This Data Protection Addendum (the “Addendum”) forms part of and is incorporated by reference into the Attendify Terms of Service (the “Agreement”). This Addendum will only apply to the extent that the Applicable Data Protection Laws govern the Processing of Personal Data, and shall be effective as of the date Client agrees to the Agreement.
Except as modified below, the terms of the Agreement shall remain in full force and effect. With respect to provisions regarding Processing of Personal Data, in the event of a conflict between this Addendum and the Agreement, or any other agreement between the Parties, the provisions of this Addendum shall control.
Unless elsewhere defined herein, the capitalized terms used in this Addendum shall have the meaning specified in this Section 1 or otherwise as set forth in the Agreement.
“Applicable Data Protection Laws” shall mean, as applicable, (a) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”), and/or (b) the Federal Data Protection Act of 19 June 1992 (Switzerland).
“Attendify” means KitApps, Inc., d/b/a Attendify.
“Client” has the meaning ascribed to it in the Agreement, and shall include the individual signing up for the Services and/or agreeing to the Agreement on behalf of Client.
“Client Data” means Personal Data that is Processed by Company on behalf of Client in Company’s provision of the Services.
“Data Security Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unauthorized access to, Client Data transmitted, stored or otherwise Processed.
“Party” means each of Attendify and Client.
“Privacy Shield Principles” means the EU-US Privacy Shield Principles and the Swiss-US Privacy Shield Principles.
“Services” means the “Services” provided by Company to Client as defined in the Agreement.
“Subprocessor” means any third party (excluding any employee or subcontractor of Company) retained by or on behalf of Company to Process Client Data in connection with the Agreement.
“Technical and Organizational Measures” means security measures implemented by Company appropriate to the type of Personal Data being Processed and the Services being provided by Company to protect Personal Data against unauthorized or unlawful Processing and against accidental loss, destruction, damage, alteration or disclosure.
Additionally, as used in this Addendum, the terms “Data Controller”, “Data Processor”, “Data Subject”, “Processing” and “Personal Data” shall have the meanings ascribed to them in the Applicable Data Protection Laws.
To the extent permitted under applicable law, and notwithstanding anything else in the Agreement, the total liability of either Party towards the other Party under or in connection with this Addendum shall not exceed the aggregate sum of all amounts paid by Client to Company in the twelve (12) months immediately prior to the action or event forming the basis for such claim.
Should any provision of this Addendum be invalid or unenforceable, then the remainder of this Addendum shall remain valid and in force. The invalid or unenforceable provision shall be either (i) amended as necessary to ensure its validity and enforceability, while preserving the Parties’ intentions as closely as possible or, if this is not possible, (ii) construed in a manner as if the invalid or unenforceable part had never been contained therein.