Find our Software Terms and Conditions here.
THESE TERMS OF SERVICE COVER THE USE OF PARTNER HERO SOFTWARE SERVICES LISTED BELOW . YOU ACCEPT THESE TERMS OF SERVICE BY CREATING A USER ACCOUNT, THROUGH YOUR USE OF THE SOFTWARE SERVICES, OR BY CONTINUING TO USE THE SOFTWARE SERVICES AFTER BEING NOTIFIED OF A CHANGE TO THESE TERMS OF SERVICE. IF YOU DO NOT AGREE WITH ALL THESE TERMS OF SERVICE, THEN YOU ARE EXPRESSLY PROHIBITED FROM USING THE SOFTWARE SERVICES AND YOU MUST DISCONTINUE USE IMMEDIATELY.
Last updated 19 June 2023
We are Partner Hero, Inc. (“Company,” “we,” “us,” “our”), a California corporation headquartered at 250 S 5th Street, Suite 400, Boise, ID 83702, United States. Our suite of subscription-based, on-demand software solutions (“Software Services”) includes:
Our Software Services include these products and any other related products and services that refer or link to these Terms of Service (the “Terms of Service”) or any use of PartnerHero technology to process content, materials, data, and information that your employees, agents, contractors, or representatives enter into your customer relationship management system (“Customer Data”). These Terms of Service constitute a legally binding agreement made between you, whether personally or on behalf of an entity (“you”), and Partner Hero, Inc., concerning your access to, and use of, the Software Services. You agree that by accessing the Software Services, you have read, understood, and agreed to be bound by all these Terms of Service.
The Software Services are intended for users who are at least 18 years old.
The information provided when using the Software Services is not intended for distribution to, or use by, any person or entity in any jurisdiction or country where such distribution or use would be contrary to law or regulation, or which would subject us to any registration requirement within such jurisdiction or country. Accordingly, those persons who choose to access the Software Services from other locations do so on their own initiative and are solely responsible for compliance with local laws, if and to the extent local laws are applicable.
Our Software Services include using Customer Data to create anonymous and aggregate unified contextual analytics. We only use your Customer Data to provide the Software Services, subject to the terms of this Terms of Service and the Data Processing Agreement attached as Exhibit A and incorporated into this Terms of Service by reference
Our intellectual property
We are the owner or the licensee of all intellectual property rights in our Software Services, including all source code, databases, functionality, software, website designs, audio, video, text, photographs, and graphics in the Software Services (collectively, the “Content”), as well as the trademarks, service marks, and logos contained in the Content (the “Marks”). Our Content and Marks are protected by copyright and trademark laws (and various other intellectual property rights and unfair competition laws) and treaties in the United States and around the world.The Content and Marks are provided in or through the Software Services “AS IS” for your personal, non-commercial use or internal business purpose only.
Your use of our Software Services
Subject to your compliance with this Terms of Service, including the “PROHIBITED ACTIVITIES” section below, we grant you a non-exclusive, non-transferable, revocable license to:
Except as set out in this section or elsewhere in this Terms of Service, no part of the Software Services and no Content or Marks may be copied, reproduced, aggregated, republished, uploaded, posted, publicly displayed, encoded, translated, transmitted, distributed, sold, licensed, or otherwise exploited for any commercial purpose whatsoever.
If you wish to make any use of the Software Services, Content, or Marks other than as set out in this section or elsewhere in this Terms of Service, please address your request to: contracts@partnerhero.com. If we grant you permission to post, reproduce, or publicly display any part of our Software Services, Content, or Marks, you must identify us as the owners or licensors of the Software Services, Content, or Marks and ensure that any copyright or proprietary notice appears or is visible on posting, reproducing, or displaying our Content or Marks.We reserve all rights not expressly granted to you in and to the Software Services, Content, and Marks.
Any breach of these Intellectual Property Rights will constitute a material breach of this Terms of Service and your right to use our Software Services will terminate immediately.
By using the Software Services, you represent and warrant that any personal data contained in the Customer Data you collect from your customers and provide to us was collected and maintained in compliance with applicable data privacy laws. You grant us a non-exclusive right to process and use Customer Data to provide the Software Services. The Data Processing Agreement attached as Exhibit A and incorporated into this Terms of Service by reference will govern the processing of any personal data in the Software Services.
You may be required to register for the Software Services. User accounts cannot be shared or used by more than one person (but may be reassigned in its entirety). You agree to keep your password confidential and will be responsible for all use of your account. If you notice any unusual activities or suspect unauthorized activity on your account or any other breach of security, you must immediately notify us at dataprivacy@partnerhero.com. We will not be liable for any loss that you may incur as a result of someone else using your account or password, either with or without your knowledge.
We shall set you up for a monthly recurring auto-payment for Software Services to be performed during the subsequent calendar month. All payments associated with the Software Services you select or other amounts contemplated hereby shall be processed by bank wire or credit card. We will add any applicable processing fees to the monthly charges. We will email you a receipt for each payment at the email you provide us.
We reserve the right to add at any time an additional method of payment or change such methods of payment and you agree to provide current, complete, and accurate purchase and account information for payment of the Software Services. You further agree to promptly update account and payment information, including email address, payment method, and payment card expiration date, so that we can complete your transactions and contact you as needed. Sales tax will be added to the price of purchases as deemed required by us. We may change prices at any time. All payments shall be in US dollars.
For free trials we offer to you, your account will be charged according to your chosen subscription at the end of the free trial.
You can cancel your subscription at any time by contacting us using the contact information provided below. Your cancellation will take effect at the end of the current paid term.
During the subscription period, you can access your Customer Data at any time. You may export and retrieve your Customer Data in a standard format. Export and retrieval may be subject to technical limitations and we will work with you to find a reasonable solution to allow you access to your Customer Data.
You may not access or use the Software Services for any purpose other than that for which we make the Software Services available.
As a user of the Software Services, you agree not to:
We may provide you areas on the Software Services to leave reviews or ratings. When posting a review, you must comply with the following criteria: (1) you should have firsthand experience with the person/entity being reviewed; (2) your reviews should not contain offensive profanity or abusive, racist, offensive, or hateful language; (3) your reviews should not contain discriminatory references based on religion, race, gender, national origin, age, marital status, sexual orientation, or disability; (4) your reviews should not contain references to illegal activity; (5) you should not be affiliated with competitors if posting negative reviews; (6) you should not make any conclusions as to the legality of conduct; (7) you may not post any false or misleading statements; and (8) you may not organize a campaign encouraging others to post reviews, whether positive or negative.
We may accept, reject, or remove reviews at our sole discretion. We have absolutely no obligation to screen reviews or to delete reviews, even if anyone considers reviews objectionable or inaccurate. Reviews are not endorsed by us and do not necessarily represent our opinions or the views of any of our affiliates or partners. We do not assume liability for any review or for any claims, liabilities, or losses resulting from any review. By posting a review, you hereby grant to us a perpetual, nonexclusive, worldwide, royalty-free, fully paid, assignable, and sublicensable right and license to reproduce, modify, translate, transmit by any means, display, perform, or distribute all content relating to reviews.
We reserve the right, but not the obligation to: (1) monitor the Software Services for violations of these Terms of Service; (2) take appropriate legal action against anyone who, in our sole discretion, violates the law or these Terms of Service, including without limitation, reporting such user to law enforcement authorities; (3) in our sole discretion and without limitation, notice, or liability, to remove from the Software Services or otherwise disable all files and content that are excessive in size or are in any way burdensome to our systems; and (4) otherwise manage the Software Services in a manner designed to protect our rights and property and to facilitate the proper functioning of the Services.
Please review our Privacy Policy: https://www.partnerhero.com/privacy. By using the Software Services, you agree to be bound by our Privacy Policy, which is incorporated into these Terms of Service. The Software Services are hosted in the United States. If you access the Software Services from any other region of the world with laws or other requirements governing personal data collection, use, or disclosure that differ from applicable laws in the United States, then through your continued use of the Software Services, you are transferring your data to the United States, and you expressly consent to have your data transferred to, and processed in, the United States. We implement and maintain appropriate and reasonable administrative, technical, and physical security measures to protect the personal data we process to provide the Software Services in compliance with applicable data protection laws as described in the Data Processing Agreement attached as Exhibit A and incorporated into this Terms of Service by reference. The Data Processing Agreement will govern the processing of any personal data in the Software Services.
These Terms of Service shall remain in full force and effect while you use the Software Services.
WITHOUT LIMITING ANY OTHER PROVISION OF THESE TERMS OF SERVICE, WE RESERVE THE RIGHT TO, IN OUR SOLE DISCRETION AND WITHOUT NOTICE OR LIABILITY, DENY ACCESS TO, AND USE OF, THE SOFTWARE SERVICES (INCLUDING BLOCKING CERTAIN IP ADDRESSES), TO ANY PERSON FOR ANY REASON OR FOR NO REASON, INCLUDING WITHOUT LIMITATION FOR BREACH OF ANY REPRESENTATION, WARRANTY, OR COVENANT CONTAINED IN THESE TERMS OF SERVICE OR OF ANY APPLICABLE LAW OR REGULATION. WE MAY TERMINATE YOUR USE OR PARTICIPATION IN THE SOFTWARE SERVICES OR DELETE YOUR ACCOUNT AND ANY CONTENT OR INFORMATION THAT YOU POSTED AT ANY TIME, WITHOUT WARNING, IN OUR SOLE DISCRETION.
If we terminate or suspend your account for any reason, you are prohibited from registering and creating a new account under your name, a fake or borrowed name, or the name of any third party, even if you may be acting on behalf of the third party. In addition to terminating or suspending your account, we reserve the right to take appropriate legal action, including without limitation pursuing civil, criminal, and injunctive redress.
We reserve the right to change, modify, or remove the contents of the Software Services at any time or for any reason at our sole discretion without notice. However, we have no obligation to update any information on our Software Services. We will not be liable to you or any third party for any modification, price change, suspension, or discontinuance of the Software Services.We cannot guarantee the Software Services will be always available.
We may experience hardware, software, or other problems or need to perform maintenance related to the Software Services, resulting in interruptions, delays, or errors. We reserve the right to change, revise, update, suspend, discontinue, or otherwise modify the Software Services at any time or for any reason without notice to you. You agree that we have no liability whatsoever for any loss, damage, or inconvenience caused by your inability to access or use the Software Services during any downtime or discontinuance of the Software Services. Nothing in these Terms of Service will be construed to obligate us to maintain and support the Software Services or to supply any corrections, updates, or releases in connection therewith.
This Terms of Use shall be governed by, and construed in accordance with, the laws of the State of California, United States of America, without resorting to conflict of laws rules that would result in another State’s or jurisdiction’s law applying. Each Party irrevocably agrees that any action, suit, or other legal proceeding against them shall be brought in the state and federal courts located in Orange County, California. By execution and delivery of this Terms of Use, each Party irrevocably submits to and accepts such jurisdiction and waives any objection (including any objection to venue, enforcement, or grounds of forum non conveniens) that might be asserted against the bringing of any such action, suit or other legal proceeding in such court.
There may be information in the Software Services that contains typographical errors, inaccuracies, or omissions, including descriptions, pricing, availability, and various other information. We reserve the right to correct any errors, inaccuracies, or omissions and to change or update the information on the Software Services at any time, without prior notice.
THE SOFTWARE SERVICES ARE PROVIDED ON AN AS-IS AND AS-AVAILABLE BASIS. YOU AGREE THAT YOUR USE OF THE SOFTWARE SERVICES WILL BE AT YOUR SOLE RISK. TO THE FULLEST EXTENT PERMITTED BY LAW, WE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, IN CONNECTION WITH THE SOFTWARE SERVICES AND YOUR USE THEREOF, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. WE MAKE NO WARRANTIES OR REPRESENTATIONS ABOUT THE ACCURACY OR COMPLETENESS OF THE SOFTWARE SERVICES' CONTENT OR THE CONTENT OF ANY WEBSITES OR MOBILE APPLICATIONS LINKED TO THE SOFTWARE SERVICES AND WE WILL ASSUME NO LIABILITY OR RESPONSIBILITY FOR ANY (1) ERRORS, MISTAKES, OR INACCURACIES OF CONTENT AND MATERIALS, (2) PERSONAL INJURY OR PROPERTY DAMAGE, OF ANY NATURE WHATSOEVER, RESULTING FROM YOUR ACCESS TO AND USE OF THE SOFTWARE SERVICES, (3) ANY UNAUTHORIZED ACCESS TO OR USE OF OUR SECURE SERVERS AND/OR ANY AND ALL PERSONAL INFORMATION AND/OR FINANCIAL INFORMATION STORED THEREIN, (4) ANY INTERRUPTION OR CESSATION OF TRANSMISSION TO OR FROM THE SOFTWARE SERVICES, (5) ANY BUGS, VIRUSES, TROJAN HORSES, OR THE LIKE WHICH MAY BE TRANSMITTED TO OR THROUGH THE SOFTWARE SERVICES BY ANY THIRD PARTY, AND/OR (6) ANY ERRORS OR OMISSIONS IN ANY CONTENT AND MATERIALS OR FOR ANY LOSS OR DAMAGE OF ANY KIND INCURRED AS A RESULT OF THE USE OF ANY CONTENT POSTED, TRANSMITTED, OR OTHERWISE MADE AVAILABLE VIA THE SOFTWARE SERVICES. WE DO NOT WARRANT, ENDORSE, GUARANTEE, OR ASSUME RESPONSIBILITY FOR ANY PRODUCT OR SERVICE ADVERTISED OR OFFERED BY A THIRD PARTY THROUGH THE SOFTWARE SERVICES, ANY HYPERLINKED WEBSITE, OR ANY WEBSITE OR MOBILE APPLICATION FEATURED IN ANY BANNER OR OTHER ADVERTISING, AND WE WILL NOT BE A PARTY TO OR IN ANY WAY BE RESPONSIBLE FOR MONITORING ANY TRANSACTION BETWEEN YOU AND ANY THIRD-PARTY PROVIDERS OF PRODUCTS OR SERVICES. AS WITH THE PURCHASE OF A PRODUCT OR SERVICE THROUGH ANY MEDIUM OR IN ANY ENVIRONMENT, YOU SHOULD USE YOUR BEST JUDGMENT AND EXERCISE CAUTION WHERE APPROPRIATE.
IN NO EVENT WILL WE OR OUR DIRECTORS, EMPLOYEES, OR AGENTS BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, EXEMPLARY, INCIDENTAL, SPECIAL, OR PUNITIVE DAMAGES, INCLUDING LOST PROFIT, LOST REVENUE, LOSS OF DATA, OR OTHER DAMAGES ARISING FROM YOUR USE OF THE SOFTWARE SERVICES, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
NOTWITHSTANDING ANYTHING TO THE CONTRARY CONTAINED IN THIS TERMS OF SERVICE, OUR LIABILITY TO YOU FOR ANY CAUSE WHATSOEVER AND REGARDLESS OF THE FORM OF THE ACTION, WILL AT ALL TIMES BE LIMITED TO THE AMOUNT PAID, IF ANY, BY YOU TO US DURING THE SIX (6) MONTH PERIOD PRIOR TO ANY CAUSE OF ACTION ARISING. CERTAIN US STATE LAWS AND INTERNATIONAL LAWS DO NOT ALLOW LIMITATIONS ON IMPLIED WARRANTIES OR THE EXCLUSION OR LIMITATION OF CERTAIN DAMAGES. IF THESE LAWS APPLY TO YOU, SOME OR ALL OF THE ABOVE DISCLAIMERS OR LIMITATIONS MAY NOT APPLY TO YOU, AND YOU MAY HAVE ADDITIONAL RIGHTS.
You agree to defend, indemnify, and hold us harmless, including our subsidiaries, affiliates, and all of our respective officers, agents, partners, and employees, from and against any loss, damage, liability, claim, or demand, including reasonable attorneys' fees and expenses, made by any third party due to or arising out of: (1) use of the Software Services; (2) breach of these Terms of Service; (3) any breach of your representations and warranties set forth in these Terms of Service; (4) your violation of the rights of a third party, including but not limited to intellectual property rights; or (5) any overt harmful act toward any other user of the Software Services with whom you connected via the Software Services. Notwithstanding the foregoing, we reserve the right, at your expense, to assume the exclusive defense and control of any matter for which you are required to indemnify us, and you agree to cooperate, at your expense, with our defense of such claims. We will use reasonable efforts to notify you of any such claim, action, or proceeding which is subject to this indemnification upon becoming aware of it.
We will maintain certain data that you transmit to the Software Services for the purpose of managing the performance of the Software Services, as well as data relating to your use of the Software Services. Although we perform regular routine backups of data, you are solely responsible for all data that you transmit (including any Customer Data) or that relates to any activity you have undertaken using the Software Services. You agree that we shall have no liability to you for any loss or corruption of any such data, and you hereby waive any right of action against us arising from any such loss or corruption of such data.
Visiting the Software Services, sending us emails, and completing online forms constitute electronic communications. You consent to receive electronic communications, and you agree that all agreements, notices, disclosures, and other communications we provide to you electronically, via email and on the Software Services, satisfy any legal requirement that such communication be in writing. YOU HEREBY AGREE TO THE USE OF ELECTRONIC SIGNATURES, CONTRACTS, ORDERS, AND OTHER RECORDS, AND TO ELECTRONIC DELIVERY OF NOTICES, POLICIES, AND RECORDS OF TRANSACTIONS INITIATED OR COMPLETED BY US OR VIA THE SOFTWARE SERVICES. You hereby waive any rights or requirements under any statutes, regulations, rules, ordinances, or other laws in any jurisdiction which require an original signature or delivery or retention of non-electronic records, or to payments or the granting of credits by any means other than electronic means.
These Terms of Service and any policies posted by us in respect of the Software Services constitute the entire agreement and understanding between you and us. Our failure to exercise or enforce any right or provision of these Terms of Service shall not operate as a waiver of such right or provision. These Terms of Service operate to the fullest extent permissible by law. We may assign any or all our rights and obligations to others at any time. We shall not be responsible or liable for any loss, damage, delay, or failure to act that is the result of any cause beyond our reasonable control. If any provision or part of a provision of these Terms of Service is determined to be unlawful, void, or unenforceable, that provision or part of the provision is deemed severable from these Terms of Service and does not affect the validity and enforceability of any remaining provisions. There is no joint venture, partnership, employment or agency relationship created between you and us as a result of these Terms of Service or use of the Software Services. You agree that these Terms of Service will not be construed against us by virtue of having drafted them. You hereby waive all defenses you may have based on the electronic form of these Terms of Service and the lack of signing by the parties to execute these Terms of Service.
You may contact us with any questions regarding the Software Services or to receive further information regarding the use of the Software Services:
Partner Hero, Inc.
250 S 5th Street, Suite 400
Boise, ID 83702
United States
Phone: (888) 968-2767
contracts@partnerhero.com
We will provide you with prior notice of any changes to the Terms of Service. The modified Terms of Service will become effective upon posting or notifying you by at the email address you provide in a Service Order. By continuing to use the Software Services after the effective date of any changes, you agree to be bound by the modified terms.
Data Processing Agreement
Between PartnerHero (“Processor”) and Customer (“Controller”)
This Data Processing Agreement (“DPA”) is made by and between Partner Hero, Inc. (“PartnerHero” or “Processor”) and you (“Customer” or “Controller”). PartnerHero and Customer together are referred to in this DPA as the “Parties” and, individually, as a “Party.”
This DPA, which includes the Standard Contractual Clauses adopted by the European Commission, as applicable, reflects the Parties’ agreement with respect to the terms governing the Processing of Personal Data under the Terms of Service (the “Agreement”). This DPA is an addendum to the Agreement and is effective upon its incorporation into the Agreement, which incorporation may be specified in the Agreement, a Service Order or an executed amendment to the Agreement. Upon its incorporation into the Agreement, the DPA will form a part of the Agreement.
The term of this DPA shall follow the term of the Agreement. Terms not otherwise defined in this DPA shall have the meaning as set forth in the Agreement.
Exhibit 1, part (m) includes a list of the Sub-Processors PartnerHero uses in providing the Services.
“CCPA” means the California Consumer Privacy Act, including as modified by the California Privacy Rights Act together with any implementing regulations.
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data, including as applicable, a “Business” as defined under the CCPA.
“Data Protection Laws” means all applicable legislation relating to data protection and privacy including without limitation, the CCPA, the EU Data Protection Directive 95/46/EC and all local laws and regulations which amend or replace any of them, including the GDPR and the UK GDPR, together with any national implementing laws in any Member State of the European Union and any other applicable data protection or privacy laws or regulations of any other country or state, including US privacy laws. The terms “process”, “processes” and “processed” will be construed accordingly.
“GDPR” means the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
“Instruction” means the written, documented instruction, issued by Controller to Processor, and directing the same to perform a specific action with regard to Personal Data.
“Personal Data” means any information relating to an identified or identifiable individual, directly or indirectly, and includes similarly defined terms in Data Protection Laws, including, without limitation, “personal data”, “personally identifiable information” and “personal information”.
“Process” or “Processing” means any operation or set of operations which is performed on Personal Data, encompassing the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction or erasure of Personal Data.
“Processor” means a natural or legal person, public authority, agency or other body which processes Personal Data on behalf of a Controller, including as applicable any “service provider” as that term is defined under the CCPA.
“Sub-Processor” means a natural or legal person, public authority, agency or other body engaged by a Processor who has or may potentially have access to Personal Data, or processes Personal Data.
“Standard Contractual Clauses” means Regulation (EU) 2016/679 of the European Parliament and the Council approved by Commission Implementing Decision (EU) 2021/914 of 4 June 2021.
"UK GDPR" means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018.
A. Categories of Data Subjects. Controller may submit, transfer, or grant access to, Personal Data to Processor, or direct Processor to collect Personal Data as part of the Software Services, the extent of which is determined and controlled by Controller in its sole discretion, and which may include, but is not limited to Data Subjects including Controller’s employees, contractors, collaborators, customers, prospects, suppliers, agents, and subcontractors.
B. Types of Personal Data. Personal Data, the extent of which is determined and controlled by Controller in its sole discretion, includes, without limitation, name, address, phone number, email address and associated email data, navigational data (including website usage information), system usage data, and other electronic data submitted, stored, sent, or received by Controller, or Controller’s end users, including where applicable special categories of Personal Data as defined by Data Protection Laws which is received or accessed by Processor as part of the Software Services.
C. Subject-Matter and Nature of the Processing. The subject matter of Processing of Personal Data by Processor is the provision of the services to Controller that involves the Processing of Personal Data. Personal Data will be subject to those Processing activities as may be specified in the Agreement.
D. Purpose of the Processing. Personal Data will be Processed in accordance with the Agreement as necessary to provide the Services and Processor will not, under any circumstances: (a) sell or share Personal Data; (b) retain, use, or disclose Personal Data for any purpose other than for providing the Services agreed to in the Agreement, including retaining, using, or disclosing Personal Data for a commercial purpose other than for providing the Services agreed to in the Agreement to Controller; (c) retain, use or disclose Personal Data outside of the direct business relationship between Processor and Controller; and (d) combine Personal Data that Processor receives from, or on behalf of, Controller with Personal Data that it receives from, or on behalf of, another person or persons, or collects from its own interaction with Data Subjects (except as permitted by CCPA). Processor shall notify Controller if it makes a determination that it can no longer meet its obligations under CCPA and certifies that it understands and will comply with the restrictions contained in this Section 2(D).
E. Duration of the Processing. Personal Data will be processed on a continuous basis for the duration of the Agreement, subject to Section 4 of this DPA.
Within the scope of the Agreement and in its use of Processor’s Services, Controller shall be solely responsible for complying with the statutory requirements relating to data protection and privacy, in particular regarding the disclosure and transfer of Personal Data to Processor and the Processing of Personal Data, including obtaining all necessary consents and providing all necessary notices. For the avoidance of doubt, Controller’s instructions for the Processing of Personal Data shall comply with Data Protection Laws. This DPA is Controller’s complete and final instruction to Processor in relation to Personal Data and that additional instructions outside the scope of this DPA would require prior written agreement between the Parties. Instructions shall initially be specified in the Agreement and may, from time to time thereafter, be amended, amplified or replaced by Controller in separate written instructions (as individual instructions).
Controller shall inform Processor without undue delay and comprehensively about any errors or irregularities related to statutory provisions on the Processing of Personal Data, including if Controller's instructions or transfer of Personal Data to Processor violate Data Protection Laws.
A. Compliance with Instructions. The Parties acknowledge and agree that Customer is Controller of Personal Data and PartnerHero is Processor of Personal Data and for the avoidance of doubt and solely for the purposes of CCPA, the Parties acknowledge and agree that Customer is a Business and appoints PartnerHero as a Service Provider to process Personal Data of California residents on behalf of Customer. Processor shall collect, process and use Personal Data only within the scope of Controller’s instructions, except where and to the extent otherwise required by any applicable Data Protection Laws. If Processor believes that an Instruction of Controller infringes Data Protection Laws, it shall immediately inform Controller without delay. If Processor cannot process Personal Data in accordance with the Instructions due to a legal requirement under any applicable Data Protection Laws, Processor will (i) promptly notify Controller of that legal requirement before the relevant Processing to the extent permitted by Data Protection Laws; and (ii) cease all Processing (other than merely storing and maintaining the security of the affected Personal Data) until such time as Controller issues new instructions with which Processor is able to comply. If this provision is invoked, Processor will not be liable to Controller under the Agreement for any failure to perform the applicable services until such time as Controller issues new instructions in regard to the Processing.
B. Security. Processor shall take the appropriate technical and organizational measures to adequately protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data, described under Appendix 1 to the Standard Contractual Clauses.
C. Confidentiality. Processor shall ensure that any personnel whom Processor authorizes to process Personal Data on its behalf is subject to confidentiality obligations with respect to that Personal Data. The undertaking to confidentiality shall continue after the termination of the above-entitled activities.
D. Personal Data Breaches. Processor will notify Controller without undue delay, and at least within the time required by Data Protection Laws, after it becomes aware of any Personal Data Breach affecting any Personal Data. At Controller’s request, Processor will promptly provide Controller with all reasonable assistance necessary to enable Controller to notify relevant Personal Data Breaches to competent authorities and/or affected Data Subjects, if Controller is required to do so under the Data Protection Laws.
E. Deletion or Retrieval of Personal Data. Other than to the extent required to comply with Data Protection Laws, following termination or expiration of the Agreement, Processor will delete or return all Personal Data (including copies thereof) processed pursuant to this DPA. If Processor is unable to delete Personal Data for technical or other reasons, Processor will apply reasonable measures to ensure that Personal Data is blocked from any further Processing.
Controller shall, upon termination or expiration of the Agreement and by way of issuing an Instruction, stipulate, within a period of time set by Processor, the reasonable measures to return Personal Data or to delete stored Personal Data. Any additional cost arising in connection with the return or deletion of Personal Data after the termination or expiration of the Agreement shall be borne by Controller.
F. Data Protection Impact Assessments and Consultation with Supervisory Authorities. To the extent that the required information is available to Processor and Controller does not otherwise have access to the required information, Processor will provide reasonable assistance to Controller with any data protection impact assessments, and prior consultations with supervisory authorities or other competent data privacy authorities, which Controller reasonably considers to be required by Article 35 or 36 of the GDPR or equivalent provisions of any Data Protection Laws, in each case solely in relation to the processing of Personal Data.
Processor will provide reasonable assistance to Controller in responding to requests from Data Subjects to exercise their rights under applicable Data Protection Laws. If such request is made directly to Processor, Processor will promptly inform Controller and will advise Data Subjects to submit their request to Controller. Controller shall be solely responsible for responding to any Data Subjects’ requests.
Processor shall, in accordance with Data Protection Laws and in response to a reasonable written request by Controller, make available to Controller such information in Processor’s possession or control related to Processor’s compliance with the obligations of data processors under Data Protection Laws in relation to its Processing of Personal Data.
Controller may, at its sole cost and expense and upon written request with at least 30 days’ notice to Processor, during regular business hours and without interrupting Processor’s business operations, allow for a mutually agreed upon third-party auditor to conduct an inspection of Processor’s business operations solely to determine Processor's compliance with this DPA and the CCPA, provided that Controller shall not exercise this right more than once in a 12 month period.
Processor shall, upon Controller’s written request and on at least 30 days’ notice to Processor, provide Controller with all information necessary for such audit, to the extent that such information is within Processor’s control and Processor is not precluded from disclosing it by applicable law, a duty of confidentiality, or any other obligation owed to a third party.
A. Appointment of Sub-Processors. Controller acknowledges and agrees to (a) the engagement as Sub-Processors of Processor’s affiliated companies and the third parties listed, if any, at section (m) of Exhibit 1, and (b) that Processor and Processor’s affiliated companies respectively may engage third-party Sub-Processors in connection with the provision of the Software Services. Processor may add to or delete from the list of Sub-Processors at any time, and Controller’s consent shall extend to any third parties added thereto. For the avoidance of doubt, the above authorization constitutes Controller’s general authorization to the Sub-Processing by Processor for purposes of Clause 9(a), option 2 of the Standard Contractual Clauses.
Where Processor engages Sub-Processors, Processor will enter into a contract with the Sub-Processor that imposes on the Sub-Processor the same obligations that apply to Processor under this DPA. Where the Sub-Processor fails to fulfill its data processing obligations, Processor will remain liable to Controller for the performance of such Sub-Processors obligations.
Where a Sub-Processor is engaged, Controller must be granted the right to monitor and inspect the Sub-Processor’s activities in accordance with this DPA and Data Protection Laws, including to obtain information from Processor, upon written request, on the substance of the contract and the implementation of the data protection obligations under the Sub-Processing contract, where necessary by inspecting the relevant contract documents.
The provisions of this Section 7 shall mutually apply if Processor engages a Sub-Processor in a country outside the European Economic Area (“EEA”) or the United Kingdom ("UK"), not recognized by the European Commission or UK government, respectively, as providing an adequate level of protection for Personal Data. If, in the performance of this DPA, Processor transfers any Personal Data to a Sub-Processor located outside of the EEA or UK, Processor shall, in advance of any such transfer, ensure that a legal mechanism in respect of that Processing is in place.
B. Current Processor List and Notification or Objection to New Sub-Processors. If Processor intends to engage Sub-Processors other than the companies listed on the Sub-Processors list in Exhibit 1, section (m), Processor will notify Controller in writing. Upon receiving such notification, Controller may object to any Sub-Processors within 30 days after any addition. The objection must be based on reasonable grounds. If Processor and Controller are unable to resolve such objection, either Party may terminate the Agreement by providing written notice to the other Party.
A. Appointment of Sub-Processors. Controller acknowledges and agrees to (a) the engagement as Sub-Processors of Processor’s affiliated companies and the third parties listed, if any, at section (m) of Exhibit 1, and (b) that Processor and Processor’s affiliated companies respectively may engage third-party Sub-Processors in connection with the provision of the Software Services. Processor may add to or delete from the list of Sub-Processors at any time, and Controller’s consent shall extend to any third parties added thereto. For the avoidance of doubt, the above authorization constitutes Controller’s general authorization to the Sub-Processing by Processor for purposes of Clause 9(a), option 2 of the Standard Contractual Clauses.
Where Processor engages Sub-Processors, Processor will enter into a contract with the Sub-Processor that imposes on the Sub-Processor the same obligations that apply to Processor under this DPA. Where the Sub-Processor fails to fulfill its data processing obligations, Processor will remain liable to Controller for the performance of such Sub-Processors obligations.
Where a Sub-Processor is engaged, Controller must be granted the right to monitor and inspect the Sub-Processor’s activities in accordance with this DPA and Data Protection Laws, including to obtain information from Processor, upon written request, on the substance of the contract and the implementation of the data protection obligations under the Sub-Processing contract, where necessary by inspecting the relevant contract documents.
The provisions of this Section 7 shall mutually apply if Processor engages a Sub-Processor in a country outside the European Economic Area (“EEA”) or the United Kingdom ("UK"), not recognized by the European Commission or UK government, respectively, as providing an adequate level of protection for Personal Data. If, in the performance of this DPA, Processor transfers any Personal Data to a Sub-Processor located outside of the EEA or UK, Processor shall, in advance of any such transfer, ensure that a legal mechanism in respect of that Processing is in place.
B. Current Processor List and Notification or Objection to New Sub-Processors. If Processor intends to engage Sub-Processors other than the companies listed on the Sub-Processors list in Exhibit 1, section (m), Processor will notify Controller in writing. Upon receiving such notification, Controller may object to any Sub-Processors within 30 days after any addition. The objection must be based on reasonable grounds. If Processor and Controller are unable to resolve such objection, either Party may terminate the Agreement by providing written notice to the other Party.
In case of any conflict, this DPA shall take precedence over the regulations of the Agreement. Where individual provisions of this DPA are invalid or unenforceable, the validity and enforceability of the other provisions of this DPA shall not be affected.
Upon the incorporation of this DPA into the Agreement, the Parties are agreeing to the Standard Contractual Clauses (where and as applicable) and all appendices attached thereto. In the event of any conflict or inconsistency between this DPA and the Standard Contractual Clauses, the Standard Contractual Clauses shall prevail.
Where the Software Services involves the transfer of Personal Data that is subject to the Data Protection Laws and where (i) such Personal Data is transferred either directly or via onward transfer to countries that do not ensure an adequate level of protection within the meaning of the Data Protection Laws, and (ii) the Parties have agreed to the Standard Contractual Clauses, the following provisions apply
PartnerHero may engage the following Sub-Processors in the course of providing Software Services:
This Appendix forms part of the Standard Contractual Clauses. The Member States may complete or specify, according to their national procedures, any additional necessary information to be contained in this Appendix.PartnerHero (data importer) observes the security practices described in its set of security policies, which currently include:
These policies cover the following domains:
This Appendix forms part of the DPA and supplements the Standard Contractual Clauses, pursuant to the International Commissioner's Office decision of February 2, 2022.
Part 1: Tables