Last updated: May 15, 2026
JEDWare — Incorporated into Terms of Service
Version 2.0 | Effective date: May 15, 2026 | jed-ware.com/dpa
This Data Processing Agreement (“DPA”) forms part of the Terms of Service (“ToS”) between JEDWare ApS (“JEDWare”, “Processor”) and the customer entity that has accepted the ToS (“Customer”, “Controller”). By accepting the ToS, installing, activating, accessing, or using the Services, the Customer also accepts this DPA in full, without requiring a separate signature. Acceptance may occur electronically and shall constitute a legally binding agreement between the parties.
This DPA reflects the requirements of Regulation (EU) 2016/679 (“GDPR”) Article 28, and any other applicable data protection legislation. In the event of a conflict between this DPA and the ToS, this DPA shall prevail with respect to the processing of personal data.
For the purposes of this DPA:
JEDWare provides reporting, wallboard, and analytics functionality that integrates with the Customer’s 3CX telephone system. To deliver these services, JEDWare processes certain data from the Customer’s 3CX environment as described in Section 3.4.
Processing shall commence upon the Customer’s acceptance of the ToS and shall continue for the duration of the active JEDWare subscription. Upon termination, JEDWare will delete the Customer’s extension name records and associated agent status data within 90 days unless the Customer requests earlier deletion and unless longer retention is required by applicable law.
The data subjects whose personal data may be processed under this DPA are:
The following table sets out the categories of data processed, the purpose of processing, and whether the data is stored in JEDWare’s cloud infrastructure:
Data Category | Purpose | Cloud Stored | Retention / Notes |
Extension Names | Generate reports, wallboards, and user rights | Yes | Retained to avoid repeated API calls |
Extension Groups | Generate reports | Yes | Retained to avoid repeated API calls |
Queue Ext. Numbers & Names | Reports, wallboards, and user rights | Yes | Retained to avoid repeated API calls |
IVR Ext. Numbers & Names | Reports, wallboards, and user rights | Yes | Retained to avoid repeated API calls |
Ring Group Ext. Numbers & Names | Reports, wallboards, and user rights | Yes | Retained to avoid repeated API calls |
Agent Status Changes | Show agent status and queue login/logout history in reports | Yes* | *Requires explicit opt-in. Not stored in 3CX DB — captured by JEDWare only |
Prompt Locations & Names | Display prompts in 3CX interface | Yes | Retained to show current prompts |
3CX License Key | Match JEDWare license to 3CX license | Yes | Retained for license verification |
3CX FQDN & HTTPS Port | Connect to and pull data from the 3CX server | Yes | Required for integration service |
Call Data (Reports & Wallboards) | Generate reports; real-time wallboard display | No | Requested at generation; never saved. Sent directly between browser and local integration. |
Extension Email, Mobile, Caller ID, Password, PIN, Recordings | Not used by JEDWare | No | Not stored or pulled |
Data not listed in the “Cloud Stored: Yes” column is neither stored nor retained by JEDWare. Call audio files (recordings) are never accessed, stored, or transferred by JEDWare under any circumstances.
Agent Status Changes (login/logout events and status transitions) constitute personal data as they are attributable to individual employees. This data is NOT stored by 3CX and is captured exclusively by JEDWare. Because this category of data requires a lawful basis under GDPR Article 6, the Customer must explicitly enable this feature during JEDWare onboarding or via the account settings panel. The Customer is solely responsible for ensuring an appropriate lawful basis for such processing.
Until the Customer grants explicit opt-in consent for Agent Status Data collection, JEDWare will not collect or store this data category.
JEDWare shall:
The Customer shall:
The Customer hereby grants JEDWare general written authorisation to engage sub-processors to perform specific processing activities. JEDWare’s current sub-processors are listed at jed-ware.com/sub-processors.
JEDWare shall impose data protection obligations equivalent to those in this DPA on any sub-processor by contract. JEDWare shall notify the Customer of any intended changes to sub-processors by updating the sub-processor list and providing at least 14 days’ prior notice via in-app notification. If the Customer objects to a new sub-processor on reasonable data protection grounds, the Customer may terminate the relevant service by providing written notice within 14 days of receiving such notification.
Where personal data is transferred outside the European Economic Area (EEA), JEDWare shall ensure an adequate level of protection for such transfers by relying on one of the following mechanisms:
Details of transfer mechanisms in use are available at https://jed-ware.com/transfers/
JEDWare implements and maintains the following technical and organisational measures:
JEDWare shall notify the Controller without undue delay, and in any event within 72 hours, after becoming aware of a personal data breach affecting personal data processed under this DPA. The notification shall include, to the extent available:
JEDWare shall promptly notify the Controller upon receiving a request from a data subject exercising their rights under GDPR (Articles 15-22). JEDWare shall not respond to such requests directly, unless specifically instructed to do so by the Controller or required by applicable law. JEDWare shall provide reasonable assistance to the Controller in fulfilling such requests within the statutory timeframes.
The Controller may, upon reasonable prior written notice of at least 90 days and no more than once per calendar year (unless there are grounds to suspect non-compliance), request an audit of JEDWare’s data processing activities covered by this DPA. JEDWare may satisfy audit requirements primarily through the provision of relevant certifications, third-party audit reports, security documentation, and other compliance materials. Any on-site inspection shall only occur where reasonably necessary, be limited in scope, subject to appropriate confidentiality obligations, conducted during normal business hours, and at the Customer’s expense.
Upon termination or expiry of the ToS, JEDWare shall, at the Controller’s election:
JEDWare shall complete the above within 90 days of termination and provide written confirmation to the Controller upon completion, unless applicable EU or Member State law requires retention of the personal data.
Each party’s liability under this DPA shall be subject to the limitations set out in the ToS, to the extent permitted by applicable law. This DPA does not limit either party’s liability to data subjects or to supervisory authorities under the GDPR.
This DPA shall be governed by and construed in accordance with the laws of Denmark. Any disputes arising from or in connection with this DPA shall be subject to the exclusive jurisdiction of the Danish courts, without prejudice to the right of either party to seek urgent interim relief in any competent jurisdiction.
JEDWare may amend this DPA from time to time to reflect changes in applicable law or its processing activities. Material amendments will be communicated to the Customer at least 14 days in advance via in-app notification. Continued use of the JEDWare service after the effective date of an amendment constitutes acceptance of the amended DPA. If the Customer objects to a material amendment on reasonable data protection grounds, the Customer may terminate the affected Services before the amendment takes effect.
For any questions, data subject requests, or security notifications relating to this DPA, please contact:
Entity | JEDWare ApS |
Address | Bogensevej 90, DK-5270 Odense N, Denmark |
VAT Number | DK-35653821 |
DPA URL | jed-ware.com/dpa |
Sub-processors | jed-ware.com/sub-processors |
This DPA is incorporated by reference into the JEDWare Terms of Service. Acceptance of the Terms of Service constitutes acceptance of this DPA.