Data Processor
Agreement
Effective Date: May 1, 2025. Defining the technical responsibilities and security boundaries between Depth Nepal and our global partners.
1. Introduction
This Data Processor Agreement ("Agreement") outlines the terms under which Depth Nepal ("Processor") processes personal data on behalf of our clients ("Controller") to ensure absolute compliance with global data standards.
2. Scope & Purpose
This Agreement applies to all data processing activities conducted by Depth Nepal in connection with our data engineering, BI, analytics, and data-driven product design services.
3. Controller Responsibilities
The Controller warrants they have a valid legal basis for processing and that all instructions given to the Processor comply with applicable data protection laws.
4. Processor Obligations
We commit to processing limitations based on Controller instructions, strict personnel confidentiality, and the implementation of advanced encryption and security measures.
5. Sub-processors
Depth Nepal only engages authorized sub-processors who meet our rigorous security standards. We maintain a transparent registry of all third-party processing entities.
6. Breach Notification
In the event of a security incident, Depth Nepal will notify the Controller without undue delay and provide full assistance in containment and resolution protocols.
Technical Obligations
Security Standards
We implement encryption, pseudonymization, and regular security testing to maintain system integrity and resilience against unauthorized access.
Data Sovereignty
Data is stored and processed according to strict sovereignty protocols, ensuring that sensitive information remains within authorized geographic and technical boundaries.
Governing Law & Jurisdiction
This Agreement is governed by the laws of Nepal. Any disputes arising from these protocols are subject to the exclusive jurisdiction of the courts of Nepal, maintaining the legal integrity of our Kathmandu-based operations.
Request Signed Copy →