الانتقال إلى المحتوى
Informations légales

Data Processing Agreement (DPA)

This agreement governs the processing of personal data carried out by PageOneBoost (processor) on behalf of its clients (controllers), pursuant to article 28 GDPR. A signable version is provided upon request at contact@pageoneboost.com.

Dernière mise à jour : 1er juillet 2026

1. Subject matter, duration, nature and purpose

Processing covers the data strictly necessary to deliver the subscribed services (SEO, website creation and hosting, reporting, client relationship). It lasts for the duration of the service contract; data categories: professional identity and contact details, billing data, content provided for the website, traffic statistics.

2. Processor obligations

PageOneBoost processes data only on the client's documented instructions; ensures confidentiality of authorised persons; implements the technical and organisational measures described in the trust center (encryption in transit and at rest, two-factor authentication, role-based access control, audit logging, tested 3-2-1 backups); assists the client with data-subject requests and impact assessments where applicable.

3. Subprocessing

The list of subprocessors is published in the trust center (/trust). Any change is announced with 30 days' notice, allowing the client to object on legitimate grounds. Each subprocessor is bound by obligations equivalent to this agreement.

4. Transfers outside the European Union

Where a subprocessor processes data outside the EU, the transfer is governed by the European Commission's Standard Contractual Clauses (decision 2021/914) and supplementary measures where appropriate.

5. Data breach

PageOneBoost notifies the client without undue delay after becoming aware of a personal data breach, with the information needed for the notification to the supervisory authority (art. 33 GDPR). A documented, rehearsed incident procedure is maintained.

6. Return and deletion

At the end of the services, PageOneBoost returns the data to the client in an open format and then deletes it from its systems (including backups at the end of their retention cycle), unless legally required to retain it (notably accounting: 10 years).

7. Audit

PageOneBoost makes available the documentation necessary to demonstrate compliance and allows reasonable audits (once a year, 30 days' notice, at the client's expense, without access to other clients' data).

Data Processing Agreement (DPA) · PageOneBoost