אתר זה משתמש בעוגיות למטרות שונות, כמפורט במדיניות הפרטיות.

Data Processing Agreement (DPA)

1.This Data Processing Agreement ("Agreement") is an integral part of the general terms and conditions ("Main Agreement"), the Privacy Policy, and all other legal documents available on uPress's website. These documents collectively govern the relationship between Drubit Raid Ltd., the owner of the uPress brand ("uPress” or “Processor"), and you, the customer ("Controller” or “Customer"), who engages with uPress to receive services.

uPress provides hosting and complementary services specifically designed for WordPress websites, primarily for blogs and promotional websites, or the promotional sections of websites. These services are generic and offered through predefined plans and packages. uPress's services are not intended for storing or processing sensitive personal data, as defined under the Israeli Privacy Protection Regulations or the General Data Protection Regulation (GDPR) of the European Union.

If, for any reason, your website is subject to European data protection regulations (GDPR) or any other legal framework beyond Israeli law, you are responsible for ensuring that uPress's services comply with the applicable legal requirements. uPress strongly recommends consulting with a qualified legal advisor to confirm the suitability of its services for your needs.

Subject to the above, this Agreement governs the processing of personal data, particularly where data from the European Economic Area (EEA) is involved.


2. Definitions

For this Agreement:

  • "Controller” or “The Customer" means the customer engaging with uPress to receive services, who determines the purposes and means of processing personal data.
  • "Processor or uPress" means Drubit Raid Ltd (514746064), the owner of “uPress”, which processes personal data on behalf of the Controller as part of the hosting services.
  • "Personal Data" means any information relating to an identified or identifiable natural person, which may reside in the customer’s account and relate to individuals who are identified or identifiable.
  • "Processing" means any operation or set of operations performed on personal data, such as collection, storage, use, or deletion.

3. Description of Data Processing Activities

uPress provides hosting and complementary services to support the operation of the Controller's website(s). The processing of data includes only the activities necessary for the delivery and support of these hosting services. uPress does not directly process or manage the personal data collected by the Controller on its website(s). Instead, uPress ensures the technical and operational integrity of the hosting environment.

These activities include:

  • Infrastructure Management: Maintaining servers and storage systems required for hosting the Controller's website(s).
  • Data Availability: Ensuring uptime and availability of the hosting infrastructure.
  • Backup Services: Offering tools and systems that enable the Controller to create and manage backups.
  • Technical Support: Addressing technical issues related to the hosting environment upon request by the Controller.
  • Service Improvements: Conducting activities to optimize and enhance the performance and security of the hosting services.

uPress does not perform additional data processing activities beyond these purposes unless explicitly agreed upon in writing with the Controller.


4. Obligations of the Processor

In providing these services, uPress commits to the following:

(a) Adhering to Customer Instructions: Data processing shall be carried out as necessary to deliver the services under this Agreement and for the improvements described in Section 3 above. It is reiterated that the services provided by uPress are generic and aligned with predefined packages and plans. uPress will not engage in data processing activities beyond those required or described in Section 3 above unless explicitly instructed in writing by the Customer.

(b) Confidentiality: Ensuring that all personnel involved in providing the services are bound by confidentiality obligations and are required to handle any data accessed during their work with the utmost care and discretion, considering the nature and purpose of the hosting services.

(c) Timely Incident Notification: In the event of a breach or security incident involving the hosting infrastructure managed by uPress, the Controller will be informed promptly. For the avoidance of doubt, it is clarified that the Customer is responsible for the security and maintenance of their website, including the use of secure and updated components, plugins, and third-party integrations. uPress holds no responsibility for incidents caused by vulnerabilities or misconfigurations within the Controller's website. Of course, uPress is not responsible for monitoring or tracking such events.


5. Data Subject Rights and Customer Responsibility

uPress recognizes that individuals whose personal data is processed under this Agreement ("Data Subjects") have rights under applicable laws, including access, correction, deletion, and restriction of processing, in accordance with the Israeli Privacy Protection Regulations (Instructions Regarding Data Transferred to Israel from the European Economic Area) and the GDPR.

uPress does not process or manage personal data collected on Customer websites. The Controller is solely responsible for handling such requests and ensuring compliance with legal obligations.

If the Controller requires uPress's assistance in responding to data subject requests or providing information to end-users, this must be agreed upon in writing before engaging uPress's services.


6. Data Retention and Deletion

uPress retains personal data only as long as required to deliver the services or as mandated by applicable laws. Upon termination of this Agreement or at the Controller’s request, uPress will securely delete or return all personal data, including any backups, unless retention is legally required.


7. Sub-processors and Third-Party Transfers

In light of the purpose and nature of the services, which are primarily intended for promotional websites and blogs, uPress may engage sub-processors or transfer personal data to third parties as necessary for the provision of its services, provided that:

(a) The Controller provides prior written authorization, which may include general authorization for specific categories of sub-processors. (b) uPress ensures that any engaged sub-processor is contractually bound to adhere to the same data protection obligations outlined in this Agreement. (c) uPress remains fully responsible to the Controller for ensuring that the sub-processor meets these obligations.

uPress will inform the Controller of any intended changes concerning the addition or replacement of sub-processors, giving the Controller the opportunity to object to such changes within a reasonable timeframe.


8. Audit Rights

Given the generic nature of the services provided by uPress, based on predefined packages and plans, the Controller is responsible for ensuring these services align with their specific needs. If clarification or additional requests arise, the Controller may raise them for review.

Subject to the above, the Controller may audit uPress to verify compliance with this Agreement, subject to the following:

(a) Audits shall be limited to documentation and systems relevant to the data processing activities under this Agreement, ensuring no interference with uPress's ongoing operations or the privacy of other customers. (b) Audits require reasonable prior written notice and will occur at reasonable intervals, unless material compliance concerns arise. (c) Audits shall be conducted during regular business hours and at the Controller's expense, unless significant non-compliance is identified.

uPress will address any non-compliance issues identified within a reasonable timeframe.


9. Customer Responsibility

The Controller is solely responsible for ensuring compliance with all applicable laws and regulations related to their website activities and the data processed through uPress's services. This includes, but is not limited to:

(a) Notifying end-users about the nature and purposes of data processing conducted on their websites, and obtaining any required consents under applicable laws.
(b) Ensuring that all transfers of personal data to and from uPress comply with legal requirements, including those under the GDPR or equivalent regulations.
(c) Maintaining accurate records of data processing activities, including user consents, data retention policies, and transfer mechanisms.

For the avoidance of doubt, uPress provides hosting services and related infrastructure but does not assume responsibility for the Controller's compliance with its legal obligations, including those regarding the collection, storage, or use of personal data on their websites.


10. Governing Law and Dispute Resolution

This Agreement is governed by the laws of the State of Israel. Any disputes arising under this Agreement shall be subject to the exclusive jurisdiction of the competent courts in Israel.


11. Final Provisions

This Agreement is an integral part of the Main Agreement between the parties. In the event of any inconsistency, the terms of this Agreement shall prevail with respect to data processing matters. Both parties agree to adhere to applicable data protection laws, including the GDPR and Israeli Privacy Protection Regulations (Including instructions regarding Data Transferred to Israel from the European Economic Area), 2023.


Acceptance of Agreement

By opening an account with uPress, the Customer confirms acceptance of this Agreement and all accompanying legal terms governing the engagement with uPress.