Updated July 15, 2019
This Addendum (“DPA”) sets forth the European General Data Protection Regulation (“GDPR”) requirements and requirements under certain other Applicable Privacy Laws applicable to Personal Data Processed by Cordial Experience Inc. (“Cordial”) or by Cordial’s Subprocessors in connection with providing the Services.
Cordial and the entity signatory in the block below (“you” or “Client”) and, jointly with Cordial, the “Parties”) have entered into the “Master Services Agreement”, this DPA being integral part thereof (collectively, the “Agreement”) pursuant to which Cordial will provide services to you that may entail the Processing of Personal Data (“Services”). With respect to the Processing of the Personal Data (the duration, subject matter and purposes of which Processing, as well as the types of Personal Data Processed and categories of Data Subjects to whom the Personal Data relates, are described in the Agreement and any related service orders), for purposes of the GDPR, the relevant Client entity/ies that is/are the beneficiary/ies of our Services acts as a Controller and Cordial acts as Processor.
Annex A: PROCESSING INSTRUCTIONS
Categories of data subjects / Type of data | Subject matter and duration of processing | Nature and purpose of processing |
Category of data subjects: May include, among others your representatives and end users, such as your:
Type of data: All data relating to individuals provided to Cordial via the Services, by (or at the direction of) Client or by Client End Users. This may include:
|
Subject matter of processing is the following data:
Duration of the processing
|
Cordial is a provider who, on behalf of Client: Will process Client Personal Data for the purposes of providing the Services to Client in accordance with the Agreement Terms Purpose of the processing is:
|