If the Customer entering into this DPA is a party to the Agreement, then this DPA acts as an addendum to, and forms part of, the Agreement. If the Customer entering into this DPA has executed an Order Form with Book4Time or an entity of the Book4Time Group pursuant to the Agreement, but is not itself a party to the Agreement, then this DPA acts as an addendum to that Order Form and applicable renewal Order Forms. The Customer enters into this DPA on behalf of itself and, to the extent required under Applicable Data Protection Laws, in the name and on behalf of its Authorized Affiliates, if and to the extent that Book4Time processes Personal Data for which such Authorized Affiliates qualify as the Controller.
In this DPA the terms below shall have the meanings set out in this Section 1, unless expressly stated otherwise. Capitalized terms used, but not defined, in this DPA shall have the meaning given to them in the Agreement. References to “including” mean “including, without limitation”.
8.2 Information about Subprocessors, including their functions and locations, is available at: subprocessor page (as may be updated by Provider from time to time) or such other website address as Provider may provide to Customer from time to time (the “Subprocessor Site”).
Name: As set out in the Agreement or applicable ordering document
Contact details for data protection: As set out in the Agreement or applicable ordering document
Customer Activities: Provider of spa services and recreational services
Role: Controller
Name: Book4Time Inc.
Contact details for data protection: privacy@book4time.com
Customer Activities: Provider of online Spa and Recreation Management Software, including offline and mobile components.
Role: Processor
Categories of Data Subjects: Users of Customer’s websites or other online services
Categories of Personal Data: Personal Data pertaining to data subjects’ use of and interaction with Customer’s websites or other online services
Sensitive Categories of Data, and associated additional restrictions/safeguards: Not applicable
Frequency of transfer: For as long as necessary to fulfil the purpose(s) for which the information was collected, depending on the purpose(s) for which the information was collected, the nature of the information, any contractual relationship that may governs the retention of the data, and any legal or regulatory obligations.
Nature and purpose of the Processing: Provide online spa and recreation management services, as more particularly described in the Agreement and comply with Customer instructions thereunder
Duration of Processing / Retention Period: Concurrent with term of the Agreement and then thereafter pursuant to Section 10
Transfers to Subprocessors: Transfers to Subprocessors are as, and for the purposes, described from time to time in the Subprocessor List (as may be updated from time to time in accordance with the DPA).
4.2 The following modules of the SCCs apply in the manner set out below (having regard to the role(s) of Customer set out in Annex 1 (Data Processing Details) to the DPA):
Module Two of the SCCs applies to any EU Restricted Transfer involving Processing of Customer Personal Data in respect of which Customer is a Controller in its own right.
© 2024 Book4Time Inc.