Legal
Hosted Data Processing Addendum
Effective date: March 31, 2026
This Hosted Data Processing Addendum applies where Infoseed processes personal information on behalf of a client in connection with a hosted service.
This addendum should be read together with the Service Terms, the Privacy Policy, and any signed proposal, order form, or managed-service agreement.
Roles
For personal information processed by Infoseed on the client’s behalf as part of a hosted service:
- the client is the party deciding the purpose and permitted use of the processing for its business workflow
- Infoseed acts as a service provider operating the hosted service under the client’s documented instructions, subject to law
Subject Matter and Duration
The subject matter of the processing is the operation, support, monitoring, maintenance, and improvement of the hosted service agreed with the client.
The duration of the processing is the term of the hosted service, plus any reasonably necessary period for backup cycles, legal compliance, security review, or dispute handling.
Nature of Processing
Processing may include collection, storage, organisation, retrieval, transmission, analysis, support access, deletion, or other handling reasonably required to provide the hosted service.
Types of Data
Depending on the client workflow, processed information may include:
- contact and account data
- chat or form submissions
- support records
- service logs and usage metadata
- uploaded documents or workflow payloads
Client Instructions
Infoseed will process personal information in line with the client’s documented instructions as reflected in the service configuration, written requests, approved workflows, commercial documents, and support directions, except where law requires otherwise.
The client is responsible for ensuring its instructions are lawful and appropriate for the personal information involved.
Confidentiality and Security
Infoseed will take reasonable steps to ensure that personnel and contractors with access to personal information are subject to appropriate confidentiality obligations.
Infoseed will take reasonable technical and organisational measures appropriate to the hosted service to protect personal information against misuse, interference, loss, and unauthorised access, modification, or disclosure.
Subprocessors
The client authorises Infoseed to use subprocessors, infrastructure providers, and supporting service providers where reasonably required to deliver the hosted service.
Infoseed will remain responsible for managing those provider relationships to a standard appropriate for the hosted service.
Data Incidents
If Infoseed becomes aware of a confirmed security incident affecting personal information in the hosted service, it will take reasonable steps to contain, assess, and respond to the incident and to notify the client as appropriate to the circumstances.
Return or Deletion
On termination of the hosted service, Infoseed may delete or de-identify hosted personal information in accordance with the client agreement, backup lifecycle, legal obligations, and operational requirements, unless retention is required by law or reasonably necessary for dispute resolution or security purposes.
Order of Precedence
If there is any inconsistency between this Hosted Data Processing Addendum and a signed client agreement that specifically addresses data processing, the signed client agreement will control to the extent of that inconsistency.
Contact
Questions about this Hosted Data Processing Addendum can be sent to hello@infoseed.com.au.
