Data Processing Agreement

How we process data on behalf of our clients

Last updated: January 1, 2025

1. Scope and Purpose

This Data Processing Agreement ("DPA") governs the processing of personal data by NextHire Consulting ("Processor") on behalf of our enterprise clients ("Controller") in connection with the NextHire platform and services.

2. Data Processing Obligations

NextHire will:

  • Process personal data only on documented instructions from the Controller
  • Ensure confidentiality of personal data through appropriate technical and organizational measures
  • Notify the Controller of any personal data breach without undue delay
  • Assist the Controller in responding to data subject rights requests
  • Delete or return all personal data upon termination of services

3. Sub-processors

NextHire uses the following categories of sub-processors: cloud hosting providers, payment processors, analytics services, and email service providers. A current list of sub-processors is available upon request.

4. Data Transfers

Any transfer of personal data outside of the originating country will be subject to appropriate safeguards in accordance with applicable data protection law.

5. Security Measures

NextHire implements the following security measures: encryption at rest and in transit, access controls and authentication, regular security assessments, and incident response procedures.

6. Contact

For DPA inquiries, contact our Data Protection Officer at dpo@nexthireconsulting.com.