Data Processing Agreement (DPA) for The Multibot

Last updated: 12/05/2024

This Data Processing Agreement ("DPA") is part of the Terms of Service ("Agreement") between [Customer Name] ("Customer," "you," "your") and The Multibot ("the Software," "Processor," "we," "our," "us"). This DPA governs the processing of personal data that we perform on behalf of the Customer in connection with the provision of the Software, in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

1. Definitions

• Data Controller: The entity that determines the purposes and means of the processing of personal data.
• Data Processor: The entity that processes personal data on behalf of the Data Controller.
• Data Subject: Any identified or identifiable individual whose personal data is processed.
• Personal Data: Any information relating to an identified or identifiable individual.
• Processing: Any operation or set of operations performed on personal data, such as collection, storage, use, disclosure, or erasure.
• Sub-Processor: Any third party appointed by the Processor to process personal data on behalf of the Customer.

2. Roles and Responsibilities

Customer as Data Controller: The Customer acts as the Data Controller for all personal data processed through the Software. As Data Controller, the Customer is responsible for determining the legal basis for processing and ensuring compliance with applicable data protection laws.

The Multibot as Data Processor: The Multibot acts as the Data Processor and processes personal data on behalf of the Customer in accordance with this DPA and the Customer's instructions.

3. Types of Personal Data Processed

The Multibot processes the following types of personal data on behalf of the Customer:

• End-user data: Names, email addresses, reviews, feedback, video testimonials, and other information submitted through review requests or landing pages.
• Customer data: Names, email addresses, contact information, login credentials, and other business-related data.
• Usage data: IP addresses, device information, and data related to the usage of the Software.

4. Purpose of Processing

The Multibot processes personal data for the following purposes:

• Aggregating reviews from third-party platforms (e.g., Google, Facebook).
• Responding to reviews via artificial intelligence on behalf of the Customer.
• Sending review request campaigns and processing feedback.
• Sharing reviews through widgets and social media platforms.
• Performing analytics to track and enhance reputation management.
• Automating processes such as sending review requests.

5. Duration of Processing

The processing of personal data will continue for the duration of the Agreement unless otherwise required by law or requested by the Customer for data deletion.

6. Processor Obligations

The Multibot agrees to:

• Process data only under instructions from the Customer: We will process personal data only as necessary to provide the Software and in accordance with the Customer's documented instructions.
• Ensure confidentiality: We will ensure that all employees or contractors involved in processing personal data are subject to a duty of confidentiality.
• Implement security measures: We will implement appropriate technical and organizational measures to protect personal data from unauthorized access, loss, alteration, or disclosure.
• Assist the Customer: We will assist the Customer in fulfilling its obligations to respond to data subject requests (e.g., requests for access, rectification, deletion, or portability) and in ensuring compliance with applicable laws, including performing data protection impact assessments when required.
• Data breach notification: In case of a personal data breach, we will notify the Customer without undue delay after becoming aware of it and provide reasonable information and assistance.

" tabindex="0">

Data Processing Agreement (DPA) for The Multibot

Last updated: 12/05/2024

This Data Processing Agreement ("DPA") is part of the Terms of Service ("Agreement") between [Customer Name] ("Customer," "you," "your") and The Multibot ("the Software," "Processor," "we," "our," "us"). This DPA governs the processing of personal data that we perform on behalf of the Customer in connection with the provision of the Software, in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

1. Definitions

• Data Controller: The entity that determines the purposes and means of the processing of personal data.
• Data Processor: The entity that processes personal data on behalf of the Data Controller.
• Data Subject: Any identified or identifiable individual whose personal data is processed.
• Personal Data: Any information relating to an identified or identifiable individual.
• Processing: Any operation or set of operations performed on personal data, such as collection, storage, use, disclosure, or erasure.
• Sub-Processor: Any third party appointed by the Processor to process personal data on behalf of the Customer.

2. Roles and Responsibilities

Customer as Data Controller: The Customer acts as the Data Controller for all personal data processed through the Software. As Data Controller, the Customer is responsible for determining the legal basis for processing and ensuring compliance with applicable data protection laws.

The Multibot as Data Processor: The Multibot acts as the Data Processor and processes personal data on behalf of the Customer in accordance with this DPA and the Customer's instructions.

3. Types of Personal Data Processed

The Multibot processes the following types of personal data on behalf of the Customer:

• End-user data: Names, email addresses, reviews, feedback, video testimonials, and other information submitted through review requests or landing pages.
• Customer data: Names, email addresses, contact information, login credentials, and other business-related data.
• Usage data: IP addresses, device information, and data related to the usage of the Software.

4. Purpose of Processing

The Multibot processes personal data for the following purposes:

• Aggregating reviews from third-party platforms (e.g., Google, Facebook).
• Responding to reviews via artificial intelligence on behalf of the Customer.
• Sending review request campaigns and processing feedback.
• Sharing reviews through widgets and social media platforms.
• Performing analytics to track and enhance reputation management.
• Automating processes such as sending review requests.

5. Duration of Processing

The processing of personal data will continue for the duration of the Agreement unless otherwise required by law or requested by the Customer for data deletion.

6. Processor Obligations

The Multibot agrees to:

• Process data only under instructions from the Customer: We will process personal data only as necessary to provide the Software and in accordance with the Customer's documented instructions.
• Ensure confidentiality: We will ensure that all employees or contractors involved in processing personal data are subject to a duty of confidentiality.
• Implement security measures: We will implement appropriate technical and organizational measures to protect personal data from unauthorized access, loss, alteration, or disclosure.
• Assist the Customer: We will assist the Customer in fulfilling its obligations to respond to data subject requests (e.g., requests for access, rectification, deletion, or portability) and in ensuring compliance with applicable laws, including performing data protection impact assessments when required.
• Data breach notification: In case of a personal data breach, we will notify the Customer without undue delay after becoming aware of it and provide reasonable information and assistance.