This Data Processing Agreement (“DPA”) forms part of the agreements between Linguise by DXT ONE (“Processor”) and the customer (“Controller”) using Linguise’s website translation services.
“Applicable Data Protection Law” means all laws and regulations applicable to the Processing of Personal Data under the Agreement, including but not limited to the GDPR.
“GDPR” means the General Data Protection Regulation (EU) 2016/679.
“Personal Data” means any information relating to an identified or identifiable natural person as defined in the GDPR.
“Processing” means any operation performed on Personal Data, whether or not by automated means.
“Subprocessor” means any Processor engaged by Linguise to Process Personal Data.
2.1 Parties
Data Processor: Linguise by DXT ONE, EIN: 922291269, registered at 32565 B Golden Lantern St, Suite 191, Dana Point CA 92629
Data Controller: The customer using Linguise’s translation services
2.2 Subject Matter and Duration
This DPA applies to the Processing of Personal Data by Linguise when providing automatic website translation services. It remains valid for the duration of the service agreement between the parties.
3.1 Purpose of Processing
Linguise processes website content solely for the purpose of providing automatic neural machine translation services to the Controller.
3.2 Types of Personal Data
The Personal Data processed may include any personal information contained within the Controller’s website HTML content submitted for translation.
3.3 Categories of Data Subjects
Data subjects may include the Controller’s website visitors, customers, employees, or any individuals whose personal information appears on the Controller’s website.
3.4 Subprocessor list
| Sub-Processor | Purpose | Location |
|---|---|---|
| Stripe | Payment Processing | USA |
| Mailjet | Email Marketing | EU |
| Brevo | Customer Data Management | EU |
| PayPal | Payment Processing | USA |
4.1 Linguise shall:
a) Process Personal Data only on documented instructions from the Controller;
b) Ensure that persons authorized to process Personal Data are committed to confidentiality;
c) Implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
d) Respect the conditions for engaging Subprocessors as set forth in Section 5;
e) Assist the Controller in responding to requests from data subjects;
f) Assist the Controller in ensuring compliance with security obligations, data breach notifications, and data protection impact assessments;
g) Delete or return all Personal Data to the Controller after the end of the provision of services;
h) Make available to the Controller all information necessary to demonstrate compliance.
5.1 The Controller hereby authorizes Linguise to engage Google Cloud AI translation as a Subprocessor for translation services.
5.2 Linguise shall inform the Controller of any intended changes concerning the addition or replacement of Subprocessors, giving the Controller the opportunity to object to such changes.
5.3 Linguise shall impose the same data protection obligations on Google Cloud AI as set out in this DPA.
6.1 Linguise may transfer Personal Data to countries outside the European Economic Area (EEA) only with adequate safeguards in place and in compliance with Applicable Data Protection Law.
6.2 For transfers to Google Cloud AI, Linguise ensures that appropriate Standard Contractual Clauses or other valid transfer mechanisms are in place.
7.1 Linguise shall notify the Controller without undue delay after becoming aware of a personal data breach.
7.2 The notification will at minimum:
8.1 Linguise shall, to the extent legally permitted, promptly notify Controller if it receives a request from a data subject to exercise their rights under Applicable Data Protection Law.
8.2 Linguise shall provide reasonable assistance to the Controller to facilitate the Controller’s response to such requests.
9.1 Translation data are stored on Linguise cache servers until the Controller updates the content in the original language or until the Controller’s membership expires.
9.2 Upon termination of services, Linguise shall delete or return all Personal Data to the Controller as requested and delete existing copies unless legally required to store the Personal Data.
10.1 The Controller may audit Linguise’s compliance with this DPA, with reasonable notice and subject to appropriate confidentiality obligations.
11.1 Each party shall be liable for damages caused by its own breach of this DPA or Applicable Data Protection Law.
12.1 Precedence
In the event of any conflict between this DPA and other agreements between the parties, this DPA shall prevail with regard to the parties’ data protection obligations.
12.2 Amendments
Any amendments to this DPA shall be in writing and signed by both parties.
12.3 Severability
Should any provision of this DPA be invalid or unenforceable, the remainder of the DPA shall remain valid and in force.
