1. Purpose #
This Data Processing Agreement governs the processing of personal data by third-party service providers on behalf of Lesotho Wine.
2. Roles #
- Lesotho Wine: Data Controller
- Third Parties: Data Processors
3. Processing Conditions #
Processors must:
- Only process data under instruction
- Not use data for independent purposes
- Maintain confidentiality
- Implement appropriate security measures
4. Categories of Processors #
Includes:
- Payment providers (Payfast, Yoco)
- Logistics providers (Courier Guy, DHL, Pick n Pay Pickup)
- Marketing platforms (Mailchimp)
- Analytics providers (Google, Meta)
- CRM and invoicing systems
- Support platforms and chatbot services
5. Security Requirements #
Processors must implement:
- Access control systems
- Encryption where applicable
- Secure storage and transmission
- Breach notification procedures
6. Sub-Processors #
No sub-processing is allowed without prior approval unless required by service architecture (e.g. cloud hosting).
7. Data Breach Notification #
Processors must notify Lesotho Wine without undue delay in the event of a data breach.
8. Termination #
Upon termination of services, processors must:
- Return or delete personal data
- Cease all processing activities
9. Governing Framework #
This agreement is governed by Lesotho law, with reference to applicable international data protection principles where relevant.
10. Contact Information #
Email: info@lesothowine.co.ls
Support: support@lesothowine.co.ls
Phone: +266 2232 4621
Address:
62 Moshoeshoe Road
Industrial Area
Maseru 100
Lesotho
