Trust Network Agreement

Our Trust Network brings together multiple organizations to securely share insights into both fraudulent and trusted transactions – enabling earlier, broader, and more accurate detection of fraud patterns than any one participant could achieve alone.

The Trust Network is provided at no additional cost to You and other Members of our Trust Service, allowing members to fight fraud and abuse together without exposing Personal Data to
other Trust Network Members.

Members provide details about each interaction with their customers or users. This information is then analyzed and used to benefit participants with broader coverage of signals and more accurate scores in the Trust Service.

This Trust Network Agreement (the “Network Agreement”) is effective as of the date (the “Network Agreement Effective Date”) (i) You accept the related Terms of Service between You (“You”, or “Customer”) and Pipl Inc., (“Pipl”), or (ii) as of the effective date of such other written agreement executed by You and Pipl for the provision of the Service by Pipl to You (such Terms of Service, MSA or other Service Agreement) (the “TOS”), whichever is earliest. Each of Customer and Pipl shall be referred to herein as a “Party” and together, the “Parties.”

The Parties hereby agree that: (i) this Network Agreement is hereby incorporated into and forms a part of the TOS; (ii) this Network Agreement shall be included and added to the TOS as a Network Agreement to the TOS; and (iii) references in this Network Agreement to the TOS are to the TOS as amended by, and including, this Network Agreement.

TRUST NETWORK

1) GRANT OF LICENSES

1.1 Subject to the conditions set forth in Sections 1.1 and 1.2 of this Network Agreement, Customer hereby grants to Pipl a royalty-free, worldwide (excluding jurisdictions prohibited by the United States government), non-exclusive, irrevocable license to use, reproduce, modify, translate and create derivative works from the Customer Data or Metadata solely for:

(a) processing the Customer Data or Metadata (as defined below in “Definitions” section), including (i) computation and analysis of Customer Data or Metadata, either alone or with other data, (ii) using and processing Customer Data or Metadata to create Analytics;
(b) sharing relevant Analytics when providing the Service to other Trust Network Members for the Permitted Purpose; and/or
(c) any other purpose mutually agreed by the Parties in writing.

Notwithstanding anything to the contrary, Pipl shall own the Analytics and Customer agrees that these rights, including without limitation the license grant in this Section, will survive any termination or expiration of this Network Agreement. Pipl shall not have the right to provide any Customer Personal Data to any other Pipl Trust Network Member or any third party - it may only provide Analytics.

1.2 Subject to the conditions set forth in Sections 3.1 and 3.3 of this Network Agreement, Pipl hereby grant(s) to Customer a royalty-free, worldwide (excluding jurisdictions prohibited by the United States government), non-exclusive license to use the Pipl Data and the Service for the Permitted Purpose.

1.3 Customer acknowledges that the option to disable retention of Query Records (the Detailed Log Disabled) cannot be implemented for Trust Network Members.

1.4 Customer acknowledges that Pipl may provide Trust Network trial access for limited periods of time to trial customers who are not (yet) Trust Network Members.

1.5 Except for these rights and licenses expressly granted, no other rights of any nature whatsoever are granted or should be implied. As between the Parties, Customer shall retain all title and ownership in the Customer Data, and Pipl shall retain all right and ownership in the Pipl Data and Service.

2) TERM AND TERMINATION

2.1 Term. This Network Agreement shall commence and become valid as of the Network Agreement Effective Date, and shall continue for as long as the TOS or applicable Service Order remains in effect, unless this Network Agreement is terminated earlier as set forth hereunder (the “Term”). This Network Agreement shall automatically terminate upon termination of the TOS.

2.2 Mutual Termination. Either Party may terminate this Network Agreement: (i) immediately by written notice to the other Party for actual breach of confidentiality or applicable Law; (ii) if either Party fails to cure within thirty (30) days of its receipt of written notice thereof of any material breach of any of the provisions of this Network Agreement; (iii) immediately upon written notice if a Party becomes the subject of any proceedings under local, state, provincial, federal or other applicable law for the relief of debtors or otherwise becomes insolvent, or bankrupt, or makes assignments for the benefit of creditors; and/or (iv) for convenience upon thirty (30) days’ prior written notice.

2.3 Termination by Pipl. Pipl may, at any time, terminate this Network Agreement at its discretion with reasonable prior notice to Customer if: (i) Pipl is required to do so by law (for example, due to change to the law governing the provision of the Service); (ii) providing access as a Network Member could create an unjustified economic burden, or use of the Service as a Network Member does not align with Pipl’s policies or standards as determined by Pipl in its reasonable good faith judgment; and/or (iii) providing access as a Network Member could create a security risk or unjustified technical burden as determined by Pipl in its reasonable good faith judgment.

2.4 Effect of Termination. Upon the termination/expiration of the TOS, or the applicable Service Order, or this Network Agreement for any reason:
(a) the licenses granted in Section 1.2 shall immediately terminate;

(b) Customer shall delete all data whatsoever received from the Service within sixty (60) days of termination or expiration and shall otherwise cease to use the Pipl Data.

Pursuant to section 6.2.4 below, Pipl shall delete all Customer Personal Data within 15 days of the Termination of this Trust Network Agreement. For the sake of clarity, Pipl shall have the right to retain Metadata for as long as necessary to perform its obligations to other Trust Network Members.

3) REPRESENTATIONS, WARRANTIES AND ADDITIONAL OBLIGATIONS

3.1 Mutual.
(a) Each Party represents and warrants to the other Party that the execution and performance of this Network Agreement by it shall not conflict with or violate any applicable law, rule, regulation, or governmental order and shall not breach any agreement, covenant, court order, judgment or decree to which it is a party or by which it is bound.

3.2 Customer.
(a) Customer shall not submit to Pipl any (sensitive) data that is protected under a special legislation and requires a unique treatment, including, without limitations, (i) categories of data enumerated in Article 9(1) of the GDPR, or any similar legislation or regulation in other jurisdiction; and (ii) any protected health information subject to the Health Insurance Portability and Accountability Act, as amended and supplemented, or any similar legislation in other jurisdiction.

(b) Customer shall comply with all applicable Data Protection Laws in connection with the performance of this Network Agreement, and Customer shall provide all required consumer notices and disclosures and, where required, secure consents, in connection with the grant of rights set forth in Section 1. Customer shall be responsible for providing notice to users that Customer provides Personal Data to Pipl for the Permitted Purpose. Such notice may include a link to Pipl’s privacy policy (https://pipl.com/resources/privacy-documents/privacy-policy).

(c) Customer shall maintain privacy policies and terms and conditions with its prospective customers and customers (the “Customer Commitments”) that are compliant with its obligations and Applicable Laws and permit the use and sharing of Customer Data as set forth in Section 1.

3.3 Pipl.

(a) Pipl shall use commercially reasonable efforts to secure the right to license to Customer, in accordance with the license rights set forth in this Network Agreement, all Pipl Data.

(b) Obligations Under the CCPA (to the extent applicable). To the extent that the CCPA applies, Pipl shall be deemed as the Service Provider of the Customer, and accordingly:

1) Pipl shall not Sell Customer Personal Data (as the term “Sell”) is defined under the CCPA.
2) Pipl is prohibited from retaining, using, or disclosing Customer Personal Data for commercial purpose other than providing the Services to Customer under the TOS and from retaining, using, or disclosing Personal Data outside of the TOS.
3) Pipl understands its obligations under this Clause 3.3 and will comply with them.

(c) Pipl shall not provide a Trust Network Member’s Personal Data to any other Trust Network Member or any third party - it may only provide Analytics.

TRUST NETWORK DATA PROCESSING TERMS

4) ROLES OF THE PARTIES

4.1 The Parties acknowledge and agree that with regard to the Processing of Customer Personal Data, and as more fully described in Annex 1 hereto, Customer acts as a Controller or Processor, and Pipl acts as a Processor or Other Processor (as defined in section 6.2 below). The Parties expressly agree that Customer shall be solely responsible for ensuring timely communications to Customer’s Affiliates or the relevant Controller(s) who receive the Services, insofar as such communications may be required or useful in light of applicable Data Protection Laws to enable Customer’s Affiliates or the relevant Controller(s) to comply with such Laws.

4.2 The Parties further acknowledge that with regard to the Processing of Customer Personal Data to be used in the Network Customer is an independent controller, and with the Processing of Metadata Pipl is an independent controller of Personal Data, pursuant to this Network Agreement.

4.3 Where Customer is a controller – the Parties shall be deemed to enter into the Controller to Processor Standard Contractual Clauses (Module Two); where Customer is a processor – the Parties shall be deemed to enter into the Processor to Processor Standard Contractual Clauses (Module Three). In such cases the Parties’ agreed interpretation of their respective obligations under Module Two or Module Three of the Standard Contractual Clauses (as applicable). The Parties further agree that for the purpose of transfer of Personal Data between the Customer (Data Exporter) and Pipl (Data Importer), the following shall apply: (i) Clause 7 – shall not be applicable; (ii) Clause 9 – option 2 shall apply, time period shall be thirty (30) days; (iii) Clause 11 – data subjects shall not be able to lodge a complaint with an independent dispute resolution body; (iv) Clause 17 – option 1 shall apply, the Parties agree that the clauses shall be governed by the law of the state of Ireland, within the EU; (v) Clause 18(b) – the Parties choose the courts of the state mentioned in section C of Annex I below; the Parties shall complete Annexes I and II, which are incorporated in the Standard Contractual Clauses.

4.4 Where Customer and Pipl are independent controllers, the Parties hereby enter into the Standard Contractual Clauses for Transfers of Personal Data to Third Parties, Module 1 (“Clauses”), expressly incorporated by reference. The Parties agree that the Clauses shall be interpreted as follows: (i) Clause 7 – Docking clause shall apply; (ii) Clause 11(a) – Redress, the optional language shall not apply; (iii) Clause 17 – Governing law, the “Member State” shall be Ireland; (iv) Clause 18 – Choice of forum and jurisdiction, the Member State shall be Ireland; and (v) each of Annex I and II shall be deemed populated with the relevant sections of Annex I or II to this Network Agreement, respectively.

5) DESCRIPTION OF PERSONAL DATA PROCESSING.

In Annex I to this Network Agreement, the Parties have mutually set out their understanding of the details of the Processing of the Customer Personal Data to be Processed by Pipl pursuant to this Network Agreement.

6) DATA PROCESSING TERMS

6.1 Pipl shall comply with all applicable Data Protection Laws in the Processing of Customer Personal Data and Pipl shall:

6.1.1. process the Customer Personal Data relating to the categories of Data Subjects for the purposes of the TOS and for the specific purposes in each case as set out in Annex 1 to this Network Agreement and otherwise solely on the documented instructions of Customer, for the purposes of providing the Services and as otherwise necessary to perform its obligations under the TOS including with regard to transfers of Customer Personal Data to a third country outside the country where Data Subjects are located, unless Pipl is otherwise required to do so by law to which it is subject (and in such case, Pipl shall inform Customer of that legal requirement before processing, unless that law prohibits such notification);

6.1.2. ensure that persons authorized to process the Customer Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;

6.1.3. implement and maintain the technical and organizational measures set out in the TOS and, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, and implement any further appropriate technical and organizational measures necessary to ensure a level of security appropriate to the risk of the Processing of Customer Personal Data in accordance with applicable Data Protection Laws:

6.1.4. pseudonymization and encryption of Customer Personal Data;

6.1.5. ensuring ongoing confidentiality, integrity, availability and resilience of processing systems and services that process Customer Personal Data;

6.1.6. restoring availability and access to Customer Personal Data in a timely manner in the event of a physical or technical incident; and

6.1.7. regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing of the Customer Personal Data.

Any amendment to such agreed measures that is necessitated by Customer shall be dealt with via an agreed change control process between Pipl and Customer.

6.2 Customer (either in its own name, as a Controller, or on behalf of the relevant Controller(s), as applicable), hereby expressly and specifically authorizes Pipl to engage another Processor to Process the Customer Personal Data ("Other Processor"), and specifically the Other Processors listed in Annex 3 hereto, subject to Pipl:

a) notifying Customer of any intended changes to its use of Other Processors listed in Annex 3 by emailing notice of the intended change to Customer;
b) including data protection obligations in its contract with each Other Processor that are materially the same as those set out in this Network Agreement; and
c) remaining liable to the Customer for any failure by each Other Processor to fulfill its obligations in relation to the Processing of the Customer Personal Data in accordance with the TOS.

6.2.1. to the extent legally permissible, promptly notify Customer of any communication from a Data Subject regarding the Processing of Customer Personal Data, or any other communication (including from a Supervisory Authority) relating to any obligation under the applicable Data Protection Laws in respect of the Customer Personal Data and, taking into account the nature of the Processing, assist Customer (or the relevant Controller) by appropriate technical and organizational measures, insofar as this is possible, for the fulfillment of Customer’s, Customer’s Affiliates’ or the relevant Controller(s)’ obligation to respond to requests for exercising the data subject's rights laid down in applicable Data Protection Laws;

6.2.2. upon Pipl’s becoming aware of a Personal Data Breach involving Customer Personal Data, notify Customer without undue delay, of any Personal Data Breach involving Customer Personal Data, such notice to include all information available to Pipl and reasonably required by Customer (or the relevant Controller) to comply with its obligations under the applicable Data Protection Laws;

6.2.3. should Customer request any assistance from Pipl so that it can comply with its obligations under applicable Data Protection Laws and when any such assistance from Pipl goes beyond the standard functionality of the Services, Pipl may charge Customer for any costs beyond the agreed upon consideration provided for under the TOS to the extent it is not commercially reasonable for Pipl to provide such assistance without charge (considering relevant factors such as volume of requests, complexity of instructions and timescale requested). This shall include, without limitation, costs incurred by Pipl in executing Partner’s instructions relating to the provision of access to Personal Data, any rectification or erasure of Personal Data, as well as any measures deemed necessary by Partner in response to any Personal Data Breaches.

6.2.4. cease Processing the Customer Personal Data within no longer than fifteen (15) days following the termination or expiry of the TOS, or following the receipt of an express written request in this sense by Customer, Customer’s Affiliates or the relevant Controller(s), by deleting (including by ensuring such data is in non-readable format) all copies of the Customer Personal Data Processed by Pipl, unless (and solely to the extent and for such period as) Pipl has legitimate reasons to maintain any such Customer Personal Data, including to comply with legal or regulatory obligations to which it is subject, to comply with its contractual obligations, or to allow Pipl to exert its rights in the context of a legal dispute involving any such Customer Personal Data. Notwithstanding the foregoing or anything to the contrary contained herein, Pipl may retain Personal Data and shall have no obligation to return Personal Data to the extent that any such retention of Personal Data is required by applicable laws or regulations obligations. Any such Personal Data retained shall remain subject to the obligations of confidentiality set forth in the TOS; and

6.2.5. make available to Customer all information necessary to demonstrate compliance with this Network Agreement and allow for and contribute to audits, including inspections, by Customer, or an auditor mandated by Customer. For the purposes of demonstrating compliance with this Network Agreement under this section 6.2, the Parties agree that once per year during the term of the TOS, at the request of the Customer, Pipl will provide to Customer, on reasonable notice, responses to cybersecurity and other assessments relating to the protection of Personal Data. Customer agrees to pay Pipl for time and for out of pocket expenses incurred by Pipl in connection with assistance provided in connection with such audits, responses to cybersecurity and other assessments.

6.3. Notwithstanding anything to the contrary in the Network Agreement, Customer acknowledges that Pipl shall have the right to collect, use and disclose data:

(a) Collected in the context of providing the Services, for the purpose of the operation, support or use of its services for the purpose of administrating the business and/or contractual relationship with the Customer, including for billing, audit and recordkeeping purposes and other legitimate business purposes, such as account management, technical support, troubleshooting, security, protecting against fraudulent or illegal activity, and for the purpose of establishment/exercise and defense of legal claims.
(b) Collected in the context of using the Services, for the purpose of analytics, market research, product improvement and development, provided however that the foregoing shall be based solely on the processing of aggregated, pseudonymized, and/or anonymized information.

6.4. To the extent that any data referred under section 6.3 is considered Personal Data, then Pipl shall be regarded as an independent Controller of such data under applicable Data Protection Laws and its processing by Pipl shall be outside the scope of this Network Agreement.

7. TRANSFERS

7.1. Customer acknowledges and agrees that Pipl will, both on its own and through its Other Processors, Process Customer Personal Data in servers located in the United States of America. The Customer Personal Data is being transferred in accordance with the applicable Data Protection Laws. Accordingly, where applicable, the Parties shall be deemed to enter into the Standard Contractual Clauses, which is incorporated herein by reference, and Customer shall be deemed as the data exporter and Pipl shall be deemed as the data importer (as these terms are defined therein).

7.2. To the extent that the LGPD applies, the Parties acknowledge that for the purposes of enabling lawful transfers of Customer Personal Data outside Brazil in accordance with the applicable Data Protection Laws, specific regulations issued by the local Supervisory Authority must be issued and that, until any such new regulations arise, Customer will consider the terms of this Network Agreement as sufficient grounds for enabling the transfers of Customer Personal Data to the United States of America, particularly the provisions set out below referring to the Standard Contractual Clauses. The Parties undertake to engage in a good faith dialogue to jointly determine a new data transfer mechanism to carry out the purposes of the TOS in the event that any such new regulations arise under applicable Data Protection Laws. Pipl acts as a Processor with respect to Personal Data received pursuant to a data transfer covered hereunder.

7.3. Pipl may transfer Personal Data of residents of the EEA outside the EEA ("Transfer"), only subject to the following:

(a) the transfer is necessary for the purpose of Pipl carrying out its obligations under the TOS, or is required under applicable laws; and
(b) the transfer is done: (i) to an Approved Jurisdiction, or (ii) subject to appropriate safeguards (for example, through the use of the Standard Contractual Clauses, or other applicable frameworks), or (iii) in accordance with any of the exceptions listed in the Data Protection Laws (in which event Customer will inform Pipl which exception applies to each transfer and will assume complete and sole liability to ensure that the exception applies).

7.4. Appendix 1 and Appendix 2 to the Standard Contractual Clauses shall be deemed to be prepopulated with the relevant sections of Annex 1 and Annex 2 (respectively) to this Network Agreement and the processing operations are deemed to be those described in the TOS.

GENERAL PROVISIONS & DEFINITIONS

8. GENERAL PROVISIONS

a. Not for the Benefit of Third Parties. This Network Agreement is for the exclusive benefit of the Parties hereto and not for the benefit of any Third Party, other than Trust Network Members, to the extent expressly set forth herein.

b. Order of Precedence. In the event of any inconsistency or conflict between the terms of this Network Agreement and any other Data Protection Addendum, or other substantially similar written and signed document issued under the TOS, the terms of this Network Agreement shall prevail.

c. Severability. The Parties agree that, if any section or sub-section of this Network Agreement is held by any court or competent authority to be unlawful or unenforceable, it shall not invalidate or render unenforceable any other section of this Network Agreement.

9. DEFINITIONS

In this Network Agreement, capitalized terms that are not defined herein shall have the meanings set out in the TOS and the following terms shall have the meanings set out below (and cognate terms shall be construed accordingly):

9.1 “Affiliate” means any Person, whether de jure or de facto, other than a Party, that directly or indirectly owns, is owned by or is under common ownership with a Party to the extent of at least 50 percent of the equity having the power to vote on or direct the affairs of the entity, and any Person actually controlled by, controlling, or under common control with a Party.

9.2 “Analytics” means aggregated statistics derived from Customer Data or Metadata, which shall at no time contain Personal Data or the source of the data.

9.3 “Applicable Laws” means all laws, regulations, orders or other binding decisions applicable to the collection, use, storage or disposal of Data, including without limitation the California Consumer Privacy Act, the California Privacy Rights Act, the EU and UK General Data Protection Regulation, the Lei Geral de Proteção de Dados (LGPD, Brazilian Data Protection Law), and the Gramm Leach Bliley Act, each as may be amended or replaced from time to time.

9.4 “Customer Personal Data” means any raw Personal Data Processed by Pipl (i) on behalf of Customer (including for the sake of clarity, any Customer Affiliate), or (ii) otherwise Processed by Pipl, in each case pursuant to or in connection with instructions given by Customer in writing, consistent with the TOS. Customer Personal Data does not include Metadata.

9.5 “Customer Data” means: (a) all raw Feedback Data and Request Data provided to Pipl by Customer pursuant to the TOS and which Customer has the right to license or sublicense, and lawfully disclose, to Pipl for the purposes stated in this Network Agreement without violation of any contractual, regulatory or legal obligations; and (b) all other data mutually agreed by the Parties to be provided by Customer pursuant to this Network Agreement. Customer Data does not include Metadata.

9.6 “Data” means data, risk analyses and results therefrom (including risk scores) relating to attempted or completed interaction with third parties with Pipl Trust Network Members.

9.7 “Data Protection Laws” means, as applicable: (i) Regulation (EU) 2016/679 ("GDPR") together with applicable legislation implementing or supplementing the same or otherwise relating to the processing of Personal Data of natural persons; (ii) Brazilian Federal Law no. 13,709/2018 – General Data Protection Law (“LGPD”), (iii) the Data Protection Act 2018 of the United Kingdom, as amended from time to time, and the GDPR as amended and incorporated into UK law ("UK GDPR"), and (iv) the California Consumer Privacy Act, Cal. Civ. Code § 1798.100 et seq. ("CCPA");

9.8 “Data Subject” means a directly or indirectly identified or identifiable natural person whose Personal Data is Processed in the context of the TOS.

9.9 “Feedback Data” means the Customer’s decision regarding a specific interaction or use of the Service; all related data attributes, the reason for such decision, and any other data, explanation, or other information that Customer provides to Pipl under this Network Agreement regarding Customer’s decisions in connection with interactions or Customer’s use of the Service.

9.10 “Metadata” means Request Data, Response Data and Feedback Data, user behavior analytics data collected by the Service, and their derivatives, from which Personal Data has been de-identified, pseudonymized, or otherwise removed.

9.11 “Permitted Purpose” means the identification, monitoring and tracking of authorized interactions, and suspected or attempted unauthorized interactions, including but not limited to attempted fraud or policy abuse, by Trust Network Members for evaluating interactions between Customer and a Third Party during the Term of the Network Agreement.

9.12 “Person” means any individual, corporation, trust, estate, partnership, joint venture, company, association, governmental bureau or agency, or any other entity regardless of the type or nature thereof.

9.13 “Personal Data” means all information or data that directly or indirectly identifies a living natural person, or relates to an identified or identifiable living natural person, or as otherwise defined under Applicable Law, and that is included in or part of the Pipl Data or the Customer Data, respectively.

9.14 “Pipl Data” means data, information or output provided, as applicable, by the Services, including Response Data and Analytics.

9.15 “Query Records” means a submission or request by Customer and, where applicable, any performance or decision data provided to Pipl.

9.16 “Request Data” means the query parameters that Customer sends to the Service, and may include names, email addresses, phone numbers, addresses, device and IP information or other parameters as set out in Annex I Section B of this Network Agreement. Request Data forms part of the Query Records.

9.17 “Response Data” means the set of parameters generated by the Service upon running a system query, and sent to Customer. Response Data forms part of the Query Records.

9.18 “Service” means the Pipl Trust Service, as described in the TOS.

9.19 “Standard Contractual Clauses” mean: the applicable module of the standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council; from June 4th 2021, as available here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?uri=CELEX:32021D0914&locale=en, subject to any amendments contained in Section 3.1(b) and 3.1(c) below.

9.20 “Third Party” means any Person other than a Party or an Affiliate.

9.21 “Trust Network Member” means any Customer of Pipl or Third Party that has entered into an agreement with Pipl substantively similar to this Network Agreement.

9.22 The terms "Controller", "Data Subject", "Personal Data", "Personal Data Breach", "Process", "Processor", and “Supervisory Authority” have the same meanings as described in applicable Data Protection Laws, as applicable to the relationship between Pipl and Customer, and cognate terms shall be construed accordingly. Where applicable, "Controller" shall be deemed to be a "Business" and "Processor" shall be deemed to be the "Service Provider", as these terms are defined under the CCPA.

9.23 Capitalized terms not otherwise defined in this Network Agreement shall have the meanings ascribed to them in the TOS.

ANNEX I

DESCRIPTION OF THE PROCESSING

A. LIST OF PARTIES

Data exporter(s): [Identity and contact details of the data exporter(s) and, where applicable, of its/their data protection officer and/or representative in the EEA]

 

Data importer(s): [Identity and contact details of the data importer(s), including any contact person with responsibility for data protection]

 

B. DESCRIPTION OF TRANSFER

Categories of data subjects whose personal data is transferred / processed
- Customer current and prospective customers, vendors, end-users and business partners
- Customer employees who use the Service

Categories of personal data transferred / processed
Name, Address, Date of Birth, Age, Education, Email, Gender, Job, Language, Phone, Related person, Related URL, User ID, Username, IP address

Sensitive data transferred (if applicable) and applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialized training), keeping a record of access to the data, restrictions for onward transfers or additional security measures.

NONE

The frequency of the transfer (e.g. whether the data is transferred on a one-off or
continuous basis).

Frequency of transfers as set out in Section 2 of the Pipl Trust TOS.

Subject matter and nature of the of the processing, and processing operations

The subject matter and duration of the Processing of the Customer Personal Data are set out in
Section 2 of the Pipl Trust TOS.

Nature of the processing

The nature the Processing of the Customer Personal Data are set out in Section 2 of the Pipl Trust TOS.

Purpose(s) of the data transfer and further processing

The purpose of the Processing of the Customer Personal Data are set out in Section 2 of the Pipl Trust TOS.

The period for which the personal data will be retained, or, if that is not possible, the criteria used to determine that period

As set out in Section 2 of the Pipl Trust TOS.

For transfers to (sub-) processors, also specify subject matter, nature and duration of the processing

See “Other Processors” in Annex III below.

C. COMPETENT SUPERVISORY AUTHORITY

The Parties agree to be governed by the laws and courts of Ireland, within the EU.

ANNEX II

TECHNICAL AND ORGANIZATIONAL SECURITY MEASURES

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Pipl shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate:

1. the encryption of personal data;
2. the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
3. the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
4. a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.

More specifically, Pipl's security controls shall include:

Data Centers
Pipl production services are hosted in SOC2 compliant data centers. Pipl receives and reviews its providers’ SOC1 and SOC2 reports every 12 months.

Production Environment
Separate and distinct production, staging, and development environments are maintained, and production data is not replicated outside of the production restricted environments.

Access to the production environment is restricted to authorized and trained members of Pipl's teams who have undergone background checks and special security training. Access is done via VPN, using unique strong passwords and TOTP based 2FA.  Access to the production environment is only via ssh terminal connections, using passphrase protected personal RSA certificates. An IDS system is in place on all production servers, which includes real-time monitoring and alerting of any changes to the production system files or configuration, and anomalous security events. For those authorized and trained members of the team with access to the production environment, any workstations running Windows or OS X used for ssh terminal access to the production environment must be running current and active anti-virus software. Production data is not replicated onto employee workstations or mobile devices.

Network Security
Pipl uses a SOC2 compliant 3rd party for DDoS and Bot protection and Web Application Firewall service. A host based IDS is in place on production servers, with real time monitoring and alerting on abnormal behavior or system configuration changes. 

Login Security
Google OAuth is supported for Pipl customers. All customers can enable 2FA on their accounts via the use of Google OAuth. If OAuth is used to access Pipl, Pipl will inherit the login security
settings in the user's Google account.

If logging in directly to Pipl using a username or email and password, Pipl requires a minimum of 8 characters. Repeated failed login attempts trigger a 30 second lock before a user can retry. Passwords are stored in a hashed form and will never be sent via email. Upon account creation and password reset, Pipl will send a link to the email associated with the account that will enable the user to create a new password.

Vulnerability Detection and Penetration Tests
Automated scans of Pipl's production site are conducted once a month. All changes are peer reviewed and vulnerability and security lists are actively monitored for CVE and other vulnerability disclosures, with appropriate actions taken. A penetration test is commissioned annually, with all findings mitigated as appropriate. As a general matter, issues that come to our attention through penetration tests, or other means, are fixed as quickly as reasonably possible.

Access Control
All customer data is considered highly sensitive and protected, and access is least privilege. Only authorized and trained members of the Pipl team have direct access to production systems and user data. Those who do have direct access to data are only permitted to view it in aggregate, or for troubleshooting purposes. User data is only viewed by Pipl employees for troubleshooting purposes when consent has expressly been provided ahead of time by the account owner, or team administrator.

We maintain a list of members of the Pipl team with access to the production environment. These members undergo background checks. Another list allows all relevant roles to access code, as well as the development and staging environments. These lists are reviewed quarterly and upon role change.

Trained members of the Pipl technical support team have case-specific, limited, access to user data through restricted access customer support tools.

Third Party Access
Select customer data in very limited cases is shared only with third party service providers acting as our agent, and in strict compliance with our privacy policy, and under non- disclosure agreements.

Physical Security
Our policies prohibit replication of customer data outside the production environment Thus, when it comes to physical security compliance, we rely on the data centers’ security. The physical servers are located in secure data centers. Production critical data is never to be stored on physical media outside of the production environments. Pipl's production environment is hosted in SOC2 compliant data centers.

Geographical Location of Data
Customers’ data is stored in different data-centers around the US. Customers’ data can also be found in Pipl backups, stored in data-centers around the US.

Corporate Environment and Removable Media
Strict firewall rules prohibit access to necessary ports for the usage of the service (e.g., 443), to ensure limited access to the production environment, to our VPN network, and authorized systems. The corporate network has no privileged access to the production environment, with authorized employees still required to connect to the VPN in order to access any special systems
or environments.

Our policies prohibit storage of customer data on employee workstations or removable media. Employee devices are required to time out and lock after a maximum of ten minutes of inactivity. Pipl also maintains a clean desk policy.

Encryption In-Transit and At-Rest
Pipl uses industry standard Transport Layer Security (“TLS”) to create a secure connection using 256 bit Advanced Encryption Standard (“AES”) encryption. This includes all data sent between the web and the Pipl servers, as well as internal traffic within production. Sensitive customer data is encrypted immediately when entering our system, and kept encrypted at rest.

Development, Patch and Configuration Management
All changes to the production system, be they code or system configuration changes, require review prior to deployment to the production environment. Thousands of automated unit tests are run against all production code prior to deployment, as well as regularly conducted automated vulnerability scans and commissioned penetration tests. All changes are tested in a staging environment prior to deployment to production. Production servers are managed via a centralized configuration system. All system changes are peer reviewed. Patches are deployed as relevant to their level of security and stability impact, with critical patches able to be deployed well within 24 hours of availability as appropriate.

Pipl restricts access and maintains separate lists of relevant roles with access to source code, development, staging, and production environments. These lists are reviewed quarterly and upon role change. 

Pipl uses source code management tools and repositories.

All production servers are running a LTS (Long Term Support) distribution of their operating system to ensure timely updates are available. CVE lists and notifications are actively monitored, and any systems can be patched in a timeline relevant to the severity of the issue. A centralized configuration system is used for the management of production servers, and when needed, a patch can be deployed within hours of its availability.

Asset Management
While some assets are not owned by a specific individual, ownership and maintenance of the confidentiality, integrity, and availability of our systems is distributed amongst the DevOps and Apps Engineering teams. Assets are transferred upon role change or leaving the company.

Anti-virus and anti-malware
Pipl have a centrally managed anti-virus / anti-malware solution deployed on all of its laptops. All laptop hard drives are encrypted.

Remote access
Some of Pipl’s employees work remotely. Our policies prohibit replication of customer data outside the production environment, which is stored within our hosting provider’s secure servers. Strict firewall rules are in place thus limiting access to the production environment to our VPN network and authorized systems.

For authorized and trained members of Pipl's teams, who have undergone background checks and special security training, access is provided via VPN, using unique strong passwords and TOTP based 2FA.  Access the production environment is only via ssh terminal connections using passphrase protected personal RSA certificates.

The corporate network has no privileged access to the production environment, with authorized employees still required to connect to the VPN in order to access any special systems or environments.

Security Awareness and Confidentiality
Security awareness and customer data access policies are covered during employee onboarding as appropriate to the role, and employees are updated as relevant policies or practices change. Employees also sign a Confidential Information and Inventions Agreement.

In the event that a security policy is breached by an employee, Pipl reserves the right to determine the appropriate response, which may include termination.

Vetting
All employees undergo an extensive interview process before hiring. Employees with direct access to the production environment undergo drug testing and a criminal background check
where such screening is available and allowed by law. Other employees may undergo a check depending on their role (academic for legal roles, credit for finance, etc). NDAs are in place for any third parties with access to customers’ data.

Password Requirements
Employees are required to enforce 2FA when available and use a password manager with random, secure passwords. Authorized employees access the production environment by authenticating to the VPN using unique strong passwords and TOTP based 2FA and even then, only via ssh terminal connections, using passphrase protected personal RSA certificates.

Backup , Business Continuity, and Disaster Recovery

Backup Policy
Data entered into Pipl is backed up regularly. All backups are encrypted and stored at multiple offsite locations to ensure that they are available in the unlikely event that a restore is necessary. Encrypted backups can only be decrypted by members of the Pipl operations team who have received training and have been authorized to decrypt the backups.

Backup Interval
A live replica of Pipl’s primary database is constantly being taken. Additionally, a full backup snapshot of the primary database is taken once every 24 hours.

Backup Storage
All Pipl backups are retained on the following schedule and at the following locations:

● Dedicated file servers in our data centers
● Distributed Storage Service #1
● Distributed Storage Service #2

Only authorized members of the Pipl operations team have access to the backup locations, so that they are able to monitor the performance of the backup processes, and in the very unlikely  event that a restore becomes necessary. 

Business Continuity
The Pipl operations team has designed systems to keep the service running even if the underlying infrastructure experiences an outage or other significant issue. Every critical Pipl service has a secondary, replicated service running simultaneously, with mirrored data in a different data center than the primary server. Additionally, each database server has a replicated service running in a third data center with data that is mirrored immediately.

Disaster Recovery
Using our backup policy, as well as maintaining detailed blueprints and architecture information, Pipl is able to continue providing its services using its facilities hosting Pipl
production infrastructure.

Data Subject Requests
Pipl provides mechanisms for data subjects from all privacy frameworks to exercise their respective data subject rights, including but not limited to the right of access, right to be informed, right to object to processing, right to data portability, right to be forgotten, etc. Pipl dedicates a direct email or short form for data subjects to submit their requests, and Pipl processes all valid data subject requests in a timely manner.

For transfers to (sub-) processors, also describe the specific technical and organizational measures to be taken by the (sub-) processor to be able to provide assistance to the controller and, for transfers from a processor to a sub- processor, to the data exporter

Sub-processors shall implement substantially similar security and organizational measures.

Annex III

Authorized Other Processors