Data Processing Agreement (DPA)
This Data Processing Agreement (“DPA”) forms part of the agreement between MANPACK PTE. LTD. (“Processor”) and the customer using our services (“Customer” or “Controller”).
1. Roles of the Parties
● The Customer is the Data Controller for personal data processed using the services.
● MANPACK PTE. LTD. acts as a Data Processor on behalf of the Customer.
2. Scope of Processing
The Processor shall process personal data only:
● On documented instructions from the Customer
● For the purpose of providing the contracted services
● In accordance with the PDPA and applicable laws
3. Types of Personal Data and Data Subjects
Personal data may include contact details, call recordings, call transcripts, and related metadata. Data subjects may include the Customer’s business contacts, prospective customers, customers, employees, or other individuals contacted via outbound calls.
4. Confidentiality
The Processor shall ensure that personnel authorised to process personal data are subject to appropriate confidentiality obligations.
5. Security Measures
The Processor shall implement reasonable security arrangements to protect personal data in accordance with Section 24 of the PDPA.
6. Sub-Processors
The Customer authorises the Processor to engage sub-processors as necessary to deliver the services. The Processor shall remain responsible for ensuring that sub-processors provide comparable levels of data protection.
7. Cross-Border Transfers
Where personal data is transferred outside Singapore, the Processor shall ensure compliance with PDPA transfer limitation obligations.
8. Data Breach Notification
The Processor shall notify the Customer without undue delay upon becoming aware of a data breach affecting personal data processed on behalf of the Customer.
9. Deletion of Data
The Customer may request the deletion of personal data processed in connection with the services. Upon receiving a valid deletion request, the Service Provider will delete the relevant personal data unless retention is required to comply with applicable laws, regulatory requirements, or lawful requests by public authorities.
10. Liability
Each party shall be responsible for its own compliance with the PDPA. Nothing in this DPA limits liability to the extent prohibited by law.