Data Processing Agreement
This Data Processing Agreement (“DPA”) forms part of the Formixx Terms of Servicebetween Zensbot LLC (“Formixx”, “we”, “processor”) and you (the merchant who installed the app, “controller”). It reflects the requirements of Article 28 of the GDPR and equivalent provisions under other applicable data-protection laws.
1. Roles and parties
You are the data controllerof your customers’ personal data. Formixx is the data processor acting on your documented instructions. Each party is responsible for its own compliance with applicable law.
2. Subject matter and duration
- Subject matter: Processing of customer personal data to confirm Cash-on-Delivery Shopify orders via IVR, WhatsApp, and related communications.
- Duration: For as long as the app is installed, plus a retention period per Section 10.
- Nature & purpose: Automated contact of end customers to confirm order intent, and writing outcome tags and notes to the Shopify order.
- Categories of data subjects: End customers of your Shopify store who place a COD order.
- Categories of personal data: Phone number, order metadata, shipping/billing address, DTMF/WhatsApp responses, call-attempt audit records.
3. Our obligations as processor
We will:
- Process personal data only on your documented instructions (your install and configured settings constitute instructions).
- Ensure personnel with access to personal data are under confidentiality obligations.
- Implement the technical and organisational measures described in our Security statement.
- Not engage sub-processors without general written authorization — see Section 5.
- Assist you in responding to data-subject requests (access, rectification, erasure, portability, restriction, objection).
- Assist you in complying with obligations under Articles 32–36 GDPR (security, breach notification, DPIAs, consultations).
- Delete or return personal data on termination per Section 10.
- Make available information necessary to demonstrate compliance and submit to audits per Section 8.
4. Your obligations as controller
You will:
- Only share personal data you have a lawful basis to process (e.g. contractual necessity for COD confirmation).
- Provide customers with an appropriate privacy notice (you may link to our Privacy Policy for our processing specifics).
- Respect opt-out requests — see DNC Policy.
5. Sub-processors
You authorize us to engage the following sub-processors:
| Sub-processor | Location | Purpose |
|---|---|---|
| Shopify Inc. | Canada | Order + shop API |
| Robocall.pk (Sayf International) | Pakistan | IVR call delivery |
| Meta Platforms Ireland | Ireland | WhatsApp Business API (optional feature) |
| Cloudflare, Inc. | USA + global edge | DDoS/WAF, TLS termination |
| Vercel Inc. | USA + global edge | Dashboard + marketing hosting |
| Resend Inc. | USA | Transactional email |
| Hostinger International | EU | VPS hosting the Fastify backend |
We’ll give at least 30 days’ notice before adding or replacing a sub-processor. You may object by uninstalling the app; no other cancellation mechanism is required.
6. International transfers
Where sub-processors are outside your jurisdiction, we rely on (a) Standard Contractual Clauses, or (b) the sub-processor’s own adequacy or equivalent transfer mechanism. Cloudflare, Vercel, Shopify, Meta, and Resend all publish SCCs.
7. Security & breach notification
We maintain the technical and organisational measures listed in our Security statement. In the event of a personal-data breach, we’ll notify you within 72 hours of becoming aware, with the information required under Article 33(3) GDPR. You are responsible for onward notifications to supervisory authorities and data subjects.
8. Audit
You may audit our compliance once per year on reasonable notice (no less than 30 days), remotely via questionnaire. On-site audits are available on mutually agreed terms at your cost, except where a breach is suspected.
9. Data-subject requests
Customers whose data we process on your behalf should first be directed to you as controller. We assist you by surfacing Shopify’s compliance webhooks (customers/data_request, customers/redact, shop/redact), which we honor within 30 days.
10. Return or deletion on termination
On uninstall, we mark your shop inactive within 24 hours. Active-session data (tokens, session cookies, pending magic links) is deleted within 30 days. Orders, call attempts, and webhook events are retained per the retention schedule in our Privacy Policy (up to 7 years for commercial-record purposes) unless you request earlier deletion, in which case we will carry it out within 30 days where no legal hold applies.
11. Liability
Our liability under this DPA is subject to the cap in Section 8 of our Terms of Service.
12. Governing law
This DPA is governed by the laws of the Islamic Republic of Pakistan. The governing law of the controller’s jurisdiction may apply to the extent required by local mandatory data-protection laws.
13. Signing
Installation of the Formixx app constitutes acceptance of this DPA. No physical signature is required unless mandated by your local law; contact legal@zensbot.com for a counter-signed copy.
v0 draft. Review with counsel before submitting the app to the Shopify App Store or relying on this page in a legal dispute.