Data Processing Agreement

This Data Processing Agreement ("DPA") forms part of the Terms of Service between you ("Customer") and Monkee.cc ("Processor") and applies to the processing of personal data by Processor on behalf of Customer.

1. Definitions

The terms "Controller", "Processor", "Data Subject", "Personal Data", "Processing", "Appropriate Technical and Organizational Measures", and "Supervisory Authority" shall have the meanings given to them in applicable data protection laws, including the General Data Protection Regulation (GDPR).

2. Processing of Personal Data

2.1 Subject Matter and Duration. The subject matter of the processing is the provision of the AI-powered sales research services. The processing will continue for the duration of the agreement between Customer and Processor.

2.2 Nature and Purpose. Processor will process Personal Data as necessary to provide the services under the Terms of Service and as further instructed by Customer in its use of the services.

2.3 Types of Personal Data. Customer may submit Personal Data to the services, the extent of which is determined and controlled by Customer. This may include, but is not limited to:

• Contact information (name, email address, phone number, etc.)
• Professional information (job title, company, work history)
• Social media profiles and public professional information

2.4 Categories of Data Subjects. Customer may submit Personal Data to the services regarding the following categories of Data Subjects:

• Prospects and potential customers
• Business professionals
• Customer's employees and contractors (users of the service)

3. Processor Obligations

3.1 Processing Instructions. Processor will process Personal Data only on documented instructions from Customer, including with regard to transfers of Personal Data to a third country or an international organization.

3.2 Confidentiality. Processor will ensure that persons authorized to process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

3.3 Security Measures. Processor will implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

• The pseudonymization and encryption of Personal Data
• The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services
• The ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident
• A process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing

4. Sub-processors

4.1 Authorization. Customer provides a general authorization for Processor to engage sub-processors to process Personal Data. A current list of sub-processors is available upon request.

4.2 Changes to Sub-processors. Processor will inform Customer of any intended changes concerning the addition or replacement of sub-processors, thereby giving Customer the opportunity to object to such changes.

5. Data Subject Rights

Processor will assist Customer in fulfilling its obligation to respond to requests for exercising the Data Subject's rights under applicable data protection laws.

6. Data Protection Impact Assessment

Processor will provide reasonable assistance to Customer with any data protection impact assessments and prior consultations with Supervisory Authorities required under applicable data protection laws.

7. Return or Deletion of Data

At Customer's choice, Processor will delete or return all Personal Data to Customer after the end of the provision of services relating to processing and delete existing copies unless applicable law requires storage of the Personal Data.

8. Audit Rights

Processor will make available to Customer all information necessary to demonstrate compliance with the obligations set forth in this DPA and allow for and contribute to audits, including inspections, conducted by Customer or another auditor mandated by Customer.

9. Contact Information

For questions about this Data Processing Agreement, please contact:

Email: dpo@monkee.cc
Address: 123 AI Drive, San Francisco, CA 94104