Emerald Solutions Emerald Solutions
Legal

Data Processing Agreement

Emerald Solutions LLC  ·  Effective 1 January 2025

This Data Processing Agreement ("DPA") forms part of the Emerald Solutions End User License & User Agreement ("Agreement") between the customer ("Customer," "you," or "your") and Emerald Solutions LLC ("Emerald Solutions," "we," "us," or "our") and applies to the extent Emerald Solutions processes personal data on your behalf in providing the platform and related services.

01

Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person processed by Emerald Solutions on behalf of the Customer.
  • Processing: Any operation performed on Personal Data, such as collection, storage, use, disclosure, or deletion.
  • Data Controller: The entity that determines the purposes and means of processing Personal Data — you, the Customer.
  • Data Processor: The entity that processes Personal Data on behalf of the Data Controller — Emerald Solutions.

02

Scope and Purpose

Emerald Solutions processes Personal Data only as necessary to provide and improve the platform and related services, in accordance with your documented instructions, the Agreement, and applicable data protection laws (including GDPR, CCPA, and others as applicable).

03

Customer Responsibilities

  • Ensure you have the right to provide Personal Data to Emerald Solutions for processing.
  • Provide instructions to Emerald Solutions regarding the processing of Personal Data.

04

Emerald Solutions Obligations

  • Processing Only on Instructions: Process Personal Data only on documented instructions from the Customer, unless required by law.
  • Confidentiality: Ensure persons authorized to process Personal Data are bound by confidentiality obligations.
  • Security: Implement appropriate technical and organizational measures to protect Personal Data against unauthorized access, loss, or disclosure.
  • Subprocessors: May engage subprocessors to assist in providing services. Emerald Solutions will ensure subprocessors are bound by equivalent data protection obligations, and will notify you of changes with opportunity to object.
  • Assistance: Assist the Customer in responding to data subject requests and complying with applicable data protection law obligations.
  • Data Breach Notification: Notify the Customer without undue delay after becoming aware of a Personal Data breach, and provide required information.
  • Data Deletion or Return: Upon termination of the Agreement, delete or return Personal Data to the Customer, except as required by law.

05

International Data Transfers

Emerald Solutions may transfer Personal Data outside your jurisdiction, including to the United States, in compliance with applicable data protection laws. Where required, such transfers will be subject to appropriate safeguards, such as Standard Contractual Clauses.

06

Audit Rights

Upon reasonable notice, and subject to confidentiality, you may audit Emerald Solutions' compliance with this DPA up to once per year or as required by law.

07

Liability

Emerald Solutions' liability for breach of this DPA is subject to the limitations of liability set forth in the main Agreement.

08

Term

This DPA remains in effect for as long as Emerald Solutions processes Personal Data on your behalf under the Agreement.

09

Contact

For questions about this DPA or data processing practices, contact [email protected].