Data Use Agreement

If you have any questions or concerns, please contact [email protected]

This Data Use Agreement (the “DUA”) is made by and between Avnovo, Inc. (“Avnovo”) and [Customer] (“Customer”). This DUA is incorporated into and forms part of the Avnovo Terms of Service or other agreement (“Agreement”) between the parties and applies where Avnovo processes Personal Information on behalf of Avnovo pursuant to the Agreement. This DUA is effective from January 1, 2020, until the Agreement is terminated. This DUA shall control in the event of any inconsistencies between this DUA and the Agreement.

1. Definitions

  1. “Business” means the entity that determines the purposes and means of the processing of Personal Information.
  2. “Data Protection Laws” means applicable laws governing the privacy and security of Personal Information, including without limitation the California Consumer Privacy Act.
  3. “Personal Information” means any information Customer provides to Avnovo that relates to or could reasonably be associated with an individual or household and is subject to Data Protection Laws.
  4. “Service” shall have the meaning given that term in the Agreement.
  5. “Service Provider” means an entity that receives Personal Information from a Business and is prohibited from retaining, using, selling, or disclosing such information other than as expressly set forth in this DUA or in the Agreement.

2. Use of Personal Information

  1. Each party’s processing of Personal Information shall comply with Data Protection Laws. The parties agree that Customer is a Business and Avnovo is a Service Provider. The parties also agree that Customer provides Personal Information to Avnovo as a condition precedent to Avnovo’s performance of the Service and that Personal Information is not exchanged for monetary or other valuable consideration.
  2. Avnovo will not use, retain, sell, transfer, or otherwise disclose Personal Information other than as expressly set forth in this DUA or in the Agreement.
  3. Avnovo certifies that it understands and will comply with the restrictions and obligations contained in this DUA.

3. Rights Requests

  1. Customer is responsible for addressing and responding to any rights requests related to Personal Information that are received by either party under Data Protections Laws (“Rights Requests”). If Avnovo receives a Rights Request from an individual (the “Requestor”), Avnovo will (i) inform the Requestor that Avnovo is a Service Provider and (ii) instruct the Requestor to contact Customer to address the Rights Request. Where required by Data Protection Laws, Avnovo shall make reasonable efforts to include Customer’s contact information in any response to the Requestor, where feasible to do so based on the Personal Information processed by Avnovo and the contact information provided by Customer.
  2. Except as instructed by Customer, Avnovo shall not respond to a Rights Request or otherwise communicate with the Requestor.
  3. Avnovo agrees to provide Customer with reasonable assistance and cooperation as required by Customer for Customer to respond to Rights Requests in compliance with Data Protection Laws, including providing Customer with access to Personal Information and deleting Personal Information when and as instructed by Customer.

4. Security

  1. Avnovo shall implement and maintain physical, technical, and organizational security measures in accordance with industry best practices to protect Personal Information against accidental, unlawful, or unauthorized destruction, loss, alteration, disclosure, and access.
  2. Avnovo shall inform Customer within 48 hours of recognizing a data breach or cybersecurity incident affecting any Personal Information. Such notice shall describe the breach or incident when it occurred, the Personal Information affected, and the measures Avnovo has taken to contain the breach or incident.
Scroll to Top