Date of Last Revision: November 14, 2022
This Data Processing Addendum (“DPA”) forms part of the Agreement between the party identified in the Agreement (“Customer”) and Dataclay, LLC (“Dataclay”) and applies to the extent that (i) Dataclay processes Personal Data on behalf of Customer in the course of providing Services and (ii) the Agreement expressly incorporates this DPA by reference. All capitalized terms not defined in this DPA will have the meanings set forth in the Agreement.
Upon becoming aware of a Personal Data Breach, Dataclay will notify Customer without undue delay and will provide information relating to the Personal Data Breach as reasonably requested by Customer. Dataclay will use reasonable endeavors to assist Customer in mitigating, where possible, the adverse effects of any Personal Data Breach.
Following expiration or termination of the Agreement, Dataclay will delete or return to Customer all Personal Data in Dataclay’s possession as set forth in the Agreement except to the extent Dataclay is required by applicable law to retain some or all of the Personal Data (in which case Dataclay will archive the data and implement reasonable measures to prevent the Personal Data from any further processing). The terms of this DPA will continue to apply to that retained Personal Data.
Data exporter may submit Personal Data to the Services, the extent of which is determined and controlled by the data exporter in its sole discretion, and which may include, but is not limited to Personal Data relating to the following categories of data subjects:
Data exporter may submit Personal Data to the Services, the extent of which is determined and controlled by the data exporter in its sole discretion, and which may include, but is not limited to the following categories of Personal Data:
Data exporter may submit sensitive categories of personal data to the Services, the extent of which is determined and controlled by the data exporter in its sole discretion, and which is for the sake of clarity Personal Data with information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade-union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.