This Data Processing Agreement (“DPA”) is an addendum to the Terms of Use between STRUCK.build B.V., (a private company with limited liability, registered with the Chamber of Commerce under number 92270271) and the Customer and reflects the parties’ agreement with regard to the processing of Personal Data (as defined below) in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

Key Highlights:

• Privacy Policies: Struck’s Privacy Policy and Terms & Conditions are available on their public website.

• Data Protection Officer: Nikhil Nagaraj is Struck’s appointed Data Protection Officer (DPO), responsible for ensuring adherence to privacy and security policies.

• Types of Data Managed: Struck manages various data types including personally identifiable information (PII), payment information, chat data, and project documents, all handled with strict security measures.

• Security Measures: Struck follows best practices such as multifactor authentication (MFA), data encryption, and secure vendor selection to protect data. Security is built into the design and operation of their services, ensuring a defense-in-depth approach.

• Incident Management: Struck has established protocols for responding to data breaches, including swift communication with impacted users and corrective actions.

For a more detailed breakdown, see the full document linked below.