This Data Processing Addendum (“Addendum”) forms part of the Privacy Policy available at https://promotionvault.com/privacy-policy/ (“Privacy Policy”) and applies to the extent Promotion Vault processes personal data in connection with its services.
By using Promotion Vault’s services, you agree to this Addendum, which reflects the parties’ agreement on the processing of personal data in compliance with applicable data protection laws.
1. Definitions
1.1. Data Controller: The entity that determines the purposes and means of processing personal data.
1.2. Data Processor: The entity that processes personal data on behalf of the Data Controller.
1.3. End User: An individual whose personal data is processed under this Addendum.
1.4. Recipient: The end user who logs into their Vault account and establishes a direct data relationship with Promotion Vault.
1.5. Data Protection Laws: All applicable privacy and data protection laws and regulations, including the General Data Protection Regulation (GDPR).
1.6. Services: The reward and engagement services provided by Promotion Vault.
2. Roles and Responsibilities
2.1. Joint Data Controller Relationship:
- Promotion Vault and its client act as joint data controllers when processing personal data for the purpose of enabling rewards and incentives with the consent of the End User.
2.2. Sole Data Controller Relationship:
- Upon the End User logging into their Vault account, Promotion Vault assumes the role of sole data controller and establishes a direct data usage relationship with the End User.
2.3. Responsibilities of Promotion Vault:
- Ensure compliance with applicable data protection laws as a joint and sole data controller.
- Maintain transparency in data usage through clear communication and adherence to the Privacy Policy.
- Implement appropriate technical and organizational measures to safeguard personal data.
2.4. Responsibilities of Clients:
- Obtain the End User’s consent for sharing personal data with Promotion Vault.
- Ensure data shared with Promotion Vault is accurate, lawful, and relevant for the intended processing.
3. Liability and Indemnity
3.1. Each party shall be responsible for its compliance with applicable data protection laws in its role as a data controller.
3.2. To the extent permitted by law, each party agrees to indemnify and hold the other party harmless from any damages, claims, or liabilities arising from the indemnifying party’s breach of its obligations under this Addendum.
3.3. Promotion Vault’s total liability for all claims under this Addendum will not exceed the amount paid by the client for the services in the twelve months preceding the claim.
4. Data Deletion Obligations
4.1. Upon termination of services, Promotion Vault will delete or anonymize all personal data processed on behalf of the client unless applicable laws require retention.
4.2. Clients must ensure their systems facilitate the removal of personal data upon request by the End User.
4.3. Promotion Vault will maintain a data retention policy aligned with its legal and business requirements.
5. Term and Termination
5.1. This Addendum remains in effect for the duration of the client’s use of Promotion Vault’s services.
5.2. Either party may terminate this Addendum upon 30 days’ written notice if the other party materially breaches its terms and fails to cure the breach within the notice period.
5.3. Upon termination, Promotion Vault will ensure the orderly deletion of all client-shared personal data, as outlined in Section 4.
6. Miscellaneous
6.1. In the event of any conflict between this Addendum and other agreements between the parties, this Addendum shall prevail with regard to data processing.
6.2. Any disputes under this Addendum shall be governed by the governing law and jurisdiction specified in the Privacy Policy.
7. Contact Information
For questions about this Addendum or Promotion Vault’s data processing practices, please contact:
Promotion Vault
Email: support@promotionvault.com
Address: 7339 E Williams Dr #27101 Scottsdale, AZ 85255
This Addendum is effective as of 01/28/2025.