Customers of the OpenProject Enterprise Cloud must sign a DPA. The contract can be reviewed and signed in the Administrations section of your OpenProject Cloud instance (Administration -> GDPR).
Last updated: 01/08/2021
Agreement for contract data processing pursuant to Article 28 GDPR between
- Controller within the meaning of Art. 4(7) GDPR, hereinafter referred to as the “Controller” -
- Processor within the meaning of Art. 4(8) GDPR, hereinafter referred to as the “Processor” -
This contract data processing agreement governs the obligations of the contracting parties with regard to data protection arising under the service agreement, including product descriptions.
Product: OpenProject Enterprise Cloud
Customer number: ________________________________
Contract number: ________________________________
Contract date: ______________________________
It applies to all data-processing activities of the Processor which is required to provide the SaaS product OpenProject Enterprise Cloud. The processing of personal data includes the data of the users of OpenProject and also the user-generated data entered by the users in OpenProject (e.g. comments on work packages).
Upon conclusion of this agreement, all previously concluded Data Privacy Agreements, if any, shall become invalid.
The Processor shall process data through its own personnel only within the EEA. Processing in third countries only takes place if sub-processors are involved, which process the data outside the EEA. The list of sub-processors describes the cases when the Controller’s data is processed by sub-processors in third countries and specifies the legal basis according to Art. 44 ff. DS-GVO.
To the extent possible, the Processor shall assist the Controller in complying with the obligations set out in Articles 30 to 36 GDPR concerning the security of personal data, notification obligations in the event of personal data breaches, data protection impact assessments and prior consultations. This includes, in particular:
Should one or more provisions of this agreement be or become invalid or unenforceable, this shall not affect the validity of the remaining provisions of this agreement.
This agreement is effective upon checkbox confirmation in customer account.
Niels Lindenthal - OpenProject GmbH