Last Updated: 21 May 2026
This Data Processing Addendum (“DPA”) forms part of the Terms of Service (“Agreement”) between:
Customer (“Controller”)
and
Marketiga (“Processor”)
1. Purpose
This DPA governs the processing of Personal Information by Marketiga on behalf of the Customer.
2. Roles of the Parties
- The Customer acts as the data controller, determining the purposes and means of processing.
- Marketiga acts as the data processor, processing data on behalf of the Customer.
3. Scope of Processing
Nature and Purpose
Processing is performed to provide the Marketiga SaaS platform, including:
- Video interview hosting
- Candidate communication
- Storage and processing of uploaded data
Categories of Personal Information
- Names and contact details (e.g. email)
- Candidate video recordings
- Files and documents uploaded by customers
- Recruitment-related data
Categories of Data Subjects
- Candidates
- Customer staff/users
Duration
Processing continues for the duration of the Agreement.
4. Processor Obligations
Marketiga will:
- Process personal information only on documented instructions from the Customer
- Use data solely to provide the Services
- Not use customer data for marketing or advertising
- Ensure personnel are bound by confidentiality obligations
- Implement reasonable technical and organisational security measures
- Assist the Customer with data protection obligations where reasonably required
5. Security Measures
Marketiga implements reasonable safeguards, including:
- Access controls
- Secure hosting environments
- Data encryption where appropriate
6. Subprocessors
Marketiga may use subprocessors (e.g. cloud providers, infrastructure services).
- Customers authorise the use of subprocessors necessary to provide the Services
- Marketiga will take reasonable steps to ensure subprocessors handle data securely
A list of our subprocessors is available.
7. Cross-Border Data Transfers
- Data is stored in Australia
- Customer saved data is processed in Australia. Limited processing may occur outside Australia (e.g. third-party scripts such as Google Analytics)
- Marketiga takes reasonable steps to ensure compliance with applicable privacy obligations
8. Data Subject Rights
Marketiga will, where reasonably practicable:
- Assist Customers in responding to requests for access, correction, or deletion of personal information
9. Data Breach Notification
Marketiga will:
- Notify the Customer of any suspected data breach affecting Customer data without undue delay
Customers remain responsible for:
- Compliance with notification obligations under the Notifiable Data Breaches scheme
10. Data Retention and Deletion
- Candidate videos are automatically deleted 30 days after creation
- Backup deletion may take additional time
Upon termination:
- Data will be deleted or made inaccessible, except where required by law
11. Customer Responsibilities
The Customer must:
- Ensure lawful collection of personal information
- Obtain required consents from candidates
- Comply with the Privacy Act 1988 (Cth) and applicable laws
12. Audits
Marketiga will provide reasonable information to demonstrate compliance on request, subject to confidentiality and security restrictions.
13. Liability
This DPA is subject to the limitation of liability provisions in the Terms of Service.
14. Governing Law
This DPA is governed by the laws of Queensland, Australia.
15. Changes
We may update this DPA from time to time by publishing an updated version.