Last Updated: March, 2026
This Data Processing Agreement (“DPA”) forms part of the Master Subscription Agreement between Labor Safety Group LLC (“Processor”) and the customer entity (“Controller”) and governs the processing of Personal Data by Processor on behalf of Controller.
For the purposes of this DPA:
Personal Data means any information relating to an identified or identifiable natural person.
Processing means any operation performed on Personal Data such as collection, storage, use, or deletion.
Controller means the entity that determines the purposes and means of processing Personal Data.
Processor means Labor Safety Group LLC processing Personal Data on behalf of the Controller.
Definitions not specifically defined here shall have the meanings given under applicable Data Protection Laws, including the General Data Protection Regulation (GDPR) where applicable.
Processor will process Personal Data solely for the purpose of providing the services described in the Master Subscription Agreement.
The categories of data processed may include:
account information (name, email, company name)
training records and related platform data
The categories of data subjects may include:
employees or users of the Controller’s organization.
Processor shall process Personal Data only on documented instructions from the Controller, including with respect to transfers of Personal Data to third countries, unless required to do so by applicable law.
Processor shall ensure that any personnel authorized to process Personal Data:
are subject to appropriate confidentiality obligations
receive appropriate training regarding data protection responsibilities.
Processor shall implement appropriate technical and organizational measures designed to protect Personal Data against:
unauthorized access
accidental loss
destruction or disclosure
Security measures may include encryption, secure infrastructure, and access controls.
Controller grants Processor a general authorization to engage sub-processors in connection with the provision of the Services, including cloud infrastructure providers.
Processor shall ensure that any sub-processor is subject to data protection obligations substantially similar to those contained in this DPA.
Processor shall notify Controller without undue delay after becoming aware of a Personal Data breach affecting Personal Data processed on behalf of the Controller.
Processor will provide reasonable information available to assist the Controller in fulfilling any applicable legal obligations.
Processor shall provide reasonable assistance to the Controller in responding to requests from individuals seeking to exercise their rights under applicable data protection laws, including requests for access, correction, or deletion of Personal Data.
Upon termination of the Services, Processor shall delete or return Personal Data processed on behalf of the Controller, unless retention is required by applicable law.
Personal Data may be processed in the United States or other jurisdictions where the Processor or its sub-processors operate.
Processor shall ensure that such transfers comply with applicable Data Protection Laws.
For questions regarding this DPA, please contact:
Labor Safety Group LLC
Email: [email protected]