Appendix 1

Specification of the processing of personal data

Purposes

Specify all purposes for which personal data will be processed by Processor

To enable the Controller to use the Processor’s services or Software in accordance with the Agreement.

Categories of personal data

Specify which categories of personal data Processor will process

– End users log in-information and contact information.
– Information about how the end user uses Processor’s service or Software, such as the end user’s search queries;
– Phone-related information, such as the end user’s phone number, the caller’s number, forwarding number, call lengths, SMS routing and call types;
– Recordings of phone calls to the Processor’s support are recorded and can be used to get background information to help resolve or deal with a support request.
– When the end user contacts the Processor, the end user’s messages are saved in order to help the end user with a problem or provide information about the Processor’s services, whether immediately or at a later time; and
– Information about activity on a Media Player such as crashes, system activity, hardware settings, browser type, browser language, date and time of the end user’s request and address.

Categories of data subjects

Specify for which categories of data subjects Processor will process personal data

Employees and consultants of the User, including end users of the Software.

Processing activities

Specify which processing activities will be performed by Processor

Processing activities linked to the performance of the Processor’s services in relation to the Software, such as storing, collecting, deleting, changing and analyzing.

Location for the processing of personal data

Specify all locations where personal data will be processed by Processor

EU/EES and the USA.

Data protection

Access to personal information is limited both physically and virtually, and all data transfer and cold backup data is encrypted. Any PLAYipp staff that requires access to the controller’s PLAYipp Manager account to fulfill the controller’s instructions require the use of two factor authentication.

Continue reading Data Processing Agreement