vr tech info logo
Legal Background

Data Processing

Last Updated: January 23, 2026

DPA Overview

Data Stewardship

We process your data only as instructed and for specified purposes.

Active Defense

Layered security protocols ensure data integrity and confidentiality.

Compliance

Aligned with GDPR, PIPEDA, and international data standards.

Rights

Full support for data subject requests and portability.

This Data Processing Agreement ("DPA") establishes the strict standards by which VR Tech Info Inc. ("Processor") handles personal data on behalf of our clients ("Controller").

1. Roles & Responsibilities

The Controller (You)

As the Controller, you determine the purpose and legal basis for processing. You ensure that you have all necessary consents or legal grounds to share data with us.

The Processor (Us)

As the Processor, we act strictly upon your documented instructions. We never use your data for our own marketing or share it with third parties outside this agreement.

2. Advanced Security Measures

Our commitment to security is absolute. We maintain a multi-layered defense:

EncryptionEnd-to-end encryption for data both in transit (TLS 1.3) and at rest (AES-256).
Access ControlStrict Principle of Least Privilege (PoLP) and Multi-Factor Authentication for all staff.
Monitoring24/7 logging and automated threat detection across all processing environments.
AuditsPeriodic internal and external security audits to ensure continued compliance.

3. Breach Notification

In the unlikely event of a data breach, we follow a rapid response protocol:

  • Detection: Immediate isolation and investigation by our security team.
  • Notification: We notify the Controller without undue delay (typically within 48 hours).
  • Assistance: We provide full detailed reports to help you meet your regulatory reporting obligations.

4. Audit & Inspection Rights

We believe in complete transparency. Clients have the right to conduct audits or inspections of our processing facilities and data handling practices, provided reasonable notice is given.

5. Data Return & Deletion

Upon completion of our services, we will—at your choice—securely delete or return all personal data, unless applicable laws require a specific retention period. We provide a Certificate of Destruction upon request.

DPA Inquiries

For more details on our data processing or to request a signed copy of our DPA:

Data Protection Office

privacy@vrtechinfoinc.ca

VR Tech Info Inc. | Security First Enterprise IT