California Privacy Addendum
California Privacy Addendum
Short version: Boast works to comply with all local and international security and privacy requirements. We understand that data security is paramount and under no circumstances would we voluntarily provide that information to any third party unless it is required by law or for us to deliver upon the services that you are expecting of Boast. We would never use or share any of the information that you have uploaded or collected utilizing Boast and have implemented safe guards and processes required by the California Consumer Privacy Act for you and your data’s protection.
The California Privacy Addendum (“CPA”) is an addendum to the Terms of Service Agreement between Boast and the Customer. Customer enters into this CPA on behalf of itself and any Authorized Partners (defined below).
During this business relationship Boast will need to access and process certain Personal Information in order to provide the Services to Customer. The Customer is a business subject to CCPA, and this CPA is concluded in order to ensure we meet our respective data protection obligations under the Applicable Data Protection Law.
The parties agree as follows:
“Partner” means an entity that directly or indirectly has partial or full ownership of an entity or similar interests.
“Applicable Data Protection Law” means the CCPA and implementing the regulations thereof.
“Consumer” means a natural person who is a California resident as defined in CCPA.
“Damage” means all liabilities, expenses, costs damages and losses suffered or incurred by the Customer arising out of this CPA and the Terms of Service agreement including breach of contract, tort (including negligence) and other common low, equitable or statutory cause of action.
“Personal Information” means information provided by Customer that identifies, relates to, describes, or is reasonably linked to a particular Consumer or household. Personal Information includes data elements listed in section 140(o)(1)(A)-(K) of CCPA.
“Services Agreement” means any product or services agreement including existing addenda thereto, between Customer and Boast that transfer Personal Information referenced to in this CPA.
“Service/Services” means the services and/or goods provided by Boast to Customer under the Services Agreement.
“Boast Security Standards” means security standards referenced in the Appendix B.
“Authorized Partner” means any Customer Partner(s) who are permitted or receiving the benefit of the Services in the Agreement.
“Services” means any product or service provided by Boast to Customer pursuant to and as more particularly described in the Agreement.
2. General Obligations of Boast
Notwithstanding anything to the contrary in the Services Agreement, the Parties agree as follows:
- Boast is acting solely as a Service Provider in terms of Personal Information
- Boast shall not sell Personal Information, retain, use or disclose Personal Information for any purpose other than the specified purpose of performing the Services.
- Boast will cooperate with Customer in connection with Consumer requests under the CCPA. Boast provides Customer with certain controls and features to manage their Personal Information. Should a Consumer directly contact Boast in regards to access, update, or deletion of his/her Personal Information; Boast will use reasonable efforts to forward such requests to the Customer. The Customer shall remain responsible for handling and responding to Consumer requests as required by Applicable Data Protection Law.
- In the event that a Consumer requests the removal of his/her Personal Information from Boast records and Boast is unable to delete the Personal Information for reasons permitted by the CCPA or required under applicable laws, Boast shall promptly inform the Customer of the reason(s). If a Consumer directly contacts Boast regarding Customers use of Personal Information; Boast retains the right to access Customer account data and make modifications including removal of Consumer data and notify Customer of such actions.
- Boast has implemented and will maintain reasonable security measures for the Boast Network including what is set form in Appendix B.
- The Parties agree that upon termination of the Services Agreement that Boast, at the request of the Customer, securely destroy all Personal Information in accordance with Applicable Data Protection Law and demonstrate to the satisfaction of the Customer that Boast has taken measures to remove the Personal Information. Boast shall notify Customer of any applicable laws, regulations, or reasons if Personal Information can not be removed to their satisfaction.
- Boast shall inform the Customer without delay of any security incident involving unauthorized access, theft, loss, or use of Personal Information.
3. Customer Obligations
If Boast collects any Personal Information directly from a Consumer on behalf of the Customer, before the Customer sells any such Consumer Personal Information, Customer shall contact the Consumer(s) directly to provide a notice that the Customer sells Personal Information and provide the Consumer with a notice of the right to opt-out in accordance with CCPA and Applicable Data Protection Law.
The total liability of Boast (and its respective employees, directors, offices, Partners, successors, and assigns), arising from or relating to this CPA, whether in contract, torn, or other theory of liability shall not, when taken together in aggregate, exceed the lesser of: (a) the limitation of liability for aggregate or direct Damages set forth in the Services Agreement and (b) total amount paid to Boast by the Customer for Services (c) one hundred thousand dollars.
- Boast’s obligations under this CPA shall continue so long as the Services Agreement is effective.
- The jurisdiction of this CPA shall be deemed by the jurisdiction of the Services Agreement.
- This CPA, Services Agreement, and Addendums represent the entire agreement between the Parties. In the event of a conflict between the terms of the CPA and the terms of the Service Agreement, the terms of the CPA shall govern.
- If any provision of this CPA is held invalid or unenforceable, the remaining provisions shall remain in effect.
- Boast agrees to comply with Applicable Data Protection Law and shall reasonably cooperate with Customer regarding compliance and future requirement changes.
- This CPA is binding upon successors and assigns of the Parties.
Appendix A – Boast Sub-processors
Available upon request
Appendix B – Boast Security Measures
Available upon request