English
Blog sales@snelbit.com

Data Processing Agreement (DPA)

This DPA explains how SnelBit Networks processes Personal Data as a Processor under GDPR when providing hosting, domain, and email services.

Last updated: 28 March 2026

This Data Processing Agreement ("DPA") forms part of the main service agreement or Terms of Service between you ("Customer", "Controller") and SNELBIT NETWORKS SINGLE MEMBER P.C. ("SnelBit Networks", "Processor", "we", "us") for the provision of hosting, domain, and email services. The purpose of this DPA is to ensure compliance with GDPR (EU) 2016/679 in relation to the processing of Personal Data on your behalf.

1 Definitions

  • "Personal Data" means any information relating to an identified or identifiable natural person as defined in GDPR.
  • "Processing", "Controller", "Processor", "Data Subject", "Supervisory Authority" have the meanings given in the GDPR.
  • "Services" means the hosting, domain, email, and related services provided by SnelBit Networks.
  • "Sub-Processor" means any third party engaged by SnelBit Networks that processes Personal Data on behalf of the Customer in connection with the Services.

2 Scope of Processing

SnelBit Networks will process Personal Data solely for the purpose of providing the Services, including:

  • Storing and serving website content, databases, and emails.
  • Providing access to the client portal and account management tools.
  • Providing technical and security support.
  • Managing domains and DNS where applicable.

SnelBit shall not process Personal Data for any other purpose unless required by EU or Member State law.

3 Roles of the Parties

The Customer acts as the Data Controller for Personal Data stored, uploaded, or otherwise processed through the Services. SnelBit Networks acts as the Data Processor for such data.

The Customer is responsible for determining the lawful basis for processing Personal Data and for complying with all applicable Controller obligations under GDPR.

4 Obligations of the Processor

SnelBit Networks agrees to:

  • Process Personal Data only on documented instructions from the Customer, unless required by EU or Member State law.
  • Ensure persons authorized to process Personal Data are bound by confidentiality obligations.
  • Implement appropriate technical and organizational measures (Article 32 GDPR) to ensure security appropriate to the risk.
  • Assist the Customer, insofar as reasonably possible, with Data Subject rights requests.
  • Assist the Customer with security, breach notification, DPIAs, and prior consultation obligations where relevant and reasonable.
  • Make available information necessary to demonstrate compliance with this DPA and GDPR.

5 Security Measures

SnelBit Networks implements appropriate security measures, which may include:

  • Use of secure data centers and network infrastructure.
  • Firewalls, intrusion detection, and DDoS protection.
  • Encryption of data in transit (e.g., TLS).
  • Access controls based on least privilege.
  • Security monitoring, logging, and regular updates.

6 Sub-Processors

The Customer authorizes SnelBit Networks to engage sub-processors to provide the Services, such as:

  • Data center and infrastructure providers.
  • Domain registries and registrars.
  • Email delivery and DNS providers.
  • Backup and security providers.

SnelBit will ensure sub-processors are bound by written agreements with data protection obligations no less protective than those in this DPA. SnelBit remains fully liable to the Customer for the performance of sub-processors.

7 Analytics and Marketing Providers

With the Customer's configuration and subject to end-user consent where required by law, the Services may integrate third-party analytics and marketing platforms, including Google Analytics, Google Tag Manager, Meta (Facebook) Pixel, LinkedIn Insight Tag, and X (Twitter) Ads Pixel.

  • These providers generally act as independent data controllers for Personal Data they collect directly through their tracking technologies.
  • Such scripts are only activated where the Customer has chosen to enable them and where end-users have provided consent via the cookie banner or other consent mechanisms.
  • The Customer remains responsible for ensuring a valid legal basis and disclosures in the Customer's own privacy and cookie notices.

8 International Data Transfers

Where Personal Data is transferred outside the EU/EEA, SnelBit Networks will ensure such transfers are made in compliance with GDPR, including through:

  • Transfers to countries with an adequacy decision from the European Commission.
  • Standard Contractual Clauses (SCCs) or other appropriate safeguards.

9 Data Subject Requests

If SnelBit receives a request from a Data Subject directly, SnelBit will notify the Customer without undue delay where reasonably possible. SnelBit will not respond directly unless authorized by the Customer or required by law.

It is the Customer's responsibility, as Controller, to respond to Data Subject requests in accordance with GDPR.

10 Personal Data Breach Notification

In the event of a Personal Data breach affecting data processed on behalf of the Customer, SnelBit Networks will notify the Customer without undue delay after becoming aware of the breach.

Such notification will include, where possible, relevant information to help the Customer meet any obligations to report the breach to supervisory authorities or Data Subjects as required by GDPR.

11 Data Retention and Deletion

Upon termination or expiration of the Services, SnelBit Networks will:

  • Delete or anonymize Personal Data processed on behalf of the Customer within a reasonable period, unless storage is required by EU or Member State law.
  • Delete backups containing Personal Data as they reach the end of their backup lifecycle.
  • At the Customer's written request and where technically feasible, provide a copy of certain data before deletion, subject to applicable fees and security verification.

12 Audits and Compliance Information

Upon reasonable request, SnelBit Networks will make available information necessary to demonstrate compliance with this DPA. Where further verification is required, the Customer may request a more detailed review subject to:

  • Reasonable advance notice.
  • Non-disruption of SnelBit's operations.
  • Confidentiality obligations.
  • Additional terms and cost reimbursement for any on-site audits if agreed.

13 Liability

The liability of each party under this DPA is subject to the limitations and exclusions of liability set out in the main service agreement or Terms of Service between the Customer and SnelBit Networks. Nothing in this DPA shall increase or expand SnelBit's liability beyond that agreed in the main agreement.

14 Term and Termination

This DPA enters into force when the Customer first uses SnelBit Networks' Services or otherwise agrees to the Terms of Service and remains in effect for as long as SnelBit processes Personal Data on behalf of the Customer.

Upon termination of all Services and completion of data deletion, this Agreement shall automatically terminate, except for provisions intended to survive (e.g., confidentiality and liability).

15 Contact and Data Protection Queries

If you have any questions about this Data Processing Agreement or how SnelBit Networks processes Personal Data on your behalf, please contact us: abuse@snelbit.com