What is Agentic AI and how can it help my business?

Agentic AI enables autonomous software agents that can reason, act, and collaborate to automate workflows. CloudOnHire designs Agentic AI systems that help businesses streamline CRM operations, boost productivity, and reduce manual effort.

What is Microsoft Dynamics 365 and how does CloudOnHire support it?

Microsoft Dynamics 365 (D365) is a powerful CRM and ERP platform. CloudOnHire offers consulting, setup, customization, and integration of Dynamics 365 to optimize your business processes and data-driven decision-making.

Does CloudOnHire offer custom software development?

Yes, CloudOnHire specializes in developing custom software solutions — from web applications to enterprise tools — tailored to specific business needs across industries including finance, retail, and manufacturing.

Which industries does CloudOnHire serve?

CloudOnHire works with clients across diverse industries such as finance, healthcare, education, manufacturing, and retail, delivering scalable CRM and AI-powered digital transformation solutions.

Where does CloudOnHire operate?

Headquartered in Bengaluru, India, CloudOnHire serves clients globally, including in major Indian metros like Mumbai, Delhi, and Chennai, as well as international markets such as the USA and UK.

Data Protection Addendum

This Data Protection Addendum ("Addendum") between CloudOnHire ("CloudOnHire") and the Customer (as defined in the Agreement) forms part of the CloudOnHire Terms of Service set forth at https://cloudonhire.com/terms-of-service or such other written or electronic agreement incorporating this Addendum, in each case governing Customer's access to and use of the Services (the "Agreement"). This addendum was last updated in April, 2026.

Customer enters into this Addendum on behalf of itself and any Affiliates authorized to use the Services under the Agreement and who have not entered into a separate contractual arrangement with CloudOnHire. For the purposes of this Addendum only, and except where otherwise indicated, references to "Customer" shall include Customer and such Affiliates.

The Parties hereby agree that the terms and conditions set out below shall be added as an Addendum to the Agreement.

1. Definitions

In this Addendum, the following terms shall have the meanings set out below and cognate terms shall be construed accordingly:

"Affiliate" means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with either Customer or CloudOnHire (as the context allows), where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise;
"Customer Personal Data" means any Personal Data provided by or made available by Customer to CloudOnHire or collected by CloudOnHire on behalf of Customer which is Processed by CloudOnHire to perform the Services;
"Controller to Processor SCCs" means the standard contractual clauses for cross-border transfers published by the European Commission on June 4, 2021 governing the transfer of European Area Personal Data to Third Countries as adopted by the European Commission, the Swiss Federal Data Protection and Information Commissioner ("Swiss FDPIC") relating to data transfers to Third Countries (collectively "EU SCCs");
"Data Protection Laws" means any local, state, or national law regarding the processing of Personal Data applicable to CloudOnHire in the jurisdictions in which the Services are provided to Customer, including, without limitation, privacy, security, and data protection law;
"EU Area" means the European Union, European Economic Area, United Kingdom, and Switzerland;
"EU Area Law" means (i) Directive 95/46/EC and, from May 25, 2018, Regulation (EU) 2016/679 ("EU GDPR") together with applicable legislation implementing or supplementing the same or otherwise relating to the processing of Personal Data of natural persons; (ii) the Data Protection Act 1998 of the United Kingdom and the EU GDPR as saved into United Kingdom Law by virtue of section 3 of the United Kingdom's European Union (Withdrawal) Act 2018 (the "UK GDPR"); (iii) the Swiss Federal Data Protection Act of 19 June 1992 and its Ordinance ("Swiss DPA");
"Security Incident" means any breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Customer Personal Data being Processed by CloudOnHire;
"Services" means the services to be supplied by CloudOnHire to Customer or Customer's Affiliates pursuant to the Agreement;
"Third Country" means countries that, where required by applicable Data Protection Laws, have not received an adequacy decision from an applicable authority relating to cross-border data transfers of Personal Data.

2. Scope of Addendum

This Addendum applies to CloudOnHire's Processing of Customer Personal Data under the Agreement to the extent such Processing is subject to Data Protection Laws. This Addendum is governed by the governing law of the Agreement unless otherwise required by Data Protection Laws.

3. Roles of the Parties

The Parties acknowledge and agree that with regard to the Processing of Customer Personal Data, Customer acts as a Business or Controller, and CloudOnHire acts as a Service Provider or Processor. This Addendum shall apply solely to the Processing of Customer Personal Data by CloudOnHire acting as a Processor, Subprocessor, or Third Party (as specified in Annex 1).

The Parties expressly agree that Customer shall be solely responsible for ensuring timely communications to Customer's Affiliates or the relevant Controller(s) who receive the Services.

Customer is solely responsible for complying with Security Incident notification laws applicable to Customer and fulfilling any obligations to give notices to government authorities, affected individuals or others relating to any Security Incidents.

4. Description and Purpose of Personal Data Processing

In Annex 1 to this Addendum, the Parties have mutually set out their understanding of the subject matter and details of the Processing of the Customer Personal Data to be Processed by CloudOnHire pursuant to this Addendum. The Parties may make reasonable amendments to Annex 1 on mutual written agreement and as reasonably necessary to meet those requirements or to address the requirements of Data Protection Laws from time to time. Annex 1 does not create any obligation or rights for any Party.

The purpose of Processing under this Addendum is the provision of the Services pursuant to the Agreement and any Order Form(s).

5. Data Processing Terms

Customer shall comply with all applicable Data Protection Laws in connection with the performance of this Addendum and the Processing of Customer Personal Data. CloudOnHire shall comply with all applicable Data Protection Laws in the Processing of Customer Personal Data.

CloudOnHire shall:

Process the Customer Personal Data for the purposes of the Agreement and solely on the documented instructions of Customer;
Implement and maintain measures designed to ensure that CloudOnHire personnel authorized to process the Customer Personal Data have committed themselves to confidentiality;
Implement and maintain technical and organizational measures to ensure a level of security appropriate to the risk of the Processing of Customer Personal Data in accordance with Article 32 of the GDPR;
Customer hereby agrees that CloudOnHire is generally authorized to engage and appoint Sub-processors, and specifically the Sub-processors listed in Annex 2 hereto;
Promptly notify Customer in case of any legally binding requests for disclosure of Customer Personal Data;
Promptly notify Customer of any communication from a Data Subject regarding the Processing of Customer Personal Data;
Notify Customer without undue delay of any Personal Data Breach involving Customer Personal Data;
Provide reasonable assistance to Customer with its obligations pursuant to Articles 32 to 36 of the GDPR;
Cease Processing the Customer Personal Data upon the termination or expiry of the Agreement, and either return or delete all copies of the Customer Personal Data;
Maintain the necessary records in support of demonstrating compliance with its obligations;
Make available to Customer all information reasonably necessary to demonstrate compliance with this Addendum and allow for audits by Customer or an independent third party auditor.

6. Warranties

The Parties warrant that they and any staff and/or subcontractors will comply with their respective obligations under Data Protection Laws for the term.

7. Restricted Transfers

The parties agree that when the transfer of Customer Personal Data from Customer and/or any of its Affiliates (as exporter) to CloudOnHire (as importer) is a Restricted Transfer and EU Area Law applies, the transfer shall be subject to the appropriate Controller to Processor SCCs.

In relation to Customer Personal Data that is protected by the EU GDPR and processed by CloudOnHire on behalf of and under the instruction of Customer, the EU SCCs will apply. Module Two will apply (controller to processor transfers).

CloudOnHire shall process Personal Data using AI and machine learning technologies within the Frankfurt Region, Germany, in accordance with the terms of this Addendum and applicable Data Protection Laws, including the General Data Protection Regulation (GDPR).

8. Precedence

The provisions of this Addendum are supplemental to the provisions of the Agreement. In the event of any inconsistency between the provisions of this Addendum and the provisions of the Agreement, they will take priority in this order: (a) any Standard Contractual Clauses or other measures to which the parties have agreed to (Cross-Border Transfer Mechanisms), (b) this Addendum, (c) the Agreement.

9. Indemnity

To the extent permissible by law, Customer shall defend CloudOnHire and its Affiliates (collectively, "Indemnified Parties") from and against any and all claims arising from any breach by Customer of this Addendum or of its obligations under applicable Data Protection Laws.

10. Severability

The Parties agree that, if any section or sub-section of this Addendum is held by any court or competent authority to be unlawful or unenforceable, it shall not invalidate or render unenforceable any other section of this Addendum.

11. Miscellaneous

The Addendum considers Privacy by Design and default, achieving security of Processing, notification of breaches involving Customer Personal Data to the relevant Supervisory Authority and Customer, and conducting Privacy Impact Assessment where appropriate and required by applicable Data Protection Law.

CloudOnHire shall comply with all statutory and regulatory requirements, ISO 27001:2022, ISO 27701:2019 and EU GDPR.

In the event a Data Subject wishes to exercise its data subject rights under applicable Data Protection Law, the Data Subjects can submit such request by contacting CloudOnHire's Data Protection Officer (DPO):

Name:

Ravi Bramhapuram

Email:

Ravi.Bramhapuram@cloudonhire.com

Annex 1: Description of Processing Activities for Customer Personal Data

This Annex includes certain details of the Processing of Customer Personal Data by CloudOnHire in connection with the Services.

1. List of Parties

Category	Details
Data Exporter
Name	Customer (as defined in the Agreement)
Address	As set forth in the relevant Order Form
Contact Person	As set forth in the relevant Order Form
Activities	Recipient of the Services provided by CloudOnHire in accordance with the Agreement
Role	Controller

Data Importer
Name	CloudOnHire
Address	Head Office: CA-Site No. 1, Leela Palace Road, HAL 2nd Stage, Kodihalli, Bengaluru, Karnataka 560008
Contact Person	Ravi Bramhapuram, Ravi.Bramhapuram@cloudonhire.com
Activities	Provision of the Services to the Customer in accordance with the Agreement
Role	Processor

2. Competent Supervisory Authority

As determined by application of Clause 13 of the EU SCCs.

3. Processing Information

Categories of Data Subjects	Customer's authorized users of the Services
Categories of Personal Data Transferred	Processed automatically: Names, Email IDs Processed as provided by Customer: Address, Date of birth, Past employment details
Sensitive Personal Data	None
Frequency of Transfer	Continuous
Purpose of Processing	The provision of Services to Customer. CloudOnHire receives identifying Customer Personal Data to permit CloudOnHire to query, cleanse, standardize, enrich, and store the query information.

4. Technical and Organizational Security Measures

Security Management System

CloudOnHire designates qualified security personnel responsible for development, implementation, and ongoing maintenance of the Information Security Program
Management reviews and supports all security-related policies at least once annually
CloudOnHire engages reputable independent third-parties to perform risk assessments at least once annually
Formal and effective risk treatment program including penetration testing, vulnerability management, and patch management
Effective vendor management program
Regular reviews of security incidents with determination of root cause and corrective action
Complies with ISO/IEC 27001:2022 standard

Personnel Security

Personnel required to conduct themselves consistent with confidentiality, business ethics, and professional standards guidelines
Reasonably appropriate background checks on employees with access to client data
Confidentiality agreements required at time of hire
Privacy and security training on implementation and compliance with the Information Security Program
Additional requirements for personnel handling Customer Personal Data

Access Controls

Formal access management process for request, review, approval, and provisioning
Periodic access reviews to ensure only required personnel have access
Multi-Factor authentication system or single sign-on required for all administrators and end users
Unique user IDs, strong passwords, two-factor authentication, and carefully monitored access lists
Password policies follow industry standard practices with complexity, expiry, lockout, and restrictions on reuse

Data Center and Network Security

AWS as data center with Multi-Availability Zones enabled
Regular Backup Restoration Testing to ensure resiliency
Hardened servers customized for the application environment
Code review process to increase security of code used to provide Services
Data replication over multiple systems for protection against destruction or loss
Disaster recovery programs regularly planned and tested
Logging enabled to support security audits and detect attacks and intrusions
Regular vulnerability scans with Critical, High, and Medium security patches installed as soon as commercially possible
HTTPS encryption (SSL/TLS) for data in transit and encryption technologies for data at rest
AWS Security Group (virtual firewall) in place for Production environment
Data stored in multi-tenant environment with logical isolation between customers
Central authentication system across all Services for uniform security
Secure disposal of data through series of data destruction processes