This Data Processing Agreement ("DPA") is part of our Terms of Service and Privacy Policy, making sure we follow India's Digital Personal Data Protection Act, 2023 (DPDPA), GDPR, CCPA, and any other laws that apply. Here's where we lay out how we handle your personal data when you use our SMM services—what we do, what we protect, and what you can expect from us.
This DPA is between Salezmedia ("Data Processor") and you, our user or customer ("Data Controller"). It covers all processing of your personal data—like social media usernames, profile links, or IP addresses—when you use our SMM panel.
When you use our services, you agree to this DPA. It's tied in with our main Terms of Service and Privacy Policy.
Personal Data means any information about a person that you give us through orders—like usernames or email addresses.
Processing means collecting, storing, and using your data so we can deliver the SMM services you ordered (followers, likes, views, and so on). We also use it for things like fighting fraud and making our service better.
What data do we process?
You promise that you have the right to share this data with us, and that what you give us is accurate.
Here's what Salezmedia commits to:
Sometimes we need to use other companies—like AWS India or payment gateways—to help deliver our service. You can ask for a list of these sub-processors.
All our sub-processors have to follow the same rules in this DPA. If we plan to add or change a sub-processor, we'll give you a heads up, and you can object within 30 days if you have a good reason.
If we ever need to transfer your personal data outside India, we'll make sure it's protected—using things like Standard Contractual Clauses or an adequacy decision. We won't send your data to risky places without asking you first.
Security: We adapt our security to the risk. That means access controls, encrypting data at rest and in transit, regular vulnerability scans, and having a plan for handling incidents.
Audits: You can ask to audit how we comply with this DPA once a year. Just give us 60 days' written notice. We'll try to handle audits remotely, and you cover the costs.
Data Subject Rights: We'll help you answer requests from people about their personal data. You're mainly responsible for handling these, but we'll pitch in where we can. We don't make automated decisions about your data that have legal effects without your input.
If you stop using our services or this DPA ends, you can tell us to either delete your data or return it to you within 30 days. The only exception is data we have to keep for legal reasons—like keeping transaction records for audits for up to 7 years.
If you want proof of deletion, we'll confirm in writing. Even after this agreement ends, we'll still keep your data confidential, secure, and notify you of any breaches.
Liability: Each of us is responsible for direct damages caused by our own gross negligence or intentional misconduct. Our total liability under this DPA won't exceed what you paid for our services in the 12 months before the issue came up.
Governing Law & Disputes: Indian law applies to this DPA. If there's a dispute, it goes to the courts in Mumbai, as per our Terms of Service.
We might update this DPA. If we make any big changes, we'll let you know.
Effective Date: December 10, 2025.
For questions regarding this Data Processing Agreement, contact legal@salezmedia.com