Revamp Data Processing Agreement
This Data Processing Agreement ("DPA") is entered into by and between Revamp AI, Inc. ("Revamp" "we," or "our") and Customer.
This DPA is supplemental to the Master Services Agreement ("Agreement") and sets out the terms that apply when Personal Data (defined below) is processed by Revamp under this Agreement. The purpose of the DPA is to ensure such processing is conducted in accordance with applicable Data Protection Laws (defined below) and with due respect for the rights and freedoms of individuals whose Personal Data is processed.
All capitalized terms not defined in this DPA shall have the meanings set forth in the Agreement.
Definitions
"Authorized Sub-Processor" means a third-party who has a need to know or otherwise access Customer's Personal Data to enable Revamp to perform its obligations under this DPA or the Agreement, and who is authorized under Section 4.2 of this DPA.
"Customer" means a user of the Services.
"Data Exporter" means Customer.
"Data Importer" means Revamp.
"Data Protection Laws" means any applicable laws and regulations in any relevant jurisdiction relating to the use or processing of Personal Data including: (i) US state privacy laws, including, but not limited to, the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA"); (ii) the General Data Protection Regulation (Regulation (EU) 2016/679) ("EU GDPR" or "GDPR"), (iii) the Swiss Federal Act on Data Protection, (iv) the EU GDPR as it forms part of the law of England and Wales by virtue of section 3 of the European Union (Withdrawal) Act 2018 (the "UK GDPR"); (v) the UK Data Protection Act 2018; (vi) the Privacy and Electronic Communications (EC Directive) Regulations 2003; and (xii) other privacy laws governing the processing of Personal Data or Personal Information; in each case, as updated, amended or replaced from time to time. The terms "processing", "processor," "controller," and "supervisory authority" shall have the meanings set forth under applicable Data Protection Laws.
"Data Subject" means an individual that is protected under any applicable Data Protection Law.
"EU SCCs" means the standard contractual clauses approved by the European Commission in Commission Decision 2021/914 dated 4 June 2021, for transfers of personal data to countries not otherwise recognized as offering an adequate level of protection for personal data by the European Commission (as amended and updated from time to time), the current version of which is available at: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj.
"ex-EEA Transfer" means the transfer of Personal Data, which is processed in accordance with the GDPR, from the Data Exporter to the Data Importer (or its premises) outside the European Economic Area (the "EEA"), and such transfer is not governed by an adequacy decision made by the European Commission in accordance with the relevant provisions of the GDPR.
"ex-UK Transfer" means the transfer of Personal Data, which is processed in accordance with the UK GDPR and the Data Protection Act 2018, from the Data Exporter to the Data Importer (or its premises) outside the United Kingdom (the "UK"), and such transfer is not governed by an adequacy decision made by the Secretary of State in accordance with the relevant provisions of the UK GDPR and the Data Protection Act 2018.
"Personal Data" or any such variation of the term (such as "Personal Information" or "Personally Identifiable Information") shall have the meaning set forth under applicable Data Protection Laws.
"Security Incident" means any unauthorized action by a known or unknown person which should reasonably be considered one of the following: an attack, penetration, disclosure of confidential customer or other sensitive information, misuse of system access, unauthorized access or intrusion (hacking), virus intrusion, or scan of Revamp's systems or networks, all to the extent they affect the security, confidentiality, or integrity of Customer Personal Data or Customer Confidential Information (as defined in the Agreement) received, stored, processed, or maintained by Revamp.
"Services" shall have the meaning set forth in the Agreement.
"Standard Contractual Clauses" means the EU SCCs.
"UK Addendum" means the international data transfer addendum to the EU SCCs issued by the UK Information Commissioner for parties making restricted transfers under the UK GDPR, the current version of which is available at: ICO International Data Transfer Addendum.
"UK IDTA" means the international data transfer agreement adopted by the United Kingdom and adopted by the UK Information Commissioner for parties making restricted transfers under the UK GDPR, the current version of which is available at: ICO International Data Transfer Agreement.
2. Relationship of the Parties; Processing of Data
The parties acknowledge and agree that with regard to the processing of Personal Data, Customer is a "controller" and Revamp is a "processor" (as those terms are defined under applicable Data Protection Laws).
Revamp shall not process Personal Data (i) for purposes other than those set forth in the Agreement and (ii) in a manner inconsistent with the terms and conditions set forth in this DPA or any other documented instructions provided by Customer.
The parties agree that the details of the data processing subject to this DPA are outlined in Exhibit A.
Following completion of the Services, at Customer's choice, Revamp shall return or delete Customer's Personal Data, unless further storage of such Personal Data is required or authorized by applicable Data Protection Laws. If return or destruction is impracticable or prohibited by law, rule, or regulation, Revamp shall take measures to block such Personal Data from any further processing (except to the extent necessary for its continued hosting or processing required by law, rule, or regulation) and shall continue to appropriately protect the Personal Data remaining in its possession, custody, or control.
CCPA. The parties acknowledge that their relationship under the CCPA is governed by the CCPA Addendum to this DPA, listed in Exhibit E.
3. Confidentiality
Revamp shall ensure that any person it authorizes to process Personal Data is subject to a duty of confidentiality. Revamp shall ensure that such persons are prohibited from further disclosing Personal Data they receive pursuant to this Agreement except for the purpose of performing obligations under the Agreement or exercising any rights granted in the Agreement.
4. Authorized Sub-Processors
Customer acknowledges and agrees that Revamp may engage its sub-processors to access and process Customer Personal Data in connection with the Services.
Customer agrees that Revamp may use any Authorized Sub-Processors to process Customer Personal Data pursuant to the Agreement that are listed in Exhibit D. Revamp will provide Customer with notice of any new sub-processors it uses in relation to the processing of Customer Personal Data by updating the List. Customer may have the right to object to the use of such additional sub-processors under applicable Data Protection Laws.
Revamp will enter into an agreement with its Authorized Sub-processors imposing on the Authorized Sub-processors data protection obligations comparable to those imposed on Revamp under this DPA and consistent with applicable Data Protection Laws with respect to the protection of Customer Personal Data.
If Customer and Revamp have entered into Standard Contractual Clauses as described in Section 6 (Transfers of Personal Data), (i) the above authorizations will constitute Customer's prior written consent to the subcontracting by Revamp of the processing of Personal Data if such consent is required under the Standard Contractual Clauses, and (ii) the parties agree that the copies of the agreements with Authorized Sub-Processors that must be provided by Revamp to Customer pursuant to Clause 9(c) of the EU SCCs or the UK IDTA or UK Addendum (as applicable) may have commercial information, or information unrelated to the Standard Contractual Clauses or their equivalent, removed by the Revamp beforehand, and that we will provide such copies only upon request by Customer.
5. Security of Personal Data; Security Incidents
Taking into account the context of the processing, Revamp shall maintain appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing Customer Personal Data. Such security measures shall be consistent with our security obligations in the Agreement. Exhibit C sets forth additional information about our technical and organizational security measures.
Revamp shall notify Customer of all known Security Incidents within the time periods required under applicable Data Protection Laws. Revamp's notice to Customer regarding such Security Incidents shall include all of the information required under applicable Data Protection Laws.
6. Transfers of Personal Data
The parties agree that Revamp may transfer Personal Data processed under this DPA outside the EEA, the UK, or Switzerland as necessary to provide the Services. If we transfer Personal Data protected under this DPA to a jurisdiction for which the European Commission has not issued an adequacy decision, we will ensure that appropriate safeguards have been implemented for the transfer of Personal Data in accordance with Data Protection Laws.
Ex-EEA Transfers
The parties agree that ex-EEA Transfers are made pursuant to the EU SCCs, which are deemed entered into (and incorporated into this DPA by this reference) and completed as follows:
- Module Two (Controller to Processor) of the EU SCCs apply when Customer is a controller and Revamp is processing Personal Data for Customer as a processor pursuant to Section 2 of this DPA.
- For each module, where applicable the following applies:
- The optional docking clause in Clause 7 does not apply.
- In Clause 9, Option 2 (general written authorization) applies, and the minimum time period for prior notice of sub-processor changes shall be as set forth in Section 4.2 of this DPA.
- In Clause 11, the optional language does not apply.
- All square brackets in Clause 13 are hereby removed.
- In Clause 17 (Option 1), the EU SCCs will be governed by Irish law.
- In Clause 18(b), disputes will be resolved before the courts of Ireland.
- Exhibit B to this DPA contains the information required in Annex I of the EU SCCs.
- Exhibit C to this DPA contains the information required in Annex II of the EU SCCs.
- By entering into this DPA, the parties are deemed to have signed the EU SCCs incorporated herein, including their Annexes.
Ex-UK Transfers
The Parties agree that ex-UK Transfers are made pursuant to the provisions in this section or the UK International Data Transfer Agreement ("IDTA") set forth in Exhibit D, whichever applies.
Data Exports from the United Kingdom under the Standard Contractual Clauses. For ex-UK Transfers where the EU SCCs also apply, the Mandatory Clauses of the Approved Addendum, being the template Addendum B.1.0 issued by the UK Information Commissioner's Office ("ICO") and laid before Parliament in accordance with s119A of the Data Protection Act 2018 on 2 February 2022, as revised under Section 18 of those Mandatory Clauses ("Approved Addendum") shall apply. The information required for Tables 1 and 3 of Part One of the Approved Addendum is set out in Exhibits A, B, and C of this DPA (as applicable). The information required for Table 2 is set out in Section 6 of this DPA. For the purposes of Table 4 of Part One of the Approved Addendum, the importer may end the Approved Addendum when it changes.
Transfers from Switzerland
The parties agree that transfers from Switzerland are made pursuant to the EU SCCs with the following modifications:
- The terms "General Data Protection Regulation" or "Regulation (EU) 2016/679" as utilized in the EU SCCs shall be interpreted to include the Federal Act on Data Protection of 19 June 1992 (the "FADP," and as revised as of 25 September 2020, the "Revised FADP") with respect to data transfers subject to the FADP.
- The terms of the EU SCCs shall be interpreted to protect the data of legal entities until the effective date of the Revised FADP.
- Clause 13 of the EU SCCs is modified to provide that the Federal Data Protection and Information Commissioner ("FDPIC") of Switzerland shall have authority over data transfers governed by the FADP and the appropriate EU supervisory authority shall have authority over data transfers governed by the GDPR.
- The term "EU Member State" as utilized in the EU SCCs shall not be interpreted in such a way as to exclude Data Subjects in Switzerland from exercising their rights in their place of habitual residence in accordance with Clause 18(c) of the EU SCCs.
Supplementary Measures
In respect of any ex-EEA Transfer or ex-UK Transfer, the following supplementary measures shall apply:
- As of the date of this DPA, the Data Importer has not received any formal legal requests from any government intelligence or security service/agencies in the country to which the Personal Data is being exported, for access to (or for copies of) Customer's Personal Data ("Government Agency Requests").
- If, after the date of this DPA, the Data Importer receives any Government Agency Requests, Vendor shall attempt to redirect the law enforcement or government agency to request that data directly from Customer. As part of this effort, Vendor may provide Customer's basic contact information to the government agency. If compelled to disclose Customer's Personal Data to a law enforcement or government agency, Vendor shall give Customer reasonable notice of the demand and cooperate to allow Customer to seek a protective order or other appropriate remedy unless Vendor is legally prohibited from doing so. Vendor shall not voluntarily disclose Personal Data to any law enforcement or government agency. Data Exporter and Data Importer shall (as soon as reasonably practicable) discuss and determine whether all or any transfers of Personal Data pursuant to this DPA should be suspended in the light of such Government Agency Requests.
- The Data Exporter and Data Importer will meet as needed to consider whether:
- the protection afforded by the laws of the country of the Data Importer to data subjects whose Personal Data is being transferred is sufficient to provide broadly equivalent protection to that afforded in the EEA or the UK, whichever the case may be;
- additional measures are reasonably necessary to enable the transfer to be compliant with the Data Protection Laws; and
- it is still appropriate for Personal Data to be transferred to the relevant Data Importer, taking into account all relevant information available to the parties, together with guidance provided by the supervisory authorities.
If Data Protection Laws require the Data Exporter to execute the Standard Contractual Clauses applicable to a particular transfer of Personal Data to a Data Importer as a separate agreement, the Data Importer shall, on request of the Data Exporter, promptly execute such Standard Contractual Clauses incorporating such amendments as may reasonably be required by the Data Exporter to reflect the applicable appendices and annexes, the details of the transfer and the requirements of the relevant Data Protection Laws.
If either (i) any of the means of legitimizing transfers of Personal Data outside of the EEA or UK set forth in this DPA cease to be valid or (ii) any supervisory authority requires transfers of Personal Data pursuant to those means to be suspended, then Data Importer may by notice to the Data Exporter, with effect from the date set out in such notice, amend or put in place alternative arrangements in respect of such transfers, as required by Data Protection Laws.
7. Data Subject Rights
In the event that Revamp receives a request by one of Customer's data subjects, it shall notify Customer upon receipt of a request by a data subject to exercise the Data Subject's rights under applicable Data Protection Laws (such requests individually and collectively "Data Subject Request(s)"). If we receive a Data Subject Request in relation to Customer's Personal Data or the Personal Data of an Authorized User of the Customer, we will follow Customer's instructions in relation to complying with such Data Subject Request, including by completing the request on Customer's behalf to the extent that it is technically feasible. If Customer asks Revamp to comply with a Data Subject Request on its behalf, Customer will provide adequate information to us in order for the request to be fulfilled.
8. Actions and Access Requests; Audits
Revamp shall provide Customer with reasonable cooperation and assistance where necessary for Customer to comply with its obligations under Data Protection Laws to conduct a data protection impact assessment and/or to demonstrate such compliance.
Upon Customer's request and to the extent required under applicable Data Protection laws, Revamp shall allow for, and contribute to, reasonable audits and inspections by Customer or the Customer's designated auditor. Such audits shall only take place annually. If Customer and Revamp have entered into Standard Contractual Clauses as described in Section 6 (Transfers of Personal Data), the parties agree that the audits described in the EU SCCs and the UK IDTA and UK Addendum shall be carried out in accordance with this Section 8.2.
9. Customer Obligations
Customer agrees that they have provided all legally required notices and disclosures and obtained all legally required consents and permissions required under applicable Data Protection Laws in relation to the data processing activities pursuant to this DPA and the Agreement, including for Revamp to contact data subjects on the Customer's behalf through email and/or text messages.
10. Miscellaneous
Except as expressly modified by the terms of this DPA, all the terms and conditions of the Agreement will remain in full force and effect and apply to the terms described in this DPA. To the extent there is any conflict between the terms of the Agreement and the terms of this DPA, the terms of this DPA will govern with respect to the subject matter hereof.
This DPA and the Agreement constitute the entire agreement between the parties with respect to the subject matter hereof and merge all prior and contemporaneous communications. The Agreement will not be further modified except by a written agreement dated subsequent to the Effective Date and signed on behalf of both parties.
This DPA shall remain in effect as long as Revamp processes Customer Personal Data.
The effective date of this DPA is the same date as the effective date of the Agreement.
Exhibit A: Details of Processing
Nature and Purpose of Processing
Revamp will process Customer's Personal Data as necessary to provide the Services under the Agreement, for the purposes specified in the Agreement and this DPA, and in accordance with Customer's instructions as set forth in this DPA.
Duration of Processing
Revamp will process Customer's Personal Data as long as required (i) to provide the Services to Customer under the Agreement; (ii) for our legitimate business needs; or (iii) by applicable law or regulation.
Categories of Data Subjects
Revamp processes Personal Data about its customer's end users to provide its Services to Customers.
Categories of Personal Data
Information related to the Customer's end users that the Customer shares with Revamp, including names, phone numbers, e-mails, online purchases, page visits, etc.
Sensitive Data or Special Categories of Data
Customer is prohibited from providing sensitive personal data or special categories of data to Revamp.
Exhibit B
The following includes the information required by Annex I and Annex III of the EU SCCs, and Appendix 1 of the UK SCCs.
The Parties
Data Exporter(s)
[Identity and contact details of the data exporter(s) and, where applicable, of its/their data protection officer and/or representative in the European Union]
- Name: As listed in the Agreement
- Address: As listed in the Agreement
- Contact person's name, position and contact details: As listed in the Agreement
- Activities relevant to the data transferred under these Clauses: As described in Section 2 of the DPA
- Signature and date: As listed in the Agreement
- Role (controller/processor): Controller
Data Importer(s)
[Identity and contact details of the data importer(s), including any contact person with responsibility for data protection]
- Name: Revamp, Inc.
- Address: 1111B S Governors Ave STE 7854, Dover, DE 19904
- Email: founders@getrevamp.ai
- Activities relevant to the data transferred under these Clauses: As described in Section 2 of the DPA
- Signature and date: As listed in the Agreement
- Role (controller/processor): Processor
Description of the Transfer
Data Subjects
The data exporter may submit personal data to the data importer through its software, services, systems, products, and/or technologies, the extent of which is determined and controlled by the data exporter in compliance with applicable data protection laws and regulations, and which may include but is not limited to personal data relating to the following categories of data subjects: Revamp processes Personal Data about its customer's end users to provide its Services to Customer.
Categories of Personal Data
The personal data transferred concerns the following categories of data: Information related to the Customer's end users that the Customer shares with Revamp, including names, phone numbers, e-mails, online purchases, page visits, etc.
Special Category Personal Data (if applicable)
Data exporters are prohibited from providing sensitive data or special categories to data importer.
Nature of the Processing
Data is processed in order for Revamp to offer its Services to Customer.
Purposes of Processing
To fulfill each party's obligations under the Agreement.
Duration of Processing and Retention (or the criteria to determine such period)
During the term of the Agreement
Frequency of the transfer
During the term of the Agreement on a periodic basis and/or at the discretion of Customer.
Recipients of Personal Data Transferred to the Data Importer
The list includes the sub-processors identified in Exhibit C.
Competent Supervisory Authority
The supervisory authority shall be the supervisory authority of the Data Exporter, as determined in accordance with Clause 13.
Exhibit C: Description of the Technical and Organizational Security Measures implemented by Revamp
| Technical and Organizational Security Measure | Details |
|---|---|
| Measures of pseudonymisation and encryption of personal data | Use strong encryption protocols for data both at rest and in transit. Ensure that encryption keys are stored securely and separately from the encrypted data. |
| Measures for ensuring ongoing confidentiality, integrity, availability and resilience of processing systems and services | Ensure that the hardware and software used in processing the Personal Data are reliable and protected against all kinds of malicious software and viruses. |
| Measures for ensuring the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident | Have a secure method of disposal for back-ups, disks and print outs containing the Personal Data. |
| Processes for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures in order to ensure the security of the processing | Conduct regular security audits, vulnerability assessments, and penetration testing. Implement a continuous monitoring system for security threats and compliance with security policies. Review and update security policies and procedures periodically based on the assessment results. |
| Measures for user identification and authorization | Implement multi-factor authentication (MFA) for accessing systems that process personal data. |
| Measures for the protection of data during transmission | Utilize secure transmission protocols such as Transport Layer Security (TLS), employing X.509 version 3 digital certificates and SHA-256 encryption, ensuring robust cryptographic protection and integrity for data in transit. |
| Measures for the protection of data during storage | Implement secure method of storing Personal Data and control access to the Personal Data. Control remote access and ensure that Personal Data is not downloaded to portable devices unless strictly necessary and only then if encrypted. |
| Measures for ensuring physical security of locations at which personal data are processed | Use password protection on all computer systems where Personal Data is stored. In addition, enforce strict physical security practices, including:
|
| Measures for ensuring events logging | Implement comprehensive logging and monitoring of all access to and changes to Personal Data. Logs are stored in a secure, centralized system with strict access controls and are tamper-evident and immutable where technically feasible. Logs are regularly reviewed for suspicious activity and retained for a period of 90 days. |
| Measures for ensuring system configuration, including default configuration | Ensure systems are configured securely by default, following best practices and security guidelines. Regularly review and update system configurations to address emerging threats and vulnerabilities. |
| Measures for internal IT and IT security governance and management | Provide an appropriate level of information governance for all Personal Data. Take reasonable steps to ensure the reliability of individuals who have access to the Personal Data, including but not limited to ensuring all such individuals understand the confidential nature of the Personal Data and the issues which arise if proper care is not taken in the use of the Personal Data and that all such individuals are properly trained in how to comply with Data Protection Laws prior to accessing the Personal Data. |
| Measures for certification/assurance of processes and products | Conduct regular internal and external audits to ensure compliance with security standards and certifications. |
| Measures for ensuring data minimization | Implement data minimization principles by collecting only the personal data necessary for specific purposes and provided by Customers. Regularly review data collection practices. |
| Measures for ensuring data quality | Implement procedures for regularly reviewing and updating personal data to ensure accuracy and completeness. |
| Measures for ensuring limited data retention | Establish and enforce data retention policies that specify the minimum period for retaining personal data. Regularly review stored data and securely delete or anonymize data that is no longer needed for its intended purpose. |
| Measures for ensuring accountability | Assign clear roles and responsibilities for data protection and security within the organization. Implement a data protection management system to monitor compliance with data protection laws and policies. Maintain documentation of processing activities and security measures. |
| Measures for allowing data portability and ensuring erasure | Implement processes and tools to facilitate data portability requests, ensuring data is provided in a commonly used, machine-readable format. Establish procedures for responding to data erasure requests promptly and securely delete personal data from all systems and backups. |
| Technical and organizational measures of sub-processors | Ensure sub-processors implement equivalent security measures as those required by the data importer. Conduct due diligence and regular audits of sub-processors to verify compliance with security and data protection standards. Include contractual obligations for sub-processors to adhere to security measures and data protection laws. |
Exhibit D: List of Authorized Sub-Processors
Revamp may use the following Authorized Sub-Processors to process Personal Data pursuant to the Agreement, including by transferring Personal Data to such entities:
Exhibit E: CCPA Addendum
To the extent applicable, this CCPA addendum ("Addendum") regulates the processing of Personal Information (as defined in the CCPA) of California residents pursuant to the CCPA by Revamp under the Agreement and the DPA. To the extent that there is any inconsistency between this Addendum and the Agreement or the DPA with regard to the processing of Personal Information regulated under the CCPA, this Addendum shall control.
Definitions
Any capitalized term in this Addendum that is not otherwise defined in the DPA shall have the meaning given to that term in the CCPA.
Representations and Warranties
Revamp represents and warrants that it is a Service Provider or Contractor for the purposes of the services it provides to Customer pursuant to the DPA and the Agreement.
Revamp's Processing of Customer Personal Data
- Revamp shall process Customer Personal Data it receives pursuant to the Agreement only for the limited and specified purposes outlined in Exhibit A and is prohibited from using Customer Personal Data for any other purpose.
- Revamp shall comply with all applicable sections of the CCPA, including by providing the same level of protection to Customer Personal Data as required by Customer under the law.
- Revamp agrees that Customer has the right to take reasonable and appropriate steps to ensure that we use Customer Personal Data that we receive from or process on behalf of Customer in a manner consistent with Customer's obligations under the CCPA.
- Revamp agrees that Customer has the right to take reasonable and appropriate steps to stop and remediate our unauthorized use of Personal Data.
- Revamp shall notify Customer as soon as possible after we determine that it can no longer meet its obligations under the CCPA.
- If Revamp engages Sub-Processors in relation to providing services to Customer pursuant to the Agreement, we shall have a contract with the Sub-Processor that complies with the CCPA and has the same restrictions on the processing of Personal Data as outlined in this Addendum.
Restrictions on Revamp's Use of Personal Data
- Revamp shall not Sell or Share Customer Personal Data it receives from or processes on behalf of Customer, for purposes outside of those outlined in the DPA and exhibits incorporated by reference in the DPA.
- Revamp shall not retain, use, or disclose Customer Personal Data it receives from or processes on behalf of Customer for any purpose (including any Commercial Purpose) other than for the purposes specified in the Agreement, DPA, and except as otherwise permitted by the CCPA.
- Revamp shall not retain, use, or disclose Customer Personal Data it receives from or processes on behalf of Customer outside of the direct business relationship between Revamp and Customer, except as otherwise permitted under the CCPA.
- Revamp shall not combine the Customer Personal Data it receives from or processes on behalf of Customer with Personal Data it receives from or on behalf of another person or which it collects from its own interaction with another individual, provided that we may combine Personal Data to perform any Business Purpose, such as to analyze how users interact with Services, or as otherwise permitted under the CCPA.
Consumer Requests
Customer agrees to: (i) inform Revamp of any consumer request made pursuant to the CCPA that they must assist Customer to comply with and (ii) provide the information necessary for Revamp to comply with the request.
Questions About This Agreement?
If you have any questions about this Data Processing Agreement or need to request a signed copy for your records, please contact our team.