top of page

Data Processing Agreement (DPA)

Data Processing Agreement (DPA)

Effective Date: June 12, 2026

Data Processing Agreement

This Data Processing Agreement ("Agreement") forms part of the agreement between AGAI Marketing ("Processor") and its client ("Controller") regarding the processing of personal data in connection with services provided by AGAI Marketing.

1. Purpose

This Agreement establishes the obligations of both parties regarding the collection, processing, storage, and protection of personal data processed during the delivery of AGAI Marketing services.

2. Definitions

For purposes of this Agreement:

  • Controller means the client who determines the purposes and means of processing personal data.

  • Processor means AGAI Marketing, which processes personal data on behalf of the Controller.

  • Personal Data means any information relating to an identified or identifiable natural person.

  • Processing includes collection, storage, organization, use, transmission, modification, deletion, or other handling of personal data.

3. Scope of Processing

AGAI Marketing may process personal data only to provide requested services, including but not limited to:

  • Website development

  • Marketing campaigns

  • Search engine optimization (SEO)

  • Social media management

  • AI automation

  • CRM integrations

  • Email marketing

  • Analytics

  • Business consulting

  • App development

  • Digital product delivery

Processing will be limited to what is reasonably necessary to perform these services.

4. Types of Data

Depending on the project, processed data may include:

  • Names

  • Email addresses

  • Phone numbers

  • Business information

  • Billing information

  • Website visitor information

  • IP addresses

  • Marketing analytics

  • Customer inquiries

  • CRM records

The specific categories depend on the services requested by the client.

5. Processor Obligations

AGAI Marketing agrees to:

  • Process personal data only according to the client's documented instructions.

  • Maintain appropriate technical and organizational security measures.

  • Protect personal data against unauthorized access, disclosure, alteration, or destruction.

  • Limit access to authorized personnel and contractors who require access to perform services.

  • Maintain confidentiality regarding processed data.

6. Subprocessors

AGAI Marketing may engage trusted third-party service providers ("Subprocessors") necessary to deliver services.

These may include providers such as:

  • Google

  • Meta

  • Microsoft

  • OpenAI

  • Stripe

  • PayPal

  • Shopify

  • Wix

  • Base44

  • Mailchimp

  • Calendly

  • Zapier

  • Cloud hosting providers

  • CRM providers

  • Analytics providers

AGAI Marketing will use commercially reasonable efforts to ensure subprocessors provide appropriate safeguards for personal data.

7. International Transfers

Where personal data is transferred internationally, AGAI Marketing will take commercially reasonable measures to ensure an appropriate level of protection consistent with applicable law.

8. Security Measures

AGAI Marketing maintains reasonable administrative, technical, and organizational safeguards designed to protect personal data, including:

  • Secure hosting

  • Encryption where appropriate

  • Password protection

  • Access controls

  • Backup procedures

  • Security monitoring

No electronic system can guarantee absolute security.

9. Data Subject Rights

Where applicable, AGAI Marketing will reasonably assist the client in responding to requests relating to:

  • Access

  • Correction

  • Deletion

  • Restriction of processing

  • Data portability

  • Objections to processing

Such assistance may be subject to reasonable administrative costs where permitted by law.

10. Data Breach Notification

If AGAI Marketing becomes aware of a confirmed personal data breach affecting client data, it will notify the client without undue delay after becoming aware of the incident, where required by applicable law.

11. Data Retention

Personal data will be retained only as long as necessary to perform contracted services, satisfy legal obligations, resolve disputes, or enforce agreements, after which it may be securely deleted or anonymized.

12. Confidentiality

All employees, contractors, and authorized personnel with access to personal data are subject to confidentiality obligations.

13. Limitation of Liability

Nothing in this Agreement expands either party's liability beyond the limitations contained in the primary service agreement between the parties, except where prohibited by applicable law.

14. Governing Law

This Agreement shall be governed by the laws of the State of Illinois, United States, unless otherwise required by mandatory applicable privacy legislation.

15. Contact Information

Questions regarding this Data Processing Agreement may be directed to:

AGAI Marketing

Email: info@agaimarketing.com

Website: www.agaimarketing.com

Chicago, Illinois, USA

bottom of page