This Annex includes certain details of the Processing of Customer Personal Data by Bindbee in connection with the Services.
1. List of Parties
Name
Customer (as defined in the Agreement)
Address
As set forth in the relevant Order Form.
Contact person’s name, position and contact details
As set forth in the relevant Order Form.
Activities relevant to the data transferred under these Clauses
Recipient of the Services provided by Bindbee in accordance with the Agreement.
Signature and date
Signature and date are set out in the Agreement.
Role (controller/processor)
Controller
Categories of data subjects whose personal data is transferred
Customer’s authorized users of the Services
Categories of personal data transferred
Processed automatically by the Services:
- Names
- email IDs
Processed where and to the extent provided by Customer or its authorized users in connection with audit services provided by Bindbee:
- address
- date of birth
- past employment details
Sensitive personal data transferred
None
Frequency of the transfer
Continuous
Nature of the processing
Nature of the processing
The nature of the processing is more fully described in the Agreement and accompanying order forms but will include the following basic processing activities: The provision of Services to Customer. In order to provide people data, Bindbee receives identifying Customer Personal Data to permit Bindbee to query, cleanse, standardize, enrich, (when required) send to additional data to feed providers, and to store the query information.
The purpose of the transfer is to facilitate the performance of the Services more fully described in the Agreement and accompanying order forms.
For processing involving California consumers, please select the Business Purpose(s) for Processing Personal Data
☐ N/A
☐ Auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards
☒ Helping to ensure security and integrity to the extent the use of the consumer’s personal information is reasonably necessary and proportionate for these purposes
☒ Debugging to identify and repair errors that impair existing intended functionality.
☐ Short-term, transient use, including, but not limited to, nonpersonalized advertising shown as part of a consumer’s current interaction with the business, provided that the consumer’s personal information is not disclosed to another third party and is not used to build a profile about the consumer or otherwise alter the consumer’s experience outside the current interaction with the business
☒ Performing services on behalf of the business, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of the business.
☐ Providing advertising and marketing services, except for cross-context behavioral advertising, to the consumer provided that, for the purpose of advertising and marketing, a service provider or contractor shall not combine the personal information of opted-out consumers that the service provider or contractor receives from, or on behalf of, the business with personal information that the service provider or contractor receives from, or on behalf of, another person or persons or collects from its own interaction with consumers.
☒ Undertaking internal research for technological development and demonstration.
☒ Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business.
☒ To retain and employ another service provider or contractor as a subcontractor where the subcontractor meets the requirements for a service provider or contractor under CCPA.
☒ To build or improve the quality of the services it is providing to the business even if this Business Purpose is not specified in the written contract required by CCPA provided that Service Provider does not use the Customer Personal Data to perform Services on behalf of another person.
☒ To prevent, detect, or investigate data security incidents or protect against malicious, deceptive, fraudulent, or illegal activity, even if this Business Purpose is not specified in the written contract.
Period for which the personal data will be retained or criteria used to determine that period
The period for which the Customer Personal Data will be retained is more fully described in the Agreement, Addendum, and accompanying order forms.
Subprocessor transfers – subject matter, nature, and duration of processing
The subject matter, nature, and duration of the Processing more fully described in the Agreement, Addendum, and accompanying order forms.
Description of the technical and organisational security measures implemented by Bindbee as the data processor/data importer to ensure an appropriate level of security, taking into account the nature, scope, context, and purpose of the processing, and the risks for the rights and freedoms of natural persons.