This Data Processing Agreement (the “Agreement”) supplements the Terms of Service available at https://listcleanser.com/terms-of-service/ (the “Terms”) between the Client and FlameLab LLC (hereafter collectively referred to as the “Parties” or individually a “Party”).
By accepting the Terms, the Client enters into this Agreement on behalf of itself and, where applicable, on behalf of its Authorized Affiliates. For the purposes of this Agreement, the term “Client” includes both the Client and its Authorized Affiliates unless stated otherwise.
1. Definitions
In this Agreement, the following definitions apply:
“Authorized Affiliates” refers to any Client Affiliate that is subject to Data Protection Laws and permitted to use the Services under the Terms but has not entered into its own agreement with FlameLab LLC.
“Client” and “Controller” mean the entity that has entered into the Terms with FlameLab LLC.
“Client Data” and “Personal Data” refer to personal data submitted by the Client to the Services and processed by FlameLab LLC as a Processor, as specified in Section 4.
“Data Protection Laws” refer to applicable privacy, security, and personal information protection laws, including but not limited to the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), and other relevant regulations.
“Data Subject” has the meaning given to it in Article 4(1) of the GDPR.
“Processor” refers to FlameLab LLC, registered at 1204 Main St #906, Branford, CT 06405, USA.
“Services” refer to the email verification services provided by FlameLab LLC under the Terms.
The terms “Processing,” “Sub-Processor,” “Personal Data Breach,” and other similar terms have the meanings given to them by the applicable Data Protection Laws.
2. Subject Matter of the Agreement
This Agreement outlines the rights and obligations of the Parties regarding the processing of Client Data in connection with the Services, with FlameLab LLC acting as the Processor on behalf of the Client.
3. Scope, Nature, and Purpose of Processing
3.1 FlameLab LLC processes Client Data on behalf of the Client for the purpose of providing the Services, including enhancing, developing, and supporting the Services. Processing shall be conducted in accordance with applicable Data Protection Laws, the Terms, and this Agreement.
3.2 The Processing may involve activities such as collection, storage, retrieval, consultation, use, disclosure, deletion, or destruction of Personal Data.
3.3 The Client remains responsible for ensuring the lawfulness of the Processing and warrants that it has obtained all necessary consents and legal bases for Processing the Personal Data provided to FlameLab LLC. The Client shall also ensure that all Personal Data provided is accurate, lawful, and collected in compliance with the Data Protection Laws.
4. Categories of Personal Data
4.1 The Client determines the categories of Personal Data processed by FlameLab LLC. Typically, this includes email addresses and associated metadata submitted to the Services.
4.2 No special or sensitive categories of Personal Data will be processed under this Agreement unless expressly agreed upon by both Parties.
5. Categories of Data Subjects
5.1 Data Subjects may include the Client’s customers, prospects, and other individuals whose data is submitted for verification purposes by the Client through the Services.
6. Duration of Processing
6.1 FlameLab LLC shall process Client Data for the duration of the provision of Services or as otherwise agreed between the Parties.
6.2 Upon termination of the Services or at the Client's written request, FlameLab LLC will securely delete or anonymize all Client Data within 90 days unless a longer retention period is required by law. Upon request, confirmation of deletion will be provided to the Client.
7. Security Measures
7.1 FlameLab LLC will implement appropriate technical and organizational measures to ensure the security and confidentiality of Client Data, including:
- Secure storage with access control.
- Data encryption during transmission (e.g., SSL).
- Limited access to Client Data for authorized personnel only.
- DDOS protection and other security protocols.
7.2 FlameLab LLC may update these security measures as necessary, provided such updates do not materially reduce the security of the Services.
7.3 Documentation of these measures will be provided upon the Client’s request for audit purposes.
8. Data Subject Requests
8.1 If a Data Subject contacts FlameLab LLC regarding the exercise of their rights under applicable Data Protection Laws, and if the request concerns Processing performed on behalf of the Client, FlameLab LLC will notify the Client. FlameLab LLC will not respond directly to such requests unless authorized by the Client, except to inform the Data Subject that the request has been forwarded to the Client.
9. Processor's Further Obligations
9.1 The Processor will:
- Ensure confidentiality of the Personal Data processed and restrict access to authorized personnel.
- Provide reasonable assistance to the Client for responding to supervisory authorities and managing Data Subject rights requests.
- Maintain accurate records of Processing activities and, upon request, allow for an annual audit (or as required) conducted by the Client or an independent third-party auditor.
10. Sub-processors
10.1 The Client authorizes FlameLab LLC to engage Sub-processors for Processing Client Data. The current list of Sub-processors is available upon request.
10.2 FlameLab LLC will inform the Client of any intended changes to Sub-processors and allow the Client to object within 15 days. If the Client objects for legitimate reasons, FlameLab LLC may choose to either not engage the Sub-processor or to take corrective actions.
10.3 All Sub-processors are required to adhere to the same security and data protection obligations set forth in this Agreement.
11. Personal Data Breaches
11.1 In the event of a Personal Data Breach involving Client Data, FlameLab LLC will notify the Client without undue delay and cooperate to mitigate the breach.
11.2 FlameLab LLC will comply with all applicable laws regarding breach notification.
12. Data Transfers
12.1 Any transfer of Personal Data to third countries outside of the EU, UK, or Switzerland will only occur if such transfers comply with Data Protection Laws, including but not limited to the GDPR.
13. Notifications
13.1 If FlameLab LLC receives any legal request for access to Client Data, it will notify the Client unless prohibited by law.
14. Instructions
14.1 FlameLab LLC will process Personal Data only in accordance with the Client's documented instructions, including those set out in this Agreement and the Terms.
15. Limitation of Liability
15.1 FlameLab LLC's liability under this Agreement is subject to limitations outlined in the Terms. If no such limitations are specified, FlameLab LLC's liability for direct damages related to Processing is limited to twice the amount of fees paid by the Client in the previous calendar year.
16. Miscellaneous
16.1 Any amendments to this Agreement must be in writing and agreed upon by both Parties.
16.2 This Agreement takes precedence over any conflicting provisions in the Terms.
16.3 The Agreement remains effective as long as FlameLab LLC provides Services to the Client or until terminated.
16.4 The Parties will attempt to resolve any disputes through good faith negotiations. If unsuccessful, disputes will be resolved via binding arbitration.