CHILLIAPPS GDPR DATA PROCESSING ADDENDUM

Version Date: May 25, 2018.

This Data Processing Addendum (“DPA”) is an agreement between CHILLIAPPS Services (“The Platform,” “we,” “us,” or “our”) and you or the entity you represent (“Customer”, “you” or “your”). This DPA supplements the Privacy Policy and Terms of Service available at 'https://www.chilliapps.com/privacy, and https://www.chilliapps.com/terms, or other agreement between Customer and CHILLIAPPS governing Customer’s use of the Service (the “Agreement”) when the GDPR applies to your use of the CHILLIAPPS Services to perform the tasks that you configure on this Platform.


1. Data Processing.

1.1 This DPA applies when Customer Data is processed by CHILLIAPPS. In this context, CHILLIAPPS will act as “Data Processor” to Customer who may act either as “Controller” only for the purpose of providing the Services in accordance with documented instructions from you with respect to Customer Data (as each term is defined in the GDPR).

1.2 The Services provide Customer with a number of controls, including security features and functionalities, that Customer may use to create automated strategies with data provided by Customer. Customer may use these controls as technical and organizational measures to assist it in connection with its obligations under the GDPR.

1.3 Details of Data Processing.

1.3.1 Subject matter. The subject matter of the data processing under this DPA is Customer Data.

1.3.2 Duration. As between CHILLIAPPS and Customer, the duration of the data processing under this DPA is determined by Customer.

1.3.3 Purpose. The purpose of the data processing under this DPA is the provision of the Services initiated by Customer from time to time.

1.3.4 Nature of the processing: Compute, storage and such other Services provided by CHILLIAPPS.

1.3.5 Type of Customer Data: Customer Data uploaded to the Services under Customer’s CHILLIAPPS accounts.

1.3.6 Categories of data subjects: The data subjects may include Customer’s customers, employees, suppliers, and end-customers.

1.4 Each party will comply with all laws, rules and regulations applicable to it and binding on it in the performance of this DPA, including the GDPR.



2. Customer Instructions.

The parties agree that this DPA and the Agreement (including the provision of instructions via configuration tools such as the CHILLIAPPS management console) constitute Customer’s documented instructions regarding CHILLIAPPS processing of Customer Data (“Documented Instructions”). CHILLIAPPS will process Customer Data only in accordance with Documented Instructions.



3. Data Protection.

3.1 CHILLIAPPS will use strict security procedures to keep information safe in compliance with standard security requirements and will use only providers that are in compliance with security and privacy Requirements, including GDRP Requirements.

3.2 CHILLIAPPS will notify you if, in CHILLIAPPS opinion, your instruction for the processing of Personal Data infringes applicable Data Protection Legislation.

3.3. CHILLIAPPS will notify you promptly, to the extent permitted by law, upon receiving an inquiry or complaint from a Data Subject or Supervisory Authority relating to your use of our Services.

3.4 CHILLIAPPS will maintain an information security program (including the adoption and enforcement of internal policies and procedures) against accidental or unlawful loss, access or disclosure. Accordingly, we are committed to identifying reasonably foreseeable and internal risks to security and unauthorized access to the CHILLIAPPS services and minimize security risks, including through risk assessment and regular testing.

3.5 CHILLIAPPS will notify you promptly upon becoming aware of and confirming any accidental, unauthorized, or unlawful processing of, disclosure of, or access to the Personal Data.

3.6 If the Agreement is ended, CHILLIAPPS will promptly initiate the process to delete your Personal Data.



4. Miscellaneous.

4.1 In the event of any conflict or inconsistency between the provisions of the Agreement and this Addendum, the provisions of this Addendum shall prevail. For the avoidance of doubt and to the extent allowed by applicable law, any and all liability under this Addendum, including limitations thereof, will be governed by the relevant provisions of the Agreement. You acknowledge and agree that CHILLIAPPS may amend this Addendum from time to time by posting the relevant amended and restated Addendum on CHILLIAPPS website, available at https://www.chilliapps.com/dpa and such amendments to the Addendum are effective as of the date of posting. Your continued use of the Services after the amended Addendum is posted to CHILLIAPPS website constitutes your agreement to, and acceptance of, the amended Addendum. If you do not agree to any changes to the Addendum, do not continue to use the Service.

Save as specifically modified and amended in this Addendum, all of the terms, provisions, and requirements contained in the Agreement shall remain in full force and effect and govern this Addendum. If any provision of the Addendum is held illegal or unenforceable in a judicial proceeding, such provision shall be severed and shall be inoperative, and the remainder of this Addendum shall remain operative and binding on the parties.