Get started
Data Processing Agreement - webwebgogo

Data Processing Agreement (DPA)

Last updated: March 2026

This Data Processing Agreement ("Agreement") forms part of the service agreement between Dehorse v/ Gus, operating under the brand name webwebgogo ("Processor"), and the client ("Controller").

This Agreement governs the processing of personal data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR").

1. Roles of the Parties

For the purposes of this Agreement:

  • The Client acts as the Data Controller.
  • Dehorse v/ Gus (webwebgogo) acts as the Data Processor.

The Controller determines the purposes and means of processing personal data. The Processor processes personal data only on behalf of the Controller.

2. Scope of Processing

The Processor may process personal data only to the extent necessary to provide website management and related services.

This may include activities such as:

  • Website maintenance and updates
  • Website migrations
  • Infrastructure management
  • Technical troubleshooting
  • Performance monitoring
  • Integration with third-party services

Categories of Data Subjects

Personal data processed may relate to:

  • Website visitors
  • Customers of the Controller
  • Employees or contractors of the Controller

Categories of Personal Data

Depending on the systems involved, personal data may include:

  • Names
  • Email addresses
  • IP addresses
  • Account credentials
  • Technical website data
  • Form submissions

3. Processing Instructions

The Processor shall process personal data only in accordance with documented instructions from the Controller unless required to do otherwise by applicable law.

4. Confidentiality

The Processor ensures that all personnel authorized to process personal data are subject to confidentiality obligations.

5. Security Measures

The Processor shall implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction.

These measures may include:

  • Secure access controls
  • Encrypted connections (HTTPS)
  • Access restriction to authorized personnel
  • Secure hosting environments

6. Sub-Processors

The Processor may engage third-party service providers ("Sub-Processors") to assist in delivering services.

Current Sub-Processors may include:

  • FastComet – hosting services
  • Stripe – payment processing
  • SendOwl – ecommerce and order management
  • Google Analytics – analytics services
  • Zapier – workflow automation

The Processor may appoint additional Sub-Processors as necessary. The Controller will be notified of significant changes to Sub-Processors.

7. International Transfers

Where personal data is transferred outside the European Economic Area, the Processor shall ensure that appropriate safeguards are in place in accordance with GDPR requirements.

8. Assistance to the Controller

The Processor shall reasonably assist the Controller in fulfilling obligations related to:

  • Data subject access requests
  • Data protection impact assessments
  • Compliance with GDPR obligations

9. Data Breach Notification

The Processor shall notify the Controller without undue delay upon becoming aware of a personal data breach affecting data processed under this Agreement.

10. Data Deletion or Return

Upon termination of services, the Processor shall, at the Controller's request, delete or return personal data unless retention is required by applicable law.

11. Audits

The Controller may request reasonable information demonstrating compliance with this Agreement.

12. Limitation of Liability

Liability relating to data protection shall follow the liability provisions defined in the primary service agreement between the parties.

13. Governing Law

This Agreement shall be governed by the laws of Denmark.

14. Contact

For questions regarding this Agreement or data protection matters:

legal@webwebgogo.com

Thank you!

We'll be in touch with you really soon!