Data Processing Agreement (DPA)

Effective Date: 04/29/2025
Last Updated: 04/29/2025

This Data Processing Agreement (“Agreement”) is entered into between:

  • Vyzeo LLC, a company incorporated and operating in the United States with its principal place of business at [Insert address] (“Processor”), and

  • Any individual or organization using AssistLink whose personal data is processed (“Controller” or “Customer”).

This Agreement ensures that processing of personal data complies with the EU General Data Protection Regulation (GDPR), the UK GDPR, and other applicable data privacy laws.

1. Purpose

This Agreement governs the transfer and processing of personal data from the European Economic Area (EEA) and the United Kingdom (UK) to the United States in relation to Vyzeo’s services via AssistLink.

2. Data Processing Details

  • Subject Matter: Processing of personal data in connection with the use of AssistLink, a remote assistance platform.

  • Duration: For as long as the data subject maintains an active account or as required by law.

  • Nature and Purpose: To enable technical support services, including chat, file exchange, voice and video communication, scheduling, and AI-driven assistance.

  • Categories of Data Subjects: Platform users including customers, clients, technicians, and support agents.

  • Types of Personal Data:
    Names, email addresses, job titles, phone numbers, usernames, images, chat transcripts, session logs, IP addresses, and location data (when applicable).

3. Processor Obligations

Vyzeo LLC agrees to:

  • Process data only on documented instructions from the Customer

  • Implement appropriate security measures (physical, technical, and organizational)

  • Notify the Customer of any data breach without undue delay

  • Ensure confidentiality of staff involved in processing

  • Assist with data subject rights and regulatory compliance

4. Subprocessors

Vyzeo LLC may engage subprocessors such as AWS, Google Cloud, OpenAI, and analytics tools strictly for service functionality. Subprocessors are bound by similar privacy and security obligations. A list of subprocessors is available upon request.

5. International Transfers & SCCs

Where personal data is transferred from the EU/UK to the United States, the parties agree that:

  • The European Commission’s Standard Contractual Clauses (SCCs) are hereby incorporated by reference.

  • In case of conflict, the SCCs shall prevail.

  • All transfers are conducted in accordance with applicable safeguards, including technical measures like encryption and data minimization.

Read the full SCCs here.

6. Data Retention and Deletion

Upon service termination, Vyzeo LLC will delete or return all personal data unless retention is legally required or contractually agreed.

7. Contact

If you have any questions or require assistance related to privacy or data protection, please contact:
contact@vyzeo.com