Last Updated December 4 2025
This Data Processing Agreement is an agreement between FileWays and the Customer. It governs how FileWays processes personal data on behalf of the Customer while providing cloud storage, file sharing, and related services. This agreement forms part of the Terms of Service and applies whenever the Customer uploads or stores personal data using FileWays.
If you have questions, contact us at support@fileways.com.
1. Definitions
For this agreement:
Customer means the individual or organization that uses FileWays services.
Personal Data means any information that identifies or can identify a natural person.
Processing means any action performed on personal data including storage, access, transfer, organization, or deletion.
Controller means the party that decides how and why personal data is processed.
Processor means the party that processes personal data on behalf of the Controller.
Applicable Law means all privacy and data protection laws in all jurisdictions where users are located.
Subprocessor means any third party engaged by FileWays to support the service.
The Customer is the Controller. FileWays is the Processor.
2. Scope of Processing
FileWays processes personal data only to provide cloud storage, file sharing, collaboration tools, customer support, billing services, and platform maintenance. Processing includes storing files, handling account information, and enabling sharing features.
FileWays will not process personal data for any purpose other than the delivery of FileWays services.
3. Global Data Protection Compliance
FileWays operates under a unified global privacy framework and complies with all relevant data protection laws including:
European Union General Data Protection Regulation
United Kingdom General Data Protection Regulation
California Consumer Privacy Act and California Privacy Rights Act
Brazil General Data Protection Law
Canada Personal Information Protection and Electronic Documents Act
South Africa Protection of Personal Information Act
Singapore Personal Data Protection Act
Malaysia Personal Data Protection Act
Thailand Personal Data Protection Act
Australia Privacy Act
New Zealand Privacy Act
Japan Act on the Protection of Personal Information
India Digital Personal Data Protection Act
Other applicable privacy rules across the Middle East, Africa, Asia, Europe, and the Americas
FileWays will follow the highest applicable level of protection across all regions.
4. Controller Instructions
FileWays processes personal data only on documented instructions from the Customer. These instructions include the use of FileWays features and the actions taken by authorized users in the Customer account.
If FileWays believes any instruction violates privacy law, FileWays will inform the Customer.
5. Confidentiality
FileWays ensures that all team members with access to personal data are bound by strict confidentiality obligations. Only authorized personnel will access data and only when required for service delivery.
6. Security Practices
FileWays maintains strong technical and organizational measures to protect personal data. These include:
Encryption during transfer using secure protocols
Encryption while stored using industry standard methods
Strict access controls and multi factor authentication for internal systems
Monitoring for suspicious activity
Secure physical data center environments
Regular security testing
Redundant backups to prevent data loss
FileWays continually improves security practices to meet global standards.
7. Subprocessors
FileWays uses trusted third parties to support the platform. These Subprocessors may include:
Cloud infrastructure providers
Payment processors
Analytics and support tools
Content delivery networks
FileWays ensures all Subprocessors follow strict privacy and security standards. A list of current Subprocessors is available upon request. The Customer may object to a new Subprocessor when justified.
8. International Transfers
FileWays may transfer personal data to other regions to deliver the service. All transfers comply with privacy laws using measures such as Standard Contractual Clauses, approved safeguards, and strong encryption.
FileWays ensures the same level of protection for all transfers.
9. Data Retention and Deletion
FileWays retains data for as long as needed to provide services, meet legal requirements, or support account functions. When the Customer deletes data or closes an account, FileWays permanently removes personal data after the required retention period.
If the Customer requests earlier deletion, FileWays will comply unless required by law to retain specific information.
10. Assistance to the Controller
FileWays will assist the Customer with:
Responding to data subject requests
Reporting and managing data breaches
Complying with record keeping obligations
Maintaining privacy and security documentation
Requests must be submitted to support@fileways.com.
11. Data Subject Rights
FileWays supports the Customer in fulfilling rights granted to individuals under privacy laws. These rights may include:
Right of access
Right of rectification
Right of erasure
Right of restriction
Right of portability
Right to object
Right to withdraw consent
FileWays will help the Customer manage these requests when they relate to FileWays services.
12. Data Breach Notification
If FileWays becomes aware of a personal data breach, FileWays will:
Investigate the incident
Take immediate steps to reduce harm
Notify the Customer without undue delay
Provide updates and relevant details
Assist with legal notification requirements
The Customer is responsible for notifying affected individuals unless otherwise required.
13. Audits
The Customer may request information to verify compliance. FileWays will provide relevant documentation and security summaries. Direct audits are permitted only when required by law and must be reasonable, scheduled in advance, and limited in scope.
14. Customer Responsibilities
The Customer agrees to:
Use FileWays in compliance with all applicable privacy laws
Obtain consent when required
Manage access to user accounts
Protect login credentials
Limit personal data stored in FileWays to what is necessary
The Customer must not upload illegal content or violate any data protection rules.
15. Term and Termination
This agreement remains valid for as long as the Customer uses FileWays. When services end, FileWays will delete or return personal data as requested, except for data required by law.
16. Contact Information
Questions about this Data Processing Agreement can be sent to:
FileWays Privacy Team
Email: support@fileways.com