Logo

Data Processing Terms

Data Processing Terms for Efficlose. Learn how we process and protect your data in compliance with GDPR and other regulations.

Last Updated: February 24, 2025

These Data Processing Terms constitute a legally binding agreement between you and FireAce Solutions s.r.o. (together with its affiliates, "FireAce Solutions", "we," "our" or "us") governing the processing of personal data through our platform, services, software, mobile applications, content and all related services (the "App" or "Site" and collectively with the foregoing, the "Services").

These Data Processing Terms supplement and form part of the Terms of Service available at https://efficlose.com/terms-conditions and the Privacy Policy available at https://efficlose.com/privacy-policy.

1. Definitions

For the purposes of these Data Processing Terms:

  • "Controller" means the entity which determines the purposes and means of the processing of Personal Data.
  • "Data Protection Laws" means all applicable laws and regulations relating to privacy or data protection, including GDPR, CCPA, and other applicable data protection laws.
  • "GDPR" means the General Data Protection Regulation (EU) 2016/679.
  • "Personal Data" means any information relating to an identified or identifiable natural person.
  • "Processor" means an entity which processes Personal Data on behalf of the Controller.
  • "Processing" means any operation performed on Personal Data, such as collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, restriction, erasure or destruction.
  • "Sub-processor" means any Processor engaged by FireAce Solutions to process Personal Data.

2. Roles and Responsibilities

2.1 Controller and Processor

To the extent that FireAce Solutions processes Personal Data provided by Customer in connection with the Services, Customer is the Controller and FireAce Solutions is the Processor. Customer shall comply with its obligations as a Controller under Data Protection Laws in respect of its processing of Personal Data and any processing instructions it issues to FireAce Solutions.

2.2 Processing Instructions

FireAce Solutions shall process Personal Data only in accordance with Customer's documented instructions, except where required to do so by applicable law. Customer instructs FireAce Solutions to process Personal Data to provide the Services in accordance with the Terms of Service and these Data Processing Terms.

3. Data Processing Details

3.1 Nature and Purpose of Processing

FireAce Solutions processes Personal Data for the purpose of providing the Services, which include recording, transcribing, summarizing, analyzing conversations, and integrating with third-party applications and services.

3.2 Types of Personal Data

The types of Personal Data processed may include:

  • Contact information (name, email address, phone number)
  • Account credentials
  • Voice recordings and transcriptions
  • Meeting and calendar data
  • User content and communications
  • Usage data and analytics
  • IP addresses and device information

3.3 Data Subjects

The Personal Data processed relates to the following categories of data subjects:

  • Customer's employees and contractors
  • Customer's clients and prospects
  • Meeting participants
  • Other individuals whose Personal Data is submitted to the Services

3.4 Duration of Processing

FireAce Solutions will process Personal Data for the duration of the agreement between Customer and FireAce Solutions, unless otherwise required by law.

4. Customer Obligations

Customer warrants that:

  • It has all necessary rights and has obtained all necessary consents to provide Personal Data to FireAce Solutions for processing;
  • Its processing instructions comply with Data Protection Laws;
  • It has provided appropriate notice to data subjects regarding the processing of their Personal Data;
  • Where required, it has obtained valid consent from data subjects for the recording of conversations.

5. FireAce Solutions Obligations

5.1 Compliance with Instructions

FireAce Solutions shall:

  • Process Personal Data only on documented instructions from Customer;
  • Ensure that persons authorized to process Personal Data are subject to confidentiality obligations;
  • Notify Customer if, in FireAce Solutions' opinion, an instruction infringes Data Protection Laws.

5.2 Security Measures

FireAce Solutions implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of Personal Data in transit and at rest;
  • Regular security assessments and penetration testing;
  • Access controls and authentication mechanisms;
  • Security monitoring and incident response procedures;
  • Regular backups and disaster recovery capabilities;
  • Employee training on data protection and security.

5.3 Sub-processors

FireAce Solutions may engage Sub-processors to process Personal Data. FireAce Solutions shall:

  • Maintain a list of Sub-processors;
  • Inform Customer of any intended changes concerning the addition or replacement of Sub-processors;
  • Ensure that Sub-processors are bound by data protection obligations equivalent to those in these Data Processing Terms;
  • Remain liable for the acts and omissions of its Sub-processors.

Current Sub-processors may include:

  • Cloud infrastructure providers (e.g., AWS, Google Cloud, Azure)
  • AI and transcription service providers
  • Authentication service providers
  • Analytics service providers

5.4 Data Subject Rights

FireAce Solutions shall, to the extent legally permitted, promptly notify Customer if it receives a request from a data subject to exercise their rights under Data Protection Laws. FireAce Solutions shall provide reasonable assistance to Customer to enable Customer to respond to such requests.

5.5 Data Breach Notification

FireAce Solutions shall notify Customer without undue delay after becoming aware of a personal data breach affecting Customer's Personal Data. Such notification shall include:

  • A description of the nature of the breach;
  • The categories and approximate number of data subjects and Personal Data records concerned;
  • The likely consequences of the breach;
  • Measures taken or proposed to address the breach and mitigate its possible adverse effects.

5.6 Assistance to Customer

FireAce Solutions shall provide reasonable assistance to Customer with:

  • Data protection impact assessments;
  • Consultations with supervisory authorities;
  • Implementing appropriate security measures;
  • Responding to data subject requests.

6. Data Transfers

6.1 International Transfers

Personal Data may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States. FireAce Solutions ensures that such transfers comply with Data Protection Laws through:

  • Standard Contractual Clauses approved by the European Commission;
  • Adequacy decisions issued by the European Commission;
  • Compliance with the EU-U.S. Data Privacy Framework;
  • Other lawful transfer mechanisms.

6.2 Data Privacy Framework Certification

FireAce Solutions complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.

7. Data Retention and Deletion

7.1 Retention

FireAce Solutions retains Personal Data for as long as necessary to provide the Services and as required by applicable law. Customer may configure retention settings within the Services.

7.2 Deletion

Upon termination or expiration of the agreement, FireAce Solutions shall, at Customer's choice:

  • Delete all Personal Data; or
  • Return all Personal Data to Customer in a commonly used format.

FireAce Solutions shall delete existing copies unless applicable law requires continued storage. Customer acknowledges that deleted data may persist in backups for up to 90 days.

8. Audits and Compliance

8.1 Audit Rights

FireAce Solutions shall make available to Customer all information necessary to demonstrate compliance with these Data Processing Terms and allow for and contribute to audits, including inspections, conducted by Customer or an auditor mandated by Customer.

8.2 Certifications

FireAce Solutions maintains industry-standard certifications and compliance programs, which may include:

  • SOC 2 Type II
  • ISO 27001
  • GDPR compliance
  • Privacy Shield/Data Privacy Framework certification

9. Artificial Intelligence Processing

9.1 AI Services

FireAce Solutions may use artificial intelligence and machine learning technologies to provide certain features of the Services, including transcription, summarization, and analysis.

9.2 AI Data Usage

Personal Data processed through AI services is used solely to provide the requested functionality to Customer. FireAce Solutions does not use Customer's Personal Data to train generalized AI models, except:

  • For user-specific personalization and improvements within Customer's organization;
  • With explicit consent from Customer.

9.3 AI Sub-processors

When AI services are provided by third-party Sub-processors, FireAce Solutions ensures that:

  • Such Sub-processors comply with these Data Processing Terms;
  • Personal Data is processed in accordance with Customer's instructions;
  • Appropriate safeguards are in place to protect Personal Data.

10. Google Workspace Integration

10.1 Google Calendar and Workspace Data

FireAce Solutions accesses Google Calendar events and other Workspace data solely to provide the Services, including:

  • Displaying events in the application dashboard;
  • Providing AI-driven assistance based on event context;
  • Integrating with meetings and scheduling.

10.2 Limited Use Requirements

FireAce Solutions' use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

FireAce Solutions:

  • Does not use Google Workspace data for advertising purposes;
  • Does not use Google Workspace data to train generalized AI/ML models;
  • Processes data only to provide or improve user-facing features of the Services;
  • Only transfers data to third parties as necessary to provide the Services or as legally required.

11. Recording Consent

11.1 Customer Responsibility

Customer is solely responsible for obtaining all necessary consents and providing appropriate notices before recording any conversation or meeting using the Services.

11.2 Consent Requirements

Customer must ensure compliance with all applicable recording laws and regulations, which may require:

  • Prior consent from all parties being recorded (two-party or all-party consent jurisdictions);
  • Clear notice that recording is taking place;
  • Opt-out mechanisms where required by law.

11.3 FireAce Solutions Features

FireAce Solutions may provide features to assist with consent management, such as recording notifications, but Customer remains solely responsible for legal compliance.

12. Liability and Indemnification

12.1 Liability

Each party's liability under these Data Processing Terms shall be subject to the limitations of liability set forth in the Terms of Service.

12.2 Indemnification

Customer shall indemnify, defend, and hold harmless FireAce Solutions from any claims, damages, losses, or expenses arising from:

  • Customer's violation of Data Protection Laws;
  • Customer's processing instructions that violate Data Protection Laws;
  • Customer's failure to obtain necessary consents or provide required notices.

13. Term and Termination

These Data Processing Terms shall remain in effect for as long as FireAce Solutions processes Personal Data on behalf of Customer. Upon termination, the data deletion provisions in Section 7 shall apply.

14. Changes to These Terms

FireAce Solutions may update these Data Processing Terms from time to time to reflect changes in:

  • Data Protection Laws;
  • The Services;
  • FireAce Solutions' data processing practices.

FireAce Solutions will provide notice of material changes and Customer's continued use of the Services constitutes acceptance of the updated terms.

15. Governing Law and Disputes

These Data Processing Terms shall be governed by the laws specified in the Terms of Service. Any disputes arising from these Data Processing Terms shall be resolved in accordance with the dispute resolution provisions in the Terms of Service.

16. Contact Information

For questions about these Data Processing Terms or data processing practices, please contact:

Email: security@efficlose.com or support@efficlose.com

Address: FireAce Solutions s.r.o., Sokolovská 428/130, Karlín, 186 00 Praha 8, Czech Republic

Data Protection Officer: For GDPR-related inquiries, you may contact our Data Protection Officer at dpo@efficlose.com

Last Updated: February 24, 2025

These Data Processing Terms are effective as of the date Customer first accesses or uses the Services and remain in effect for the duration of the agreement between Customer and FireAce Solutions.