Last updated: July 2026
Data Processing Agreement
This Data Processing Agreement (“DPA”) describes how Cue Technologies processes personal data on behalf of partner venues (“Controllers”) in connection with the Cue platform. It supplements the Restaurant Partnership Agreement and reflects the requirements of the Jordan Personal Data Protection Law (PDPL).
1. Roles
- The partner venue acts as the Controller for guest data it receives to fulfill reservations.
- Cue acts as a Processor for such data and as a Controller for its own platform data.
2. Scope & Purpose
Cue processes personal data only to provide the booking and coordination services described in the Partnership Agreement, and in accordance with the Controller's documented instructions.
3. Processor Obligations
- Process personal data only for the agreed purposes.
- Ensure persons authorized to process data are bound by confidentiality.
- Apply appropriate technical and organizational security measures.
- Assist the Controller in responding to data-subject requests where reasonably possible.
- Not use guest data to sell, disclose, or distribute for unrelated purposes.
4. Sub-Processors
Cue may engage trusted sub-processors (such as hosting and communications providers) under written obligations no less protective than this DPA.
5. Data Subject Rights
Cue will provide reasonable assistance to enable Controllers to respond to requests to access, correct, or delete personal data.
6. Breach Notification
Cue will notify the Controller without undue delay after becoming aware of a personal data breach affecting the Controller's data.
7. Return & Deletion
On termination, Cue will delete or return personal data processed on behalf of the Controller, except where retention is required by law.