This Data Processing Agreement (“DPA”) reflects the Parties’ agreement with respect to the Processing of Personal Data by Felix Technologies on behalf of your Company in connection with your Company’s subscription service of Felix Technologies’s property management software.

This DPA is supplemental to, and forms an integral part of, the subscription agreement (“Agreement”) and is effective upon its incorporation into the Agreement, which may be specified in the Agreement, a Head of Terms or an executed amendment to the Agreement. In case of any conflict or inconsistency with the terms of the Agreement, this DPA will take precedence over the terms of the Agreement to the extent of such conflict or inconsistency.

We update these terms from time to time. If you have an active software subscription with Felix Technologies, we will let you know when we do via email.

The term of this DPA will follow the term of the Agreement. Terms not otherwise defined in this DPA will have the meaning as set forth in the Agreement.

1. Definitions and Interpretation

  1. Unless otherwise defined herein, capitalized terms and expressions used in this Agreement shall have the following meaning:
    1. "DPA" means this Data Processing Agreement and all Schedules;
    2. “Agreement” means the software services subscription agreement
    3. "Company Personal Data" means any Personal Data Processed by a Contracted Processor on behalf of your company pursuant to or in connection with the Agreement;
    4. "Data Protection Laws" means EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other country;
    5. "EEA" means the European Economic Area;
    6. "EU Data Protection Laws" means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to time, including by the GDPR and laws implementing or supplementing the GDPR;
    7. "GDPR" means EU General Data Protection Regulation 2016/679;
    8. "Data Transfer" means:
      1. a transfer of Company Personal Data from Your company to a Contracted Processor; or
      2. an onward transfer of Company Personal Data from a Contracted Processor to a Subcontracted Processor, or between two establishments of a Contracted Processor, in each case, where such transfer would be prohibited by Data Protection Laws (or by the terms of data transfer agreements put in place to address the data transfer restrictions of Data Protection Laws);
    9. "Services" means the software subscription services provided by Felix Technologies
    10. "Sub-processor" means any person or legal entity appointed by or on behalf of Felix Technologies to process Personal Data on behalf of your company in connection with the Agreement.
    11. The terms, "Commission", "Controller", "Data Subject", "Member State", "Personal Data", "Personal Data Breach", "Processing" and "Supervisory Authority" shall have the same meaning as in the GDPR, and their cognate terms shall be construed accordingly.

2. Processing of Company Personal Data

  1. Felix Technologies shall:
    1. comply with all applicable Data Protection Laws in the Processing of Company Personal Data; and
    2. not process Company Personal Data other than the relevant following your Company’s documented instructions.
  2. Your Company instructs Felix Technologies to process Company Personal Data.
    1. Felix Technologies shall immediately notify the data controller if any instruction appears to violate EU or national data protection law.

3. Felix Technologies Personnel

  1. Felix Technologies shall take reasonable steps to ensure the reliability of any employee, agent or Sub-processor who may have access to the Company Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know / access the relevant Company Personal Data, as strictly necessary for the purposes of the Agreement, and to comply with Applicable Laws in the context of that individual’s duties to Felix Technologies, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.
    1. Felix shall upon request demonstrate confidentiality commitments are in place

4. Security

  1. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Felix Technologies shall in relation to the Company Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in Article 32(1) of the GDPR.
    1. In assessing the appropriate level of security, Felix Technologies shall take account in particular of the risks that are presented by Processing, in particular from a Personal Data Breach.

For Felix Technologies’ data protection and cyber security policies see here

5. Sub-processors

  1. Felix Technologies engages Sub-Processors to assist us with hosting and infrastructure and we may engage with Sub-Processors to support product features and integrations. All data in Felix Technologies proprietary software systems are located in the European Union or in countries that are in receipt of an adequacy decision from the European Commission following Regulation (EU) 2016/679, the EU-U.S. Data Privacy Framework.
    1. Felix Technologies shall only use Sub-Processors that are compliant with relevant national and EU level data protection laws including GDPR
    2. Felix Technologies shall always inform your Company on the use of sub-processors including, which sub-processors that processes which data
    3. Your Company gives Felix Technologies’ general autorisation to use sub-processors. However, Felix Technologies shall always inform your Company min. 30 days before adding/changing any sub-processors.
      1. Your Company shall inform Felix Technologogies of any objections to new/changes in sub-processors no later than 14 days after your Company having received the notification from Felix Technologies about the changes in sub-processors.

See list of current sub-processors. The list  may be updated by Felix Technologies from time to time.

6. Data Subject Rights

  1. Taking into account the nature of the Processing, Felix Technologies shall assist your Company by implementing appropriate technical and organisational measures, insofar as this is possible, for the fulfillment of the Company obligations, as reasonably understood by your Company, to respond to requests to exercise Data Subject rights under the Data Protection Laws.
    1. Such assistance shall, to the extent possible, include support in ensuring the Company’s compliance with the following obligations and rights of Data Subjects:
      1. the obligation to provide information where Personal Data are collected from the Data Subject;
      2. the obligation to provide information where Personal Data have not been obtained from the Data Subject;
      3. the right of access;
      4. the right to rectification;
      5. the right to erasure (“the right to be forgotten”);
      6. the right to restriction of Processing;
      7. the obligation to notify in connection with rectification or erasure of Personal Data or restriction of Processing;
      8. the right to data portability;
      9. the right to object; and
      10. the right not to be subject to a decision based solely on automated Processing, including profiling.