Additional Policy

Effective Date: August 6, 2025

 

This Data Processing Agreement outlines how Ginger CRM processes data on behalf of our users in compliance with applicable data protection laws such as GDPR and CCPA.

 

Scope

 

This DPA applies when you use Ginger CRM to process personal data of your customers or clients.

 

Roles

 

You are the Data Controller; Ginger CRM is the Data Processor.

 

Data Processing

 

Ginger CRM processes data solely to provide the Services and will not process data for any other purpose.

 

Subprocessors

 

We may engage subprocessors (e.g., hosting providers) subject to data protection obligations. A list of subprocessors is available upon request.

 

Security Measures

 

We maintain industry-standard safeguards to protect personal data, including encryption, secure access controls, and regular audits.

 

Data Subject Rights

 

We assist you in responding to data subject requests such as access, correction, deletion, and data portability.

 

International Transfers

 

We may transfer data to third countries with appropriate safeguards in place, including Standard Contractual Clauses where applicable.

 

Data Breach Notification

 

In the event of a data breach, we will notify you without undue delay and provide all necessary details.

 

Termination

 

Upon termination of your account, all client data will be deleted within a reasonable period, unless legally required to retain it.

 

Contact

 

For data protection inquiries, email: compliance@gingercrm.com