Data Processing Agreement

Version 1.0 · Last updated: 21 May 2026

This Data Processing Agreement (DPA) forms part of the agreement between RapidLaunch (the Processor) and the Client (the Controller) for website development and hosting services.

1. Definitions

Personal Data: Any information relating to an identified or identifiable natural person, as defined by GDPR Art. 4(1).

Processing: Any operation performed on Personal Data, including collection, storage, use, and deletion.

Controller: The Client who determines the purposes and means of processing.

Processor: RapidLaunch, processing Personal Data on behalf of the Controller.

2. Subject Matter & Duration

The Processor will process Personal Data for the purpose of providing website development, hosting, maintenance, and related services. Processing shall continue for the duration of the service agreement.

3. Nature & Purpose of Processing

The Processor processes Personal Data to:

4. Types of Personal Data

The Processor may process: names, email addresses, phone numbers, business information, website content, analytics data, and any other data the Controller chooses to collect through their website.

5. Processor Obligations

The Processor shall:

6. Sub-Processors

The Controller authorises the use of sub-processors listed at /sub-processors. The Processor will inform the Controller of any intended changes concerning the addition or replacement of sub-processors.

7. Data Subject Rights

The Processor shall promptly notify the Controller of any data subject request and assist in responding. The Controller may submit data requests via /data-request.

8. Security Measures

The Processor implements: encryption in transit (TLS), encryption at rest, access controls, regular security updates, backup procedures, and incident response planning as described in our Breach Policy.

9. Breach Notification

The Processor shall notify the Controller without undue delay upon becoming aware of a Personal Data breach. Notification will be made within 72 hours per the breach policy.

10. International Transfers

Personal Data is processed within the European Economic Area (EEA). Any transfer to a third country shall only occur with appropriate safeguards in place.

11. Governing Law

This DPA is governed by the laws of Ireland. Any disputes shall be resolved in the courts of Ireland.

To execute this DPA, contact support@rapidlaunch.ie.