Last updated: May 11, 2021
This Joint Controllership Agreement (the “Agreement”) defines the regulation of the relationship between Snovio Inc. (the “Company”, “Snov.io”, “Snovio”, “we”, “us” or “our”) and Clients of the Company who use the Company’s services (the “Client”, “you” or “your”) regarding the processing of Prospects’ personal data provided by Client subject to reservation specified in section 5 hereunder.
In this Agreement, we did our best to explain in a clear and accessible way what exact Prospects’ personal data provided by the Clients we process, why and how we do that, and what are the consequences of those actions.
ALL CLIENTS OF THE COMPANY ARE REQUIRED TO READ THIS JOINT CONTROLLERSHIP AGREEMENT TO UNDERSTAND HOW COMPANY USES, PROCESSES AND STORES PROSPECTS’ PERSONAL DATA WHILE PROVIDING SERVICES TO THE CLIENTS.
“Joint controller” means the natural or legal person, public authority, agency or other body, which jointly with other controllers determines the purposes and means of the processing of personal data.
“Personal data” means any information relating to a data subject, namely an identified or identifiable natural personal.
“Prospect” means a third-party data subject whose personal data you provide to the Company.
“Services” means corporate email finding and verification services provided by Snovio to Clients.
“Platform” means collectively the website https://snov.io/, web and mobile application app Snov.io, API methods available by api.snov.io hostname.
“Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
“GDPR” means the regulation (EU) 2016/679 of the European Parliament and of the Council of the 27th of April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation);
“Profiling” means any automated profiling, namely any form of automated processing of personal data intended to evaluate certain personal aspects relating to a natural person, or to analyses or predict that person’s performance at work, economic situation, location, health, personal preferences, reliability, or behavior.
2.1. When processing personal data of Prospects, parties shall respect the obligations set forth in this Agreement and in the applicable laws and regulations.
2.2. Snovio and you are the joint controllers of the following personal data of Prospects:
2.3. Snovio and you are the joint controllers of the Prospects’ data regarding the storage of such personal data.
2.4. Parties jointly determined that purposes of the processing of the Prospects’ data are as follows:
2.5. Parties jointly determined that the Prospects’ data hereunder shall be processed by the means specified in Snovio’s Terms and Conditions incorporated by reference hereunder.
2.6. Snovio processes Prospects’ data on a basis of article 6(1)(f) of the GDPR and pursuant to the respective warranties specified in section 4 hereunder. Legitimate interests of Snovio, clients and Prospects are as follows:
2.7. Snovio has completed the balancing test and verified that the fundamental rights and freedoms of the Prospects that require protection of the Prospects ’personal data do not override the legitimate interests of Snovio, Clients and Prospects specified in clause 2.6 herein.
2.8. Snovio stores Prospects’ personal data for the entire period during which you use the Services and for 3 (three) months after the termination of the Client’s account on the Platform. However, Snovio may store particular Prospects’ data thereafter for the entire period during which other Clients use the Services if you and other Clients have simultaneously provided such Prospects’ data to Snovio, but in any case only as long as necessary to provide Services to you and other Clients hereunder.
3.1. Snovio may transfer Prospects’ personal data to its contractors located in third countries outside the EU, including the onward transfers of the personal data from the third countries to other third countries, inter alia in the USA.
3.2. Snovio may transfer Prospects’ personal data as specified in clause 3.1 afore to the following contractors:
|Name||Country of location||Website||Data transfer policy|
|Amazon Web Services||USA||https://aws.amazon.com/?nc2=h_lg||https://aws.amazon.com/privacy/?nc1=f_pr|
|Pipedrive||Republic of Estonia||https://www.pipedrive.com/en/gettingstarted||https://www.pipedrive.com/en/privacy#data-transfer-37|
|IP Quality Score||USA||https://www.ipqualityscore.com/||https://www.ipqualityscore.com/privacy-policy; https://www.ipqualityscore.com/data-processing-agreement|
|FastSpring||UK, USA and the Netherlands||https://fastspring.com/||https://fastspring.com/privacy/|
|2Checkout||USA and the Netherlands||https://www.2checkout.com/||https://www.2checkout.com/legal/data-privacy-provisions/ and https://www.2checkout.com/legal/privacy|
|Snovio’s outsource technical, legal, sales and marketing specialists||Ukraine, USA, Brazil, China||-||Non-disclosure agreements and Data Processing Agreement signed between Snovio and each outsource specialist.|
3.3. If so, Snovio may transfer Prospects’ personal data to its contractors located in third countries outside the EU, including the onward transfers of the personal data from the third countries to another third countries, only on a basis of the appropriate safeguards, namely standard data protection clauses between Snovio and its contractors. Such standard data protection clauses embodied in company’s public documents may be provided either by Snovio or by Snovio’s contractors.
3.4. Snovio undertakes appropriate technical and organizational measures to secure the transfer Prospects’ personal data to its contractors located in the third countries outside of the EU and onward, namely:
3.5. Snovio does not sell or trade personal data to any legal persons or individuals. Snovio DOES NOT use Profiling.
4.1. Each party undertakes to implement appropriate technical and organisational measures that complies with applicable laws and regulations designed to:
4.2. Each party ensures that the Prospects’ data is accurate and undertakes to notify the other Party with undue delay if it becomes aware of inaccuracies in the Prospects’ data.
4.3. You hereby represent and warrant that:
4.4. Snovio fully relies on the representations and warranties provided afore during the processing of the Prospects’ data as specified hereunder.
4.5. You agree to indemnify and hold harmless Snovio and each of its directors, officers, employees, contractors and any person, if any, who controls Snovio against any loss, liability, claim, damages or expense (including the reasonable cost of investigating or defending any alleged loss, liability, claim, damages, or expense and reasonable counsel fees incurred in connection therewith) arising, including without limitation by reason of:
5.1. Facebook and Snovio act as joint controllers regarding the collection of the personal data specified by the Applicable Product Terms and provision of the Clients’ emails to Facebook to customise the advertising of our services.
5.2. Facebook and Snovio act as joint controllers pursuant to Facebook joint controllership agreement provided at https://www.facebook.com/legal/controller_addendum.
6.1. Data subjects whose personal data are processed as specified hereunder may exercise the following rights:
6.2. Any data subject may exercise any of the rights provided above by sending a request to the e-mail address email@example.com or by contacting Snovio via the Platform’s chat window available at https://snov.io/. Any request of data subject must include name, contact information of the data subject, right which data subject wants to exercise, personal data processed by the Snovio/Client, details and reason/justification of such request.
6.3. Periods of fulfillment of data subjects’ requests (taking into account that periods start since the moment Snovio/Client receives the request) are as follows:
6.4. In some cases, a data subject has the right to lodge a complaint about the use of his/her personal data with a data protection authority. If so, the data subject shall contact his/her national data protection authority. Parties hereby represent and warrant to cooperate with the appropriate governmental authorities to resolve any privacy-related complaints that cannot be amicably resolved between data subject and any of the parties.
7.1. Parties will notify each other as soon as possible of any potential or actual loss of the Prospects' data and/or any breach of the technical and/or organizational measures taken, but, in any event, within 24 hours after identifying any potential or actual loss and/or breach.
7.2. Parties will provide each other with reasonable assistance as required to facilitate the handling of any Data Breach.
If the Prospect, data protection authority or any other person brings a dispute or claim concerning the processing of the Prospects' data against Snovio or both Parties, Parties will inform each other about such disputes or claims and will cooperate with each other as far as permitted by the applicable laws and regulations.
9.1. This Agreement shall commence on the date specified in the beginning of the Agreement and shall last for the entire period of provision of Services and processing of the Prospects’ data as specified hereunder.
9.2. The obligations set forth in this Agreement shall survive the expiration or termination (for whatever reason) of the Parties’ cooperation for as long as the processing of the Prospects’ data as specified hereunder will take place.
If any provision of this Agreement is null and void or cannot be otherwise enforced, the remaining provisions will remain in full force. Parties will then agree on a provision that approximates the scope of the void or unenforceable provision as much as possible.
11.1. All disputes relating to this Agreement, its execution and interpretation OR any Prospects’ data hereunder will be governed by the substantive law of the State of Delaware, USA.
11.2. All disputes relating to this Agreement, its execution and interpretation OR any Prospects’ data hereunder will be submitted to the competent courts in the State of Delaware, USA.
11.3. The following documents and policies constitute an integral part of this Agreement:
Snovio Inc., a Delaware company, company number 6896854;
Address: 220 East 23rd Street, 5th Floor, Office 500, New York, 10010 USA.
Data protection officer: firstname.lastname@example.org.