Public Data Processing Addendum baseline.

1. Parties and scope

This DPA applies where Meakes Ltd t/a Linxis processes personal data on behalf of a customer in connection with the Linxis Magento to QuickBooks service.

2. Roles

Where the customer determines the purposes and means of processing, the customer acts as controller and Linxis acts as processor. Linxis may act as its own controller for separate business purposes such as account administration, billing, security, and direct customer communications.

3. Subject matter and duration

Processing covers the provision, support, and operation of the Linxis service for as long as the customer account remains active and for any additional period required to wind down the service, resolve disputes, or meet legal obligations.

4. Nature and purpose of processing

Processing may include receiving sync requests, connecting Magento and QuickBooks, applying export rules and mappings, tracking sync-job outcomes, troubleshooting failures, providing support, and administering billing and service operations.

5. Personal data and data subjects

Depending on customer use, the service may process account details, store/integration settings, sync records, order-related data, support communications, and operational logs. Data subjects may include customer personnel, store administrators, and individuals whose details are contained in synced order data.

6. Linxis obligations

• process personal data only to deliver and support the service, or as otherwise permitted by law
• keep customer data confidential and limit access to authorised personnel or service providers
• maintain appropriate technical and organisational measures for the current service context
• assist the customer with reasonable information requests related to processor obligations

7. Customer obligations

• ensure the customer has a lawful basis to share data with Linxis
• configure the service responsibly, including integrations, mappings, and user access
• give lawful instructions and remain responsible for controller-side obligations
• notify Linxis promptly of any data-handling issue that may affect the service relationship

8. Security and confidentiality

Linxis will maintain measures appropriate to the nature of the service and the data being processed. These may include authenticated account access, protected API flows, tenant-aware controls, and operational monitoring of sync activity.

9. Subprocessors

Linxis may use approved subprocessors and third-party service providers to operate the service. A public working list is available on the Subprocessors page.

10. International transfers

Where personal data is transferred internationally, Linxis will rely on transfer mechanisms and safeguards required by applicable law for the relevant processing relationship.

11. Rights requests and incident cooperation

Linxis will provide reasonable cooperation if the customer needs help responding to a data subject rights request, regulator enquiry, or a security issue that materially affects the customer’s data in the service.

12. Return and deletion

At the end of the service relationship, Linxis may delete or return customer data in line with the contract, operational constraints, backup retention, and any legal obligations that still apply.

13. Audit information

Linxis can provide reasonable information about its current processor-side practices, subject to confidentiality, proportionality, and the need to protect other customers and the security of the service.

14. Contact

If you need a signed version, contract-specific language, or procurement discussion around this DPA baseline, contact Linxis directly.