In the course of providing our services to our customers, Crystal Summit may process personal data on our customer’s behalf where such personal data is subject to EU data protection laws like GDPR. To this end, we have created a data protection addendum (DPA) which can be used to form a legally binding agreement between you (as Controller) and us (as Processor) whilst you are a Crystal Summit customer. Please note that we are not able to change this data protection addendum for any particular customer. If you use our services to store/manage data that is subject to the GDPR, then it is your responsibility to ensure there is an agreement between us for us to process such data. Please contact us here if you need a DPA with us.