1. Purpose of the Addendum

This Data Processing Addendum (“DPA”) forms part of the Terms and Conditions of SN WHITE HOSTING™, operated by SN SOLUTIONS LLC (EIN: 32-0817400), and governs the processing of personal data we carry out on behalf of the Client, in accordance with Regulation (EU) 2016/679 (GDPR) and other applicable data protection laws.

2. Roles and Definitions

• Controller: The Client, who determines the purposes and means of processing personal data.

• Processor: SN WHITE HOSTING™, which processes personal data on behalf of the Client.

• Sub-processor: Any third party engaged by SN WHITE HOSTING™ to carry out part of the processing.

3. Obligations of SN WHITE HOSTING™

We undertake to:

1. Process personal data only in accordance with documented instructions from the Client.

2. Ensure that persons authorized to process personal data are bound by confidentiality obligations.

3. Implement appropriate technical and organizational measures to ensure the security of personal data.

4. Assist the Client in ensuring compliance with its obligations regarding security, breach notifications, and impact assessments.

5. Delete or return all personal data upon termination of the services.

4. Sub-processors

• The Client authorizes the use of sub-processors listed in our Política de Privacidad.

• If we add or replace sub-processors, we will notify the Client at least 15 days in advance.

• We will require all sub-processors to comply with the same data protection obligations set out in this DPA.

5. International Transfers

When personal data is transferred outside the European Economic Area, appropriate legal mechanisms will be in place, such as Standard Contractual Clauses approved by the European Commission.

6. Data Security

• We will apply appropriate security measures, including encryption, access controls, backups, and system monitoring.

• We will periodically review the effectiveness of these measures.

7. Security Breach Notification

In the event of a security breach affecting personal data, we will notify the Client without undue delay and provide relevant information to enable the Client to meet its legal obligations.

8. Data Subject Rights

When the Client receives a request to exercise data subject rights (access, rectification, erasure, etc.), SN WHITE HOSTING™ will assist in fulfilling such requests where it is within the scope of our services.

9. Audits

The Client may, upon reasonable notice, audit compliance with this DPA directly or through an independent auditor, provided such audits do not unreasonably interfere with our operations.

10. Amendments to the DPA

We may amend this DPA to reflect legal or technical changes. Any amendments will be notified at least 15 days prior to taking effect.