Checkless

Data Processing Agreement (DPA) for Checkless.io

Last Updated: March 16, 2025

1. Purpose

This Data Processing Agreement ("DPA") forms part of the Terms of Service between Checkless.io ("Processor") and the users or restaurants ("Controller") utilizing our platform. It outlines responsibilities regarding the processing and protection of personal data.

2. Definitions

Personal Data: Any information relating to an identified or identifiable individual.

Processing: Any operation performed upon personal data, such as collection, storage, use, transmission, or deletion.

Controller: Entity determining the purposes and means of processing personal data.

Processor: Entity processing personal data on behalf of the Controller.

3. Scope

Checkless processes personal data solely for the purpose of providing digital restaurant payment, ordering, and preference management services.

Types of data processed include but are not limited to: names, contact details, payment information, dining preferences, transaction history, and location data.

4. Obligations of Checkless

  • Process personal data only in accordance with documented instructions from the Controller and applicable law.
  • Implement appropriate security measures, including encryption, anonymization, and access controls, to safeguard personal data.
  • Promptly notify the Controller about any data breaches involving personal data.
  • Provide assistance to Controllers fulfilling their obligations under data protection laws.

5. Obligations of Controllers

  • Ensure lawful processing, providing explicit consent or another valid legal basis for processing personal data.
  • Notify Checkless promptly regarding any changes to processing instructions or requirements.
  • Respond promptly to data subject inquiries and cooperate with Checkless for the timely resolution of such requests.

6. Security Measures

Checkless maintains industry-standard technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, or destruction.

Regular audits and assessments are conducted to ensure compliance with data protection standards.

7. Sub-processors

Checkless may engage third-party sub-processors to facilitate its services, subject to ensuring compliance with this DPA.

Checkless maintains a list of sub-processors and will provide notification of any changes or new engagements.

8. Data Transfers

Any transfer of personal data outside the United States will adhere to applicable data protection laws, ensuring adequate protection through standard contractual clauses or equivalent safeguards.

9. Data Subject Rights

Checkless will assist Controllers in fulfilling obligations to respond to data subjects exercising their rights, including access, rectification, deletion, and restriction requests.

10. Duration and Termination

This DPA remains valid for the duration of the service provision.

Upon termination, Checkless will delete or anonymize personal data, unless retention is required by applicable law.

11. Liability

Liability for data processing activities will be governed by the Terms of Service, with limitations applying as set forth therein.

12. Governing Law

This DPA is governed by the laws of the State of California, excluding its conflicts of law provisions.

13. Dispute Resolution

Any disputes arising from this DPA will be resolved through arbitration in the State of California, following the rules established by the American Arbitration Association (AAA).

14. Amendments

Checkless reserves the right to amend this DPA. Amendments become effective immediately upon posting on our website or notification through our services.

15. Contact Information

For any inquiries or concerns regarding this Data Processing Agreement, contact us at:

Email: support@checkless.io

Website: www.checkless.io

By using Checkless, you acknowledge that you have read, understood, and agreed to the terms outlined in this Data Processing Agreement.