This Data Processing Agreement (DPA) is entered into as of the date of acceptance by the User (the "Effective Date") and governs the processing of personal data between Collars Inc. Ltd ("Collars", "Data Processor") and the User ("Data Controller") under the terms of this agreement.
This DPA is intended to comply with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Lei Geral de Proteção de Dados (LGPD).
1. Definitions
For the purposes of this agreement, the following definitions apply:
- "Personal Data": Any information relating to an identified or identifiable natural person.
- "Processing": Any operation or set of operations performed on Personal Data, including but not limited to collection, storage, use, disclosure, and deletion.
- "Data Controller": The entity that determines the purposes and means of the processing of Personal Data.
- "Data Processor": The entity that processes Personal Data on behalf of the Data Controller.
- "Data Subject": The identified or identifiable individual to whom the Personal Data relates.
- "Sub-Processor": A third party engaged by the Data Processor to process Personal Data on its behalf.
2. Data Processing Scope
2.1 Role of Collars (Data Processor):
Collars will process Personal Data on behalf of the Data Controller for the purposes of providing the services described in the Broadcast Packs, including but not limited to content posting, customer communications, and analytics. Collars is only authorized to process Personal Data in accordance with the instructions provided by the Data Controller.
Collars will process Personal Data on behalf of the Data Controller for the purposes of providing the services described in the Broadcast Packs, including but not limited to content posting, customer communications, and analytics. Collars is only authorized to process Personal Data in accordance with the instructions provided by the Data Controller.
2.2 Personal Data Processed:
Collars processes the following categories of Personal Data:
Collars processes the following categories of Personal Data:
- Contact Information (e.g., name, email address, phone number)
- Relation to animals (e.g., pet type, pet care details)
- Behavioral Data (e.g., browsing data, cookies)
- Transactional Data (e.g., purchase details, payment details processed via third-party services)
- Feedback and reviews submitted via WhatsApp
2.3 Purpose of Processing:
The Personal Data will be processed for the following purposes:
The Personal Data will be processed for the following purposes:
- To provide services related to the Broadcast Packs (e.g., posting content, engaging with users).
- To communicate with users (e.g., marketing, customer support).
- To perform analytics and improve services.
3. Responsibilities of the Data Controller
3.1 Compliance with Laws:
The Data Controller is responsible for ensuring that the Personal Data it provides to Collars is compliant with applicable data protection laws, including obtaining any necessary consent from Data Subjects.
The Data Controller is responsible for ensuring that the Personal Data it provides to Collars is compliant with applicable data protection laws, including obtaining any necessary consent from Data Subjects.
3.2 Data Subject Rights:
The Data Controller is responsible for ensuring that Data Subjects are informed of their rights and may exercise their rights to access, correct, delete, or restrict the processing of their Personal Data. The Data Controller will handle requests from Data Subjects directly, and Collars will assist in responding to such requests as necessary.
The Data Controller is responsible for ensuring that Data Subjects are informed of their rights and may exercise their rights to access, correct, delete, or restrict the processing of their Personal Data. The Data Controller will handle requests from Data Subjects directly, and Collars will assist in responding to such requests as necessary.
3.3 Accuracy of Data:
The Data Controller will ensure that the Personal Data provided to Collars is accurate, complete, and up-to-date.
The Data Controller will ensure that the Personal Data provided to Collars is accurate, complete, and up-to-date.
4. Responsibilities of Collars (Data Processor)
4.1 Processing Personal Data:
Collars agrees to process Personal Data only on the documented instructions of the Data Controller, unless required to do otherwise by applicable law.
Collars agrees to process Personal Data only on the documented instructions of the Data Controller, unless required to do otherwise by applicable law.
4.2 Data Security:
Collars will implement appropriate technical and organizational measures to ensure the security of Personal Data, including encryption, access control, and data backup. Collars will ensure that employees or contractors who process Personal Data are subject to confidentiality obligations.
Collars will implement appropriate technical and organizational measures to ensure the security of Personal Data, including encryption, access control, and data backup. Collars will ensure that employees or contractors who process Personal Data are subject to confidentiality obligations.
4.3 Sub-Processors:
Collars may engage third-party sub-processors to process Personal Data. Collars will ensure that any sub-processor engaged is bound by a written agreement that imposes equivalent data protection obligations as those set forth in this DPA. A list of approved sub-processors will be provided to the Data Controller upon request.
Collars may engage third-party sub-processors to process Personal Data. Collars will ensure that any sub-processor engaged is bound by a written agreement that imposes equivalent data protection obligations as those set forth in this DPA. A list of approved sub-processors will be provided to the Data Controller upon request.
4.4 Data Breach Notification:
In the event of a data breach affecting Personal Data, Collars will notify the Data Controller without undue delay. Collars will provide the Data Controller with the necessary information to assist with the breach investigation and any notifications to Data Subjects or regulatory authorities as required by law.
In the event of a data breach affecting Personal Data, Collars will notify the Data Controller without undue delay. Collars will provide the Data Controller with the necessary information to assist with the breach investigation and any notifications to Data Subjects or regulatory authorities as required by law.
4.5 Data Retention:
Collars will retain Personal Data for as long as is necessary to provide the services under the agreement with the Data Controller or as required by law. Personal Data will be securely deleted or anonymized after the retention period.
Collars will retain Personal Data for as long as is necessary to provide the services under the agreement with the Data Controller or as required by law. Personal Data will be securely deleted or anonymized after the retention period.
5. Data Subject Rights
5.1 Access, Rectification, Deletion:
Collars will assist the Data Controller in fulfilling Data Subject requests to access, rectify, or delete their Personal Data. The Data Controller may contact dataofficer@joincollars.com to request such actions.
Collars will assist the Data Controller in fulfilling Data Subject requests to access, rectify, or delete their Personal Data. The Data Controller may contact dataofficer@joincollars.com to request such actions.
5.2 Data Portability:
The Data Controller may request that Personal Data be transferred to another service provider, in which case Collars will provide the data in a structured, commonly used, and machine-readable format.
The Data Controller may request that Personal Data be transferred to another service provider, in which case Collars will provide the data in a structured, commonly used, and machine-readable format.
6. Data Transfers
6.1 International Data Transfers:
If Personal Data is transferred outside the jurisdiction of the Data Controller (e.g., from the EU to the US), Collars will ensure that such transfers are conducted in accordance with applicable data protection laws, including the use of Standard Contractual Clauses (SCCs) or other approved mechanisms to safeguard the data.
If Personal Data is transferred outside the jurisdiction of the Data Controller (e.g., from the EU to the US), Collars will ensure that such transfers are conducted in accordance with applicable data protection laws, including the use of Standard Contractual Clauses (SCCs) or other approved mechanisms to safeguard the data.
7. Audits and Inspections
7.1 Right to Audit:
The Data Controller has the right to conduct audits or inspections of Collars' data processing activities to ensure compliance with this DPA. Collars agrees to provide access to relevant records and cooperate in any audits conducted by the Data Controller.
The Data Controller has the right to conduct audits or inspections of Collars' data processing activities to ensure compliance with this DPA. Collars agrees to provide access to relevant records and cooperate in any audits conducted by the Data Controller.
8. Liability
8.1 Data Controller Liability:
The Data Controller shall be liable for any damages resulting from its failure to comply with applicable data protection laws or its failure to provide accurate, complete, or lawful instructions to Collars.
The Data Controller shall be liable for any damages resulting from its failure to comply with applicable data protection laws or its failure to provide accurate, complete, or lawful instructions to Collars.
8.2 Collars Liability:
Collars will be liable for any damages resulting from its breach of this DPA, including any failure to comply with the security and confidentiality requirements or failure to notify the Data Controller of a data breach.
Collars will be liable for any damages resulting from its breach of this DPA, including any failure to comply with the security and confidentiality requirements or failure to notify the Data Controller of a data breach.
9. Governing Law
This DPA shall be governed by and construed in accordance with the laws of the United Kingdom. Any disputes arising under or in connection with this agreement will be resolved under the jurisdiction of UK courts.
10. Contact Information
For any inquiries regarding this agreement or data processing practices, please contact:
Collars Data Officer
Email: dataofficer@joincollars.com
Email: dataofficer@joincollars.com
Acceptance:
By engaging with Collars’ services, the Data Controller acknowledges and agrees to the terms set forth in this Data Processing Agreement.
By engaging with Collars’ services, the Data Controller acknowledges and agrees to the terms set forth in this Data Processing Agreement.