Skip to content
Theme
Log in Book a demo

Trust · Data Processing Agreement

Data Processing Agreement

Updated 28 May 2026 DPDP + GDPR framework Controller–processor

This Data Processing Agreement (“DPA”) forms part of the Terms of Service between Social Hype Technologies Pvt Ltd (“SocialHype”, “Processor”) and the customer (“Controller”). It governs the processing of personal data that SocialHype carries out on the Controller’s behalf when providing the service. Where the Controller serves EU/EEA or UK data subjects, this DPA is read together with applicable GDPR/UK GDPR requirements.

1. Definitions

“Personal data”, “processing”, “controller”, “processor”, and “data subject” have the meanings given in India’s Digital Personal Data Protection Act, 2023 and, where applicable, the GDPR. “Customer data” means personal data the Controller submits to or generates within the service. “Subprocessor” means a third party engaged by SocialHype to process customer data.

2. Roles & responsibilities

The Controller determines the purposes and means of processing customer data and is responsible for having a lawful basis and any required consents. SocialHype acts as Processor and processes customer data only on the Controller’s documented instructions, including those set out in the Terms and this DPA, except where law requires otherwise.

3. Data processing terms

Processing is limited to what is necessary to provide, secure, and support the service. The subject matter is the service; the duration is the term of the agreement; the nature and purpose are the operation of a marketing platform; the data types and categories of data subjects are those the Controller chooses to submit. SocialHype will not sell customer data or use it for its own purposes.

4. Security measures

SocialHype maintains appropriate technical and organisational measures — TLS 1.2+ in transit, encryption at rest, role-based access control, least-privilege admin access, daily encrypted backups, and logging of security-relevant events. Full detail is on our Security page, which forms part of this DPA by reference.

5. Subprocessors

The Controller authorises SocialHype to engage the subprocessors listed on our Subprocessors page. Each subprocessor is bound by data-protection terms no less protective than this DPA. SocialHype remains responsible for its subprocessors’ performance and will give notice before adding or replacing a subprocessor handling personal data.

6. Data subject rights

SocialHype will, taking into account the nature of the processing, assist the Controller with appropriate measures to respond to data-subject requests (access, correction, deletion, and portability) and to meet breach-notification and impact-assessment obligations. Requests received directly by SocialHype are referred to the relevant Controller.

7. Termination

On termination, SocialHype will, at the Controller’s choice, delete or return customer data within a reasonable period, except where retention is required by law (e.g. tax and billing records). Residual copies in encrypted backups are purged on the standard backup rotation. See our Data Deletion page for the request process.

Request a signed DPA

To request a signed copy of this DPA, or with any data-processing question, email legal@socialshype.com. Our Grievance Officer / Data Protection Officer is Sunil Yadav (admin@socialshype.com).

legal@socialshype.com Contact us

We use cookies to run this site and, with your consent, to understand how it's used so we can improve it. Essential cookies are always on. See our Cookie Policy.

Cookie settings

Strictly necessary

Required for the site to work (security, session). Always on.

Analytics

Google Analytics, Microsoft Clarity, and Plausible — helps us improve the site.