<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=3209473&amp;fmt=gif">
Skip to content
English - United States
Contact us
  • There are no suggestions because the search field is empty.

Styku Data Processing Agreement — Controller-to-Controller Terms

Styku Data Processing Agreement — Controller-to-Controller Terms

Summary

When both Styku and the customer act as independent Controllers — such as when using Styku's enrichment products or Styku Tracking Code — each party is independently responsible for complying with applicable data protection laws. Both parties must ensure data is lawfully collected, adequately protected, and that data subject rights requests are fulfilled. Customers are specifically responsible for providing all required notices, consents, and opt-out mechanisms related to the Styku Tracking Code on their websites.

Full Policy Text

Scope This 'Controller-to-Controller Terms' section will apply to the extent that the parties Process Controller Personal Data in connection with Customer's uses of our enrichment products and the Styku Tracking Code.

Role of the Parties The parties acknowledge and agree that they act as Controllers of Controller Personal Data and will comply with their respective obligations under Data Protection Laws when Processing Controller Personal Data. For clarity, nothing in the Agreement or this 'Controller-to-Controller Terms' section shall restrict Styku in any way from collecting, using, or sharing data that Styku would otherwise Process independently of Customer's use of the Subscription Services, including our enrichment products.

Compliance with Laws Each party will ensure that the Controller Personal Data it shares or makes available to the other party has been collected in compliance with Data Protection Laws, including (i) providing adequate notices and obtaining any required consents from Data Subjects; (ii) establishing a lawful basis for its Processing of Controller Personal Data; (iii) implementing appropriate technical and organizational measures to protect Controller Personal Data; and (iv) complying with any reporting obligations concerning personal data breaches involving Controller Personal Data. As between the parties, Customer is responsible for providing all necessary notices, consents, and opt-out mechanisms for the use of the Styku Tracking Code, and ensuring that its website discloses the use of third-party tracking technology in compliance with Data Protection Laws. If a Data Subject contacts either party to exercise their rights under Data Protection Laws, the contacted party shall either fulfill the request directly or, if this is not feasible, promptly notify and coordinate with the other party to ensure the request is fulfilled in accordance with Data Protection Laws. Customer agrees to delete Enrichment Outputs (as defined under Styku's Product Specific Terms) if Customer determines that Customer does not have any independent lawful basis (or substantively similar terms) for Processing such data under Data Protection Laws.

Demonstration of Compliance If either party receives any complaint, notice, or communication from a supervisory authority or other governmental authority which relates to the other party's: (i) Processing of Controller Personal Data; or (ii) potential failure to comply with Data Protection Laws with respect to the Processing of Controller Personal Data, that party shall direct the supervisory authority or governmental authority to the other party and, in the case of intertwined obligations, claims, or Controller Personal Data at issue, shall provide reasonable assistance to the other party in responding to the supervisory authority or governmental authority.

Security We will implement and maintain reasonable security measures to protect Controller Personal Data. All Controller Personal Data is protected using appropriate physical, technical, and organizational measures.

CCPA Compliance To the extent that the CCPA applies to the Processing of Controller Personal Data, each party acknowledges and agrees that: (i) such Controller Personal Data is made available to the other party solely for the limited and specified purposes set forth in the Agreement; (ii) the party receiving such Controller Personal Data shall comply with and provide the same level of privacy protection as is required by the CCPA; (iii) the party receiving such Controller Personal Data shall promptly notify the other party if it determines it can no longer meet its obligations under the CCPA; and (iv) the party providing such Controller Personal Data shall have the right, upon reasonable notice, to take reasonable and appropriate steps to ensure that the receiving party uses the Controller Personal Data in a manner consistent with its obligations under the CCPA and stop and remediate unauthorized uses of the Controller Personal Data.

Applies to: All Styku customers