Kaliper logo

A-Launch LLC Data Processing Addendum (DPA)

This Data Processing Addendum ("DPA") forms part of the Agreement (as defined in the Service Terms) between A-Launch LLC, located at 490 Post St, Ste 500 PMB 2050, San Francisco, CA 94102 ("A-Launch" or "Processor"), and the Customer identified in the Order Form ("Customer" or "Controller"). This DPA governs the Processing of Personal Data in compliance with applicable Data Protection Laws, including the General Data Protection Regulation (GDPR), UK GDPR, and California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA).

Capitalized terms not defined here have the meanings in the Service Terms or Data Protection Laws. In case of conflict, this DPA prevails over the Service Terms for Personal Data Processing.

1. Definitions

  • "Controller": Customer, who determines the purposes and means of Processing Personal Data.
  • "Data Protection Laws": GDPR, UK GDPR, CCPA/CPRA, and other applicable privacy laws.
  • "Data Subject": An individual whose Personal Data is Processed.
  • "Personal Data": Information relating to a Data Subject Processed by A-Launch for Customer, such as contact details, call data, or usage data.
  • "Personal Data Breach": Unauthorized access, loss, or disclosure of Personal Data.
  • "Processor": A-Launch, Processing Personal Data on Customer's behalf.
  • "Processing": Any operation on Personal Data, like collection, storage, or deletion.

2. Roles and Processing

2.1 Roles. Customer is the Controller, and A-Launch is the Processor acting on Customer's instructions.

2.2 Processing Details. A-Launch Processes Personal Data to provide Platform Services (e.g., call tracking, predictive bidding) as described in the Service Terms and Order Form.

2.3 Instructions. A-Launch will Process Personal Data only per Customer's instructions in the Agreement or as needed to provide Platform Services, unless required by law (with prior notice to Customer, if permitted).

2.4 CCPA/CPRA. A-Launch will not: (i) Sell or Share Personal Data; (ii) use or disclose it beyond the Platform Services; or (iii) combine it with other data, except as allowed by CCPA/CPRA.

3. A-Launch's Obligations

3.1 Compliance. A-Launch will comply with Data Protection Laws.

3.2 Security. A-Launch will use industry-standard security measures (e.g., encryption, access controls) to protect Personal Data.

3.3 Confidentiality. A-Launch's personnel are bound by confidentiality obligations.

3.4 Data Subject Requests. A-Launch will notify Customer of Data Subject requests (e.g., access, deletion) and assist Customer in responding, as required by law.

3.5 Breach Notification. A-Launch will notify Customer within 48 hours of a Personal Data Breach and assist in mitigating it.

3.6 Assistance. A-Launch will help Customer with data protection impact assessments or regulatory consultations, as needed.

3.7 Data Return or Deletion. Upon Agreement termination, A-Launch will delete or return Personal Data, unless required to keep it by law.

3.8 Audits. A-Launch will provide information to demonstrate compliance and allow Customer audits (at Customer's expense) once per year during business hours, with reasonable notice.

4. International Data Transfers

If Personal Data is transferred from the EEA, UK, or Switzerland to a non-adequate country, A-Launch will comply with applicable transfer mechanisms (e.g., Standard Contractual Clauses) and notify Customer.

5. Liability

Liability is governed by Section 12 of the Service Terms. Each party will indemnify the other for DPA breaches, per Section 11 of the Service Terms.

6. General

6.1 Duration. This DPA applies as long as A-Launch Processes Personal Data.

6.2 Governing Law. Governed by California law, per Section 16.3 of the Service Terms.

6.3 Notices. Sent per Section 17 of the Service Terms.

6.4 Updates. A-Launch may update this DPA to comply with Data Protection Laws, with notice to Customer.