1. Roles and scope
The Customer is the controller (or processor acting for another controller) of Customer Content; Adjustly is the processor (or sub-processor). Adjustly processes personal data only to provide the Service and on the Customer’s documented instructions, including as configured in the Service.
2. Subject matter and duration
The subject matter is the provision of the Service; duration is the term of the agreement plus any deletion/return period. The nature and purpose of processing is delivering agency-operations software, including intake, reading, appetite matching, quoting, servicing, and claims support.
3. Categories of data and data subjects
- Data subjects: the Customer’s staff, applicants, insureds, claimants, and other individuals referenced in Customer Content.
- Data categories: identifiers and contact details, business and policy information, submission and claims content, and any other personal data the Customer chooses to submit.
4. Adjustly obligations
- Process personal data only per the Customer’s instructions and applicable law;
- Ensure personnel authorized to process are bound by confidentiality;
- Implement appropriate technical and organizational security measures;
- Assist the Customer, taking into account the nature of processing, with data-subject requests and with security, breach-notification, and impact-assessment obligations;
- Notify the Customer without undue delay after becoming aware of a personal-data breach;
- Delete or return personal data at the end of the agreement, subject to legal retention.
5. Sub-processors
The Customer authorizes Adjustly to engage sub-processors to provide the Service. Adjustly imposes data-protection obligations on sub-processors substantially similar to those in this DPA and remains responsible for their performance. A current list is available at Sub-processors; Adjustly will provide a mechanism to notify of changes and allow reasonable objection.
6. International transfers
Where personal data is transferred across borders, the parties will rely on an appropriate transfer mechanism (such as standard contractual clauses) as required by applicable law.
7. Security
Adjustly maintains measures including encryption in transit, access controls and least-privilege, logical separation of customer environments, logging, and vulnerability management. Details are available on request under confidentiality.
8. Audits
Adjustly will make available information reasonably necessary to demonstrate compliance and will allow for audits consistent with the agreement, subject to confidentiality and reasonable notice.
9. Liability
Liability under this DPA is subject to the limitations in the Terms of Service.
10. Contact
Data-protection contact: [email protected].