Data Processing Agreement (DPA)

Jan 31, 2026

Data Processing Agreement (DPA)

Effective Date: 05-03-2026

This Data Processing Agreement ("DPA") forms part of any agreement between Nexora Veris ("Processor") and its clients ("Controller") where Nexora Veris processes personal data on behalf of the client.

1. Purpose

This DPA defines the responsibilities and obligations of both parties regarding the processing of personal data and compliance with applicable data protection laws, including GDPR and similar regulations.

2. Scope of Processing

Nexora Veris may process personal data solely for the purpose of delivering contracted services, including:

  • Customer support operations

  • Technical support services

  • Back-office processing

  • Administrative support

  • Business process outsourcing activities

Processing activities shall be limited to documented instructions provided by the Controller.

3. Categories of Data

Depending on service requirements, personal data may include:

  • Names

  • Contact information

  • Customer account details

  • Transaction information

  • Support communications

  • Business-related records

Sensitive personal information shall only be processed when explicitly authorized and legally permitted.

4. Processor Obligations

Nexora Veris shall:

  • Process data only on documented instructions

  • Maintain confidentiality obligations

  • Implement appropriate security measures

  • Assist clients in fulfilling data subject requests

  • Notify clients of data breaches without undue delay

  • Maintain records of processing activities where required

5. Security Measures

Nexora Veris implements appropriate safeguards including:

  • Access controls

  • Employee confidentiality agreements

  • Role-based permissions

  • Secure cloud infrastructure

  • Data encryption where applicable

  • Security monitoring and incident management procedures

6. Subprocessors

Nexora Veris may engage approved subprocessors for services such as:

  • Cloud hosting

  • Communication platforms

  • CRM systems

  • Analytics services

All subprocessors are required to maintain appropriate data protection standards.

7. International Transfers

Where personal data is transferred across borders, Nexora Veris will implement appropriate safeguards consistent with applicable data protection laws.

8. Data Subject Rights

Nexora Veris will reasonably assist clients in responding to requests involving:

  • Data access

  • Correction

  • Deletion

  • Restriction of processing

  • Data portability

  • Objections to processing

9. Data Breach Notification

In the event of a confirmed personal data breach affecting client data, Nexora Veris will notify the client without undue delay and provide relevant information necessary for compliance obligations.

10. Data Retention and Deletion

Upon termination of services, personal data shall be returned or securely deleted, subject to legal, regulatory, or contractual retention requirements.

11. Audits and Compliance

Upon reasonable request, Nexora Veris may provide information demonstrating compliance with applicable data protection obligations.

12. Contact Information

Nexora Veris

Email: admin@nexoraveris.com

Website: www.nexoraveris.com