Last Modified August 1, 2023
THIS PIPA AND THE APPLICATION TERMS OF SERVICE INCLUDE IMPORTANT LEGAL PROVISIONS THAT DEFINE RIGHTS AND OBLIGATIONS REGARDING CACHED’S USE OF YOUR PERSONAL INFORMATION AND YOUR USE OF THE APPLICATION, INCLUDING PROVISIONS BY WHICH YOU AGREE, TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, TO SUBMIT ALL DISPUTES TO BINDING ARBITRATION, WAIVE YOUR RIGHT TO BRING A CLASS ACTION AND WAIVE YOUR RIGHT TO A JURY TRIAL. PLEASE CAREFULLY READ BOTH THIS PIPA AND THE APPLICATION TERMS OF SERVICE IN THEIR ENTIRETY PRIOR TO ACCEPTING THIS PIPA.
“Business Purposes” means, collectively, the Cached services relating to the Application described in the Application Terms of Service and the other purposes specifically identified in Appendix A attached to this PIPA and made a part hereof.
“Data Subject” means an individual who is the subject of the Personal Information and to whom or about whom the Personal Information relates or identifies, directly or indirectly.
“Personal Information” means any information Cached processes in connection with the Application that (a) identifies or relates to an individual who can be identified directly or indirectly from that data alone or in combination with other information in Cached’s possession or control or to which Cached is likely to have access; or (b) the relevant Privacy and Data Protection Requirements (as defined below) otherwise define as protected personal information.
“Privacy and Data Protection Requirements” means all applicable state and U.S. federal as well as foreign laws and regulations relating to the processing, protection, or privacy of Personal Information, including, where applicable, the guidance and codes of practice issued by regulatory bodies in any relevant jurisdiction.
“Processing,” “processes,” or “process” means any activity that involves the use of Personal Information or that the relevant Privacy and Data Protection Requirements may otherwise include in the definition of processing, processes, or process. It includes obtaining, recording, or holding the data, or carrying out any operation or set of operations on the data, including, but not limited to, organizing, amending, retrieving, using, disclosing, erasing, or destroying the data. “Processing” also includes transferring Personal Information to third parties.
“Security Breach” means any act or omission that compromises the security, confidentiality, or integrity of Personal Information or the physical, technical, administrative, or organizational safeguards put in place to protect it. The loss of or unauthorized access, disclosure, or acquisition of Personal Information is a Security Breach whether or not the incident rises to the level of a security breach under applicable Privacy and Data Protection Requirements.
(a) This PIPA is incorporated by reference into the Application Terms of Service.
(b) Any reference in this PIPA to “writing” or “written” includes faxes and emails.
(c) In the case of a conflict between:
(i) any provision contained in the body of this PIPA and any provision contained in Appendix A, the provision in the body of this PIPA will control; or
(a) By accepting this PIPA, each Customer hereby agrees and consents to the license of such Customer’s Personal Information to Data Licensees (as defined in the Application Terms of Service) to the extent authorized by such Customer as described in the Application Terms of Service.
(b) Each Customer agrees that such Customer will not upload or otherwise input into the Application or such Customer’s Customer Profile (as defined in the Application Terms of Service) any Personal Information of any other individual besides such Customer. Each Customer acknowledges and agrees that uploading or otherwise inputting Personal Information relating to another individual is strictly prohibited and will result in the termination of such Customer’s right to use the Application.
(a) Cached will facilitate the license of each Customer’s Personal Information on behalf of such Customer via the Application as described in the Application Terms of Service. Cached otherwise will not of its own accord for its own benefit sell or license any of the Personal Information of any Customer.
(b) Cached will process, retain, use, and disclose the Personal Information only to the extent, and in such a manner, as is necessary for the Business Purposes. Cached will not process, retain, use, or disclose the Personal Information for any other purpose or in a way that does not comply with this PIPA or the applicable Privacy and Data Protection Requirements.
(c) Cached will maintain the confidentiality of each Customer’s Personal Information and will not disclose the same to third parties unless (i) disclosure is required for the Application to operate as described in the Application Terms of Service; (ii) disclosure is authorized by such Customer, this PIPA or the Application Terms of Service; or (iii) disclosure is required by applicable law. If applicable law requires Cached to disclose any Customer’s Personal Information, Cached will first notify such Customer of the legal requirement and give such Customer an opportunity to object or challenge the requirement, unless the law prohibits such notice.
(d) Each Customer acknowledges that, except as may be required under applicable Privacy and Data Protection Requirements, Cached is under no duty to investigate the completeness, accuracy, or sufficiency of any specific Customer instructions or any Personal Information of such Customer.
(a) Cached will limit Personal Information access to those employees and independent contractors of Cached and its affiliates who require such access to perform Cached’s obligations under this PIPA and the Application Terms of Service and for the Application to operate, and shall permit such employees and independent contractors access only to the portion of the Personal Information that they require for the performance of their duties.
(b) Cached will take reasonable steps to ensure that all employees and independent contractors of Cached and its affiliates that will have access to Personal Information:
(i) are informed of the Personal Information’s confidential nature and use restrictions and are obligated to keep the Personal Information confidential;
(ii) have undertaken training on the Privacy and Data Protection Requirements relating to handling Personal Information and how it applies to their particular duties; and
(iii) are aware both of Cached’s and their own personal duties and obligations under the Privacy and Data Protection Requirements and this PIPA.
(a) Cached will implement appropriate technical and organizational measures designed to safeguard Personal Information against unauthorized or unlawful processing, access, copying, modification, storage, reproduction, display, or distribution, and against accidental loss, destruction, unavailability, or damage.
(b) Cached will take reasonable precautions to preserve the integrity of any Personal Information it processes and to prevent any corruption or loss of the Personal Information, including, but not limited to, establishing effective back-up and data restoration procedures.
(c) Cached will, without undue delay, notify a Customer if Cached becomes aware of (i) any unauthorized or unlawful processing of such Customer’s Personal Information; or (ii) any Security Breach that presents a clear and present risk of the unauthorized disclosure of such Customer’s Personal Information.
(a) If any Customer is a resident of a country subject to the UK General Data Protection Regulation or the EU General Data Protection Regulation, by using the Application, creating a Customer Account (as defined in the Application Terms of Service) and/or uploading or otherwise inputting any Personal Information to the Application, Customer is deemed to unequivocally consent to the transfer of such Customer’s Personal Information to Cached’s servers in the United States.
(b) If the Privacy and Data Protection Requirements of the jurisdiction in which any Customer resides restrict cross-border transfers of Personal Information, by using the Application, such Customer explicitly consents to the transfer of such Customer’s personal data from the Customer’s jurisdiction to the United States.
Personal Information Processing Purposes and Details
The purpose of collection of Personal Information related to this PIPA is to provide Customers the ability to use the Application to license their Personal Information to data brokers and other data licensees (“Data Licensees”) that contract with Cached to license Personal Information. Apart from the Personal Information required to establish a Customer Account in the Application, each Customer will input, verify or add their own individually identifying personal information of their choice. Each Customer, through their use of the Application, can choose whether to answer questionnaires that will make their Personal Information eligible to be licensed, receiving remuneration in return for each completed license by a Data Licensee.
Personal Information Categories:
In order for a user of the Application to successfully establish a Customer Account in the Application, Cached will collect the user’s full name, email address, mobile number, address, photos or videos of the user, a government-issued identification card and crash data from such user’s mobile phone. In order for a Customer to link their Customer Wallet (as defined in the Application Terms of Service) to their external bank or credit union account, Cached will collect information about such Customer’s external account. These categories of information do not necessarily constitute the Personal Information that will be subject to license within the Application. The monetization of personal data of any Customer will involve the voluntary collection of a wide array of Personal Information, including sensitive and special categories of information, depending on the individual choices that such Customer makes when using the Application.
Data Subject Types:
Identify Cached’s legal basis for receiving Personal Information with cross-border transfer restrictions (select one):
Located in an EEA Member State or in a country with a current determination of adequacy (list country): ___________________________
Binding Corporate Rules
Standard Contractual Clauses
X Other (describe in detail):_____Customer/Data Subject provides explicit consent to the transfer of their data from an EEA country to the United States.