Knowledge Hub
Support
Partner Portal
Log In
Request a Demo

Data Processing

Data Processing Agreement (DPA)

Last updated: January 2026

This Data Processing Agreement (“DPA”) forms part of and is incorporated into the agreement governing the use of services provided by 4Remote, Inc. (“4Remote”, “Processor”, “we”, “us”) to the customer (“Customer”, “Controller”).

This DPA applies where 4Remote processes Personal Data on behalf of the Customer in connection with the Services.

1. Definitions

For purposes of this DPA:

  • “Personal Data” means any information relating to an identified or identifiable individual, as defined under applicable data protection laws.

  • “Processing” means any operation performed on Personal Data, including collection, storage, use, disclosure, or deletion.

  • “Data Protection Laws” means applicable US federal and state privacy laws (including the California Consumer Privacy Act as amended by the CPRA), and where applicable, the EU GDPR and UK GDPR.

  • “Sub-processor” means a third party engaged by 4Remote to process Personal Data on behalf of the Customer.

2. Roles of the Parties

  • The Customer is the Controller (or Business, under US privacy law).

  • 4Remote acts as a Processor (or Service Provider / Processor under US privacy law).

4Remote processes Personal Data only on documented instructions from the Customer, unless required to do otherwise by applicable law.

3. Scope and Purpose of Processing

3.1 Subject Matter

Provision of cybersecurity and related services.

3.2 Duration

For the term of the Customer’s agreement with 4Remote, plus any legally required retention period.

3.3 Categories of Data Subjects

  • Customer employees

  • Contractors

  • End users

  • Administrators

3.4 Categories of Personal Data

May include:

  • Names

  • Business contact details

  • User identifiers

  • IP addresses

  • Device and security telemetry

  • Log and usage data

4Remote does not intentionally process special categories of personal data unless expressly agreed in writing.

4. Customer Obligations

The Customer represents and warrants that:

  • It has a valid legal basis to provide Personal Data to 4Remote

  • Its instructions comply with applicable Data Protection Laws

  • It has provided all required notices and obtained necessary consents

5. 4Remote Obligations

4Remote shall:

  • Process Personal Data solely to provide the Services

  • Not sell or share Personal Data for advertising purposes

  • Not retain, use, or disclose Personal Data outside the scope of the Services

  • Ensure personnel are subject to confidentiality obligations

  • Assist the Customer with reasonable data protection requests where required by law

6. Information Security Measures

4Remote implements appropriate technical and organisational measures designed to protect Personal Data against:

  • Unauthorised access

  • Disclosure

  • Loss

  • Alteration

  • Destruction

These measures include access controls, encryption where appropriate, monitoring, and incident response procedures consistent with industry best practices for cybersecurity providers.

7. Sub-processing

The Customer authorises 4Remote to engage Sub-processors as necessary to provide the Services.

4Remote shall:

  • Use commercially reasonable efforts to engage reputable Sub-processors

  • Impose data protection obligations substantially similar to this DPA

  • Remain responsible for Sub-processor performance

A current list of Sub-processors may be made available upon request.

8. Data Subject Rights

Where required by applicable law, 4Remote will:

  • Notify the Customer of any data subject request received directly

  • Provide reasonable assistance to enable the Customer to respond

  • Not respond directly unless legally required or instructed by the Customer

9. Data Breach Notification

4Remote shall notify the Customer without undue delay after becoming aware of a confirmed Personal Data breach involving Customer data and will provide information reasonably necessary to support the Customer’s compliance obligations.

10. Data Transfers

Personal Data may be processed in the United States and other jurisdictions where 4Remote or its Sub-processors operate.

Where required by applicable law, 4Remote will implement appropriate safeguards for international data transfers, such as standard contractual clauses.

11. Data Retention and Deletion

Upon termination of the Services, 4Remote shall:

  • Delete or return Personal Data upon Customer request, unless retention is required by law

  • Continue to protect retained data in accordance with this DPA

12. Audits

Upon reasonable written request, and subject to confidentiality and security restrictions, 4Remote shall provide information necessary to demonstrate compliance with this DPA. On-site audits are subject to prior written agreement and may be satisfied through third-party certifications or reports where available.

13. Limitation of Liability

This DPA is subject to the limitation of liability provisions set out in the applicable agreement between the parties. No separate or additional liability cap is created by this DPA.

14. Governing Law

This DPA shall be governed by and construed in accordance with the laws of the State of Delaware, without regard to conflict of law principles.

15. Order of Precedence

In the event of a conflict between this DPA and the applicable agreement:

  1. This DPA shall control with respect to data protection matters

  2. The remainder of the agreement shall remain in full force and effect

16. Contact

Questions relating to this DPA may be directed to:

Email: support@4remote.demodevsite.info

Postal address:
1910 S. Stapley Drive, Ste. 221
Mesa, AZ 85204
United States

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by