Legal

Meeting the data processing agreement (DPA) requirement

As many of our customers are aware, the EU’s General Data Protection Regulation (GDPR) came into effect on 25 May 2018 and South Africa’s Protection of Personal Information Act (POPIA) will come into effect on 1 July 2021. Many organisations have geared up to comply with their regulatory obligations under data protection law by these dates. We have done the same. We are committed to complying with our obligations in data protection law, including in our role as a data processor (or operator as it is called in South Africa) for our customers.

What role does xneelo perform for you?

We are the data controller (or responsible party as it is called in South Africa) of your personal data when you sign up with us. We are the processor (or operator) when we store the personal data of your data subjects that you have uploaded to your hosting package on our servers.

When we provide services to you, you are the data controller for the personal data you process because you decide the purpose and means of how the personal data of your data subjects gets processed. This means that you decide how and why we process your data when we provide services to you. You are responsible or accountable for complying with data protection laws for the personal data of your data subjects.

As a processor, we merely process the personal data on your behalf, such as hosting your data on our managed hosting servers. We are a ‘low-touch’ processor, which means that xneelo has no knowledge of the actual content of data that our controllers or customers store on our hosting platform.

What are the data protection law requirements?

As the controller, data protection law (such as the GDPR in the EU or POPIA in South Africa) requires you to conclude agreements with your processors when they process the personal data of your data subjects. Some customers require their processors to sign a Data Processing Agreement (DPA) to fulfil this requirement.

At xneelo, we have taken the proactive step to include our DPA as part of our Terms of Service. This means that you do not need anything additional to ensure compliance with data protection laws.

Our DPA describes the way we meet our processor obligations such as:

Processing your data only in accordance with your instructions as the controller;
Implementing and maintaining appropriate technical and organisational measures; and
Notifying you of personal data incidents.
You can read more about our DPA in our Terms of Service under ‘Data Processing’ (clause 19), or find out more on our website’s Legal Centre.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Analytics" category.
cookielawinfo-checkbox-functional	1 year	The GDPR Cookie Consent plugin sets the cookie to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-marketing	1 year	This cookie is set by the GDPR Cookie Consent plugin to store the user consent for the cookies in the category "Marketing".
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Necessary" category.
cookielawinfo-checkbox-others	1 year	Set by the GDPR Cookie Consent plugin, this cookie stores user consent for cookies in the category "Others".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
debug	never	No description available.
viewed_cookie_policy	1 year	The GDPR Cookie Consent plugin sets the cookie to store whether or not the user has consented to use cookies. It does not store any personal data.

Cookie	Duration	Description
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
li_gc	5 months 27 days	Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes.
ln_or	1 day	Linkedin sets this cookie to registers statistical data on users' behaviour on the website for internal analytics.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.
_fw_crm_v	1 year	FreshChat uses this cookie to track visitor identity and chat sessions performed.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_gat_UA-*	1 minute	Google Analytics sets this cookie for user behaviour tracking.n
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
_hjAbsoluteSessionInProgress	30 minutes	Hotjar sets this cookie to detect a user's first pageview session, which is a True/False flag set by the cookie.
_vwo_uuid_v2	1 year	This cookie is set by Visual Website Optimiser and calculates unique traffic on a website.

Cookie	Duration	Description
AnalyticsSyncHistory	1 month	Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie.
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser IDs.
bscookie	1 year	LinkedIn sets this cookie to store performed actions on the website.
fr	3 months	Facebook sets this cookie to show relevant advertisements by tracking user behaviour across the web, on sites with Facebook pixel or Facebook social plugin.
li_sugr	3 months	LinkedIn sets this cookie to collect user behaviour data to optimise the website and make advertisements on the website more relevant.
uuid	3 months	MediaMath sets this cookie to avoid the same ads from being shown repeatedly and for relevant advertising.
zukoVisitorId	1 year	No description available.
zukoVisitorId-7f96a3b640b14eb8	1 year	Description is currently not available.
_fbp	3 months	Facebook sets this cookie to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising after visiting the website.
_gcl_au	3 months	Google Tag Manager sets the cookie to experiment advertisement efficiency of websites using their services.
_hjFirstSeen	30 minutes	Hotjar sets this cookie to identify a new user’s first session. It stores the true/false value, indicating whether it was the first time Hotjar saw this user.
_hjIncludedInSessionSample_1418369	2 minutes	Description is currently not available.
_hjSessionUser_1418369	1 year	Description is currently not available.
_hjSession_1418369	30 minutes	Description is currently not available.
_vwo_ssm	1 year 1 month 4 days	This cookie is set by VWO to track visitor behavior.
_zg1686212616839	session	Description is currently not available.

Search for a domain

Transfer a domain

Web Hosting

Volume Plan

Managed Servers

Self-Managed Servers

Colocation

xneelo Cloud

Recent Insights

Advice

News

Product Updates

Customer Stories

Contact us

Help Centre

Network Status

Introducing the xneelo Control Panel

Meeting the data processing agreement (DPA) requirement

What role does xneelo perform for you?

What are the data protection law requirements?

Expert advice & more, straight to your inbox.

Products

Company

Support

Legal

Meeting the data processing agreement (DPA) requirement

What role does xneelo perform for you?

What are the data protection law requirements?

Expert advice & more, straight to your inbox.

Social Media

Products

Company

Support

Legal