To assist our business customers and data partners in meeting ours and their obligations under applicable data protection and privacy laws we have created Data Processing Agreements (DPA) and DPA Schedules for our agreements that are written based on how the Lotame platform operates to state the roles, responsibilities, and obligations of how we and you, our business customers and data partners, will comply with applicable data protection and privacy laws. Lotame continuously monitors the global privacy landscape and adapts our DPAs and DPA Schedules accordingly to ensure that you and we can meet our obligations under applicable data protection and privacy laws.
The DPA is incorporated by reference into the agreement covering your relationship with Lotame; however, if you wish to review the DPA and DPA Schedules, require a signed copy of the DPA, or if you have signed an earlier version of our DPA and need to sign our current DPA, instructions on how to review and sign the DPA are included on the following pages:
These responses to frequently asked questions are for informational purposes only and do not create any contractual commitments. The responsibilities and liabilities of Lotame to its customers are governed by our agreements, and these FAQs are not part of, nor does it modify, any agreement a party may have with Lotame.
Can my company use its own DPA?
Lotame is unable to work from your company’s template DPA.
As a multi-tenant technology platform, Lotame processes the personal data we receive from all of our business customers and data partners in the same way. As such, we are unable to change the Lotame platform to operationalize individual specific requirements that may be included in your company’s template DPA.
We have drafted our DPAs to reflect the roles, responsibilities, and obligations of how both of us will comply with requirements and obligations in data protection and privacy laws based on how the Lotame platform operates – unless specific language is required to be included in a written agreement by a law or court decision, our DPAs do not restate the responsibilities and obligations that are already stated in data protection and privacy laws because our agreements and our DPAs already require you and us to comply with ALL applicable laws.
Additionally, we continuously monitor the global privacy landscape and adapt our DPA and DPA Schedules to reflect changes to data protection and privacy laws, and will notify you if a change to the DPA or DPA Schedule is necessary.
What are Lotame’s roles under various applicable Data Protection and Privacy Laws?
Please visit this summary of roles under various data protection and privacy laws. Please note that this is only a summary and the actual roles between you and Lotame may vary based on the Lotame services that you have subscribed to as listed in your agreement with us.
Does Lotame use subcontractors or processors?
Yes. The list of Lotame’s subcontractors/processors can be viewed by visiting Subcontractors and Processors. Business customers and data partners may object to the use of a new subcontractor/processor to process the personal data provided to Lotame in accordance with the procedure set out in our DPA. We will notify of any changes to our subcontractors/processors as stated in the DPA.
Where can I find information about Lotame’s technical and organizational measures to safeguard Personal Data?
Information about Lotame’s technical and organizational measures to safeguard the processing of Personal Data can be viewed by visiting Technical and Organizational Measures.
Where can I find information to complete a transfer impact assessment?
Information to help you conduct a data transfer impact assessment in connection with your use of our Services can be viewed by visiting Transfer Impact Assessment Information.