We at DoSelect believe that technology and the internet should augment our quest for a better life and not be detrimental to our daily lives for good. We, in order to form a more altruistic online existence, strive to achieve privacy of user data, ensure protections for all individuals, provide for the common checks and balances of your online rights, promote the general welfare and secure the liberty of your online identities. You're a person using our services and we promise to you, you're not a product, that we sell. We understand and respect the right to privacy for everyone using our Services.

I. WHO DOES THIS PRIVACY POLICY APPLY TO?

This privacy policy ("Privacy Policy") applies to all Visitors and End users of the website www.doselect.com and the Services or products made available in it ("Website"), which are offered by M/s. Axilly Labs India Private Limited and/or any of its affiliates ("DoSelect" or "we" or "us"). We urge you to read this Privacy Policy carefully. This is because, by accessing or using any part of the Website, you acknowledge you have been informed of and consent to our practices with regard to your personal information and data.

II. WHAT IS DOSELECT?

Doselect is an online platform that is used by:

  1. Our partners to assess the skills of candidates applying to their jobs or for any other purpose
  2. Our partners/customers to assess the skills of their employees and or students;
  3. Employees or students of our partners/customers to practise with the objective of improving their proficiency;
  4. End Users in our developer community to practise with the objective of improving their proficiency
  5. Our partners/customers to host Contests and invite participants into that contest from all online channels
III. DEFINITIONS-

Just to be clear, keep the below information in mind, while reading the Privacy Policy to better understand, who is who and who is whom.

Visitor(s)- any and all internet users who end up surfing our website - www.doselect.com;

End User(s)- are Visitor(s) who sign up to avail our Services;

Partners- are those companies, organizations, body corporates or individuals, who use our Services to:

  1. evaluate the hiring potential of a prospective employee or interns;
  2. evaluate the skill proficiency of their students or employees;
  3. Host contests;
  4. Upskill their students or employees through practice;
  5. Any other legitimate activities that can be executed using our Service.

Services-These are our products or services made available in the Website for a price or at times, if we feel like it, for free;

Personal Data- means any information that identifies you as an individual or relates to an identified or identifiable person or as otherwise defined in applicable data protection laws;

Controller, Processor, Processed, Sub-Processor and Processing, have the meanings given to them in Applicable Data Protection Laws.

Applicable Data Protection Laws means all privacy and data protection laws and regulations applicable to but not limited to collecting, receiving, handling or processing of Personal Data under the Agreement, including EU General Data Protection Regulations, the Information Technology Act, 2000 and relevant rules.

IV. WHAT INFORMATION DOES DOSELECT COLLECT AND WHY?
IV(A). For End Users and Visitors
a. Information from Website Visitors

We collect basic non-personally-identifying information from Website visitors of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. We collect this information for legitimate business purposes only, including to better understand how Visitors use the Website, to improve our Websites and experience for visitors, and to monitor the security of the Websites.

We also collect information like Internet Protocol (IP) addresses from Visitors. We do not use such information to identify or track individual Visitors. We collect this information for legitimate business purposes, only including to understand how Visitors use the Websites, to improve performance and content, and to monitor the security of the Websites.

We may further collect statistics about the behaviour of Visitors and End users to our Website. For instance, DoSelect may reveal how many End users signed up for our services online from the total number of Visitors to our Website etc using aggregated statistics that contain anonymous user information only.

b. Personal Data

Visitors to our Website and End users of our Services MAY CHOOSE to interact with DoSelect services, in ways that provide us with their Personal Data. In such instances, the amount and type of information that DoSelect collects is contingent upon the nature of your interaction with us.

Further, we will also collect the information including personal information including but not limited to your name, address, image and email ("collectively referred to as Profile Information") in connection with creating an online profile of yours on our Website.

Your profile information, however, could be shared with the Partners. Where the Partners use our Services for hiring assessments, learning assessments, hosting contests, community building or via an integration inside their application and the End User to choose to submit their profile information, these will be shared with the Partners. Further, DoSelect if at times, find that your profile may be suited to another Partner or customer with us, rather than the specific Partner to whom you chose to submit your information to, may choose to share your Profile information with such other Partners, as the case maybe for the legitimate benefit of you/Partner/Visitor only. Further, DoSelect may use your Profile Information to improve upon our Services by using your profile information for internal and external business analytics and analysis.

If you report a security vulnerability to DoSelect and request public acknowledgment, then we shall publicly disclose the personal information you provided to us in connection with the report, including your name to fulfil your request for acknowledgment. In each case, DoSelect collects such Personal Data only insofar as is necessary or appropriate to fulfil the purpose of the user's interaction with or request made to DoSelect. We will not disclose Personal Data other than as described in this Privacy Policy.

In some circumstances you might provide us with the Personal Data about another person(s) in which case: You must ensure that you (1) have their permission to provide their Personal Data to us; and (2) you have made them aware of the terms of this Privacy Policy. By submitting the Personal Data about others, you represent and warrant that you are authorized to do so and that you have received authorization from the person about whom you are providing the Personal Data and that person has explicitly consented to have all Information used, processed, disclosed, and transferred in accordance with this Privacy Policy.

Any personally identifiable information provided by you on freely available domain and / or accessible in the public domain including any comments, messages, blogs, scribbles available on social platforms including but not limited to LinkedIn, Facebook, Instagram, Twitter may be collected. Any content posted by you on social media platform like LinkedIn may be collected directly from such social media platform and stored to provide necessary services to you. Please note that any content posted/uploaded/conveyed/communicated by users on the public sections of the Sites becomes published content and is not considered personally identifiable information subject to this Policy.

You can always say NO! This is a free world, ain't it?

Visitors and End Users can always refuse to supply Personal Data, with the caveat that it may prevent you from engaging in certain Website-related activities or being able to access and use certain features and Services. In any case, we will not be liable and or responsible for the denial of certain services to you for lack of you providing the necessary Personal Data.

When you register using your other accounts like Gmail, we shall retrieve personal information, from such account to continue to interact with you and to continue providing the Services.

In addition to the activities outlined elsewhere in our Privacy Notice, users are advised directed to review the test permissions required for accessing the Test/assessment:

During assessments, the Platform may use your device’s camera to capture and use your image for identity verification and to monitor test integrity. This may include recording video and audio, as well as screen activities, to prevent malpractice, unauthorized assistance, or other prohibited behaviors during exams or assessments. Permissions, such as access to the camera, photos, and notifications, require your manual approval. Revoking Permissions may prevent participation in the assessment.

c. Information DoSelect Does Not Collect

DoSelect does not intentionally collect sensitive Personal Data, such as social security numbers, genetic data, health information, or religious information. Although DoSelect does not request or intentionally collect any sensitive personal information, we realize that End users might store this kind of information in a DoSelect repository, if any of the Partners insists on sharing the information or if an End user participates in any coding challenges, blogs posts or any other activity that the End User engage in as part of DoSelect community, including writing articles, sharing posts etc. If you store any sensitive personal information on DoSelect's servers, you are consenting to our storage of that information on our servers, which are located in Asia.

d. No Child's play!

As a matter of DoSelect policy, if you're a child under the age of 13, you MUST NOT create End-user account on the Website. DoSelect does not knowingly collect information from or direct any of our Website or content specifically to children under 13. If we learn or have reason to suspect that a user is under the age of 13, we will close the child's account. We are not liable if users under the age of 13 open an account on the Website defying the express intimation from us to not to do so. However, we understand there are users who are less than the age 13, who might want to contribute to the community and participate in coding challenges and other activities organized by us. They could only do so, only after DoSelect receives express parental consent in accordance with the applicable law pertaining to child welfare.

IV(B). For Partners - Information We Collect

We collect information from Partners regarding their corporate identity, registered office address, contact details, purposes for which our services are rendered and other details. We may also collect and analyse information on how the Partner is using our services and share it with our affiliates to understand industry trends and improve our services. We may make available the details of the Partners to our End Users or Visitors upon request or the information pertaining to the identity of the Partners could be put to display in our Website in the course of rendering our Services.

All Partners agree that all matters not specifically established in this Privacy Policy are governed by the General Terms and Conditions located on the Website. Accordingly, the Partners expressly accepts that in case of conflict between the General Terms and Conditions and this Privacy Policy, this Privacy Policy shall prevail. This clause shall in no manner exclude the Partner from privacy terms and obligations prescribed otherwise than under this clause.

V. UNDER WHAT BASES ARE WE PROCESSING YOUR INFORMATION?

These highlights the legal grounds under which we have the rights to process information collected from you.

  1. Performance of a contract. The use of your information may be necessary to perform the contract that you have with us. For example, if you use our Website to purchase DoSelect product subscriptions or services, create a profile, post and comment through our Website, or request information through our Website, we will use your information to carry out our obligation to complete and administer that contract or request.
  2. Legitimate interests. We use your information for our legitimate business interests, including but not limited to provide, to improve and promote our products and services, and for administrative, security, fraud prevention and legal purposes.
  3. Consent. We may rely on your consent to use your Personal Data for certain direct marketing purposes, such as sending you newsletter updates about DoSelect products. You may withdraw your consent at any time through the unsubscribe feature provided with each marketing email or by contacting us at the addresses given at the end of this Privacy Policy.
VI. How DoSelect Uses and Protects Personally-Identifying Information
  1. HOW DOSELECT USES AND PROTECTS PERSONAL DATA
    1. Sharing Your Information

      DoSelect only discloses Personal Data to those of its employees, contractors, and affiliated organizations that (i) need to know that Personal Data in order to process it on DoSelect's behalf or to provide services available on the Website, and (ii) are bound by confidentiality and privacy obligations at least as restrictive as this Privacy Policy.

      DoSelect will not rent or sell Personal Data to anyone in an unsolicited manner. However, the Personal Data would be shared with its affiliated organizations and related parties who assure DoSelect to utilise the information only for legitimate purposes while ensuring the same level of data protection that is guaranteed under the instant Privacy Policy.

      As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution, or similar event, Personal Data may be part of the transferred assets.

      We may use third-party advertising companies to serve ads when you visit or use our Website or services. These companies may use information (excluding your name, address, email address or telephone number or any personally identifiable information) about your visits or use to particular website, mobile application or services, in order to provide advertisements about goods and services of interest to you.

      For specific use case below, the End User agrees to share their information with our partners in return to participate in a contest for incentives or job offer or any other Services.

      We assure you that, other than to its employees, contractors, and affiliated organizations, as described above, DoSelect discloses Personal Data only when required to do so by law, or when DoSelect believes in good faith that disclosure is reasonably necessary to protect the property or rights of DoSelect, third parties, or the public at large. DoSelect takes measures commercially reasonable and absolutely necessary to protect against the unauthorized access, use, alteration, or destruction of Personal Data.

      Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

    2. Intimation Related To International Transfers

      The Website is hosted in Singapore and any information we collect will be stored and processed on third-party servers which are located in Singapore, who does the same on a contractual basis. Our employees, contractors and affiliated organizations that process information for us as described above may be located in India or in other countries outside of your home country; by using the Website, you consent to the international transfer of your information by DoSelect.

      The use of or provision of the Services may require the transfer of Personal Data of Data Subjects located in the EU to countries outside the European Economic Area. We will ensure an appropriate mechanism that is recognized by applicable Data Protection Laws in EU, is implemented to allow for the data transfer, and shall endeavour that us and the data controllers, data processors, and sub-processors, as applicable, will comply with the related requirements of the alternative mechanism for data transfer.

      To the extent that DoSelect processes (or causes to be processed) any Personal Data protected by EU Data Protection Laws including the General Data Protection Regulation (GDPR and/or originating from the European Economic Area (including the United Kingdom and Switzerland) ("EEA Personal Data") in a country outside of the EEA, we shall first endeavour to take all such measures as are necessary to ensure an adequate level of protection for such EEA Personal Data in accordance with the requirements of EU Data Protection Law.

      We endeavour that your Personal Data is protected by making sure at least one of the following safeguards is in place:

      1. by transferring your personal information to a country that has been deemed to provide an adequate level of protection by the European Commission;
      2. by using specific contracts approved by the European Commission which give your personal information the same protection it has within the EEA including to the US;
      3. where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.
VII. DOSELECT COMMUNICATIONS WITH YOU

If you are a registered End user of the Website and have supplied your email address, DoSelect may occasionally send you an email to tell you about security, system information, new features, solicit your feedback, or just keep you up to date with what's going on with DoSelect and our services and products.

We primarily use our blog to communicate this type of information, so we expect to keep this type of email to a minimum. We will only send mass marketing emails with your affirmative consent. There's an unsubscribe link located at the bottom of each of the marketing emails we send you so you can stop receiving such emails at any time.

If you send us a request (for example via a support email or via one of our feedback mechanisms), we reserve the right to publish your request in order to help us clarify or respond to your request or to help us support other users.

We will not publish your Personal Data in connection with your request.

VIII. COOKIES, TRACKING TECHNOLOGIES AND DO NOT TRACK
  1. Cookies
    1. What is a Cookie?

      A cookie is a string of information that a website stores on a Visitor's computer, and that the Visitor's browser provides to the website each time the Visitor returns.

    2. How do we use a Cookie?

      DoSelect uses cookies to help DoSelect identify and track visitors, their usage of the Websites, and their Website access preferences.

    3. How to politely refuse a Cookie?

      DoSelect Visitors and End Users who do not wish to have cookies placed on their computers may set their browsers to refuse cookies before using the Websites. However, be advised that disabling browser cookies may cause certain features of DoSelect's websites to not function properly.

      Certain pages on the Website may set other third-party cookies. For example, we may embed content, such as videos, from another site that sets a cookie. These sites set their own cookies and we do not have access or control over these cookies. The use of cookies by third parties is not covered by our Privacy Policy.

      For more information on what cookies are used, visit our Cookies Policy

  2. Tracking Technologies

    We use third-party tracking services, but we don't use these services to track you individually or collect your Personal Data. We use these services to collect information about how the Website performs and how users navigate through and use the Website so we can monitor and improve our Services and Website performance.

    Third party tracking services gather certain non-personally identifying information over time, including but not limited to your IP address, browser type, internet service provider, referring and exit pages, timestamp, and similar data about your use of the Website.

    We do not link this information to any of your Personal Data.

  3. Do Not Track

    Do Not Track is a privacy preference you can set in your browser if you do not want online services to collect and share certain kinds of information about your online activity from third-party tracking services. DoSelect does not track your online browsing activity on other online services over time and we do not permit third-party services to track your activity on our site beyond our basic tracking, which you may opt out of.

IX. GLOBAL PRIVACY PRACTICES

Information we collect will be stored in servers located in Singapore and this information may be as per each user case demands, may be processed in India in accordance with this Privacy Policy but we understand that End Users and Visitors from other countries may have different expectations and rights with regard to their privacy.

For all Website Visitors and our End users of Services, no matter their country of location, we will:

  • provide clear methods of unambiguous, informed consent when we do collect your Personal Data;
  • only collect the minimum amount of Personal Data necessary for the purpose it is collected for unless you choose to provide us more;
  • offer you simple methods of accessing, correcting, or deleting your information that we have collected. Modification or deletion of Personal Data received by us from Partners shall be controlled by the Partners; and
  • provide Website users notice, choice, accountability, security, and access, and we limit the purpose for processing. We also provide our users with a method of recourse and enforcement.

You are entitled to the following rights with regard to your personal information and data:

  1. Right of access to your personal data, to know what information about you we hold
  2. Right to correct any incorrect or incomplete personal data about yourself that we hold;
  3. Right to restrict/suspend our processing of your personal data;
  4. Right to complain to a supervisory authority if you believe your privacy rights are being violated

Additional rights that may apply to you in certain instances:

  1. Right of data portability (if our processing is based on consent and automated means);
  2. Right to withdraw consent at any time (if processing is based on consent);
  3. Right to object to processing (if processing is based on legitimate interests);
  4. Right to object to the processing of personal data for direct marketing purposes;
  5. Right of erasure of your personal data from our system ("right to be forgotten")

To exercise your privacy rights, you can email us at privacy@doselect.com

X. DATA RETENTION AND DELETION

If you already have an account on the Website, you may access, update, alter, or raise a request to delete your basic user Profile Information by logging into your account and updating profile settings. DoSelect will retain your information for as long as your account is active or as needed to perform our contractual obligations, provide you services through the Website, to comply with legal obligations, resolve disputes, preserve legal rights, or enforce our agreements.

We will delete inactive accounts once it is no longer necessary to fulfill the 'legitimate business interests' under Applicable Data Protection Laws or when we receive a request from the End User to delete his or her account profile created with us, whichever, is the latest.

The Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and terms of use and that we do not accept any responsibility or liability for these policies and terms of use. Please check these policies before you submit any personal information to these websites.

XII. CONTACTING DOSELECT ABOUT YOUR PRIVACY

If you have questions or concerns about the way we are handling your information or would like to exercise your privacy rights, please email us with the subject line "Privacy Concern" privacy@doselect.com. We will respond within thirty (30) days of receiving your email. If you still haven't received a satisfiable recourse from us in thirty (30) days, kindly send us a reminder.

XIII. PRIVACY POLICY CHANGES

There is only one thing under the sun, which does not change, and it is change in itself and the one thing that certainly will change is a privacy policy. Although most changes are likely to be minor, DoSelect may change its privacy policy from time to time, and in DoSelect's sole discretion. We will provide notification to End users who have provided us email addresses of material changes to this Privacy Policy through our Website prior to the change taking effect by posting a notice on our home page or sending email to the email address specified in your account. DoSelect encourages Visitors to frequently check this page for any minor changes to its Privacy Policy. While we shall mandatorily attempt to seek your express consent as prescribed above, your continued use of this site after any change in this Privacy Policy will however constitute your acceptance of such change.

DATA PROTECTION ADDENDUM FOR PARTNERS/ CUSTOMERS FROM EUROPEAN ECONOMIC AREA

This DoSelect Data Processing Addendum (DPA) is incorporated by reference into any and all services agreements, insertion orders and addendums currently in place between Partner (defined above) and Axilly Labs Private Limited ("DoSelect"), collectively ("Agreement"). This DPA is entered into as of the later of the dates beneath the parties signatures below. By entering into this DPA, Partner represents and warrants that Partner has the authority to legally bind both the Partner and all of Partners personnel, representatives and/or affiliates operating pursuant to any such Agreement referenced herein. The parties agree to comply with the following provisions with respect to any Personal Data of one or more Data Subjects located in the European Economic Area Processed in connection with the Agreement. The purposes of the DPA is to ensure such Processing is conducted in accordance with Data Protection Laws, including the GDPR and with due respect for the rights and freedoms of individuals whose Personal Data are processed. References to the Agreement will be construed as including this DPA. To the extent that the terms of this DPA differ from those in the Agreement, the terms of this DPA shall prevail.

Definitions

All terms (capitalized and otherwise) not defined in this DPA including, without limitation, "personal data", "controller", "processing", "data protection officer", "data subject" and "processor" shall have the meanings set forth in the privacy and data protection laws, regulations, and decisions applicable to a party to this DPA ("Applicable Data Protection Law(s)"). For the sake of clarity, Applicable Data Protection Laws include the EU Directive 95/46/EC and the General Data Protection Regulation (2016/679) and any implementing legislation.

"Partners"- are those companies, organizations, body corporates or individuals, who use our Services to: 1) evaluate the hiring potential of a prospective employee or interns; 2) evaluate the skill proficiency of their students or employees; 3) Host contests; 3) Upskill their students or employees; 4) Any other legitimate activities that can be executed using our Services.

  1. Role of the Parties
    1. Parties agree that the Partner(s) is and will at all times remain the Controller of the Data processed by DoSelect hereunder and that DoSelect may process the Data as a processor and at times, may as a separate and independent controller as strictly required for the Services. In no event will the parties process the Data jointly as joint controllers. Neither party is required to obtain authorization from the other party in relation with its processing of the Data it controls.
    2. Partner agrees and acknowledges that it is responsible for compliance with all its obligations under Applicable Data Protection Law, (including but not limited to providing any required notices and obtaining any required consents and/or authorizations, or otherwise securing an appropriate legal basis under Applicable Data Protection Law).
    3. DoSelect is responsible for compliance with its obligations under this DPA and as a processor under Applicable Data Protection Law. DoSelect, including any DoSelect affiliate and/ or Sub-processors, shall process Data solely for the purpose of (i) providing the Services in accordance with the General Terms and Conditions, where applicable, and this DPA (ii) complying with any documented written instructions provided by the Partner(s), or (iii) complying with DoSelect's regulatory obligations. DoSelect will comply with the aforesaid instructions provided by Partner(s), to the extent necessary for DoSelect to (i) comply with its obligations under Applicable Data Protection Law; or (ii) assist the Partner to comply with its respective obligations under Applicable Data Protection Law relevant to the use or rendering of the Services.
    4. Each party is separately responsible for honouring data subject access requests under Applicable Data Protection Law (including its rights of access, correction, objection, erasure and data portability, as applicable) and responding to correspondence, inquiries and complaints from data subjects. Each party shall provide reasonable and timely assistance to the other party as necessary to help facilitate compliance with this sub-section 1.4
  2. Security Measures
    1. DoSelect has implemented and will maintain appropriate technical and organizational security measures for the processing of Data. These measures are intended to protect Data against the risks inherent to the processing of such Data in the rendering of the Services, and DoSelect may, at its sole discretion and as required to be compliant with Applicable Data Protection Law, modify and amend it from time to time.
    2. Both parties shall ensure that their respective personnel engaged in the Processing of Personal Data under this DPA are informed of the confidential nature of the Personal Data as well as any security obligations with respect to such Personal Data. The Parties shall ensure that access to Personal Data covered under this DPA is limited to that person who require such access to perform the Services.
    3. Both parties will (taking into account the nature of the processing of Personal Data under this DPA) cooperatively and reasonably assist each other in ensuring compliance with any of each other's respective obligations with respect to the security of Personal Data and Personal Data breaches under this DPA.
    4. Further, Partner(s) shall maintain administrative, physical and technical safeguards for the protection of the security, confidentiality and integrity of Personal Data under this DPA. Partner(s) will implement and maintain technical and organizational measures to protect such Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to Personal Data. The Security Measures may include measures to encrypt Personal Data; to help ensure ongoing confidentiality, integrity, availability and resilience of Partner(s) systems and services; to help restore timely access to Personal Data following an incident and for regular testing of effectiveness.
  3. Sub-Processors and Sub-Processing
    1. Partner acknowledges and agrees that DoSelect may engage third-party Sub-processors in connection with the provision of the Services. DoSelect agrees that any agreement with a Sub-processor will include substantially the same data protection obligations as set out in this DPA.
    2. A list of Sub-processors is available in the DoSelect user interface or at a particular web page hosted by DoSelect. DoSelect may change the list of such other Sub-processors by no less than 10 business days' notice via the DoSelect user interface. If Partner objects to DoSelect's change in such Sub-processors, DoSelect may, as its sole and exclusive remedy, terminate the portion of the Agreement relating to the Services that cannot be reasonably provided without the objected-to new Sub-processor by providing 30 days' written notice to Partner.
    3. Where Partner engage third-party Sub-processors in connection with the provision of the Services, Partner must provide a list of Sub-Processors to DoSelect, at DoSelect's written request. Partner will have a written agreement with each Sub-processor and agrees that any agreement with a Sub-processor will include substantially the same data protection obligations as set out in this DPA.
    4. Both parties shall be liable for the acts and omissions of its Sub-processors to the same extent such party would be liable under the terms of this DPA.
  4. Security Breach
    1. If either party becomes aware of any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to any Personal Data transmitted, stored or otherwise processed on the other party's equipment or facilities under this DPA ("Security Breach"), such party will promptly notify the other party of the Security Breach. Notifications made pursuant to this section will take place within a reasonable time and certainly no longer than three business days after discovery and shall describe, to the extent possible, details of the Security Breach, including steps taken to mitigate the potential risks and any recommended steps that either or both parties should take to address the Security Breach. Each party will promptly investigate the Personal Data Breach if it occurred on its infrastructure or in another area it is responsible for and will assist the other party as reasonably necessary for both parties to meet their obligations under Applicable Data Protection Laws.
    2. Both parties agree that an unsuccessful Security Breach attempt will not be subject to this Section 4. An unsuccessful Security Breach attempt is one that results in no unauthorized access to personal data processed pursuant to this DPA or to any of either party's equipment or facilities storing personal data.
    3. Any notification of or response to a Security Breach under this Section 4 will not be construed as an acknowledgment by either party of any fault or liability with respect to the Security Breach.
  5. Liability

    Both parties agree that their respective liability under this DPA shall be apportioned according to each party's respective responsibility for the harm (if any) caused by each respective party.

  6. Retention of Data.

    On expiry of the Agreement, both parties hereby instruct the other to delete all Personal Data (including existing copies) from their respective systems and discontinue processing of such Personal Data in accordance with Data Protection Law as soon as reasonably practicable and within the time frame, wherein, the processing of such data does not serve any 'legitimate business interest' as defined in the Data Protection Law. This requirement shall not apply to the extent that the Personal Data has been archived on backup systems so long as such Personal Data is isolated and protected from any further processing except to the extent required by applicable law.

  7. Cross-Border Data Transfers.
    1. The use of or provision of the Services may require the transfer of Personal Data of Data Subjects located in the EU to countries outside the EEA. Each party will ensure an appropriate mechanism that is recognized by applicable Data Protection Laws is implemented to allow for the data transfer and shall ensure both it and its Data Controllers, Data Processors, and Sub-Processors will comply with the related requirements of the alternative mechanism for data transfer.
  8. Miscellaneous
    1. This DPA will take effect on the date it is executed by Partner and DoSelect at the bottom of this Agreement (the Effective Date) and will remain in effect until, and automatically expire upon, the deletion of all Personal Data by DoSelect or Partner through the Services as described in this DPA.
    2. Nothing in this DPA shall impact Partners intellectual property rights with respect to Personal Data provided by Partner under the Agreement except to the extent required by applicable law.
    3. Nothing in this DPA shall confer any benefits or rights on any person or entity other than the parties to this DPA.
    4. This DPA may be executed in any number of counterparts, each of which when executed shall constitute a duplicate original, but all the counterparts shall together constitute the one Agreement.
Download the DPA for signature here.