Data Processing Agreement (DPA) for Intelo AI, Inc (Intelo)
This Data Processing Agreement (the “DPA”) constitutes a legally binding agreement between You and Us. You are required to read this DPA carefully as this DPA forms an integral part of the terms of use available and is applicable where We are the Processors of Your Personal Data.
1. Definitions
- “Customer Data” means all data, including but not limited to personally identifiable information (“PII”) of Customer’s personnel, customers, or other end users, that Intelo processes in connection with the Services.
- “User Data” means data that can identify the user this includes the name, email and basic profile details like profile picture, first name, last name..etc
- “Services” means the services provided by Intelo to Customer pursuant to a separate agreement between the parties.
2. Scope and Responsibilities
This DPA becomes effective upon You subscribing to the Services by agreeing to the Terms. It shall continue to be in full force and effect as long as Intelo is Processing Personal Data pursuant to the Terms and shall terminate automatically thereafter.
Where amendments are required to ensure compliance of this DPA or an Appendix with Data Protection Laws, the Parties shall make reasonable efforts to agree on such amendments upon Your request. Where the Parties are unable to agree upon such amendments, either party may terminate the Terms in accordance with the termination procedure contained therein.
3. Term and Termination
This DPA becomes effective upon You subscribing to the Services by agreeing to the Terms. It shall continue to be in full force and effect as long as Intelo is Processing Personal Data pursuant to the Terms and shall terminate automatically thereafter.
Where amendments are required to ensure compliance of this DPA or an Appendix with Data Protection Laws, the Parties shall make reasonable efforts to agree on such amendments upon Your request. Where the Parties are unable to agree upon such amendments, either party may terminate the Terms in accordance with the termination procedure contained therein.
4. Processing of Customer Data
- Intelo will only process Customer Data in accordance with the instructions of Customer and as necessary to perform the Services.
- Intelo will implement and maintain appropriate technical and organizational measures to protect the security and confidentiality of Customer Data such as encryption of data at rest.
- Intelo will not disclose Customer Data to any third party without Customer’s prior written consent, except as necessary to perform the Services or as required by law.
- Intelo will notify Customer promptly in the event of any unauthorized access to or disclosure of Customer Data.
- Customer data will only be read by automated processes and not humans unless needed for security purposes.
4.1 Google Analytics
Customers can choose to share Google Analytics data from their product with Intelo. In this case the data will be used to create report and insights on the usage patterns for each customer and as well as across customers
If customers share Google Analytics data with Intelo, Intelo’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
5. Processing of User Data
- Intelo will only process User Data to identify the users for login purposes and to personalize the application for each user.
- If the customer opts to use Single Sign-On (Eg: Login Via Google) for login we collect the user’s email and basic profile details to identify the user .
- Intelo will not disclose Data to any third party without User’s prior written consent, except as necessary to perform the Services or as required by law.
- Intelo will implement and maintain appropriate technical and organizational measures to protect the security and confidentiality of Data such as encryption of data at rest.
- Intelo will notify Customer promptly in the event of any unauthorized access to or disclosure of Data.
- User data will only be read by automated processes and not humans unless needed for security purposes.
6. Subprocessors
- Intelo may use subcontractors (“Subprocessors”) to process Customer Data. Intelo will only use Subprocessors that meet the same standards for security and confidentiality as Intelo.
- Intelo will provide Customer with a list of Subprocessors upon request.
- Intelo will enter into written agreements with Subprocessors that obligate the Subprocessors to comply with the terms of this DPA.
7.Data Transfers
- Customer Data will be stored and processed in the United States.
- Intelo will not transfer Customer Data outside of the United States without Customer’s prior written consent.
8. Data Deletion
Upon termination of Your Account, Intelo may delete all Customer Data, including Personal Data in accordance with the procedure set forth in the Terms. This requirement shall not apply to the extent that Intelo is permitted by applicable law to retain some or all of the Personal Data, in which event Intelo shall isolate and protect the Personal Data from any further processing except to the extent as required by such law.
9. Audits
- Customer has the right to audit Intelo’s compliance with this DPA on reasonable notice.
- Intelo shall, in accordance with Data Protection Laws, make available to You on request in a timely manner such information as is necessary to demonstrate compliance by Intelo with its obligations under the Data Protection Laws.
- Intelo undertakes to reasonably cooperate with You in its dealings with national data protection authorities and with any audit requests received from national data protection authorities.
9. Governing Law
This DPA will be governed by and construed in accordance with the laws of the State of Texas.
10. Entire Agreement.
This DPA constitutes the entire agreement between the parties with respect to the subject matter hereof and supersedes all prior or contemporaneous communications, representations, or agreements, whether oral or written.
11. Severability
If any provision of this DPA is held to be invalid or unenforceable, such provision will be struck and the remaining provisions will remain in full force and effect.