This Data Processing Agreement ("DPA") forms part of our commitment to protect your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This agreement is between PixelPulse Creations, LLC, doing business as Trackly ("Data Processor") and you ("Data Controller").

1. Definitions

For the purposes of this DPA:

• "Personal Data" means any information relating to an identified or identifiable natural person
• "Processing" means any operation performed on Personal Data
• "Data Controller" means the entity determining the purposes and means of Processing Personal Data
• "Data Processor" means the entity Processing Personal Data on behalf of the Controller

2. Processing of Personal Data

We will Process Personal Data only on your documented instructions, including with regard to transfers of Personal Data to a third country or an international organization, unless required to do so by applicable law.

3. Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

• Encryption of Personal Data in transit and at rest
• Regular security assessments and penetration testing
• Access controls and authentication mechanisms
• Regular backup procedures
• Employee training on data protection

4. Subprocessors

We may engage subprocessors to Process Personal Data. We will:

• Inform you of any intended changes concerning the addition or replacement of subprocessors
• Ensure subprocessors are bound by the same obligations as us
• Maintain a list of subprocessors available upon request

5. Data Subject Rights

We will assist you in fulfilling your obligations to respond to requests from data subjects exercising their rights under applicable data protection laws, including:

• Right to access
• Right to rectification
• Right to erasure
• Right to restrict processing
• Right to data portability
• Right to object

6. Data Breaches

We will notify you without undue delay after becoming aware of a Personal Data breach, providing you with:

• Description of the nature of the breach
• Categories and approximate number of data subjects affected
• Categories and approximate number of Personal Data records affected
• Description of likely consequences
• Description of measures taken or proposed to address the breach

7. Data Retention

We will Process Personal Data only for the duration specified in your instructions or as required by applicable law. Upon termination of this agreement, we will either delete or return all Personal Data to you, unless required to retain it by law.

8. Audits

We will make available to you all information necessary to demonstrate compliance with this DPA and allow for and contribute to audits, including inspections, conducted by you or another auditor mandated by you.

9. Contact Information

For questions about this DPA or data processing activities, please contact us at:

Data Protection Officer: privacy@trackly.works
Compliance: compliance@trackly.works
Phone: (573) 557-9293