Sales Q Data Processing Agreement

Effective Date: August 1, 2025
Last Updated: August 1, 2025

This Data Processing Agreement (“DPA”) forms part of the Terms of Service between Sales Q CRM LLC (“Processor,” “we,” “our,” or “us”) and the customer (“Controller,” “you,” or “your”) who uses the Sales Q CRM platform (the “Platform”).

This DPA governs our processing of personal data on your behalf in compliance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the UK GDPR, and the California Consumer Privacy Act of 2018 (“CCPA”) (as amended by the CPRA).

  1. Definitions
    “Personal Data” means any information relating to an identified or identifiable natural person.
    “Processing” means any operation performed on Personal Data, such as collection, storage, use, transfer, or deletion.
    “Controller” means the entity that determines the purposes and means of the Processing of Personal Data.
    “Processor” means Sales Q CRM LLC, which Processes Personal Data on behalf of the Controller.
    “Sub-processor” means any third party engaged by the Processor to assist with Processing.
  2. Roles of the Parties
    • You act as the Controller of the Personal Data you upload to or process through the Platform.
    • We act as the Processor, processing Personal Data only on documented instructions from you.
    • You are responsible for ensuring that your use of the Platform complies with applicable privacy laws.
  3. Scope and Purpose of Processing
    We will process Personal Data solely to:
    • Provide, maintain, and improve the CRM Platform.
    • Enable integrations (including Google email syncing).
    • Provide technical support and account management.
    • Comply with legal obligations.
      We will not use Personal Data for advertising, profiling, or resale
  4. Controller Instructions
    • We will process Personal Data only in accordance with your documented instructions, including as necessary to provide the Platform.
    • If we are legally required to process Personal Data, we will inform you (unless prohibited by law).
  5. Sub-processing
    • You authorize us to engage Sub-processors to provide services (e.g., hosting providers, email delivery providers, analytics tools).
    • We remain responsible for ensuring Sub-processors provide sufficient guarantees of data protection.
    • A list of Sub-processors is available upon request and may be updated with notice to you.
  6. Security Measures
    We will implement appropriate technical and organizational measures to protect Personal Data, including:
    • Encryption in transit and at rest.
    • Access controls and authentication.
    • Regular monitoring and logging.
    • Employee confidentiality agreements.
  7. Data Subject Rights
    We will assist you in responding to data subject requests, including:
    • Access, correction, or deletion of Personal Data.
    • Objection to or restriction of Processing.
    • Data portability requests.
  8. Data Breach Notifications
    In the event of a Personal Data breach, we will notify you without undue delay after becoming aware of it and provide relevant information to support compliance with legal obligations.
  9. Data Retention and Deletion
    • We will retain Personal Data only as long as necessary to provide the Platform or as required by law.
    • Upon termination of services, we will delete or return all Personal Data unless retention is legally required.
  10. International Data Transfers
    • If Personal Data is transferred outside the country of origin, we will ensure adequate safeguards, such as the EU Standard Contractual Clauses (SCCs).
    • Transfers to the United States will rely on appropriate legal mechanisms.
  11. Audits and Compliance
    • We will make available information necessary to demonstrate compliance with this DPA.
    • You may conduct audits (subject to reasonable notice and scope) to verify our compliance.
  12. CCPA/CPRA Compliance (if applicable)
    • We act as a “Service Provider” under the CCPA/CPRA.
    • We will not retain, use, or disclose Personal Data for purposes other than those specified in this DPA or permitted by law.
    • We will not “sell” or “share” Personal Data as defined under CCPA/CPRA.
  13. Governing Law
    This DPA shall be governed by the laws of the State of Texas, without regard to conflict of law principles.
  14. Term
    This DPA remains in effect as long as we process Personal Data on your behalf.
  15. Contact
    For questions regarding this DPA, please contact:
    Sales Q CRM LLC
    3401 Custer Rd, Suite 126
    Plano, TX 75023
    [email protected]
    1.