Data Processing Agreement (DPA)

Appointment contract under Article 28 of Regulation (EU) 2016/679 (GDPR). Version: 2026-04-16. To be validated with legal counsel before the public launch of the service.

1. Parties

Controller: the user registered on Fluenx, as identified by the BusinessProfile in their account area.

Processor: Studio Digitale (P.IVA 03704400831, Via La Farina 21, 98077 Santo Stefano di Camastra (ME), Italia), reachable at studiodigitaleconsulting@gmail.com.

2. Subject matter

The Processor processes, on behalf of the Controller, the personal data of data subjects collected via forms created by the Controller on the Fluenx platform. Data processed: name, email, phone number, form answers, technical metadata (pseudonymised IP, user agent), UTM/GCLID parameters.

3. Purposes

Processing is aimed at:

4. Duration

The agreement lasts as long as the Controller keeps the account active. Upon termination, all lead data is permanently deleted.

5. Obligations of the Processor

6. Security measures

7. Sub-processors

The Processor relies on the following authorised sub-processors:

Material changes to this list will be notified with 30 days' prior notice. The Controller may object in writing; absent a reasoned objection, the sub-processor is considered accepted.

8. Rights of the Controller

9. Liability and limitations

The Processor's liability is limited to cases of wilful misconduct or gross negligence in performing its contractual obligations. For the rest, the mandatory obligations of Article 28 GDPR apply.

10. Governing law

This agreement is governed by the laws applicable at the Processor's registered seat and by Regulation (EU) 2016/679. Place of jurisdiction: Via La Farina 21, 98077 Santo Stefano di Camastra (ME), Italia.