Governing how QbiTrack processes Personal Data on behalf of Customers in accordance with applicable data protection laws.
Effective Date: June 12, 2026.
This Data Processing Agreement ("DPA") forms part of and supplements the Terms of Service between QbiTrack, a service operated by Qbit Cloud IT ("Processor", "QbiTrack", "we", "our", or "us") and the Customer ("Controller", "Customer", "you", or "your").
This DPA applies whenever QbiTrack processes Personal Data on behalf of a Customer in connection with the provision of server-side tracking, event processing, analytics infrastructure, and related services.
The purpose of this DPA is to define the rights and obligations of the parties regarding the processing of Personal Data and to establish safeguards designed to protect such information in accordance with applicable data protection laws.
This DPA applies to all Personal Data processed by QbiTrack on behalf of Customers.
Applicable Data Protection Laws — All applicable privacy, data protection, and data security laws and regulations, including where applicable: GDPR (EU) 2016/679, UK GDPR, Data Protection Act 2018, CCPA, CPRA, and other applicable privacy regulations.
Controller — The entity that determines the purposes and means of processing Personal Data.
Processor — The entity processing Personal Data on behalf of a Controller.
Personal Data — Any information relating to an identified or identifiable natural person.
Processing — Any operation performed on Personal Data including collection, storage, organization, transmission, disclosure, deletion, or destruction.
Data Subject — An identified or identifiable individual whose Personal Data is processed.
Subprocessor — Any third party engaged by QbiTrack to assist in providing Services involving the processing of Personal Data.
QbiTrack provides services including:
As part of providing these Services, QbiTrack may process Personal Data on behalf of Customers.
The parties acknowledge and agree that:
The Customer shall:
The Customer shall not transmit Personal Data in violation of applicable laws.
QbiTrack shall process Personal Data only:
If QbiTrack is required by law to process Personal Data beyond Customer instructions, QbiTrack shall, where legally permitted, inform the Customer before such processing.
Depending on Customer implementation, Personal Data processed through QbiTrack may include:
QbiTrack does not require Customers to submit special categories of Personal Data unless specifically agreed in writing.
Data Subjects may include: website visitors, application users, customers of the Customer, prospective customers, leads, subscribers, employees (where applicable), and business contacts. The exact categories depend on Customer implementation.
QbiTrack shall process Personal Data only for the duration necessary to provide Services and fulfill contractual obligations.
Upon termination of Services, Personal Data shall be deleted or returned in accordance with Section 15 of this Agreement, unless retention is required by law.
QbiTrack shall ensure that individuals authorized to process Personal Data are bound by confidentiality obligations, receive appropriate training where necessary, and access Personal Data only as required to perform their duties.
Confidentiality obligations shall survive termination of this Agreement.
QbiTrack shall implement reasonable technical and organizational measures designed to protect Personal Data against unauthorized access, accidental destruction, loss, alteration, disclosure, and misuse.
Such measures may include:
No security measure can guarantee absolute protection.
The Customer authorizes QbiTrack to engage Subprocessors as reasonably necessary to provide Services, which may include: cloud infrastructure providers, content delivery networks, monitoring services, payment processors, customer support platforms, and security service providers.
QbiTrack shall take reasonable steps to ensure that Subprocessors are subject to appropriate data protection obligations.
Personal Data may be processed in jurisdictions outside the Customer's country. Where required under Applicable Data Protection Laws, QbiTrack shall implement reasonable safeguards designed to facilitate lawful international data transfers.
Customers acknowledge that modern cloud infrastructure may involve international processing locations.
If QbiTrack receives a request directly from a Data Subject regarding Personal Data processed on behalf of a Customer, QbiTrack may forward the request to the Customer, advise the Data Subject to contact the Customer directly, or provide reasonable assistance where appropriate.
The Customer remains responsible for responding to Data Subject requests.
Upon termination of Services and subject to legal obligations, QbiTrack shall at its discretion delete Personal Data, return Personal Data where technically feasible, or anonymize information so that it can no longer identify individuals.
Backup systems may retain data for a limited period before automatic deletion.
If QbiTrack becomes aware of a confirmed Personal Data Breach affecting Personal Data processed on behalf of a Customer, QbiTrack shall investigate the incident, take reasonable steps to mitigate impacts, notify affected Customers without undue delay when legally required, and provide available information reasonably necessary to assist the Customer in meeting legal obligations.
Notification does not constitute an admission of fault or liability.
Upon reasonable written request and subject to confidentiality obligations, QbiTrack may provide information reasonably necessary to demonstrate compliance with this DPA.
Requests must be reasonable in scope, not compromise security, not interfere with operations, and not require disclosure of confidential information belonging to other customers. QbiTrack may satisfy such requests through documentation, certifications, reports, or other appropriate methods.
The liability of each party under this DPA shall be subject to the limitations and exclusions contained within the Terms of Service. Nothing in this DPA shall create unlimited liability unless required by applicable law.
This DPA shall be governed by the laws specified in the applicable Terms of Service between the parties. Where no governing law is specified, the laws of Bangladesh shall apply.
In the event of conflict, the following order shall apply: (1) this DPA regarding data protection matters; (2) Terms of Service; (3) other agreements.
QbiTrack may update this DPA to reflect legal developments, regulatory guidance, service changes, or operational requirements. Updated versions shall become effective upon publication unless otherwise specified.
Questions regarding this Data Processing Agreement may be directed to:
QbiTrack – A Service of Qbit Cloud IT
Support Email: support@qbitrack.com
General Email: info@qbitrack.com
Phone: +880 1911-510015
Website: https://qbitcloudit.com
Country: Bangladesh
We reply within 2 hours, even on weekends. Tell us about your current tracking setup and what you'd like to improve.
