Clarity on how Chief processes your data.

Summary:

This DPA applies to users who do not have a separate DPA on file with Chief
This DPA describes the responsibilities of the user and Chief surrounding data uploaded to Chief
Our collection and use of personal information is governed by our Privacy Policy, which outlines our SOC 2 Type 2 compliance.
The use of our platform is governed by our Terms of Service.

Want to read our full Data Processing Agreement?

Everything You Need to Know

^{Last updated: January 1, 2024}

Data Processing Agreement (DPA)

This Data Processing Agreement ("Agreement") is applicable to Chief users ("Users") who do not have a separate Data Processing Agreement in place and Signal from Noise, Inc. ("Chief" or "Data Processor") (collectively referred to as the "Parties") on the effective date above. By using Chief, Users agree to be bound by this Agreement.

Purpose and Scope

The purpose of this Agreement is to outline the terms and conditions under which Chief will process personal data on behalf of the Data Controller.

This Agreement applies to all personal data shared with Chief by the Data Controller in connection with the use of the Chief platform.

Roles and Responsibilities

Data Controller Responsibilities:
1. The Data Controller shall ensure that all personal data shared with Chief is done so in compliance with applicable data protection laws and regulations.
2. The Data Controller shall be responsible for obtaining any necessary consents or authorizations from data subjects.
Data Processor Responsibilities:
1. Chief shall process personal data solely on behalf of the Data Controller.
2. Chief shall implement appropriate technical and organizational measures to ensure the security and confidentiality of the personal data.
3. Chief shall promptly notify the Data Controller in the event of any data breaches or unauthorized access to personal data.
Data Processing Activities:
1. Chief shall process personal data for the following purposes:
  1. Providing access to the Chief platform and its features
  2. Analyzing and summarizing data to generate insights and reports
  3. Facilitating communication and collaboration between users
  4. Improving the functionality and performance of the Chief platform
Data Subject Rights:
1. Chief shall assist the Data Controller in fulfilling its obligations to respond to data subject requests, including requests to access, rectify, restrict, or erase personal data.
2. Chief shall promptly notify the Data Controller of any data subject requests received directly by Chief.
Subprocessing:
1. Chief may engage subprocessors to assist in the provision of its services
  1. Chief shall ensure that any subprocessors it engages are bound by written agreements that provide the same level of data protection and security as set forth in this Agreement.
  2. The Data Controller will be notified of any changes to subprocessors as described in Chief's Privacy Policy.
Data Security
1. Chief shall implement appropriate technical and organizational measures to protect personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage.
  1. These measures shall be in accordance with industry best practices and comply with applicable data protection laws.
Data Retention and Deletion
1. Chief shall retain personal data only for as long as necessary to fulfill the purposes outlined in this Agreement or as required by law.
  1. Upon termination of User's account, Chief shall delete all personal data to the Data Controller, unless otherwise required by law.
Governing Law and Jurisdiction
1. This Agreement shall be governed by and construed in accordance with the laws of Delaware
  1. Any disputes arising out of or in connection with this Agreement shall be subject to the exclusive jurisdiction of the courts of Delaware.
  2. This Data Processing Agreement is effective as of the date above and shall remain in effect until terminated in accordance with its terms.