Store My Library
About Contact
Data Processing Agreement

Effective Date: 20 December 2024

This Data Processing Agreement (“Agreement”) is entered into by and between Sandes Ramon ("Data Controller") and Kajabi, LLC ("Data Processor"), collectively referred to as the "Parties". This Agreement governs the processing of personal data in connection with the services provided by the Data Processor to the Data Controller.

  1. Definitions
  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Data Controller: The entity that determines the purposes and means of processing personal data.
  • Data Processor: The entity that processes personal data on behalf of the Data Controller.
  • Data Subject: An identified or identifiable natural person to whom personal data relates.
  • Processing: Any operation or set of operations performed on personal data, whether by automated or manual means.
  1. Purpose of Data Processing

The Data Processor will process personal data solely for the purpose of providing the agreed-upon services to the Data Controller, including but not limited to providing course hosting, email marketing services, etc. The personal data may be used for the following specific purposes:

  • Managing user registrations and subscriptions.
  • Sending marketing communications and newsletters.
  • Providing customer support and user experience improvements.
  1. Data Controller’s Obligations

The Data Controller agrees to:

  • Ensure that it has a legal basis for processing the personal data, including obtaining consent where necessary.
  • Provide clear instructions to the Data Processor on how personal data should be processed.
  • Ensure that personal data is accurate, up to date, and, where necessary, corrected or erased.
  • Ensure that Data Subjects are informed of the processing of their personal data, as required by applicable laws.
  1. Data Processor’s Obligations

The Data Processor agrees to:

  • Process personal data only in accordance with the documented instructions from the Data Controller.
  • Implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk associated with processing personal data.
  • Assist the Data Controller in fulfilling its obligations to respond to requests for exercising the rights of Data Subjects, including access, rectification, deletion, and portability of personal data.
  • Notify the Data Controller without undue delay if it receives a request from a Data Subject to exercise their rights under data protection law.
  • Not engage any sub-processors without the prior written consent of the Data Controller. If sub-processors are used, the Data Processor will ensure that they are subject to the same data protection obligations as set out in this Agreement.
  1. Security of Data

The Data Processor shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk of personal data processing, including:

  • Encryption of personal data.
  • Access control and restrictions on personal data processing.
  • Regular data backups and disaster recovery planning.
  • Measures to prevent unauthorized access, disclosure, alteration, or destruction of personal data.
  1. Sub-processors

The Data Processor may use sub-processors to assist in the processing of personal data, provided that:

  • The Data Processor has obtained prior written consent from the Data Controller to use specific sub-processors.
  • The sub-processor is contractually bound to the same data protection obligations as those in this Agreement.
  • The Data Processor remains fully responsible for the actions of any sub-processors.
  1. International Data Transfers

If personal data is transferred outside the European Economic Area (EEA) or any other region where such transfers are regulated, the Data Processor agrees to implement appropriate safeguards to ensure compliance with applicable data protection laws, including the use of standard contractual clauses or other legally approved mechanisms.

  1. Data Retention and Deletion

The Data Processor will retain personal data only for as long as necessary to fulfill the purposes of processing as defined in this Agreement. Upon the termination of the Agreement or upon the Data Controller’s request, the Data Processor will delete or return all personal data in its possession, unless retention is required by law.

  1. Breach Notification

The Data Processor will notify the Data Controller without undue delay if it becomes aware of any personal data breach. The Data Processor will cooperate with the Data Controller in investigating the breach and fulfilling any obligations to notify relevant authorities or Data Subjects as required under applicable law.

  1. Audit Rights

The Data Controller may, upon reasonable notice, audit the Data Processor’s compliance with this Agreement, including inspecting the security measures in place for processing personal data. The Data Processor agrees to cooperate with such audits and provide the necessary access to records and facilities.

  1. Data Subject Rights

The Data Processor agrees to assist the Data Controller in responding to any requests made by Data Subjects to exercise their rights under applicable data protection laws, including requests for:

  • Access to personal data.
  • Rectification or deletion of personal data.
  • Restriction of processing.
  • Data portability.
  1. Indemnification

The Data Processor shall indemnify and hold harmless the Data Controller from any claims, losses, or damages arising from a breach of this Agreement or from the Data Processor’s failure to comply with applicable data protection laws.

  1. Governing Law and Dispute Resolution

This Agreement will be governed by and construed in accordance with the laws of Republic of Azerbaijan. Any disputes arising from this Agreement will be resolved in the courts of Republic of Azerbaijan, unless the Parties agree to an alternative dispute resolution mechanism.

  1. Amendments

This Agreement may be amended or updated by the Data Controller from time to time. The Data Processor will be notified of any material changes, and continued processing of personal data will be deemed acceptance of the revised terms.

  1. Contact Information

For any questions or concerns related to this Agreement or data protection practices, please contact:

  • Email: [[email protected]]
  • Phone: [+994709403883]
  • Address: [R.Gambarov 28. Baku, Azerbaijan]

Â