Data Protection Rider

This Data Processing Rider is hereby incorporated into the Agreement to which it is attached. For purposes of this Rider, the Definitions in the Agreement shall apply unless defined below.

  1. Regulated Personal Information

    The parties agree that it is not necessary for FREVVO to receive personal information about individuals that is regulated ("PII") in order to provide the Service to Customer, and that Customer shall be responsible for the PII that it makes available to FREVVO in using the Service. FREVVO shall comply with the requirements of applicable laws that regulate FREVVO's processing of PII. Customer shall indemnify and defend FREVVO from and against any and all claims, allegations, litigations, arbitrations, damages, losses, expenses and costs (including reasonable attorney's fees) that are suffered or incurred by FREVVO as a result of (a) the content of the PII provided to FREVVO, or (b) Customer's breaches of its obligations with respect to PII, whether legal, contractual or otherwise.
  2. Processing of PII

    FREVVO may use the PII to provide the Service to Customer and for any purpose permitted by applicable law and by FREVVO's Privacy Policy. FREVVO may also use third party service providers to process PII on its behalf and subject to the protections of this Data Processing Rider.
  3. Data Safeguards

    FREVVO agrees to use commercially reasonable efforts to implement physical, administrative and technical measures and safeguards appropriate for PII in its possession. The safeguards currently in effect are described on FREVVO's website and supplemented by security compliance materials made available by Amazon.com, Inc. regarding the use of its Amazon Web Services platform ("Security Materials"). By using the Service, Customer agrees that the Security Materials describe safeguards that are adequate for Customer's purposes. The Security Materials also describe FREVVO's data encryption practices.
  4. Breaches; Security Incidents; Notification

    In the event that Customer's PII is accessed by unauthorized persons, whether accidentally or intentionally and unlawfully (a "Breach"), FREVVO will notify Customer promptly after learning of the Breach and assessing its scope and severity. FREVVO agrees to cooperate with reasonable Customer requests for information about the Breach, and FREVVO will take those actions required of it by applicable law with respect to the PII Breach. FREVVO will use commercially reasonable efforts to remediate the conditions that resulted in the Breach.
  5. Information Access

    In the event of a Breach and upon reasonable written request from Customer, FREVVO agrees to make available to Customer operational and technical records relating to the storage and processing of that Breached PII that were kept in the ordinary course of business while providing the Service to Customer. This may include, to the extent available, system access logs for systems that store or transmit PII, and a description of the PII that was exposed in the Breach. Notwithstanding anything else to the contrary herein, (i) nothing in this Rider or Agreement will require FREVVO to provide any documentation or information if it violates the privacy, security, or confidentiality of any third party, and (ii) any information or documentation provided by FREVVO to Customer with respect to information privacy, security, or confidentiality shall be deemed proprietary information and Confidential Information of FREVVO.
  6. Destruction

    Upon termination or expiration of the Service, FREVVO will within a reasonable time thereafter delete the PII in its possession. Customer acknowledges that a copy of PII may temporarily remain in archive or backup systems, and that FREVVO will use commercially reasonable efforts to remove PII from such systems.
  7. Liability; Insurance

    FREVVO carries privacy insurance covering Breaches of PII with a limit of at least $1,000,000. Notwithstanding anything contrary, FREVVO's entire liability to Customer with respect to PII made available to FREVVO under the Agreement shall be limited to direct damages actually incurred or suffered by Customer as a direct result of FREVVO's failure to comply with its obligations under this Data Protection Rider, up to the total amount of insurance proceeds paid by FREVVO's insurance carrier for such Breach.
  8. Relation to HIPAA

    This Regulated Data Security Rider shall not apply to protected health information, as defined by the Health Insurance Portability and Accountability Act of 1996 ("HIPAA") or the rules and regulations promulgated thereunder, to the extent governed by a business associate agreement (as defined by HIPAA). Customer is prohibited from transmitting or making available to FREVVO any protected health information.
  9. Relation to PCI

    This Regulated Data Security Rider shall not apply to protected information, as defined by the Payment Card Industry Data Security Standard ("PCI DSS") or the rules and regulations promulgated thereunder.
  10. Changes in Law

    The parties agree to modify or amend this Data Protection Rider as required by applicable law.
  11. Questions

    If you have questions about this Privacy Policy, you can contact us by clicking the Contact link above or by mail at: frevvo Inc., 500 East Main Street, Branford, CT 06405, USA.

We value your privacy and want you to clearly understand the control you have over your information on all frevvo.com sites. This website uses cookies to personalize content and to analyze traffic. By using our website, you consent to our use of cookies. Please refer to our updated Privacy Policy effective May 25, 2018.

Accept and Dismiss