The processing of Personal Data in a secure and transparent way is important to us at CATS. Because of this, we are committed to processing Personal Data in accordance with the EU’s General Data Protection Regulation (“GDPR”).
This Data Processing Addendum (“DPA”) amends the Terms of Service agreement between CATS Software, Inc (“CATS”) and you as a customer.
Each party acknowledges and agrees that with the regard to the processing of Personal Data, Customer is the Controller, CATS is the Processor and that CATS will engage Sub-processors pursuant to the requirements set forth in “Sub-processors” below.
Customer shall process Personal Data in accordance with the requirements of the GDPR. Customer shall have sole responsibility for the accuracy, quality and legality of Personal Data and the means by which Customer acquired Personal Data.
As Controller, Customer is solely responsible for fulfilling a request by Data Subject to provide the Personal Data Processed by CATS. CATS will give best effort to notify You if any requests are made to CATS to provide Personal Data.
Customer agrees that CATS may disclose Personal Data to its Sub-processors for the purposes of providing the CATS Service. Current Sub-Processors engaged by CATS are listed below.
|Amazon Web Services (AWS)||Cloud infrastructure hosting|
|Bandwidth||Voice and SMS|
In the event that CATS becomes aware of an Incident, CATS will notify you promptly and in any event no later than seventy-two (72) hours after CATS discovers the Incident. In the event of such a Incident, CATS shall provide you with a detailed description of the Incident and the type of Personal Data concerned, unless otherwise prohibited by law or otherwise instructed by a law enforcement or supervisory authority. Following such notification, CATS will take reasonable steps to mitigate the effects of the Incident and to minimize any damage resulting from the Incident. At your request, CATS will provide reasonable assistance and cooperation with respect to any notifications that you are legally required to send to affected Data Subjects and regulators. CATS may charge a reasonable fee for such requested assistance.
Each party indemnifies the other and holds them harmless against all claims, actions, third party claims, losses, damages and expenses incurred by the indemnified party and arising directly or indirectly out of or in connection with a breach of this DPA.
This DPA shall come into effect on May 25, 2018 and shall continue until changed or terminated.