Photorealistic Packaging Renders

Effective Date:21-07-2025
This Data Processing Agreement (“Agreement” or “DPA”) forms part of the Terms of Service between you (“Customer”, “Controller”) and Packely ApS, Trindsovej 6, 1, 8000 Aarhus C, Denmark (“Packely”, “Processor”).

This Agreement applies where Packely processes personal data on behalf of the Customer as a data processor in the course of providing its services, and is intended to ensure compliance with Article 28 of the EU and UK General Data Protection Regulation (“GDPR”).

1. Definitions

"Personal Data" means any information relating to an identified or identifiable natural person.
"Processing", "Data Controller", "Data Processor", and "Data Subject" shall have the meanings as defined under the GDPR.
"Sub-processor" means any third party engaged by Packely to process Personal Data on behalf of the Customer.

2. Subject Matter and Duration

This DPA governs the Processing of Personal Data as necessary to provide the services described in the Terms of Service. This DPA remains valid for as long as Packely processes Personal Data on behalf of the Customer.

3. Nature and Purpose of Processing

Packely processes Personal Data provided by the Customer in connection with the use of its platform and services. This may include storage, transmission, and transformation of data for the purpose of generating 3D product renderings and related services.

4. Categories of Data Subjects and Data

Data Subjects: May include Customer representatives, employees, contractors, or other individuals whose data is included in uploaded project content.
Categories of Data: Names, email addresses, contact details, uploaded content that may contain personal data (e.g., product images, documents, or metadata).

5. Obligations of the Processor (Packely)

Packely agrees to:

a. Process Personal Data only on documented instructions from the Customer, unless required by law.
b. Ensure confidentiality by persons authorized to process the data.
c. Implement appropriate technical and organizational measures to ensure data security.
d. Assist the Customer in responding to data subject requests, data breaches, and privacy impact assessments.
e. Delete or return all Personal Data at the end of the service period, unless legally required to retain it.
f. Make available necessary information to demonstrate compliance and allow audits (with reasonable notice).

6. Sub-processing

The Customer authorizes Packely to engage the following categories of sub-processors:

Cloud infrastructure and hosting providers
Authentication and database services
Payment processors
Analytics and marketing services
Internal communication tools

A list of key sub-processors may be made available upon request. Packely ensures sub-processors are bound by obligations equivalent to those in this DPA.

7. International Transfers

Where Packely or its sub-processors transfer Personal Data outside the European Economic Area (EEA) or United Kingdom, such transfers are safeguarded by appropriate legal mechanisms, including the Standard Contractual Clauses or other recognized safeguards under the GDPR and UK GDPR.

8. Customer Responsibilities

The Customer confirms that:

It has the legal authority to provide Personal Data to Packely.
All Personal Data provided is collected and processed lawfully.
It will not instruct Packely to process data in a way that violates applicable laws.