SEO Webroute LTD
1. Parties
This Service & Data Protection Agreement ("Agreement") is entered into between:
Provider: SEO Webroute LTD, Unit 6 Hill View Studios, 160 Eltham Hill, SE9 5EA London, United Kingdom (Company Reg. No: 12061447) and the customer who orders or uses the services of SEO Webroute LTD ("Customer").
2. Purpose
The purpose of this Agreement is to define the terms under which the Provider delivers cloud, hosting, and related online services ("Services") and to ensure the protection and lawful processing of personal data in accordance with applicable data protection laws, including the UK GDPR and the EU GDPR where applicable.
3. Scope of Services
The Provider shall supply the Services as described in the Customer's order or service plan. Service levels, technical specifications, and pricing are set out in the Customer's specific order, service plan or the Provider's Terms of Service.
4. Roles under Data Protection Law
For the purposes of applicable data protection law, the Customer is the Data Controller and the Provider acts as a Data Processor with respect to personal data processed on behalf of the Customer under this Agreement.
5. Processing Instructions
5.1 The Provider shall process personal data only on documented instructions from the Customer and only to the extent necessary to provide the Services.
5.2 The Customer shall provide all necessary instructions regarding the processing of personal data and shall ensure it has a lawful basis for such processing.
6. Security Measures
The Provider shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.
7. Sub-processors
7.1 The Provider may engage sub-processors (e.g. data centre operators or service providers such as Hetzner Online GmbH) to perform specific processing activities.
7.2 The Provider shall ensure that any sub-processor is subject to written obligations equivalent to those in this Agreement and remains liable for the sub-processor's compliance with such obligations.
8. International Data Transfers
Personal data will remain within the UK/EU unless otherwise agreed in writing. Where transfers to third countries occur, the Provider will implement appropriate safeguards (e.g. Standard Contractual Clauses, adequacy decisions) to ensure lawful transfer.
9. Confidentiality
Each party shall keep confidential all non-public information received from the other party in connection with this Agreement and shall not disclose such information to third parties except as permitted by this Agreement or required by law.
10. Data Subject Rights
The Provider shall assist the Customer, to the extent reasonably possible, in responding to requests from data subjects exercising their rights under applicable data protection laws (e.g. access, rectification, erasure, restriction, portability, objection).
11. Incident Management & Notification
In the event of a personal data breach affecting Customer data, the Provider shall notify the Customer without undue delay and provide reasonable information and assistance to enable the Customer to comply with applicable breach notification obligations.
12. Audit & Compliance
The Provider shall make available to the Customer information necessary to demonstrate compliance with applicable data protection obligations and shall permit and contribute to audits and inspections, subject to reasonable confidentiality safeguards and prior notice.
13. Retention, Deletion & Return of Data
Upon termination or expiry of the Services, the Provider shall, at the Customer's choice, delete or return all personal data processed on behalf of the Customer, unless retention of specific data is required by law. If data is retained by law, the Provider will isolate and protect such data and inform the Customer of the legal requirement.
14. Customer Obligations
The Customer is responsible for (i) the lawfulness of processing the personal data it supplies or stores using the Services, (ii) obtaining any necessary consents, and (iii) providing accurate instructions to the Provider.
15. Liability & Indemnity
Each party's liability is subject to the limitations set out in the Provider's main Terms of Service. Each party indemnifies the other for losses resulting from breaches of this Agreement to the extent permitted by applicable law.
16. Term & Termination
This Agreement is effective while the Provider provides Services to the Customer. Termination of the Services will be handled in accordance with the applicable Service Terms; data return or deletion procedures will follow clause 13 above.
17. Governing Law & Jurisdiction
This Agreement shall be governed by and construed in accordance with the laws of England and Wales. The courts of England and Wales shall have exclusive jurisdiction over disputes arising from this Agreement, unless otherwise agreed in writing.
18. Miscellaneous
18.1 Amendments to this Agreement shall be made in writing.
18.2 If any provision of this Agreement is found to be invalid or unenforceable, the remainder shall continue in full force and effect.
18.3 Nothing in this Agreement shall restrict either party from complying with legal obligations imposed by competent authorities.
Contact for Data Protection Matters
For enquiries related to data protection under this Agreement, please contact:
SEO Webroute LTD – Data Protection
Unit 6 Hill View Studios, 160 Eltham Hill, SE9 5EA London, United Kingdom
Email: info@webroute.com
Phone: +44 20 4577 2022
Effective Date: 16 April 2025
Disclaimer: This Agreement is a template and does not constitute legal advice. Please consult a qualified legal professional to ensure compliance with applicable laws and to adapt this Agreement to your specific circumstances.
DE (Deutsch)