Legal
Data Processing Agreement (DPA)
Last updated: June 18, 2026
This Data Processing Agreement ("DPA") forms part of the agreement between the Customer ("Controller") and ALLE TECH LLC FZ ("Processor") regarding the processing of personal data through the RepProX platform.
1. Purpose
This DPA establishes the obligations of both parties regarding the processing of personal data in connection with the Services.
2. Roles of the Parties
For purposes of applicable privacy laws:
- Customer acts as Data Controller.
- ALLE TECH acts as Data Processor.
The Customer determines the purposes and means of processing personal data.
ALLE TECH processes personal data solely on documented customer instructions.
3. Types of Personal Data
Depending on customer usage, RepProX may process:
- Names
- Email addresses
- Phone numbers
- Employee identifiers
- GPS location information
- Attendance records
- Visit records
- Delivery records
- Signature records
- Device information
- Customer operational information
4. Categories of Data Subjects
Data subjects may include:
- Customer employees
- Field workers
- Sales representatives
- Service technicians
- Delivery personnel
- Customer contacts
- Business partners
5. Processing Purposes
Processing activities may include:
- User authentication
- Workflow execution
- Reporting
- Route planning
- Attendance management
- GPS tracking
- Service delivery
- Data storage
- Technical support
- Security monitoring
6. Processor Obligations
ALLE TECH shall:
- Process data only on documented instructions.
- Maintain confidentiality obligations.
- Implement reasonable security measures.
- Assist customers with data subject requests where appropriate.
- Notify customers of confirmed personal data breaches where legally required.
7. Security Measures
RepProX maintains safeguards including:
- Access controls
- Authentication mechanisms
- HTTPS/TLS encryption
- Daily backups
- Infrastructure security controls
- Security monitoring
8. Subprocessors
Customer authorizes ALLE TECH to engage subprocessors where necessary to deliver Services.
Examples may include:
- AWS
- Monitoring providers
- Infrastructure providers
- Support providers
ALLE TECH remains responsible for managing such subprocessors.
9. International Transfers
Customer acknowledges that information may be processed internationally. Where required by applicable law, ALLE TECH shall implement reasonable safeguards supporting lawful transfers.
10. Data Subject Rights
To the extent legally required, ALLE TECH shall reasonably assist the Customer in responding to:
- Access requests
- Correction requests
- Deletion requests
- Restriction requests
- Portability requests
11. Breach Notification
Where legally required, ALLE TECH shall notify the Customer without undue delay following confirmation of a personal data breach affecting Customer Data.
12. Audits
Customers may request reasonable information regarding RepProX security practices.
Requests must:
- Be reasonable.
- Not compromise other customers.
- Not expose confidential security information.
13. Data Return and Deletion
Upon termination:
- Customer may request data export.
- Data remains available for thirty (30) days.
- Data may subsequently be deleted according to retention procedures.
14. Liability
Liability under this DPA shall be subject to the limitations contained within the applicable Terms and Conditions.
15. Governing Law
This DPA shall be governed by the laws of the United Arab Emirates.
Any disputes shall be subject to the exclusive jurisdiction of the courts of Dubai, United Arab Emirates.
16. Contact
privacy@repprox.com
ALLE TECH LLC FZ
Dubai, United Arab Emirates
https://www.repprox.com
