Data Exporter

Data Importer

Name

The Customer, as set out in the Order Form

Company

Address

The Customer’s address, as set out in the Order Form

982 Main Street, Suite 4-315, Fishkill, NY 12524

Contact person’s name, position and contact details

The Customer’s contact details, as set out in the Order Form

Activities relevant to the data transferred under these clauses

See Annex 1(B) below

See Annex 1(B) below

Signature and date

Role (controller/processor)

Controller

Controller

Categories of data subjects whose personal data is transferred

See Schedule 1 of this DPA

Categories of personal data transferred

See Schedule 1 of this DPA

Sensitive data transferred (if applicable)

See Schedule 1 of this DPA

(For sensitive data only: applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialised training), keeping a record of access to the data, restrictions for onward transfers or additional security measures.)

See Schedule 1 of this DPA

The frequency of the transfer (e.g. whether the data is transferred on a one-off or continuous basis).

See Schedule 1 of this DPA

Nature of the processing

See Schedule 1 of this DPA

Purpose(s) of the data transfer and further processing

See Schedule 1 of this DPA

The period for which the personal data will be retained, or, if that is not possible, the criteria used to determine that period

See Schedule 1 of this DPA

For transfers to (sub-) processors, also specify subject matter, nature and duration of the processing

See Schedule 1 of this DPA

Start Date:

The Parties

Data Exporter
(who sends the Restricted Transfer)

Data Importer
(who receives the Restricted Transfer)

Party Details

Full Legal Name:

Zipify, LLC

Trading Name (if different)

Trading Name (if different)

Main address (if a company registered address):

982 Main Street, Suite 4-315, Fishkill, NY 12524

Official registration number (if any) (company number or similar identifier):

Official registration number (if any) (company number or similar identifier):

Key Contact

Full Name (optional):

Full Name (optional):

Job Title:

Job Title:

Contact details including email:

Contact details including email:

Signature (if required for the purposes of Section 2)

Addendum EU SCCs

The version of the Approved EU SCCs which this Addendum is appended to, detailed below, including the Appendix Information:

Date:

Reference (if any): see Schedule 2 of this DPA

Other identifier (if any):

Or

the Approved EU SCCs, including the Appendix Information and with only the following modules or clauses or optional provisions of the Approved EU SCCs brought into effect for the purposes of this Addendum:

Module

Module in operation

Clause 7 (Docking Clause)

Clause 11 (Option)

Clause 9a (Prior Authorisation or General Authorisation)

Clause 9a (Time period)

Is personal data received from the Importer combined with personal data collected by the Exporter?

1

2

3

4

Annex I.A:

List of Parties: see Annex 1.A of Schedule 2 of this DPA.

Annex I.B:

Description of Transfer: see Annex I.B of Schedule 2 of this DPA

Annex II:

Technical and organizational measures including technical and organizational measures to ensure the security of the data: see Annex II of Schedule 2 of this DPA.

Annex III:

List of Sub processors (Modules 2 and 3 only): see Schedule 1 of this DPA.

Ending this Addendum when the Approved Addendum changes

Which Parties may end this Addendum as set out in Section 19:
☐ Importer
☐ Exporter
☒ neither Party

Addendum

This International Data Transfer Addendum which is made up of this Addendum incorporating the Addendum EU SCCs.

Addendum EU SCCs

The version(s) of the Approved EU SCCs which this Addendum is appended to, as set out in Table 2, including the Appendix Information.

Appendix Information

As set out in Table 3.

Appropriate Safeguards

The standard of protection over the personal data and of data subjects’ rights, which is required by UK Data Protection Laws when you are making a Restricted Transfer relying on standard data protection clauses under Article 46(2)(d) UK GDPR.

Approved Addendum

The template Addendum issued by the ICO and laid before Parliament in accordance with s119A of the Data Protection Act 2018 on 2 February 2022, as it is revised under Section 18.

Approved EU SCCs

The Standard Contractual Clauses set out in the Annex of Commission Implementing Decision (EU) 2021/914 of 4 June 2021.

ICO

The Information Commissioner.

Restricted Transfer

A transfer which is covered by Chapter V of the UK GDPR.

UK

The United Kingdom of Great Britain and Northern Ireland.

UK Data Protection Laws

All laws relating to data protection, the processing of personal data, privacy and/or electronic communications in force from time to time in the UK, including the UK GDPR and the Data Protection Act 2018.

UK GDPR

As defined in section 3 of the Data Protection Act 2018.