Comment on page
Data Processing Addendum
Last updated: June 6, 2023
This Data Processing Addendum (“DPA”) amends and forms part of the written agreement between Customer and Artie Technologies Inc. (“Artie”) (collectively, “the parties”) for the provision of services to Customer (the “Agreement”). This DPA prevails over any conflicting term of the Agreement but does not otherwise modify the Agreement.
1.1. In this DPA:
“Data Protection Law” means all applicable laws, rules, regulations, and governmental requirements relating to the privacy, confidentiality, or security of Personal Data, as they may be amended or otherwise updated from time to time.
“Data Subject” means a natural person whose Personal Data is Processed.
“Deidentified Data” means data created using Personal Data that cannot reasonably be linked to such Personal Data, directly or indirectly.
“EEA” means the European Economic Area.
“GDPR” means Regulation (EU) 2016/679 (the “EU GDPR” or, where applicable, the “UK GDPR” as defined in section 3 of the DPA 2018.
“Personal Data” means any information that relates, directly or indirectly, to an identified or identifiable natural person that Artie may Process on Customer’s behalf in performing the services under the Agreement.
“Processing” (including its cognate "Process”) means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Security Incident” means a breach of security leading to the unauthorized or unlawful access by a third party, or confirmed accidental or unlawful destruction, loss or alteration, of Personal Data.
“Standard Contractual Clauses” means (i) Module 2 of the Standard Contractual Clauses for the transfer of Personal Data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and the Council approved by European Commission Implementing Decision (EU) 2021/914 of 4 June 2021, as currently set out at https://eurlex.europa.eu/eli/dec_impl/2021/914/oj (the “EU SCCs”), and (ii) where the UK GDPR applies, the EU SCCs as supplemented by the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses issued by the Commissioner under S119A(1) Data Protection Act 2018 (the “UK SCCs