Become User
If you are new to our store, we glad to have you as member.
Already have an account ? Sign In
© Copyright 2010 - 2025. All rights reserved.
Terms & Conditions
General Data Protection Regulation (GDPR) Data Processing Agreement
This Data Processing Agreement (“Agreement”) forms part of the Terms and Conditions or Master Services Agreement between MetriflowSolutions ("Processor") and the client entity ("Controller") and applies to the extent that MetriflowSolutions processes personal data subject to the EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679).
1. Definitions
-
Personal Data: Any information relating to an identified or identifiable natural person.
-
Processing: Any operation performed on personal data such as collection, storage, use, disclosure, or deletion.
-
Controller: The party that determines the purpose and means of processing personal data.
-
Processor: The party that processes personal data on behalf of the controller.
-
Data Subject: The individual to whom the personal data relates.
2. Subject Matter and Duration
This Agreement governs the processing of personal data by the Processor on behalf of the Controller, for the duration of the service provision or until deletion or return of all personal data.
3. Nature and Purpose of Processing
MetriflowSolutions may process personal data only as necessary to:
-
Provide technical and customer services;
-
Operate, maintain, and improve our gas delivery and instrumentation products and services;
-
Comply with Controller instructions and legal obligations.
4. Categories of Data Subjects and Data
-
Data Subjects: Customers, users, employees, contractors.
-
Data Categories: Contact data, identification numbers, usage data, communication records.
5. Obligations of the Processor
MetriflowSolutions agrees to:
-
Process data only on documented instructions from the Controller;
-
Ensure staff confidentiality and training;
-
Implement appropriate technical and organizational security measures;
-
Assist the Controller in meeting GDPR obligations regarding data subject rights, breach notification, and impact assessments;
-
Maintain data processing records and make them available upon request.
6. Sub-processors
The Controller authorizes the use of sub-processors by the Processor. A list of current sub-processors is available upon request. The Processor will ensure that sub-processors are bound by the same data protection obligations under this Agreement.
7. International Data Transfers
Personal data may be stored and processed in the United States, where MetriflowSolutions is headquartered. MetriflowSolutions will ensure appropriate safeguards (such as Standard Contractual Clauses) are in place to protect data transferred outside the European Economic Area (EEA).
8. Security Measures
MetriflowSolutions implements appropriate security measures, including:
-
Data encryption in transit and at rest
-
Access control and monitoring
-
Regular system audits and vulnerability management
-
Business continuity and incident response procedures
9. Data Breach Notification
In the event of a personal data breach, the Processor will promptly notify the Controller and provide all relevant information to comply with legal reporting obligations.
10. Return or Deletion of Data
At the end of service provision, MetriflowSolutions will delete or return all personal data upon the Controller’s request, unless otherwise required by law.
11. Audit Rights
Upon reasonable notice, the Controller may conduct audits or request audit reports to verify Processor’s compliance with this Agreement.
12. Liability and Jurisdiction
Each party’s liability shall be governed by the main agreement between the parties. This Agreement is subject to the laws and courts of the Controller’s jurisdiction, unless otherwise stated.
IN WITNESS WHEREOF, the parties have executed this Agreement as of the Effective Date.