This Data Processing Addendum ("DPA") forms part of the main agreement ("Agreement") between Dub Technologies, Inc. ("Dub", "we", "us", or "our") and the customer ("Customer") for the provision of services by Dub (the "Services") as defined in the Agreement.
- Personal Data refers to any information relating to an identified or identifiable natural person, as defined by applicable data protection laws.
- Processing means any operation or set of operations performed on Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, alteration, retrieval, use, disclosure, and erasure.
- Sub-processor means any third party engaged by Dub that processes Personal Data on behalf of the Customer.
This DPA applies when Dub processes Personal Data on behalf of the Customer in connection with the provision of the Services. This DPA is subject to the terms of the Agreement and reflects the parties' agreement with regard to the processing of Personal Data.
The Customer is responsible for ensuring that the processing of Personal Data complies with all applicable data protection laws and regulations.
The Customer must provide clear instructions to Dub for the processing of Personal Data as required by applicable law.
Dub will only process Personal Data on behalf of the Customer in accordance with the Customer's documented instructions, including those set forth in the Agreement and this DPA.
Dub will ensure that all personnel authorized to process Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
Dub will implement and maintain appropriate technical and organizational measures to protect Personal Data from unauthorized access, loss, alteration, or disclosure.
Dub may engage Sub-processors to process Personal Data on behalf of the Customer. Dub will ensure that Sub-processors are subject to data protection obligations consistent with those set forth in this DPA.
Dub will remain liable for the actions and omissions of its Sub-processors.
Dub will assist the Customer in responding to requests from data subjects exercising their rights under applicable data protection laws (e.g., rights to access, rectification, erasure, and data portability).
In the event of a Personal Data breach, Dub will notify the Customer without undue delay after becoming aware of the breach. Dub will provide sufficient information to assist the Customer in meeting any obligations to report or inform data subjects of the breach.
Dub will ensure that Personal Data is not transferred outside the European Economic Area (EEA) or other jurisdictions with similar restrictions unless adequate protections are in place, such as standard contractual clauses or an approved certification mechanism.
The Customer has the right to audit Dub's compliance with the terms of this DPA, including inspecting facilities, systems, and records used to process Personal Data.
Upon termination of the Agreement, Dub will, at the Customer's choice, return or delete all Personal Data processed on behalf of the Customer, unless required by applicable law to retain the data.
This DPA shall be governed by and construed in accordance with the laws governing the Agreement.
For any questions regarding this DPA or Dub's data processing activities, please contact us at support@dub.co