Data Processing Addendum

Política de privacidad

Última actualización: 1 de enero de 2023

This Data Processing Addendum (“DPA”) forms part of the agreement between Cuemby LLC (“Company”) and the customer (“Client”) for the use of Cuemby’s products and services, including but not limited to the Master Services Agreement, the Terms of Service, or other applicable agreement (collectively, the “Agreement”).

Resumen de los puntos clave

“Data Protection Laws” means all applicable laws and regulations relating to the processing of Personal Data, including but not limited to the General Data Protection Regulation (EU 2016/679) (“GDPR”), the UK GDPR, the California Consumer Privacy Act (“CCPA”), the Brazilian General Data Protection Law (“LGPD”), and any similar or successor laws.

“Personal Data” means any information relating to an identified or identifiable natural person. “Processing”, “Processor”, “Controller”, “Data Subject”, and “Supervisory Authority” have the meanings given in the applicable laws.

2. Roles and Scope of Processing

The Client is the Controller and determines the purposes and means of the Processing of Personal Data. Cuemby acts as the Processor and will process Personal Data on behalf of the Client strictly in accordance with the documented instructions of the Client unless otherwise required by law.

3. ¿En qué bases legales nos basamos para procesar su información personal?

En algunos casos excepcionales, es posible que la ley aplicable nos permita procesar su información sin su consentimiento, incluidos, por ejemplo:

5. ¿Usamos cookies y otras tecnologías de seguimiento?

Podemos utilizar cookies y tecnologías de seguimiento similares (como balizas web y píxeles) para acceder a la información o almacenarla. En nuestro Aviso sobre cookies encontrará información específica sobre cómo utilizamos dichas tecnologías y cómo puede rechazar determinadas cookies.

6. Data Breach Notification

Cuemby shall notify the Client without undue delay after becoming aware of a Personal Data Breach. Such notification shall include details of the breach, measures taken or proposed, and any relevant mitigation steps.

7. International Transfers

Cuemby shall not transfer Personal Data to a country outside of the jurisdiction from which the data originated unless it ensures appropriate safeguards are in place in accordance with applicable Data Protection Laws (e.g., Standard Contractual Clauses).

8. Data Return and Deletion

Upon termination of the Services or at the request of the Client, Cuemby shall, at the choice of the Client, return or delete all Personal Data unless otherwise required by law.

9. Audit Rights and Cooperation

Cuemby shall make available information reasonably necessary to demonstrate compliance with this DPA and shall allow for audits or inspections by the Client or a mutually agreed third party, provided reasonable advance notice is given.

10. Contact and Miscellaneous

Cuemby’s primary contact for data protection matters is: elsa@cuemby.com.

This DPA shall remain in effect for the duration of the Agreement. In the event of conflict between the DPA and the Agreement, the DPA shall prevail with respect to data protection matters.