Data Processing Agreement (Explainer)
This article provides additional context to ContentKing's Data Processing Agreement which our new and existing customers are asked to accept when using the ContentKing platform.
You can read the ContentKing Data Processing Agreement in full here.
What is a Data Processing Agreement?
Data Processing Agreements (DPAs) are part of the EU GDPR framework to protect the processing of personal data. When personal data is processed a DPA needs to be in place to describe the nature of the processing, and how it's safeguarded.
Why is a DPA needed?
Although we can't be sure of this, it could be that the websites in your ContentKing account contain personal data, which is then processed by the ContentKing platform.
If the websites you're monitoring in your ContentKing account contain personal data, there is a legal requirement to enter into a Data Processing Agreement with ContentKing to continue using our services.
If you are certain that the websites in your ContentKing account don't contain personal data, and that you don't process personal data through our services, you don't need to enter into a DPA with ContentKing.
If you're not sure about the processing of any personal data, or if you believe the websites in your ContentKing account may contain personal data in the future, we advise you to have a DPA with ContentKing anyway. The DPA will then apply as soon as the websites in your ContentKing account contain personal data and personal data are being processed.
If you don't enter into a DPA with ContentKing, we assume that you don't process any personal data through our services.
What personal data is in scope of the ContentKing DPA
The DPA only applies to the publicly available personal data on your or your clients' websites (if any is present) that ContentKing can access and process as part of the regular monitoring.
A good example of such personal data would be a team page, such as the team page on our website. The ContentKing Team page contains the first and last names of ContentKing's team members which are considered personal data.
Another example could be authors of blog and other articles, which our users often track in ContentKing using the Custom Element Extraction feature.
If any such data (first and last name, date of birth, etc.) is publicly accessible on any of your monitored websites, ContentKing will process it when monitoring the pages.
And if this is the case, there's a legal requirement to enter into the DPA with ContentKing.
What personal data is not in scope of the ContentKing DPA
The DPA does not apply to personal data which your website gathers from visitors via website forms and other channels, as ContentKing does not have access to this data in the first place.
Furthermore, the DPA does not apply to any personal data that you process internally (again, ContentKing does not have access to this data).
If you have any additional questions about the DPA, don't hesitate to contact us!