Data Processing Agreement

This DPA applies to the processing of personal data by NSO.to on behalf of our customers ("Data Controllers") in connection with the Service.

NSO.to acts as a Data Processor when processing fan data, analytics data, and other personal data collected through the Service on behalf of the customer.

We process personal data only on documented instructions from the Data Controller. We implement appropriate technical and organizational security measures.

We assist with Data Subject requests, data protection impact assessments, and breach notifications as required by GDPR.

We maintain a list of sub-processors and will notify you before adding new ones. You have the right to object to new sub-processors.

Current sub-processors include our cloud hosting provider, email delivery service, and payment processor.

We will notify you of any personal data breach without undue delay and within 72 hours of becoming aware of the breach.