Effective from: 25 January 2026
Applies to: All customers on the LiveWall Professional and Enterprise plans
Does NOT apply to: Customers on LiveWall's Plus, Premium, and Signature Plans (where Perceptron AS is the Data Controller under the GDPR)
DATA PROCESSING AGREEMENT (DPA)
This Data Processing Agreement ("DPA") builds on and supersedes LiveWall’s Terms of Service, Privacy Policy, Service Level Agreement for Customers on LiveWall's Professional- and Enterprise-plans, hereafter collectively referred to as "Product Terms".
This Data Processing Agreement ("DPA") forms part of the agreement between:
Controller: The enterprise customer ("Customer") purchasing or using LiveWall Professional or Enterprise plans ("Services")
and
Processor: Perceptron AS, with registered address in Oslo, Norway, operating the LiveWall service ("LiveWall" or "Processor").
This DPA applies where LiveWall processes Personal Data on behalf of the Customer in connection with the Services.
Definitions
"Personal Data", "Processing", "Controller", "Processor", "Data Subject", "Supervisory Authority" shall have the meanings given in Regulation (EU) 2016/679 (GDPR).
"Services" means LiveWall’s Professional and Enterprise plans, including image and video upload, storage, sharing, moderation, and administration features.
"Sub-processor" means any third party engaged by LiveWall to process Personal Data on behalf of the Customer.
Roles and Scope
The Customer is the Controller of Personal Data processed under this DPA.
LiveWall acts as a Processor, processing Personal Data solely on documented instructions from the Customer, including as set out in this DPA and the Product Terms.
LiveWall shall not process Personal Data for its own purposes except where required by applicable law.
Subject Matter and Duration
Subject matter: Storage, hosting, transmission, and optional moderation of photos, videos, and related metadata uploaded by or on behalf of the Customer.
Duration: Processing continues for the duration of the Customer’s Enterprise Services subscription. LiveWall will terminate services and delete all data at the end of the subscription term. The Customer may delete any content from the Service at any time to stop processing of such items. The Customer can and should initiate an export of all data before the term ends. Log data may be kept for up to 30 days after the last use of the Service.
Nature and Purpose of Processing
Processing activities include:
- Uploading, storing, displaying, and delivering images and videos
- Managing access via links, QR codes, or accounts
- Administrative and security operations
- Customer-initiated deletion or export of data
Processing is performed solely to provide the Enterprise Services.
Categories of Data and Data Subjects
Data Subjects may include:
- Customer employees
- Event participants or guests
- Administrators and account users
Categories of Personal Data may include:
- Identifiers (name, email address)
- Image and video content containing identifiable persons
- Metadata (timestamps, location data, device information, upload logs)
- Account and access information
LiveWall does not intentionally process special categories of data under Article 9 GDPR.
Controller Obligations
The Customer warrants that:
- It has a valid legal basis for processing Personal Data
- It has provided required notices to Data Subjects
- Its instructions comply with GDPR and other applicable laws
- It configures the security controls of the Services appropriately for the intended use
- It maintains necessary security precautions for shared links and/or leverage password and encryption features when required
Processor Obligations
LiveWall shall:
- Process Personal Data only on documented instructions from the Customer.
- Ensure that no LiveWall personnel has access to Customer Data unless explicitly authorized by the Customer, and only for the purpose of resolving an open support case.
- Implement appropriate technical and organizational measures in accordance with Article 32 GDPR, including measures relating to access control, encryption in transit and at rest, logical isolation betwen customers, and backup and availability controls.
- Notify the Customer without undue delay after becoming aware of a Personal Data Breach.
Sub-processing
The Customer grants LiveWall general authorization to engage Sub-processors. LiveWall shall:
- Maintain a list of Sub-processors as an annex to this DPA
- Impose data protection obligations equivalent to this DPA on all Sub-processors
- LiveWall remains fully liable for the performance of its Sub-processors
International Transfers
For Customers in the EU, all data is processed and stored within the EU. For Customers in Norway or Switzerland, data is processed and stored in the respective countries. For customers in the US, data is processed and stored within the US. For customers outside these areas, data is stored in the datacenter closest to the Customers location when creating a wall. See The LiveWall Storage System for detailed information about server locations. International Customers that require data processing and storage within the EU can use a VPN to create a wall or contact LiveWall for assistance.
Security Measures
LiveWall implements security measures appropriate to the risk, including but not limited to:
- Encrypted transport (TLS)
- Role-based access controls
- Logging and monitoring
- Regular security updates
Audits and Compliance
LiveWall shall make available information reasonably necessary to demonstrate compliance with this DPA.
Customers may request and perform audits through a recognized third-party auditor, subject to reasonable notice and confidentiality obligations, and bearing full cost of the audit for Auditor and Processor. Audits must take place at the registered address of the Processor.
Liability
Each party shall be liable for damages in accordance with the liability provisions of the Product Terms and applicable GDPR provisions. Nothing in this DPA limits liability where such limitation is prohibited by law.
Governing Law and Jurisdiction
This DPA is governed by Norwegian law. Any disputes shall be subject to the exclusive jurisdiction of the courts of Norway, unless otherwise required by GDPR.
In the event of conflict, this DPA shall prevail over the Product Terms with respect to data protection matters.
Changes to these terms
The Processor may update these terms with 30-day notification to customers. Such notifications will be sent via email to the account holder of the Customer. The current version of these terms are available on the Processors website. The Customer may object to the terms within the notice period, in which case the parties shall cooperate in good faith to resolve the issue. If the Customer chooses to terminate the use of the Service as a result of the changed terms, LiveWall will yield any future payments in the contract period, but not refund any prior payments.
Contact Information
For any inquiry or questions about these Terms, please contact us at:
Perceptron AS
hello@perceptron.no
Munkerudveien 28 G
1163 Oslo, Norway
Annex A: Approved Sub-processors
This Annex forms part of the DPA and lists the Sub-processors authorised to process Personal Data on behalf of the Customer in connection with the Services.
General
LiveWall engages Sub-processors only where necessary to provide specific functionality within the Enterprise Services.
Each Sub-processor is subject to contractual obligations that provide a level of data protection at least equivalent to that required under this DPA and Article 28 GDPR.
All Sub-processors listed in this Annex provide optional functionality that can be disabled by the Customer via configuration or by request.
Approved Sub-processors
| Sub-processor | Purpose | Location |
|---|---|---|
| Microsoft Corporation and/or its applicable affiliates | Detection and filtering of potentially unsafe or prohibited image or video content uploaded to the LiveWall platform. LiveWall sends low-resolution images to the Azure Content Safety service via encrypted transport. This feature is optional and can be fully disabled by the Customer. When disabled, no content is processed by Microsoft for this purpose. |
European Union |
| Google LLC and/or its applicable affiliates | Display of map views and approximate location context associated with uploaded content and provide address lookup functionality. LiveWall sends geo-coordinates from content when the Map features are used. LiveWall sends any user input in address lookup fields to Google when interactively tagging content with location. This feature is optional to use and can be fully disabled by request. When disabled, no Personal Data is transmitted to Google. |
European Union |
Changes to Sub-processors
LiveWall may update this list from time to time by adding or replacing Sub-processors. LiveWall shall provide reasonable prior notice of any intended changes that materially affect processing via email to the Customer's account holder. The Customer may object to a new Sub-processor on reasonable data protection grounds. In such case, the parties shall cooperate in good faith to resolve the issue, including by disabling the relevant feature where feasible.