Data Processing Agreement (DPA)

The customer is the controller (or, for its own customers, processor); Vinpro Global Services Pvt Ltd is the processor (or sub-processor). We process personal data only on documented instructions.

[To complete with counsel] Describe the processing operations, duration, and the purpose (payroll, HR, EOR administration).

[To complete with counsel] List data categories (identity, contact, payroll/financial, statutory IDs) and data subjects (the customer's employees/contractors).

Personnel are bound by confidentiality. We maintain the technical and organisational measures described on our Security page.

The customer authorises the sub-processors listed on our Sub-processors page; we will give notice of changes and remain responsible for their performance.

[To complete with counsel] Specify transfer safeguards (Standard Contractual Clauses, etc.) for cross-border processing between India, the US and elsewhere.

We assist the controller with data-subject requests and will notify the controller without undue delay after becoming aware of a personal-data breach.

[To complete with counsel] Set notification timelines and the assistance scope.

[To complete with counsel] Describe audit rights and how third-party certifications (SOC 2 / ISO 27001, once obtained) satisfy them.

On termination, we return or delete personal data per the controller's instructions, subject to legal retention requirements.

[To complete with counsel] Attach Annex I (processing details), Annex II (technical & organisational measures) and Annex III (sub-processors).

To request a signed DPA, email info@vinproconnect.com.