Mojja.io Data Processing Addendum (Enterprise Final)
Aligned with Mojja’s hospitality SaaS model and operational support services across all paid subscription tiers.
Purpose
This Data Processing Addendum (DPA) forms part of the agreement between the Customer (Controller) and Mojja (Processor) for processing personal data.
This Data Processing Addendum (DPA) forms part of the agreement between the Customer (Controller) and Mojja (Processor) for processing personal data.
Scope
This DPA applies to all Mojja subscription plans, including Starter, and to all processing activities required to deliver the service.
This DPA applies to all Mojja subscription plans, including Starter, and to all processing activities required to deliver the service.
Nature and Purpose of Processing
Processing includes message routing, workflow automation, booking coordination, operational reporting, support, and related hospitality operational services.
Processing includes message routing, workflow automation, booking coordination, operational reporting, support, and related hospitality operational services.
Categories of Data
Data may include guest contact details, communication content, booking information, staff assignment data, and operational metadata
Data may include guest contact details, communication content, booking information, staff assignment data, and operational metadata
Processor Obligations
Mojja will process data only on documented instructions, maintain confidentiality, implement security measures, and assist the Controller where required.
Mojja will process data only on documented instructions, maintain confidentiality, implement security measures, and assist the Controller where required.
Security Measures
Mojja implements technical and organisational measures including access controls, encryption in transit, and operational safeguards.
Mojja implements technical and organisational measures including access controls, encryption in transit, and operational safeguards.
Subprocessors
Mojja may engage subprocessors for infrastructure, messaging, analytics, or payments. Mojja remains responsible for ensuring appropriate safeguards.
Mojja may engage subprocessors for infrastructure, messaging, analytics, or payments. Mojja remains responsible for ensuring appropriate safeguards.
International Transfers
Where data is transferred internationally, Mojja applies appropriate safeguards consistent with applicable data protection laws
Where data is transferred internationally, Mojja applies appropriate safeguards consistent with applicable data protection laws
Data Subject Rights
Mojja will assist customers in responding to access, correction, deletion, or other data subject requests where required.
Mojja will assist customers in responding to access, correction, deletion, or other data subject requests where required.
Breach Notification
Mojja will notify customers without undue delay after becoming aware of a personal data breach affecting customer data.
Mojja will notify customers without undue delay after becoming aware of a personal data breach affecting customer data.
11. Return or Deletion
Upon termination, Mojja will return or delete personal data as agreed, unless retention is required by law.
Upon termination, Mojja will return or delete personal data as agreed, unless retention is required by law.