Data Processing Agreement (DPA)

Last updated: 25/03/2026

1. Introduction

This Data Processing Agreement (“DPA”) forms part of the Terms and Conditions between:

  • RVLWorks, operator of AgooCloud (“Processor”)
  • The customer using AgooCloud (“Controller”)

This DPA governs the processing of personal data in connection with the AgooCloud service.

2. Scope and Roles

  • The Customer acts as the Data Controller
  • AgooCloud (RVLWorks) acts as the Data Processor

AgooCloud processes personal data only on behalf of the Customer.

3. Nature of Processing

AgooCloud provides a managed backup service that stores and processes data uploaded by the Customer.

Processing includes:

  • Storage of backup data
  • Transmission of data
  • Retrieval and recovery of data

4. Types of Data

Depending on the Customer’s use of the service, the data processed may include:

  • Personal data contained in files and backups
  • Business data
  • System and application data

AgooCloud does not control the content of the data uploaded by the Customer.

5. Purpose of Processing

Personal data is processed solely for:

  • Providing the backup service
  • Maintaining system functionality
  • Ensuring data availability and recovery

6. Duration of Processing

Data is processed for as long as the Customer uses the AgooCloud service.

Upon termination:

  • Data may be deleted after a reasonable period
  • The Customer is responsible for exporting data before termination

7. Processor Obligations

AgooCloud (RVLWorks) agrees to:

  • Process data only on documented instructions from the Customer
  • Ensure confidentiality of data
  • Implement appropriate technical and organizational security measures
  • Assist the Customer in meeting GDPR obligations where applicable

8. Security Measures

AgooCloud implements security measures including:

  • Encryption of data in transit and at rest
  • Secure cloud storage (Wasabi)
  • Access control and monitoring

9. Sub-processors

AgooCloud uses the following sub-processors:

  • Wasabi – cloud storage provider
  • Stripe – payment processing
  • Google Analytics – website analytics

All sub-processors are required to comply with applicable data protection laws.

10. International Data Transfers

Data may be processed outside the European Economic Area (EEA) through sub-processors.

AgooCloud ensures that appropriate safeguards are in place, such as:

  • Standard contractual clauses (where applicable)
  • Compliance mechanisms of third-party providers

11. Data Subject Rights

AgooCloud will assist the Customer in responding to requests from data subjects, including:

  • Access
  • Rectification
  • Erasure
  • Data portability

12. Data Breach Notification

In the event of a data breach, AgooCloud will:

  • Notify the Customer without undue delay
  • Provide relevant information to assess the impact

13. Audits

Where required, AgooCloud will provide reasonable information to demonstrate compliance with this DPA.

14. Governing Law

This DPA is governed by the laws of Spain.

15. Contact

For questions regarding this DPA:

support@agoocloud.com

Scroll to Top