Data Protection Addendum
Updated 3 September, 2019
Data Protection Addendum
Updated 3 September, 2019
This Data Protection Addendum, henceforth referred to as the "Addendum", is entered into by and between Grow Your Photography Studio, henceforth referred to as "Grow Your Photography Studio", and the customer agreeing to this Addendum, henceforth referred to as the "Customer".
This Addendum will be effective from the Addendum Effective Date (as defined below) and replace any previously applicable data protection addendum.
If you are accepting this Addendum on behalf of Customer/Affiliate, you represent and warrant that:
If you do not have the legal authority to bind Customer, please do not "Sign/Accept/Opt IN".
Terms Defined by the General Data Protection Regulation (GDPR):
1. "Addendum Effective Date" is defined as the date on which Customer clicked to accept or opt-in to this Addendum.
2. "Adequate Country" is defined as a country which is deemed adequate by the European Commission under Article 25(6) of Directive 95/46/EC or Article 45 of GDPR.
3. "Data Subject" is defined as the identified or identifiable person who is the subject of Personal Data.
4. "Personal Data" is defined as any information included in the Customer Data relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural, or social identity.
5. "Processing" is defined by the applicable EU Data Protection Law and "process", "processes" and "processed" will be interpreted accordingly.
6. "Data Controller" is defined as the party that determines the purposes and means of the Processing of Personal Data.
7. "Data Processor" is defined as the party that Processes Personal Data on behalf of, or under the instruction of, the Data Controller.
8. "Data Transfer Mechanism" is defined as an alternative data export solution for the lawful transfer of Customer Data (as recognized under EU Data Protection Law) outside the EEA.
9. "Data Protection Laws" are defined with respect to a party, all privacy, data protection, information security-related, and other laws and regulations applicable to such party, including, where applicable, EU Data Protection Law.
10. "Data Protection Authority" is defined as the competent body in the jurisdiction charged with enforcement of applicable Data Protection Law.
11. "EEA" means the European Economic Area, United Kingdom, and Switzerland.
12. "EU Data Protection Law" means
13. References to "written instructions" and related terms mean Data Controller’s instructions for Processing of Customer Data, which consist of
14. "Model Contracts" are defined as the Standard Contractual Clauses for Processors as approved by the European Commission under Decision 2010/87/EU in the form made accessible in the Grow Your Photography Studio Workspace.
15. "Security Incident" is defined as any unauthorised or unlawful confirmed breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data in Data Processor’s control.
16. "Subprocessor" is defined as any Third Party engaged by Data Processor or its affiliates to process any Customer Data pursuant to the Agreement or this Addendum.
17. "Third Party" shall mean any natural or legal person, public authority, agency, or any other body other than the Data Subject, Data Controller, Data Processor, Subprocessors, or other persons who, under the direct authority of the Data Controller or Data Processor, are authorised to Process the data.
18. Other capitalised terms not defined herein have the meanings given in the Agreement.
Terms Defined by Grow Your Photography Studio with Respect to GDPR:
1. "Data Subjects" are defined to include the individuals about whom data is provided to Grow Your Photography Studio via the Services by (or at the direction of) the Customer.
2. "Details of Processing Subject Matter" is defined as the subject matter of the data processing under this Addendum is the Customer Data.
3. "Duration of the Processing" is defined as the duration of the data processing under this Addendum is until the termination of the Agreement plus the period from the expiry of the Agreement until deletion of all Customer Data by Grow Your Photography Studio in accordance with the terms of the Addendum.
4. "Nature and Purpose of the Processing" is defined as the purpose of the Processing under this Addendum is the provision of the Service to Customer and the performance of Grow Your Photography Studio's obligations under the Agreement (including this Addendum) or as otherwise agreed by the parties.
5. "Categories of Data" is defined as data relating to individuals provided to Grow Your Photography Studio when Customers sign up, login, use the product, interact with the website, and interact with the ads.
6. "Security Measures" are defined as the measures that Grow Your Photography Studio agrees to use. They are commercially reasonable technical and organisational measures designed to prevent unauthorised access, use, alteration, or disclosure of the Service or Customer Data.
4. Scope and Applicability of this Addendum:
5. Role and Scope of the Processing:
8. Onward Transfer:
9. Regulatory Compliance:
10. Reviews of Data Processing:
11. Return or deletion of data:
12. Additional Security:
13. Changes to Subprocessors:
When any new Subprocessor is engaged, Grow Your Photography Studio will, at least a week before the new Subprocessor processes any Customer Data, inform Customer of the engagement by sending an email.
14. Further cooperation:
© Copyright 2019. Grow Your Photography Studio. All Rights Reserved.
This site is not a part of the Facebook website or Facebook Inc. Additionally, This site is NOT endorsed by Facebook in any way. FACEBOOK is a trademark of FACEBOOK, Inc.