Last updated: 4 July 2026
DATA PROCESSING AGREEMENT
Parties: 1. Customer, hereinafter: Controller; 2. VylorNode, sole proprietorship of Djamiro Nijhuis, Chamber of Commerce 42105657, hereinafter: Processor.
Article 1. Purpose and subject
1.1This Data Processing Agreement applies where VylorNode processes personal data on behalf of the customer.
1.2The processing takes place in the context of hosting services, support, backups, security and technical management.
1.3The customer determines the purposes and means of processing data placed by the customer on the service.
1.4VylorNode processes personal data only on the customer’s instructions, unless law requires otherwise.
Article 2. Types of personal data
2.1Possible personal data:
2.2The exact data depends on the customer’s use.
Article 3. Categories of data subjects
3.1Possible data subjects:
Article 4. Duration
4.1The processing lasts as long as VylorNode provides services to the customer.
4.2After termination, VylorNode deletes or returns personal data in accordance with the agreement and technical possibilities.
Article 5. Security
5.1VylorNode takes appropriate technical and organizational measures.
5.2Measures may include:
5.3The customer is responsible for their own application security, passwords, plugins and server configuration.
Article 6. Confidentiality
6.1Persons who have access to personal data on behalf of VylorNode are bound by confidentiality.
6.2Access is limited to what is necessary.
Article 7. Subprocessors
7.1VylorNode may engage subprocessors for hosting, payments, email, support, monitoring and administration.
7.2A current subprocessor list is included in the subprocessor list.
7.3VylorNode ensures appropriate agreements with subprocessors.
7.4The customer may object to new subprocessors where there is a compelling privacy reason.
Article 8. International transfers
8.1Where personal data is processed outside the EEA, VylorNode ensures appropriate safeguards where required.
8.2This may include standard contractual clauses.
Article 9. Data breaches
9.1VylorNode notifies the customer as soon as possible after discovering a data breach affecting the customer’s personal data.
9.2The notification includes, to the extent known:
9.3The customer remains responsible for any notification to the Dutch Data Protection Authority and data subjects, unless VylorNode itself is controller for the relevant processing.
Article 10. Data subject rights
10.1VylorNode reasonably assists the customer with data subject requests to the extent the customer cannot handle them independently.
10.2VylorNode may charge reasonable costs for extensive or complex requests.
Article 11. Audits
11.1The customer may request reasonable information about security measures.
11.2Audits must be announced in writing in advance and must not disrupt security or business operations.
11.3VylorNode may protect confidential information, other customers and security details.
Article 12. Deletion and return
12.1After termination, the customer may export data within the available period.
12.2After the retention period, VylorNode deletes data according to technical procedures.
12.3Backups are overwritten according to backup cycles.
Article 13. Liability
13.1Liability follows the limitations in the main agreement, to the extent permitted by law.
13.2The customer indemnifies VylorNode against claims arising from unlawful processing by customer content or customer instructions.
Article 14. Final provisions
14.1This Data Processing Agreement forms part of the agreement between the customer and VylorNode.
14.2Dutch law applies.
