Data Processing Agreement

Purpose: This DPA is required by GDPR (Article 28), PDPL, DPDP Act, and most enterprise procurement processes. By using OpsLix, your organisation (the Controller) and OpsLix (the Processor) agree to the terms below. A countersigned version is available on request for enterprise tenants.

1. Definitions

Controller: Your organisation (the tenant) — the entity that determines the purposes and means of processing personal data using OpsLix.
Processor: OpsLix — processes personal data on behalf of the Controller.
Personal Data: Any information relating to an identified or identifiable person, including employee names, email addresses, phone numbers, salary, bank details, and statutory identifiers stored in the Platform.
Sensitive Personal Data: A subset of Personal Data including health information, biometric data, and statutory identifiers, processed within HSE incident records, medical surveillance, or HR records.
Processing: Any operation performed on personal data including collection, storage, retrieval, transmission, and deletion.

2. Scope of processing

OpsLix processes personal data only as necessary to:

Provide the HSE Operations and Workforce workspaces as described in the Terms of Service
Send notifications (email, SMS, WhatsApp) on behalf of the Controller
Generate operational reports and analytics within the Controller's tenant account
Provide technical support when explicitly authorised by the Controller
Maintain audit logs and security records as required by ISO 27001 and SOC 2 Trust Services Criteria

3. Controller obligations

The Controller agrees to:

Ensure a lawful basis exists for processing personal data via OpsLix
Provide privacy notices to data subjects (employees, contractors) informing them their data is processed by OpsLix
Notify OpsLix promptly of any data subject rights requests
Configure access controls and role assignments appropriately
Promptly remove access for terminated employees

4. Processor obligations

OpsLix agrees to:

Process personal data only on documented instructions from the Controller
Ensure all personnel with access to personal data are bound by confidentiality obligations
Implement appropriate technical and organisational security measures (Section 7)
Assist the Controller with data subject rights requests within 30 days
Delete or return all personal data on termination of the agreement (subject to legal retention obligations)
Notify the Controller without undue delay (and in any event within 72 hours) of becoming aware of a personal data breach
Maintain records of processing activities (RoPA) under Article 30
Cooperate with supervisory authorities as required

5. Sub-processors

OpsLix uses the following sub-processors. The Controller provides general authorisation for these sub-processors:

Render Services Inc. — cloud application hosting (USA, with regional deployment options)
Neon Inc. — managed PostgreSQL database (USA / EU regions)
Cloudflare Inc. — CDN, DDoS protection, edge security (Global)
Twilio Inc. (SendGrid) — transactional email delivery (USA)

All sub-processors are bound by data processing agreements equivalent to or stricter than this DPA. The Controller will be notified of any sub-processor changes with 30 days' notice and may object on reasonable grounds.

6. International transfers

Data may be transferred outside your country to sub-processors. For EU / UK data subjects, transfers are protected by Standard Contractual Clauses (2021 SCCs) and supplementary measures where required by Schrems II. For Saudi Arabia (PDPL), India (DPDP Act), and UAE data subjects, we implement equivalent safeguards aligned with each jurisdiction's cross-border transfer requirements.

Tenants with strict data residency requirements should contact enterprise@safetyproworld.com for regional hosting options.

7. Security measures

TLS 1.3 encryption for all data in transit
AES-256 encryption for data at rest, with envelope encryption for sensitive fields (salary, bank details, statutory IDs)
JWT-based authentication with short-lived tokens (15 minutes) and rotating refresh tokens
Step-up authentication for sensitive workspaces (Workforce, Admin) and sensitive actions (payroll, incident investigations, audit findings)
Row-Level Security policies on all tenant data tables
Role-Based Access Control (RBAC) with workspace-scoped permissions
Comprehensive audit logging of all data access and modification
Zero-default-access policy for OpsLix platform administrators
Encrypted backups with 7-day point-in-time recovery
Regular security assessments; ISO 27001 and SOC 2 Type II certifications in progress
Annual third-party penetration testing

8. Audit rights

The Controller may, at its own cost and with reasonable notice, audit OpsLix's compliance with this DPA, either directly or through an independent third party bound by confidentiality. OpsLix will respond to reasonable audit requests including SOC 2 reports, ISO 27001 certificates, and security questionnaires (CAIQ, SIG) when these become available.

9. Liability

Liability for data protection breaches is governed by the limitations set out in the Terms of Service, save where mandatory law (such as GDPR Article 82) applies different liability provisions.

10. Signed DPA for enterprise tenants

A countersigned DPA document is available for enterprise tenants who require it for procurement processes. This is typically required by large industrial groups, regulated industries, and government procurement frameworks.

Request a signed DPA: enterprise@safetyproworld.com