Quaicy Cybersecurity
Home
About Us
Services
Case Studies
News
    Home
    About Us
    Services
    QuantumAICybersecurityCompliance, Risk & GRCIT & Digital TransformationDevelopment ServicesCloud & Infrastructure EngineeringTraining & AwarenessGlobal Packages
    Case Studies
    News
    contact
    Quaicy

    We turn data into defense and intelligence into action, building security frameworks that not only protect, but propel your organization forward.

    Solutions

    • Quantum
    • AI
    • Cybersecurity
    • Compliance
    • IT & Transformation
    • Development
    • Cloud & Infrastructure
    • Training
    • Packages

    Company

    • About
    • Careers
    • Press
    • Trust Center

    Resources

    • Blog
    • Docs
    • Whitepapers
    • Webinars
    • Status

    Contact

    • Sales
    • Support
    • Partnerships

    Compliance Badges

    • ISO 27001
    • GDPR/AI Act ready
    • SOC2

    Legal

    • Privacy
    • Terms
    • DPA
    • Cookies

    © 2025 Quaicy. All rights reserved.

    Data Processing Agreement (DPA)

    Last updated: October 2025

    1. Introduction

    This Data Processing Agreement (“DPA”) forms part of any contract or service agreement between Quaicy (“Processor”) and the Client (“Controller”) where Quaicy processes personal data on behalf of the Client.
    The DPA ensures compliance with the EU General Data Protection Regulation (GDPR), the Swiss Federal Act on Data Protection (FADP), and other applicable global data protection laws.

    2. Roles and Definitions

    • ・ Controller: The Client who determines the purposes and means of processing personal data.
    • ・ Processor: Quaicy, which processes personal data on behalf of the Controller.
    • ・ Personal Data: Any information relating to an identified or identifiable individual.
    • ・ Processing: Any operation performed on personal data, including storage, collection, or transfer.

    3. Subject Matter and Duration

    Quaicy processes personal data solely for the purposes defined in the main service agreement, and only for the duration necessary to fulfill contractual obligations or as required by law.

    4. Nature and Purpose of Processing

    Processing activities may include:

    • ・ Hosting, storage, or IT infrastructure management
    • ・ Data analytics and reporting
    • ・ Support and maintenance services
    • ・ Communication management and workflow automation

    5. Categories of Data and Data Subjects

    • ・ Data subjects: Client employees, customers, partners, or users
    • ・ Data categories: Contact details, identifiers, usage data, and other data necessary for service provision

    6. Controller Responsibilities

    The Client ensures that all personal data provided to Quaicy is lawfully collected and that data subjects have been properly informed under applicable data protection laws.

    7. Processor Obligations

    Quaicy agrees to:

    • ・ Process personal data only on documented instructions from the Client
    • ・ Maintain confidentiality and ensure personnel are bound by data protection obligations
    • ・ Implement appropriate technical and organizational measures (TOMs)
    • ・ Notify the Client of any personal data breach without undue delay
    • ・ Assist the Client with data subject requests and impact assessments

    8. Subprocessors

    Quaicy may engage subprocessors to support service delivery. A current list of subprocessors is available upon request.
    Quaicy ensures that subprocessors are bound by data protection terms equivalent to this DPA.

    9. International Data Transfers

    Where data is transferred outside Switzerland or the EU/EEA, Quaicy ensures appropriate safeguards such as Standard Contractual Clauses (SCCs) or adequacy decisions are in place.

    10. Security Measures

    Quaicy implements and maintains industry-standard security controls, including encryption, access controls, data minimization, and regular security audits.

    11. Data Breach Notification

    In case of a data breach, Quaicy will promptly inform the Client, providing details about the nature of the breach, affected data, and remediation measures.

    12. Data Subject Rights

    Quaicy assists the Client in fulfilling data subjects’ rights requests (access, rectification, deletion, portability, restriction) as required by GDPR and FADP.

    13. Data Return and Deletion

    Upon termination of the service agreement, Quaicy will, at the Client’s choice, return or securely delete all personal data unless legal obligations require retention.

    14. Audit Rights

    The Client has the right to verify Quaicy’s compliance with this DPA through audits or certifications. Quaicy will provide reasonable assistance and documentation.

    15. Liability and Indemnity

    Each party is liable for damages resulting from its own breach of this DPA or applicable data protection law. Quaicy’s liability is limited to the scope defined in the main service agreement.

    16. Governing Law and Jurisdiction

    This DPA is governed by the laws of Switzerland. Any disputes shall be subject to the exclusive jurisdiction of the courts of Zurich, Switzerland.

    17. Contact

    For data protection inquiries or to request a copy of this agreement, contact: privacy@quaicy.ch

    If you have questions about these Terms & Conditions, contact our team via our Contact page.