# Restaurant Data Processing Agreement
Last updated: 2024-03-01
Email: [support @ restdm.com]
Restaurant Daily Menu OÜ
Registry Code: 17213237
Business Address: Sepapaja tn 6, 15551 Tallinn, Harju Maakond, Estonia
Effective Date: 01/May/2025
This Agreement is between Restaurant Daily Menu OÜ ("Processor") and the Restaurant client ("Controller").
1. DEFINITIONS
- "Personal Data" means any data identifying an individual.
- "Data Protection Laws" includes GDPR, Chile's Law 19.628, Argentina's Law 25.326, and Mexico's LFPDPPP.
- "Subprocessor" means a third party that processes data on behalf of the Processor.
2. PURPOSE
- To provide SaaS platform functionality, analytics, and review management for restaurant clients.
3. OBLIGATIONS OF THE PROCESSOR
- Process data only per Controller instructions.
- Ensure confidentiality and security.
- Assist with data subject requests (ARCO/GDPR).
- Delete or return data upon termination unless retention is required by law.
4. SUBPROCESSORS
- Controller consents to subprocessors like AWS, Stripe.
- List available at: [Insert URL]
- 30-day notice required for new subprocessors.
5. DATA TRANSFERS
- All data is hosted in the EU.
- LATAM users consent to international transfers per GDPR Standard Contractual Clauses.
6. SECURITY
- Measures include encryption, access control, and internal audits.
- Overview available upon request.
7. AUDIT RIGHTS
- The Controller may request audits with reasonable notice.
8. LIABILITY
- Each party is liable for breaches of this agreement or data protection laws.
9. TERMINATION
- Data must be returned or deleted upon termination, unless required by law.
10. GOVERNING LAW
- This DPA is governed by Estonian law and applicable data protection legislation.
Signed:
Restaurant Daily Menu OÜ
Sepapaja tn 6, 15551 Tallinn, Estonia
## Contact Information
For support and inquiries: [support @ restdm.com]