• Processing activities include user authentication, profile management, campaign communication, payment processing, and platform analytics.
• Buzzserve will not process personal data for any purpose other than those expressly defined in this Agreement.
• All processing is carried out in accordance with applicable data protection regulations and internal data security policies.

4. Responsibilities of the Controller

• The Controller is responsible for ensuring that personal data provided to Buzzserve is collected lawfully and with valid consent.
• The Controller must inform data subjects about how their information will be processed and stored.
• It is the Controller’s duty to ensure that the data shared is accurate, up-to-date, and limited to what is necessary for the intended purpose.
• The Controller shall not share sensitive or unrelated data through the Buzzserve platform.

5. Responsibilities of the Processor (Buzzserve)

• Buzzserve processes personal data only under the documented instructions of the Controller, unless required by law to act otherwise.
• Buzzserve ensures that its employees and contractors who have access to personal data maintain strict confidentiality.
• The platform implements appropriate technical and organizational measures to safeguard data against unauthorized access or disclosure.
• Buzzserve will promptly notify the Controller of any suspected or confirmed data breach.

6. Data Security

• Buzzserve uses encryption, secure storage systems, and access controls to maintain the confidentiality and integrity of personal data.
• All personal data transfers between servers and client devices are encrypted using industry-standard protocols.
• Access to personal data is restricted to authorized personnel on a need-to-know basis only.
• Buzzserve regularly reviews and updates its security measures to ensure ongoing compliance and protection.

7. Sub-Processors

• Buzzserve may engage third-party service providers (“Sub-Processors”) to assist with hosting, payment processing, analytics, and customer support.
• All Sub-Processors are subject to written agreements ensuring they meet the same data protection obligations as Buzzserve.
• A current list of Sub-Processors may be provided upon request by the Controller.
• Buzzserve remains fully responsible for the actions of its Sub-Processors regarding data protection compliance.

8. Data Subject Rights

• Buzzserve assists the Controller in fulfilling data subject rights such as access, correction, deletion, or restriction of processing.
• Requests from data subjects will be promptly communicated to the Controller for review and response.
• Buzzserve will not independently respond to data subject requests without prior authorization from the Controller.
• All requests are handled in compliance with applicable data protection laws.