Effective Date: May 1, 2025

This Data Processing Agreement (“DPA”) applies between the legal entity subscribing to the EasyCollab service (“Client” or “Controller”) and All B Soft d.o.o., headquartered at Fruškogorska 1, Novi Sad, Republic of Serbia (“All B Soft” or “Processor”), when the Client enters or enables the entry of personal data into the EasyCollab platform.

By accepting the Subscription Terms and using the EasyCollab platform, the Client acknowledges that they have read, understood, and agreed to the obligations outlined in this DPA, which forms an integral part of the general Terms of Service and the Privacy Policy.

  1. Purpose and Scope

All B Soft, as the Processor, provides the EasyCollab software platform and processes personal data exclusively on behalf of and in accordance with the instructions of the Client, as the Controller, in accordance with Article 28 of the GDPR and the Law on Personal Data Protection of the Republic of Serbia.

 

  1. Duration and Nature of Processing

Processing continues for the duration of the Client’s subscription and use of the Service. Processing is conducted via a cloud-based platform and includes recording activity, content, and user-entered data during usage.

 

  1. Types of Data and Data Subjects
  • Types of data: name and surname, email address, position, communications, documents, images, and other data entered by users while using EasyCollab.
  • Data subjects: employees, associates, and other users invited or authorized by the Client.

 

  1. Obligations of All B Soft as the Processor

All B Soft agrees to:

  • process data only in accordance with the Client’s instructions;
  • apply appropriate technical and organizational data protection measures;
  • ensure all personnel with access to the data are bound by confidentiality;
  • notify the Client in case of any data security breach;
  • cooperate with the Client to enable data subjects’ rights (access, correction, deletion, etc.);
  • refrain from engaging subprocessors without prior notice to the Client (except those listed in the Privacy Policy).

 

  1. Obligations of the Client as the Controller

The Client is responsible for:

  • the lawful entry and processing of personal data;
  • informing users about the data processing;
  • obtaining all necessary consents where required;
  • clearly defining user roles, rights, and access levels within the platform.

 

  1. Subprocessors and Third Parties

All B Soft uses third parties for hosting, email delivery, and technical support, after ensuring their GDPR compliance. The list of subprocessors is available in the Privacy Policy and may be updated.

 

  1. International Data Transfers

In the event of data transfers outside the EU or Serbia, All B Soft will implement appropriate safeguards in accordance with the GDPR, such as Standard Contractual Clauses (SCCs).

 

  1. Termination and Data Deletion

Upon termination of the subscription or upon the Client’s request, All B Soft will delete or provide export of the data within 30 days, unless data retention is legally required.

 

  1. Validity and Interpretation

This document forms part of the contractual relationship between the Client and All B Soft, along with the Subscription Terms. In case of conflict, the provisions of this DPA prevail with respect to data processing matters.

This document is governed by the laws of the Republic of Serbia. The court in Novi Sad shall have jurisdiction.

 

For additional inquiries: [email protected]

 

Scroll to Top