THIS END-USER LICENSE AGREEMENT IS A LEGAL AGREEMENT BETWEEN YOU (EITHER AN INDIVIDUAL OR AN ENTITY IF ACQUIRED FOR USE BY AN ENTITY) AND INSTALLATON. READ THIS EULA CAREFULLY BEFORE INSTALLING OR USING THE SOFTWARE. BY INSTALLING OR USING THE SOFTWARE, YOU AGREE TO BE BOUND BY THE TERMS OF THIS EULA; IF YOU DO NOT AGREE TO BE BOUND BY THE TERMS HEREIN, OR IF YOU HAVE NOT READ, UNDERSTOOD, OR ACKNOWLEDGED THE TERMS HEREIN, DO NOT INSTALL OR USE THE SOFTWARE AND RETURN TO YOUR PLACE OF PURCHASE FOR A FULL REFUND.
Installatron Data Processing Addendum
Last Revised: May 24th, 2018
This Data Processing Addendum ("DPA") forms part of the Agreement or other written or electronic agreement between Installatron LLC and Licensee for the purchase of services from Installatron LLC (hereinafter defined as "Services") (the "Agreement") to reflect the parties' agreement with regard to the Processing of Personal Data. All capitalized terms not defined herein shall have the meaning set forth in the Agreement.
Please direct any questions or concerns to: firstname.lastname@example.org
- "Controller", "Data Subject", "Processor", "Processing", and "Supervisory Authority" have the meaning defined in the GDPR.
- "Personal Data" means your "personal data" as defined in the GDPR that Installatron processes on behalf of you in connection with your use of Services.
- "Data Protection Laws and Regulations" means the EU General Data Protection Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 ("GDPR") and all laws and regulations applicable to the Processing of Personal Data under the Agreement.
- "Security Incident" means any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, any Personal Data.
- "Subprocessor" means any Processor engaged by Installatron.
- RIGHTS OF DATA SUBJECTS
- Independent Determination. Where applicable, and taking into account the nature of the Processing, Installatron will use reasonable endeavors to assist you by implementing appropriate technical and organizational measures, insofar as this is possible, for the fulfillment of your obligation to comply with your obligations under applicate privacy laws, including the GDPR.
- Confidentiality. Installatron will not disclose Personal Data to any government or any other third party, except as necessary to comply with the law or a valid and binding order of a law enforcement agency (such as a subpoena or court order).
- PROCESSING OF PERSONAL DATA
- Instructions for Data Processing. Processing of Personal Data will in accordance with your written instructions. The Agreement (subject to any changes agreed between the parties) and this DPA shall be your complete and final instructions to Installatron in relation to the Processing of Personal Data.
- Required consents. Where required by applicable Data Protection Laws and Regulations, Licensee will ensure that it has obtained/will obtain all necessary consents for the Processing of Personal Data by Installatron in accordance with the Agreement.
- Authorized Subprocessors. You agree that Installatron may use Subprocessors to fulfill its contractual obligations under the Agreement. Installatron shall notify you from time to time of the identity of any new Subprocessors it engages. If you (acting reasonably) object to a new Subprocessor on grounds related to the protection of Personal Data only, you may request that Installatron move Personal Data to another Subprocessor and Installatron shall, within a reasonable time following receipt of such request, use reasonable endeavors to ensure that the original Subprocessor does not Process any Personal Data. If it is not reasonably possible to use another Subprocessor, and you continue to object for a legitimate reason, either party may terminate the Agreement upon 30 calendar days written notice. If you do not object within 30 days of receipt of the notice, you are deemed to have accepted the new Subprocessor.
- Subprocessor Obligations. Except as set out in the previous paragraph, Installatron shall not permit, allow or otherwise facilitate Subprocessors from Processing Personal Data without your prior written consent and unless Installatron (a) enters into a written agreement with the Subprocessor which imposes the same obligations on the Subprocessor with regard to their Processing of Personal Data as imposed on Installatron under this DPA and (b) will remain responsible for its compliance with the obligations of this DPA and for any acts or omissions of the Subprocessor that cause Installatron to breach any of Installatron's obligations under this DPA.
- TRANSFER OF PERSONAL DATA
- .U.S. Based Processing. Personal Data will be transferred outside the European Economic Area ("EEA") and processed in the United States.
- You agree that Installatron may use Subprocessors to fulfill its contractual obligations under the Agreement. Installatron shall notify you from time to time of the identity of any new Subprocessors it engages. If you (acting reasonably) object to a new Subprocessor on grounds related to the protection of Personal Data only, you may request that Installatron move Personal Data to another Subprocessor and Installatron shall, within a reasonable time following receipt of such request, use reasonable endeavors to ensure that the original Subprocessor does not Process any Personal Data. If it is not reasonably possible to use another Subprocessor, and you continue to object for a legitimate reason, either party may terminate the Agreement upon 30 calendar days written notice. If you do not object within 30 days of receipt of the notice, you are deemed to have accepted the new Subprocessor.
- Prohibition on International Transfers. You acknowledge that Installatron or its Subprocessors may access Personal Data outside the European Economic Area and/or their member states, Switzerland and/or the United Kingdom.
- DATA SECURITY, ADUITS AND SECURITY NOTIFICATIONS
- Upon your reasonable request, Installatron will make available all information reasonably necessary to demonstrate compliance with this DPA.
- Security Incident. If Installatron becomes aware of a Security Incident, Installatron will without undue delay: (a) notify Licensee of the Security Incident; and (b) take reasonable steps to mitigate the effects and to minimize any damage resulting from the Security Incident.
- Employees. Installatron will treat Personal Data as confidential, and shall ensure that any employees or other personnel have agreed in writing to protect the confidentiality and security of Personal Data.
- Audit. You may exercise your right of audit under GDPR in relation to Personal Data, through Installatron providing an audit report prepared by an independent external auditor demonstrating that Installatron's technical and organizational measures are sufficient and in accordance with an accepted industry audit standard. You shall cover all costs incurred by Installatron in connection with any such audit.
- Return or Deletion of Personal Data. Licensee may be provided controls that may use to retrieve or delete Personal Data. Any deletion of Personal Data will be governed by the terms of the Agreement.
- This DPA will continue in force until the termination of Processing in accordance with the Agreement.
Installatron, Attn: Data Privacy Officer
105 YATES ST, 1ST FLOOR
MT HOLLY SPRINGS, PA 17065