Terms of Use

Important: Please read these Terms of Use carefully before continuing to use this software application and accompanying services.

Section 24 of this Terms of Use Agreement contains a binding arbitration clause and class action waiver. If you live in the United States, this Section affects your rights about how to resolve disputes that you may have with us.

Please read it carefully.

These Terms of Use (the “Agreement”) is effective as of the date you sign up for the Service (as defined below) (the “Effective Date”) and applies to Fraud Blocker LLC’s products and services, which include:

The Fraud Blocker website located at: https://fraudblocker.com.
The Fraud Blocker web app.

Fraud Blocker LLC is referred to elsewhere in this Agreement as “Fraud Blocker,” “we,” “us,” or “our.” By agreeing to this Agreement, you also agree to the Data Processing Agreement (“DPA”), attached to this Agreement and incorporated by reference.

Definitions

“Aggregated Data” means data and information related to your use of the Service that is used by us in an aggregate and anonymized manner, including to compile statistical and performance information related to the provision and operation of the Service.
“Authorized User” means any person (i) for whom you have purchased access to the Service, (ii) who is authorized to access and use the Service under the rights granted to you in this Agreement, and (iii) for whose usage of the Service you remain solely responsible under this Agreement. The number of Authorized Users will be as agreed during your Service signup or other written agreement between you and Fraud Blocker.
“Fraud Blocker IP” means the Service, the SaaS Documentation, and all intellectual property provided to you or any Authorized User. Fraud Blocker IP includes Aggregated Data and any information, data, or other content derived from our monitoring of your access to or use of the Services, but does not include Your Data. For simplicity, we may refer to “Fraud Blocker IP” as “our intellectual property.”
“SaaS Documentation” means any Fraud Blocker user manuals, handbooks, or guides relating to the Service provided by Fraud Blocker to you.
“Service” means the “Fraud Blocker” software-as-a-service offering that we provide to you, or have an obligation to provide to you, under this Agreement, including any SaaS Documentation and other Service content.
“Your Data” means, other than Aggregated Data, information, data, and other content in any form or medium that is submitted, posted, or otherwise transmitted by or on behalf of you or an Authorized User through the Service.

1. Acceptance of Terms

By continuing to use the Service, you agree as follows:

1.1. You understand and intend that this Agreement is a legally binding agreement and the equivalent of a signed, written contract;

1.2. You will use the Service in accordance with applicable laws and regulations and in accordance with the terms and conditions in this Agreement as may be amended by us from time to time;

1.3 You understand and accept that we may modify the Agreement from time to time, and your continued use of the Service following such modifications will constitute your consent to the modified Agreement; and

1.4. You understand, accept, and have received this Agreement and its terms and conditions, and acknowledge and demonstrate that you can access this Agreement.

If you do not agree with all the terms and conditions in this Agreement, then you must immediately discontinue all use the Service.

2. Your Access to Our Service

Subject to and conditioned on your payment of Fees and compliance with all other terms and conditions of this Agreement, we hereby grant you a non-exclusive, non-transferable right to access and use the Service during the Term, solely for use by an Authorized User in accordance with the terms and conditions of this Agreement. Your use is limited to your internal use. We will provide you any passwords, network links, or connections to allow you to access the Service. All Authorized Users will be given access by you through the “User Management” section of your Account dashboard on the Service.

Again, the Service is made available for use and access only. It is neither sold nor licensed.

Further, unless you notify us otherwise in writing, we may identify and indicate you as a customer and user of our Service on our website and in other online and offline marketing materials and press releases. We acknowledge that your company name and logo are protected by intellectual property rights. You hereby grant us a worldwide, non-exclusive, non-transferable, royalty-free license to use your name, logo, and website URL on our website and in other online and offline marketing materials relating to the Service. We will use this content strictly in accordance with any usage guidelines you provide us with.

3. Restrictions on Your Use of Our Intellectual Property

You will not use our intellectual property for any purpose beyond that granted in this Agreement. This means that you will not at any time, directly or indirectly, and will not permit any Authorized User, to:

Copy, modify, or create derivative works of our intellectual property, in whole or in part.
Reverse engineer, disassemble, decompile, decode, adapt, or otherwise attempt to derive or gain access to any software component of our intellectual property, including any attempts to discover the underlying code, structure, implementation, or algorithms of our intellectual property.
Use our intellectual property to develop, create, or permit others to develop or create a product or service similar or competitive to our intellectual property, and, in particular, our Service.
Make available our intellectual property to third parties, including by reselling, licensing, renting, leasing, transferring, lending, timesharing, assigning, or redistributing our intellectual property.
Remove any proprietary notices from our intellectual property.
Use our intellectual property in any manner or for any purpose that infringes, misappropriates, or otherwise violates any intellectual property right or other right of any person, or that violates any applicable law.

In particular, with respect to the Service and any supplemental software code, you may not perform or attempt to perform any of the following:

Identify, probe, or scan any security vulnerabilities.
Access data not intended for you, or access an account that you are not authorized to access.
Interfere with, circumvent, manipulate, overload, impair, or disrupt an operation or functionality.
Work around any technical limitations.
Use any tool to enable features or functionalities that are otherwise disabled, inaccessible, or undocumented.
Impersonate any person or entity, or make any false statements pertaining to your identity.
Collect or process information or data about our subscribers.
Send any virus, worm, Trojan horse, or other malicious or harmful code or attachment.
Use robots, crawlers, or any similar applications to scrape, harvest, collect, or compile content.

4. Reservation of Rights

We reserve all rights not expressly granted to you in this Agreement. Except for the limited rights and licenses expressly granted in this Agreement, nothing in this Agreement grants to you or any third party any intellectual property rights or other right, title, or interest in or to the Service.

5. Suspension of the Service

Notwithstanding anything to the contrary in this Agreement, we may temporarily suspend your and any Authorized User’s access to any portion or all of the Service if any of the following occur:

If we reasonably determine that:
- there is a threat to any of our intellectual property;
- your or any Authorized User’s use of our intellectual property disrupts or poses a security risk to our intellectual property or to any of our customers or vendors;
- you or any Authorized User are using our intellectual property for fraudulent or illegal activities;
- subject to applicable law, you have ceased to continue your business in the ordinary course, made an assignment for the benefit of creditors or similar disposition of your assets, or become the subject of any bankruptcy, reorganization, liquidation, dissolution, or similar proceeding; or
- our provision of the Service to you or any Authorized User is prohibited by applicable law.
Any of our vendors have suspended or terminated our access to or use of any third-party services or products required to enable you to access the Service.
Your failure to make any payment when due and such failure continues for 15 days or more. Then, we may suspend your and any Authorized User’s access to any portion or all of the Service until such amounts are paid in full.While we will use commercially reasonable efforts to provide you written notice of any suspension of your Service and to provide updates regarding resumption of access to the Service following any suspension, in no event will we have any liability for any damage, liabilities, losses (including any loss of data or profits), or any other consequences that you or any Authorized User may incur as a result of a suspension of your access to the Service.

6. Aggregated Data

Notwithstanding anything to the contrary in this Agreement, we may monitor your use of the Service and collect and compile Aggregated Data. With respect to these Aggregated Data, we own and retain all right, title, and interest in and to them.

You acknowledge and agree that we may compile Aggregated Data based on Your Data input into the Service. You further acknowledge and agree that we may:

make Aggregated Data publicly available in compliance with applicable law; and
use Aggregated Data to the extent and in the manner permitted under applicable law.

7. Your Responsibilities

You are responsible and liable for all uses of our intellectual property resulting from access provided by you, directly or indirectly, whether such access or use is permitted by or in violation of this Agreement.

Without limiting the generality of the foregoing, you are responsible for all acts and omissions of Authorized Users, and any act or omission by an Authorized User that would constitute a breach of this Agreement if taken by you will be treated as a breach of this Agreement by you.
You will use reasonable efforts to make all Authorized Users aware of this Agreement’s provisions as applicable to such Authorized User’s use of our intellectual property and will cause Authorized Users to comply with such provisions.

8. Fees and Payment

You will pay us the fees (“Fees”) in US dollars, as set forth in your Account dashboard. These Fees are a recurring subscription on a monthly or annual basis (as chosen by you), and are being prepaid in advance of our granting access to the Service for the following subscription period, beginning with the Fee payment date.

You are automatically granted a free trial (usually 30 days, but the actual length of time will be as noted in your Account dashboard), after which you will be automatically charged the agreed-upon Fee for your chosen subscription using the payment information you entered. You may cancel at any time prior to the end of the trial period.

Depending on the service level you choose in your Account dashboard, if you reach the limit of allowed services for that level we will pause the Service until your next billing cycle, or you may have the option to upgrade your Account’s service level to accommodate additional services. If you have any questions, please contact us at [email protected].

If you fail to make any payment when due, without limiting our other rights and remedies:

We may charge interest on the past due amount at the rate of 3% per month calculated daily and compounded monthly or, if lower, the highest rate permitted under applicable law.
You will reimburse us for all reasonable costs incurred by us in collecting any late payments or interest, including attorneys’ fees, court costs, and collection agency fees.
If such failure continues for 15 calendar days or more, we may suspend your and any Authorized User’s access to any portion or all of the Services until such amounts are paid in full in accordance with Section 8 of this Agreement.

All Fees and amounts payable by you under this Agreement do not include taxes and similar assessments. You are responsible for all sales, use, and excise taxes, and any other similar taxes, duties, and charges of any kind imposed by any federal, state, or local governmental or regulatory authority on any amounts payable by you under this Agreement. You are not responsible for any taxes imposed on our income.

9. Confidential Information

Fraud Blocker may disclose or make available to the other information about their business affairs, products, confidential intellectual property, trade secrets, third-party confidential information, and other sensitive or proprietary information, whether or not marked, designated, or otherwise identified as “confidential” (collectively, “Confidential Information”).

Confidential Information does not include information that, at the time of disclosure is:

in the public domain;
known to you at the time of disclosure;
rightfully obtained by you on a non-confidential basis from a third party; or
independently developed by you.

You agree that you will not disclose Fraud Blocker’s Confidential Information, except to employees who need to know Confidential Information to exercise your rights or perform your obligations under this Agreement.

On the expiration or termination of this Agreement, you will promptly return to the other all copies, whether in written, electronic, or other form or media, of our Confidential Information, or destroy all such copies and certify in writing to the other that such Confidential Information has been destroyed.

Your nondisclosure obligations with regard to Confidential Information are effective as of the Effective Date and will expire 5 years from the date first disclosed.

With respect to any Confidential Information that constitutes a trade secret (as determined under applicable law), obligations of nondisclosure will survive the termination or expiration of this Agreement for as long as such Confidential Information remains subject to trade secret protection under applicable law.

10. Intellectual Property Ownership

Our Intellectual Property

You acknowledge that we own all right, title, and interest in and to our intellectual property, and, with respect to any third-party software or services which may be incorporated into the Service, the applicable third-party providers own all right, title, and interest in and to such software or services.

Your Data

We acknowledge that you own all right, title, and interest in and to Your Data. You hereby grant us a non-exclusive, royalty-free, worldwide license to reproduce, distribute, and otherwise use and display Your Data and perform all acts with respect to Your Data as may be necessary for us to provide the Service to you, and a non-exclusive, perpetual, irrevocable, royalty-free, worldwide license to reproduce, distribute, modify, and otherwise use and display Your Data as such is aggregated, anonymized, and incorporated within the Aggregated Data.

Feedback

If you or any of your employees or contractors send or transmit any communications or materials to us suggesting or recommending changes to our intellectual property, including new features or functionality, or any comments, questions, suggestions, or the like, we are free to use such feedback irrespective of any other obligation or limitation.

You hereby assign to us on your behalf, and on behalf of your employees, contractors, and agents, all right, title, and interest in, and we are free to use, without any attribution or compensation to any party, any ideas, know-how, concepts, techniques, or other intellectual property rights contained in the feedback, for any purpose whatsoever.

11. Term and Termination

The Term of this Agreement begins on the Effective Date and, unless terminated earlier in accordance with this Agreement’s express provisions, will continue in effect until terminated by either party by giving notice to the other, which you may do by either logging into your account and cancelling your subscription through your Account dashboard, or by contacting us.

In addition to any other express termination right set forth in this Agreement:

We may terminate this Agreement, effective on written notice to you, if you:
- fail to pay any amount when due, and such failure continues more than 30 days after our delivery of written notice of such failure; or
- breach any of your obligations under “Restrictions on Your Use of Our Intellectual Property” or “Confidential Information.”
Either party may terminate this Agreement, effective on written notice to the other party, if the other party materially breaches this Agreement, and such breach:
- is incapable of cure; or
- being capable of cure, remains uncured 30 days after the non-breaching party provides the breaching party with written notice of such breach.
Either party may terminate this Agreement, effective immediately upon written notice to the other party, if the other party:
- becomes insolvent or is unable to pay, or fails to pay, its debts as they become due;
- files or has filed against it, a petition for voluntary or involuntary bankruptcy or otherwise becomes subject, voluntarily or involuntarily, to any proceeding under any domestic or foreign bankruptcy or insolvency law;
- makes or seeks to make a general assignment for the benefit of its creditors; or
- applies for or has appointed a receiver, trustee, custodian, or similar agent appointed by order of any court of competent jurisdiction to take charge of or sell any material portion of its property or business.

12. Messages from Fraud Blocker

You understand that you may receive business-related communications from us through the Service or through SMS, phone calls, or email, such as product-related messages, announcements, and administrative notices. You agree that these communications are not unsolicited commercial advertisements and you agree to receive them.

Marketing-related email messages will be accompanied by instructions for opting out.

13. Your Account

13.1. Account Creation. You need to register for an Account to use the Service (your “Account”). You may create an Account for free by signing up through a registration form on the Service. You are solely responsible for the activity that occurs on your Account. You agree to keep your Account and devices secure and to notify us immediately of any breach of security or unauthorized use of your Account.

13.2. Accurate Information. When creating your Account, you promise to provide accurate information related to your Account. You promise to keep this information updated so that it is accurate at all times.

13.3. No Account Purchases and Transfers. You may not buy, sell, give, or trade any Account, nor attempt to buy, sell, give, or trade any Account. We own, have licensed, or otherwise have rights to all the content that appears in-Service, including Accounts.

14. Support Services and Maintenance

We may, in our sole discretion, provide you with customer and technical support services related to the Service (“Support Services”). We are not required to provide Support Services unless otherwise required by applicable law. No failure to provide, or to continue to provide, Support Services will constitute a default by Fraud Blocker under this Agreement. Any supplemental software code provided to you as part of the Support Services will be treated as part of the Service, and as between you and us will be and remain our sole property and will be subject to the terms and conditions of this Agreement.

If we choose to provide you Support Services, we will attempt to respond to any technical questions, problems, and inquiries within a reasonable time. But the following restrictions apply:

We may decline to provide support for a matter that we consider, at our sole discretion, to require unreasonable time, effort, cost, or expense.
We make no warranty as to a specific response time or to the successful or satisfactory resolution of the question, problem, or inquiry.
You will cooperate and work closely with us to reproduce malfunctions as we reasonably request, including conducting diagnostic or troubleshooting activities.
You will cooperate and perform any requested modifications that our technical staff instructs you to perform on any supplementary software code installed on your webpage.

Our customer support may be reached by contacting us at [email protected]. You agree that you will look solely to Fraud Blocker in connection with Support Services.

15. Modification and Monitoring of the Service

We reserve the right to modify or discontinue, temporarily or permanently, the Service (or any part of the Service) with or without notice at any time. You agree that we will not be liable to you or any third party for any modification, suspension, or discontinuance of the Service.

If we enhance the Service to include new or additional features of capabilities, we may amend this Agreement or the applicable Fees and we reserve the right to obtain your consent to such amendments. If you do not agree to these amendments in their entirety, we reserve the right to terminate this Agreement as otherwise described in this Agreement.

We reserve the right to monitor use of the Service to determine compliance with this Agreement, as well as the right to edit, refuse to post, or remove any content, information, or materials, in whole or in part, at our sole discretion. We reserve the right to refuse access to the Service to anyone, or terminate any Account, for any reason, at any time.

16. Software Quality

We will endeavor to have our Service operate properly. However, as a service that relies on software, predictive algorithms, third-party networks, software, and services, and continuous Internet connectivity, we do not guarantee that our Service will operate in an uninterrupted or error-free manner or that it will always be available, free from errors, omissions, or malfunctions.

If we receive notice of any failure or malfunction, of we become aware of them by ourselves, we will attempt to regain the Service’s availability as soon as practicable. But such incidents will not be considered a breach of this Agreement.

Further, even though we make commercially reasonable efforts to have our Service identify fraudulent clicks and other fraudulent activity, we cannot and do not guarantee that our Service will detect or prevent all types or all instances of fraudulent behavior. We will not be liable for any such fraudulent activity not detected by our Service.

17. Disclaimer of Warranties

Your use of the Service is entirely at your own risk.

The Service is provided by Fraud Blocker on an as-is basis. Fraud Blocker expressly disclaims all warranties of any kind, whether express or implied, including the implied warranties of merchantability, fitness for a particular purpose and non-infringement.

Fraud Blocker makes no warranty that (i) the Service will meet your requirements, (ii) that operation of the Service will be uninterrupted, timely, secure, or error-free, or (iii) the results that may be obtained from the use of the Service will be accurate or reliable.

No advice or information, whether oral or written, obtained by you from Fraud Blocker, or through the Service creates any warranty regarding the Service not expressly stated in this Agreement.

Because some states or jurisdictions do not allow the disclaimer of implied warranties, the foregoing disclaimer may not apply to you.

18. Limitation of Liability

You expressly understand and agree that Fraud Blocker is not liable for any direct, indirect, incidental, special, consequential, or exemplary damages, including damages for loss of profits, goods, goodwill, use, data, or other intangible losses (even if Fraud Blocker has been advised of the possibility of such damages), resulting from the use or the inability to use the Service or any other matter relating to the Service, and without regard to whether such damages, or claims of damages arise based in contract, tort or otherwise.

Because some states or jurisdictions do not allow the exclusion or the limitation of liability for consequential or incidental damages, in such states or jurisdictions, the liability of Fraud Blocker and its affiliates will be limited to the fullest extent permitted by law.

19. Indemnification

You agree to indemnify and hold Fraud Blocker and its affiliates, officers, agents, and employees harmless from any claim, demand, loss, costs, or expense, including attorneys’ fees, made by any person or entity arising out of your violation of this Agreement, state or federal laws or regulations, or any other person’s rights, including infringement of any copyright or violation of any proprietary or privacy right. Under no circumstances, including any negligent act, will Fraud Blocker or its affiliates or agents be liable for any damages of any kind that result from the use of, or the inability to use, the Service.

20. Your Personal Information

Certain personal and other information that we collect, process, and share is subject to our Privacy Policy. As a condition of using the Service you agree to the terms of the Privacy Policy, as it may be changed from time to time. Our Privacy Policy, which is incorporated here by reference, is located at https://fraudblocker.com/privacy. You agree that your use of the Service is subject to the Privacy Policy.

21. Disclosures Required by Law

We reserve the right to disclose any information, including personally identifiable information about you, as necessary to satisfy any applicable law, regulation, legal process, or governmental request. We reserve the right to fully cooperate with any law enforcement authorities or court order requesting or directing us to disclose the identity of any user believed to be in violation of this Agreement.

By accepting this Agreement, you waive all rights and agree to hold us harmless from any claims resulting from any action taken by us during or as a result of its investigations or from any actions taken as a consequence of investigations by either Fraud Blocker or law enforcement authorities.

22. Legal Compliance

By using the Service, you represent and warrant that (i) you are not located in a country that is subject to a U.S. Government embargo, or that has been designated by the U.S. Government as a “terrorist supporting” country; and (ii) you are not listed on any U.S. Government list of prohibited or restricted parties.

23. Governing Law; Mediation; Jurisdiction

The Agreement, and all future agreements you enter into with us, unless otherwise indicated on such other agreement, will be governed by the laws of the State of California. This is the case regardless of whether you reside or transact business with us, or any of our affiliates or agents, in the State of California or elsewhere. Unless a dispute would be governed by the terms of Section 24 below, you agree to submit to the personal and exclusive jurisdiction of the courts located within the city of Los Angeles, California, United States.

24. Binding Arbitration

Any dispute or claim relating in any way to your use of the Service (each, a “Claim”) will be resolved by binding arbitration, rather than in court (except that you may assert claims in small-claims court if your claims qualify). You agree that each Claim must be brought individually.

YOU AND FRAUD BLOCKER AGREE THAT (i) THERE IS NO RIGHT OR AUTHORITY FOR ANY DISPUTE TO BE ARBITRATED ON A CLASS ACTION BASIS OR TO UTILIZE CLASS ACTION PROCEDURES; (ii) THERE IS NO RIGHT OR AUTHORITY FOR ANY DISPUTE TO BE BROUGHT IN A PURPORTED REPRESENTATIVE CAPACITY OR AS A PRIVATE ATTORNEY GENERAL; AND (iii) NO ARBITRATION MAY BE JOINED WITH ANY OTHER ARBITRATION.

The Federal Arbitration Act and federal arbitration law apply to this Agreement and this binding arbitration clause.

Arbitration is a process with no judge or jury – an arbitrator will review the arguments in the dispute and award damages and other relief just like a court would. The arbitrator must follow this Agreement as a court otherwise would. Court review of the arbitration award is limited under the Federal Arbitration Act.

To start an arbitration, you must send an email to [email protected] describing your Claim and requesting arbitration, or we may do the same by sending a written notice requesting arbitration to your address. The proceedings will be conducted through JAMS, using their Streamlined Arbitration Rules and Procedures. You can view these rules at jamsadr.com or by calling 800-352-5267. The payment of the initial filing fees will be made by the party filing the Claim, and any other filing and other fees will be apportioned as directed by the JAMS rules. The arbitration will take place in Los Angeles, California, United States, unless the Parties agree to video, phone, or Internet connection appearances.

Except as otherwise set forth below, you may seek any remedies available to you under federal, state or local laws in an arbitration action. As part of the arbitration, both you and Fraud Blocker will have the opportunity for discovery of non-privileged information that is relevant to the Claim. The arbitrator will provide a written statement of the arbitrator’s decision regarding the Claim, the award given (including any attorneys’ fees and costs awarded), and the arbitrator’s findings and conclusions on which the arbitrator’s decision is based.

Notwithstanding the terms of this Section, either of us may bring a lawsuit in court for equitable relief, for any misuse or infringement of intellectual property rights, or for any Claim related to, or arising from, allegations of theft, piracy, invasion of privacy, or unauthorized use of the Service.

BY AGREEING TO THIS ARBITRATION PROVISION, YOU UNDERSTAND THAT YOU AND FRAUD BLOCKER WAIVE THE RIGHT TO SUE IN COURT AND HAVE A JURY TRIAL.

You and Fraud Blocker agree that if any portion this Section is found illegal or unenforceable, that portion will be severed and the remainder of the Section will be given full force and effect.

25. Security of Data Transmission and Storage

Electronic communications using the Service may not always be encrypted. You acknowledge that there is a risk that data, including email, electronic communications, and personal data, may be accessed by unauthorized third parties when communicated between you and Fraud Blocker or between you and other parties.

Fraud Blocker and its affiliates and agents are permitted, but not obligated, to review or retain your communications.

26. Hyperlinks

The Service may contain links to other sites and software applications, including through display advertisements (the “Linked Services”). Fraud Blocker does not control the Linked Services, and Fraud Blocker and its affiliates and agents make no representations whatsoever concerning the content, accuracy, security or privacy of those Linked Services. The fact that Fraud Blocker has provided a link to an external location is not an endorsement, authorization, sponsorship, or affiliation with respect to such Linked Services, its owners, or its providers. There are risks in using any information, software, or products found on the Internet, and Fraud Blocker cautions you to make sure you understand these risks before retrieving, using, relying upon, or purchasing anything via the Internet. You agree that under no circumstances will you hold Fraud Blocker or its affiliates or agents liable for any loss or damage caused by use of or reliance on any content, goods, or services available on Linked Services.

27. Trademarks and Copyrights

The Service is owned by Fraud Blocker and is protected by United States copyright laws and international treaty provisions. All Service content, trademarks, services marks, trade names, logos, and icons are proprietary to Fraud Blocker, subject to any third-party rights in portions of the Service licensed from third parties. Nothing contained in the Service should be seen as granting any license or right to use any trademark displayed in the Service without the written permission of Fraud Blocker or such third party that may own the trademarks displayed in the Service. Your use of the trademarks displayed in the Service, or any other content in the Service, except as provided in this Agreement, is strictly prohibited.

Intellectual property displayed through the Service is either the property of, or used with permission by, Fraud Blocker. You are prohibited from using or authorizing the use of this intellectual property unless specifically permitted under the Agreement. Any unauthorized use of this intellectual property may violate copyright laws, trademark laws, the laws of privacy and publicity, or other regulations and statutes.

28. Miscellaneous Terms

28.1. Agreement Revisions. This Agreement may only be revised in writing by Fraud Blocker, or by our publication of a new version on the Service.

28.2. Force Majeure. We are not liable for any delay or failure to perform due to unforeseen circumstances or causes beyond our control, such as acts of God, war, terrorism, riots, embargoes, acts of civil or military authorities, fire, floods, accidents, strikes, or shortages of transportation facilities, fuel, energy, labor, or materials.

28.3. No Partnership. You agree that no joint venture, partnership, employment, or agency relationship exists between you and us as a result of this Agreement or your use of the Service.

28.4. We may assign this Agreement, in whole or in part, to any person or entity at any time with or without your consent. You may not assign the Agreement without our prior written consent, and any unauthorized assignment by you will be null and void.

28.5. Export Regulation. You will comply with all applicable federal laws, regulations, rules, and complete all required undertakings (including obtaining any necessary export license or other governmental approval) that prohibit or restrict the export or re-export of our intellectual property or any of Your Data outside the U.S.

28.6. S. Government Rights. Each of the software components that constitute the Service are a “commercial item” as that term is defined at 48 C.F.R. § 2.101, consisting of “commercial computer software” and “commercial computer software documentation” as such terms are used in 48 C.F.R. § 12.212.

Accordingly, if you are an agency or contractor of the U.S. Government, you only receive those rights with respect to the Service as granted to all other end users, in accordance with (a) 48 C.F.R. § 227.7201 through 48 C.F.R. § 227.7204, with respect to the Department of Defense and their contractors, or (b) 48 C.F.R. § 12.212, with respect to all other U.S. Government users and their contractors.

28.7. If any part of this Agreement is determined to be void, invalid or unenforceable, then that portion will be severed, and the remainder of the Agreement will be given full force and effect.

28.8. Attorneys’ Fees. If any litigation is brought by either party in connection with this Agreement, the prevailing party in such litigation will be entitled to recover from the other party all the reasonable costs, attorneys’ fees and other expenses incurred by such prevailing party in the litigation.

28.9. No Waiver. Our failure to enforce any provision of this Agreement will in no way be construed to be a present or future waiver of such provision, nor in any way affect the right of any party to enforce every such provision thereafter. The express waiver by us of any provision, condition, or requirement of this Agreement will not constitute a waiver of any future obligation to comply with such provision, condition, or requirement.

28.10. Equitable Remedies. You hereby agree that we would be irreparably damaged if the terms of this Agreement were not specifically enforced, and therefore you agree that we will be entitled, without bond, other security, or proof of damages, to appropriate equitable remedies with respect to breaches of this Agreement, in addition to such other remedies as we may otherwise have available to us under applicable laws.

28.11. Entire Agreement. This Agreement, including the documents expressly incorporated by reference, constitutes the entire agreement between you and us with respect to the Service and supersedes all prior or contemporaneous communications, whether electronic, oral, or written, between you and us with respect to the Service.

28.12. Inclusive Language. As used in this Agreement, the word “including” means “including but not limited to,” and the word “includes” means “includes without limitation.”

Fraud Blocker LLC
Data Processing Agreement

This Data Processing Agreement (the “DPA”) is incorporated into the Fraud Blocker Terms of Use (the “Agreement”) (the “Agreement”) between Fraud Blocker LLC (“Fraud Blocker”) and you, the Fraud Blocker customer (“Customer”) (each a “Party” and collectively the “Parties”).

In providing certain services to Customer under the Agreement (the “Services”), Fraud Blocker may Process Personal Data on behalf of Customer. Fraud Blocker agrees to comply with the following provisions, including the Standard Contractual Clauses and the related Appendices, attached as Exhibit A and incorporated into this DPA (the “Clauses”), to the extent applicable as provided below, with respect to its Processing of any Personal Data submitted by or for Customer to Fraud Blocker in connection with Customer’s use of the Services.

1. Scope and Roles

This agreement applies to the processing of Personal Data, within the scope of the GDPR, by the Processor on behalf of the Controller.

For purposes of this agreement, the Parties agree that Customer is the Controller of the Personal Data and Processor is the Processor of such data. In the case where Customer acts as a Processor of Personal Data on behalf of a third party, Fraud Blocker will be deemed to be a Sub-Processor.

These Terms do not apply where Fraud Blocker is a Controller of Personal Data.

2. Definitions

For the purposes of this DPA, the following definitions apply:

“DPA” means this data processing agreement;

“GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation;

“Personal Data” means that data, meeting the definition of “personal data” as defined in Article 4 of the GDPR, that is provided by Customer to Fraud Blocker in order to perform the processing required by the Services and the Agreement;

“Sub-Processor” means a natural or legal person, public authority, agency or body other than the data subject, Customer, or Fraud Blocker who, under the direct authority of Fraud Blocker, are authorized to process Personal Data for which Customer is the Controller;

Terms used but not defined in this DPA (e.g., “processing”, “controller”, “processor”, “data subject”) have the same meaning as in Article 4 of the GDPR.

3. The Processing

The subject matter, duration, nature and purpose of the Processing, and the types of Personal Data and categories of data subjects are as defined in the Agreement and the Fraud Blocker Privacy Policy.

4. Obligations and Rights of the Controller

Taking into account the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons, the Controller will implement appropriate technical and organizational measures to ensure and to be able to demonstrate that Processing is performed in accordance with the GDPR. Those measures will be reviewed and updated where necessary.

Where proportionate in relation to Processing activities, the measures referred to in paragraph above will include the implementation of appropriate data protection policies by the Controller.

The Controller will implement appropriate technical and organizational measures for ensuring that, by default, only Personal Data which are necessary for each specific purpose of the Processing are processed. That obligation applies to the amount of Personal Data collected, the extent of their Processing, the period of their storage, and their accessibility. In particular, such measures will ensure that by default Personal Data are not made accessible without the individual’s intervention to an indefinite number of natural persons.

5. Obligations of the Processor

Fraud Blocker agrees to:

process the Personal Data only in accordance with the Agreement and other documented instructions from Customer;
ensure that persons authorized to process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;
take all measures required pursuant to Article 32 of the GDPR, namely to implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk to the rights and freedoms of natural persons;
respect the conditions referred to in paragraphs 2 and 4 of Article 28 of the GDPR for engaging another Processor, namely that the Processor may not engage another Processor (Sub-Processor) without the prior authorization of the Controller. In cases where another Processor is engaged, the Sub-Processor must be subject to the same contractual terms as described in this DPA;
assist the Controller by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of the Controller’s obligation to respond to requests for exercising the data subject’s rights laid down in Chapter III of the GDPR;
assist the Controller in ensuring compliance with the obligations pursuant to Articles 32 to 36 of the GDPR, relating to security of Processing, Personal Data Breaches and data protection impact assessments;
at the choice of the Controller, delete or return all the Personal Data to the Controller after the end of the provision of services relating to Processing, and delete existing copies unless applicable law requires storage of the Personal Data; and
make available to the Controller all information necessary to demonstrate compliance with the obligations laid down in Article 28 of the GDPR and allow for and contribute to audits, including inspections, conducted by the Controller or another auditor mandated by the Controller.

6. Data Transfers

With respect to Personal Data transferred from the European Economic Area (“EEA”) to outside the EEA in conjunction with Customer’s use of the Services, either directly or via onward transfer, Fraud Blocker will provide at least the same level of protection for such Personal Data as is required by the relevant principles in accordance with Article 46 of the GDPR. If Fraud Blocker determines that it can no longer provide this level of protection, Fraud Blocker will promptly notify Customer of that determination, and Customer will have the right to terminate the Agreement without penalty upon notice to Fraud Blocker. The Clauses apply only to Personal Data that is transferred from the EEA to outside the EEA, either directly or via onward transfer, to any country or recipient: (i) not recognized by the European Commission as providing an adequate level of protection for Personal Data, and (ii) not covered by a suitable framework recognized by the relevant authorities or courts as providing an adequate level of protection for Personal Data.

7. Duration and Applicable Law

This DPA will become effective as of the date Customer has agreed to both the Agreement and this DPA. This DPA will terminate simultaneously and automatically upon the Agreement’s termination. Either Party may terminate this DPA upon written notice to the other Party.

To the extent required by the applicable Data Protection Laws, this DPA will be governed by the laws of the applicable jurisdiction. In all other cases, this DPA will be governed by the laws of the jurisdiction stated in the Agreement.

Exhibit A
Standard Contractual Clauses
(Module 2: Controller to Processor)

SECTION I

Clause 1

Purpose and scope

The purpose of these standard contractual clauses is to ensure compliance with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation)¹ for the transfer of personal data to a third country.
The Parties:

(i) the natural or legal person(s), public authority/ies, agency/ies or other body/ies (hereinafter “entity/ies”) transferring the personal data, as listed in Annex I.A. (hereinafter each “data exporter”), and

(ii) the entity/ies in a third country receiving the personal data from the data exporter, directly or indirectly via another entity also Party to these Clauses, as listed in Annex I.A. (hereinafter each “data importer”)

have agreed to these standard contractual clauses (hereinafter: “Clauses”).

These Clauses apply with respect to the transfer of personal data as specified in Annex I.B.
The Appendix to these Clauses containing the Annexes referred to therein forms an integral part of these Clauses.

Clause 2

Effect and invariability of the Clauses

These Clauses set out appropriate safeguards, including enforceable data subject rights and effective legal remedies, pursuant to Article 46(1) and Article 46 (2)(c) of Regulation (EU) 2016/679 and, with respect to data transfers from controllers to processors and/or processors to processors, standard contractual clauses pursuant to Article 28(7) of Regulation (EU) 2016/679, provided they are not modified, except to select the appropriate Module(s) or to add or update information in the Appendix. This does not prevent the Parties from including the standard contractual clauses laid down in these Clauses in a wider contract and/or to add other clauses or additional safeguards, provided that they do not contradict, directly or indirectly, these Clauses or prejudice the fundamental rights or freedoms of data subjects.
These Clauses are without prejudice to obligations to which the data exporter is subject by virtue of Regulation (EU) 2016/679.

Clause 3

Third-party beneficiaries

Data subjects may invoke and enforce these Clauses, as third-party beneficiaries, against the data exporter and/or data importer, with the following exceptions:

(i) Clause 1, Clause 2, Clause 3, Clause 6, Clause 7;

(ii) Clause 8 – Module One: Clause 8.5 (e) and Clause 8.9(b); Module Two: Clause 8.1(b), 8.9(a), (c), (d) and (e); Module Three: Clause 8.1(a), (c) and (d) and Clause 8.9(a), (c), (d), (e), (f) and (g); Module Four: Clause 8.1 (b) and Clause 8.3(b);

(iii) Clause 9 – Module Two: Clause 9(a), (c), (d) and (e); Module Three: Clause 9(a), (c), (d) and (e);

(iv) Clause 12 – Module One: Clause 12(a) and (d); Modules Two and Three: Clause 12(a), (d) and (f);

(v) Clause 13;

(vi) Clause 15.1(c), (d) and (e);

(vii) Clause 16(e);

(viii) Clause 18 – Modules One, Two and Three: Clause 18(a) and (b); Module Four: Clause 18.

Paragraph (a) is without prejudice to rights of data subjects under Regulation (EU) 2016/679.

Clause 4

Interpretation

Where these Clauses use terms that are defined in Regulation (EU) 2016/679, those terms shall have the same meaning as in that Regulation.
These Clauses shall be read and interpreted in the light of the provisions of Regulation (EU) 2016/679.
These Clauses shall not be interpreted in a way that conflicts with rights and obligations provided for in Regulation (EU) 2016/679.

Clause 5

Hierarchy

In the event of a contradiction between these Clauses and the provisions of related agreements between the Parties, existing at the time these Clauses are agreed or entered into thereafter, these Clauses shall prevail.

Clause 6

Description of the transfer(s)

The details of the transfer(s), and in particular the categories of personal data that are transferred and the purpose(s) for which they are transferred, are specified in Annex I.B.

Clause 7 – Optional

Docking clause

An entity that is not a Party to these Clauses may, with the agreement of the Parties, accede to these Clauses at any time, either as a data exporter or as a data importer, by completing the Appendix and signing Annex I.A.
Once it has completed the Appendix and signed Annex I.A, the acceding entity shall become a Party to these Clauses and have the rights and obligations of a data exporter or data importer in accordance with its designation in Annex I.A.
The acceding entity shall have no rights or obligations arising under these Clauses from the period prior to becoming a Party.

SECTION II – OBLIGATIONS OF THE PARTIES

Clause 8

Data protection safeguards

The data exporter warrants that it has used reasonable efforts to determine that the data importer is able, through the implementation of appropriate technical and organisational measures, to satisfy its obligations under these Clauses.

8.1 Instructions

The data importer shall process the personal data only on documented instructions from the data exporter. The data exporter may give such instructions throughout the duration of the contract.
The data importer shall immediately inform the data exporter if it is unable to follow those instructions.

8.2 Purpose limitation

The data importer shall process the personal data only for the specific purpose(s) of the transfer, as set out in Annex I.B, unless on further instructions from the data exporter.

8.3 Transparency

On request, the data exporter shall make a copy of these Clauses, including the Appendix as completed by the Parties, available to the data subject free of charge. To the extent necessary to protect business secrets or other confidential information, including the measures described in Annex II and personal data, the data exporter may redact part of the text of the Appendix to these Clauses prior to sharing a copy, but shall provide a meaningful summary where the data subject would otherwise not be able to understand the its content or exercise his/her rights. On request, the Parties shall provide the data subject with the reasons for the redactions, to the extent possible without revealing the redacted information. This Clause is without prejudice to the obligations of the data exporter under Articles 13 and 14 of Regulation (EU) 2016/679.

8.4 Accuracy

If the data importer becomes aware that the personal data it has received is inaccurate, or has become outdated, it shall inform the data exporter without undue delay. In this case, the data importer shall cooperate with the data exporter to erase or rectify the data.

8.5 Duration of processing and erasure or return of data

Processing by the data importer shall only take place for the duration specified in Annex I.B. After the end of the provision of the processing services, the data importer shall, at the choice of the data exporter, delete all personal data processed on behalf of the data exporter and certify to the data exporter that it has done so, or return to the data exporter all personal data processed on its behalf and delete existing copies. Until the data is deleted or returned, the data importer shall continue to ensure compliance with these Clauses. In case of local laws applicable to the data importer that prohibit return or deletion of the personal data, the data importer warrants that it will continue to ensure compliance with these Clauses and will only process it to the extent and for as long as required under that local law. This is without prejudice to Clause 14, in particular the requirement for the data importer under Clause 14(e) to notify the data exporter throughout the duration of the contract if it has reason to believe that it is or has become subject to laws or practices not in line with the requirements under Clause 14(a).

8.6 Security of processing

The data importer and, during transmission, also the data exporter shall implement appropriate technical and organisational measures to ensure the security of the data, including protection against a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access to that data (hereinafter “personal data breach”). In assessing the appropriate level of security, the Parties shall take due account of the state of the art, the costs of implementation, the nature, scope, context and purpose(s) of processing and the risks involved in the processing for the data subjects. The Parties shall in particular consider having recourse to encryption or pseudonymisation, including during transmission, where the purpose of processing can be fulfilled in that manner. In case of pseudonymisation, the additional information for attributing the personal data to a specific data subject shall, where possible, remain under the exclusive control of the data exporter. In complying with its obligations under this paragraph, the data importer shall at least implement the technical and organisational measures specified in Annex II. The data importer shall carry out regular checks to ensure that these measures continue to provide an appropriate level of security.
The data importer shall grant access to the personal data to members of its personnel only to the extent strictly necessary for the implementation, management and monitoring of the contract. It shall ensure that persons authorised to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
In the event of a personal data breach concerning personal data processed by the data importer under these Clauses, the data importer shall take appropriate measures to address the breach, including measures to mitigate its adverse effects. The data importer shall also notify the data exporter without undue delay after having become aware of the breach. Such notification shall contain the details of a contact point where more information can be obtained, a description of the nature of the breach (including, where possible, categories and approximate number of data subjects and personal data records concerned), its likely consequences and the measures taken or proposed to address the breach including, where appropriate, measures to mitigate its possible adverse effects. Where, and in so far as, it is not possible to provide all information at the same time, the initial notification shall contain the information then available and further information shall, as it becomes available, subsequently be provided without undue delay.
The data importer shall cooperate with and assist the data exporter to enable the data exporter to comply with its obligations under Regulation (EU) 2016/679, in particular to notify the competent supervisory authority and the affected data subjects, taking into account the nature of processing and the information available to the data importer.

8.7 Sensitive data

Where the transfer involves personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, or biometric data for the purpose of uniquely identifying a natural person, data concerning health or a person’s sex life or sexual orientation, or data relating to criminal convictions and offences (hereinafter “sensitive data”), the data importer shall apply the specific restrictions and/or additional safeguards described in Annex I.B.

8.8 Onward transfers

The data importer shall only disclose the personal data to a third party on documented instructions from the data exporter. In addition, the data may only be disclosed to a third party located outside the European Union (in the same country as the data importer or in another third country, hereinafter “onward transfer”) if the third party is or agrees to be bound by these Clauses, under the appropriate Module, or if:

(i) the onward transfer is to a country benefitting from an adequacy decision pursuant to Article 45 of Regulation (EU) 2016/679 that covers the onward transfer;

(ii) the third party otherwise ensures appropriate safeguards pursuant to Articles 46 or 47 Regulation of (EU) 2016/679 with respect to the processing in question;

(iii) the onward transfer is necessary for the establishment, exercise or defence of legal claims in the context of specific administrative, regulatory or judicial proceedings; or

(iv) the onward transfer is necessary in order to protect the vital interests of the data subject or of another natural person.

Any onward transfer is subject to compliance by the data importer with all the other safeguards under these Clauses, in particular purpose limitation.

8.9 Documentation and compliance

The data importer shall promptly and adequately deal with enquiries from the data exporter that relate to the processing under these Clauses.
The Parties shall be able to demonstrate compliance with these Clauses. In particular, the data importer shall keep appropriate documentation on the processing activities carried out on behalf of the data exporter.
The data importer shall make available to the data exporter all information necessary to demonstrate compliance with the obligations set out in these Clauses and at the data exporter’s request, allow for and contribute to audits of the processing activities covered by these Clauses, at reasonable intervals or if there are indications of non-compliance. In deciding on a review or audit, the data exporter may take into account relevant certifications held by the data importer.
The data exporter may choose to conduct the audit by itself or mandate an independent auditor. Audits may include inspections at the premises or physical facilities of the data importer and shall, where appropriate, be carried out with reasonable notice.
The Parties shall make the information referred to in paragraphs (b) and (c), including the results of any audits, available to the competent supervisory authority on request.

Clause 9

Use of sub-processors

The data importer has the data exporter’s general authorisation for the engagement of sub-processor(s) from an agreed list. The data importer shall specifically inform the data exporter in writing of any intended changes to that list through the addition or replacement of sub-processors at least 30 days in advance, thereby giving the data exporter sufficient time to be able to object to such changes prior to the engagement of the sub-processor(s). The data importer shall provide the data exporter with the information necessary to enable the data exporter to exercise its right to object.
Where the data importer engages a sub-processor to carry out specific processing activities (on behalf of the data exporter), it shall do so by way of a written contract that provides for, in substance, the same data protection obligations as those binding the data importer under these Clauses, including in terms of third-party beneficiary rights for data subjects. The Parties agree that, by complying with this Clause, the data importer fulfils its obligations under Clause 8.8. The data importer shall ensure that the sub-processor complies with the obligations to which the data importer is subject pursuant to these Clauses.
The data importer shall provide, at the data exporter’s request, a copy of such a sub-processor agreement and any subsequent amendments to the data exporter. To the extent necessary to protect business secrets or other confidential information, including personal data, the data importer may redact the text of the agreement prior to sharing a copy.
The data importer shall remain fully responsible to the data exporter for the performance of the sub-processor’s obligations under its contract with the data importer. The data importer shall notify the data exporter of any failure by the sub-processor to fulfil its obligations under that contract.
The data importer shall agree a third-party beneficiary clause with the sub-processor whereby – in the event the data importer has factually disappeared, ceased to exist in law or has become insolvent – the data exporter shall have the right to terminate the sub-processor contract and to instruct the sub-processor to erase or return the personal data.

Clause 10

Data subject rights

The data importer shall promptly notify the data exporter of any request it has received from a data subject. It shall not respond to that request itself unless it has been authorised to do so by the data exporter.
The data importer shall assist the data exporter in fulfilling its obligations to respond to data subjects’ requests for the exercise of their rights under Regulation (EU) 2016/679. In this regard, the Parties shall set out in Annex II the appropriate technical and organisational measures, taking into account the nature of the processing, by which the assistance shall be provided, as well as the scope and the extent of the assistance required.
In fulfilling its obligations under paragraphs (a) and (b), the data importer shall comply with the instructions from the data exporter.

Clause 11

Redress

The data importer shall inform data subjects in a transparent and easily accessible format, through individual notice or on its website, of a contact point authorised to handle complaints. It shall deal promptly with any complaints it receives from a data subject.
In case of a dispute between a data subject and one of the Parties as regards compliance with these Clauses, that Party shall use its best efforts to resolve the issue amicably in a timely fashion. The Parties shall keep each other informed about such disputes and, where appropriate, cooperate in resolving them.
Where the data subject invokes a third-party beneficiary right pursuant to Clause 3, the data importer shall accept the decision of the data subject to:

(i) lodge a complaint with the supervisory authority in the Member State of his/her habitual residence or place of work, or the competent supervisory authority pursuant to Clause 13;

(ii) refer the dispute to the competent courts within the meaning of Clause 18.

The Parties accept that the data subject may be represented by a not-for-profit body, organisation or association under the conditions set out in Article 80(1) of Regulation (EU) 2016/679.
The data importer shall abide by a decision that is binding under the applicable EU or Member State law.
The data importer agrees that the choice made by the data subject will not prejudice his/her substantive and procedural rights to seek remedies in accordance with applicable laws.

Clause 12

Liability

Each Party shall be liable to the other Party/ies for any damages it causes the other Party/ies by any breach of these Clauses.
The data importer shall be liable to the data subject, and the data subject shall be entitled to receive compensation, for any material or non-material damages the data importer or its sub-processor causes the data subject by breaching the third-party beneficiary rights under these Clauses.
Notwithstanding paragraph (b), the data exporter shall be liable to the data subject, and the data subject shall be entitled to receive compensation, for any material or non-material damages the data exporter or the data importer (or its sub-processor) causes the data subject by breaching the third-party beneficiary rights under these Clauses. This is without prejudice to the liability of the data exporter and, where the data exporter is a processor acting on behalf of a controller, to the liability of the controller under Regulation (EU) 2016/679 or Regulation (EU) 2018/1725, as applicable.
The Parties agree that if the data exporter is held liable under paragraph (c) for damages caused by the data importer (or its sub-processor), it shall be entitled to claim back from the data importer that part of the compensation corresponding to the data importer’s responsibility for the damage.
Where more than one Party is responsible for any damage caused to the data subject as a result of a breach of these Clauses, all responsible Parties shall be jointly and severally liable and the data subject is entitled to bring an action in court against any of these Parties.
The Parties agree that if one Party is held liable under paragraph (e), it shall be entitled to claim back from the other Party/ies that part of the compensation corresponding to its / their responsibility for the damage.
The data importer may not invoke the conduct of a sub-processor to avoid its own liability.

Clause 13

Supervision

Where the data exporter is established in an EU Member State: The supervisory authority with responsibility for ensuring compliance by the data exporter with Regulation (EU) 2016/679 as regards the data transfer, as indicated in Annex I.C, shall act as competent supervisory authority.

Where the data exporter is not established in an EU Member State, but falls within the territorial scope of application of Regulation (EU) 2016/679 in accordance with its Article 3(2) and has appointed a representative pursuant to Article 27(1) of Regulation (EU) 2016/679: The supervisory authority of the Member State in which the representative within the meaning of Article 27(1) of Regulation (EU) 2016/679 is established, as indicated in Annex I.C, shall act as competent supervisory authority.

Where the data exporter is not established in an EU Member State, but falls within the territorial scope of application of Regulation (EU) 2016/679 in accordance with its Article 3(2) without however having to appoint a representative pursuant to Article 27(2) of Regulation (EU) 2016/679: The supervisory authority of one of the Member States in which the data subjects whose personal data is transferred under these Clauses in relation to the offering of goods or services to them, or whose behaviour is monitored, are located, as indicated in Annex I.C, shall act as competent supervisory authority.

The data importer agrees to submit itself to the jurisdiction of and cooperate with the competent supervisory authority in any procedures aimed at ensuring compliance with these Clauses. In particular, the data importer agrees to respond to enquiries, submit to audits and comply with the measures adopted by the supervisory authority, including remedial and compensatory measures. It shall provide the supervisory authority with written confirmation that the necessary actions have been taken.

SECTION III – LOCAL LAWS AND OBLIGATIONS IN CASE OF ACCESS BY PUBLIC AUTHORITIES

Clause 14

Local laws and practices affecting compliance with the Clauses

The Parties warrant that they have no reason to believe that the laws and practices in the third country of destination applicable to the processing of the personal data by the data importer, including any requirements to disclose personal data or measures authorising access by public authorities, prevent the data importer from fulfilling its obligations under these Clauses. This is based on the understanding that laws and practices that respect the essence of the fundamental rights and freedoms and do not exceed what is necessary and proportionate in a democratic society to safeguard one of the objectives listed in Article 23(1) of Regulation (EU) 2016/679, are not in contradiction with these Clauses.
The Parties declare that in providing the warranty in paragraph (a), they have taken due account in particular of the following elements:

(i) the specific circumstances of the transfer, including the length of the processing chain, the number of actors involved and the transmission channels used; intended onward transfers; the type of recipient; the purpose of processing; the categories and format of the transferred personal data; the economic sector in which the transfer occurs; the storage location of the data transferred;

(ii) the laws and practices of the third country of destination– including those requiring the disclosure of data to public authorities or authorising access by such authorities – relevant in light of the specific circumstances of the transfer, and the applicable limitations and safeguards;

(iii) any relevant contractual, technical or organisational safeguards put in place to supplement the safeguards under these Clauses, including measures applied during transmission and to the processing of the personal data in the country of destination.

The data importer warrants that, in carrying out the assessment under paragraph (b), it has made its best efforts to provide the data exporter with relevant information and agrees that it will continue to cooperate with the data exporter in ensuring compliance with these Clauses.
The Parties agree to document the assessment under paragraph (b) and make it available to the competent supervisory authority on request.
The data importer agrees to notify the data exporter promptly if, after having agreed to these Clauses and for the duration of the contract, it has reason to believe that it is or has become subject to laws or practices not in line with the requirements under paragraph (a), including following a change in the laws of the third country or a measure (such as a disclosure request) indicating an application of such laws in practice that is not in line with the requirements in paragraph (a).
Following a notification pursuant to paragraph (e), or if the data exporter otherwise has reason to believe that the data importer can no longer fulfil its obligations under these Clauses, the data exporter shall promptly identify appropriate measures (e.g. technical or organisational measures to ensure security and confidentiality) to be adopted by the data exporter and/or data importer to address the situation. The data exporter shall suspend the data transfer if it considers that no appropriate safeguards for such transfer can be ensured, or if instructed by the competent supervisory authority to do so. In this case, the data exporter shall be entitled to terminate the contract, insofar as it concerns the processing of personal data under these Clauses. If the contract involves more than two Parties, the data exporter may exercise this right to termination only with respect to the relevant Party, unless the Parties have agreed otherwise. Where the contract is terminated pursuant to this Clause, Clause 16(d) and (e) shall apply.

Clause 15

Obligations of the data importer in case of access by public authorities

15.1 Notification

The data importer agrees to notify the data exporter and, where possible, the data subject promptly (if necessary with the help of the data exporter) if it:

(i) receives a legally binding request from a public authority, including judicial authorities, under the laws of the country of destination for the disclosure of personal data transferred pursuant to these Clauses; such notification shall include information about the personal data requested, the requesting authority, the legal basis for the request and the response provided; or

(ii) becomes aware of any direct access by public authorities to personal data transferred pursuant to these Clauses in accordance with the laws of the country of destination; such notification shall include all information available to the importer.

If the data importer is prohibited from notifying the data exporter and/or the data subject under the laws of the country of destination, the data importer agrees to use its best efforts to obtain a waiver of the prohibition, with a view to communicating as much information as possible, as soon as possible. The data importer agrees to document its best efforts in order to be able to demonstrate them on request of the data exporter.
Where permissible under the laws of the country of destination, the data importer agrees to provide the data exporter, at regular intervals for the duration of the contract, with as much relevant information as possible on the requests received (in particular, number of requests, type of data requested, requesting authority/ies, whether requests have been challenged and the outcome of such challenges, etc.).
The data importer agrees to preserve the information pursuant to paragraphs (a) to (c) for the duration of the contract and make it available to the competent supervisory authority on request.
Paragraphs (a) to (c) are without prejudice to the obligation of the data importer pursuant to Clause 14(e) and Clause 16 to inform the data exporter promptly where it is unable to comply with these Clauses.

15.2 Review of legality and data minimisation

The data importer agrees to review the legality of the request for disclosure, in particular whether it remains within the powers granted to the requesting public authority, and to challenge the request if, after careful assessment, it concludes that there are reasonable grounds to consider that the request is unlawful under the laws of the country of destination, applicable obligations under international law and principles of international comity. The data importer shall, under the same conditions, pursue possibilities of appeal. When challenging a request, the data importer shall seek interim measures with a view to suspending the effects of the request until the competent judicial authority has decided on its merits. It shall not disclose the personal data requested until required to do so under the applicable procedural rules. These requirements are without prejudice to the obligations of the data importer under Clause 14(e).
The data importer agrees to document its legal assessment and any challenge to the request for disclosure and, to the extent permissible under the laws of the country of destination, make the documentation available to the data exporter. It shall also make it available to the competent supervisory authority on request.
The data importer agrees to provide the minimum amount of information permissible when responding to a request for disclosure, based on a reasonable interpretation of the request.

SECTION IV – FINAL PROVISIONS

Clause 16

Non-compliance with the Clauses and termination

The data importer shall promptly inform the data exporter if it is unable to comply with these Clauses, for whatever reason.
In the event that the data importer is in breach of these Clauses or unable to comply with these Clauses, the data exporter shall suspend the transfer of personal data to the data importer until compliance is again ensured or the contract is terminated. This is without prejudice to Clause 14(f).
The data exporter shall be entitled to terminate the contract, insofar as it concerns the processing of personal data under these Clauses, where:

(i) the data exporter has suspended the transfer of personal data to the data importer pursuant to paragraph (b) and compliance with these Clauses is not restored within a reasonable time and in any event within one month of suspension;

(ii) the data importer is in substantial or persistent breach of these Clauses; or

(iii) the data importer fails to comply with a binding decision of a competent court or supervisory authority regarding its obligations under these Clauses.

In these cases, it shall inform the competent supervisory authority of such non-compliance. Where the contract involves more than two Parties, the data exporter may exercise this right to termination only with respect to the relevant Party, unless the Parties have agreed otherwise.

Personal data that has been transferred prior to the termination of the contract pursuant to paragraph (c) shall at the choice of the data exporter immediately be returned to the data exporter or deleted in its entirety. The same shall apply to any copies of the data. The data importer shall certify the deletion of the data to the data exporter. Until the data is deleted or returned, the data importer shall continue to ensure compliance with these Clauses. In case of local laws applicable to the data importer that prohibit the return or deletion of the transferred personal data, the data importer warrants that it will continue to ensure compliance with these Clauses and will only process the data to the extent and for as long as required under that local law.
Either Party may revoke its agreement to be bound by these Clauses where (i) the European Commission adopts a decision pursuant to Article 45(3) of Regulation (EU) 2016/679 that covers the transfer of personal data to which these Clauses apply; or (ii) Regulation (EU) 2016/679 becomes part of the legal framework of the country to which the personal data is transferred. This is without prejudice to other obligations applying to the processing in question under Regulation (EU) 2016/679.

Clause 17

Governing law

These Clauses shall be governed by the law of the EU Member State in which the data exporter is established. Where such law does not allow for third-party beneficiary rights, they shall be governed by the law of another EU Member State that does allow for third-party beneficiary rights. The Parties agree that this shall be the law of Ireland.

Clause 18

Choice of forum and jurisdiction

Any dispute arising from these Clauses shall be resolved by the courts of an EU Member State.
The Parties agree that those shall be the courts of Ireland.
A data subject may also bring legal proceedings against the data exporter and/or data importer before the courts of the Member State in which he/she has his/her habitual residence.
The Parties agree to submit themselves to the jurisdiction of such courts.

Footnotes:

¹Where the data exporter is a processor subject to Regulation (EU) 2016/679 acting on behalf of a Union institution or body as controller, reliance on these Clauses when engaging another processor (sub-processing) not subject to Regulation (EU) 2016/679 also ensures compliance with Article 29(4) of Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39), to the extent these Clauses and the data protection obligations as set out in the contract or other legal act between the controller and the processor pursuant to Article 29(3) of Regulation (EU) 2018/1725 are aligned. This will in particular be the case where the controller and processor rely on the standard contractual clauses included in Decision 2021/915.

² [Not applicable]

³ [Not applicable]

⁴ The Agreement on the European Economic Area (EEA Agreement) provides for the extension of the European Union’s internal market to the three EEA States Iceland, Liechtenstein and Norway. The Union data protection legislation, including Regulation (EU) 2016/679, is covered by the EEA Agreement and has been incorporated into Annex XI thereto. Therefore, any disclosure by the data importer to a third party located in the EEA does not qualify as an onward transfer for the purpose of these Clauses.

⁵ [Not applicable]

⁶ [Not applicable]

⁷ [Not applicable]

⁸ This requirement may be satisfied by the sub-processor acceding to these Clauses under the appropriate Module, in accordance with Clause 7.

⁹ [Not applicable]

¹⁰ [Not applicable]

¹¹ [Not applicable]

¹² As regards the impact of such laws and practices on compliance with these Clauses, different elements may be considered as part of an overall assessment. Such elements may include relevant and documented practical experience with prior instances of requests for disclosure from public authorities, or the absence of such requests, covering a sufficiently representative time-frame. This refers in particular to internal records or other documentation, drawn up on a continuous basis in accordance with due diligence and certified at senior management level, provided that this information can be lawfully shared with third parties. Where this practical experience is relied upon to conclude that the data importer will not be prevented from complying with these Clauses, it needs to be supported by other relevant, objective elements, and it is for the Parties to consider carefully whether these elements together carry sufficient weight, in terms of their reliability and representativeness, to support this conclusion. In particular, the Parties have to take into account whether their practical experience is corroborated and not contradicted by publicly available or otherwise accessible, reliable information on the existence or absence of requests within the same sector and/or the application of the law in practice, such as case law and reports by independent oversight bodies.

A. TRANSFER PARTIES

Data exporter:

Name: Customer

Address: As specified in the Agreement and Customer’s Account

Contact person’s name, position and contact details: As specified in the Agreement and Customer’s Account

Activities relevant to the data transferred under these Clauses: The data importer provides the Services to the data exporter in accordance with the Agreement

Signature and date: The parties agree that execution of the Agreement by the data importer and the data exporter shall constitute execution of these Clauses by both parties as of the date of Customer’s agreement to the terms of the Agreement.

Role (controller/processor): controller

Data importer:

Name: Fraud Blocker LLC

Address: As specified in the Agreement

Contact person’s name, position and contact details: As specified in the Agreement

Activities relevant to the data transferred under these Clauses: The data importer provides the Services to the data exporter in accordance with the Agreement

Role (controller/processor): Processor

B. DESCRIPTION OF TRANSFER

Categories of data subjects whose personal data is transferred

Data subjects include the individuals about whom data is provided via the Services by (or at the direction of) the data exporter, including individuals who click on or otherwise engage with Customer’s online advertisements.

Categories of personal data transferred

Customer Personal Data, including data relating to individuals provided via the Services by (or at the direction of) the data exporter. This data may include technical information (device information, browser information, unique device identifiers), analytic information (IP addresses and other analytic information), and Customer contact information and account information used when engaging the data importer to provide the Services.

Sensitive data transferred (if applicable) and applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialised training), keeping a record of access to the data, restrictions for onward transfers or additional security measures.

N/A

The frequency of the transfer (e.g. whether the data is transferred on a one-off or continuous basis).

On a continuous basis while Services are being provided, until otherwise deleted.

Nature of the processing

The data importer will process Customer Personal Data to provide, secure, monitor, and improve the Services in accordance with the Agreement.

Purpose(s) of the data transfer and further processing

The data importer will transfer and further process Customer Personal Data to provide, secure, monitor, and improve the Services in accordance with the Agreement.

The period for which the personal data will be retained, or, if that is not possible, the criteria used to determine that period

For the duration of the Agreement until deletion, unless otherwise required to retain such personal data under applicable law.

For transfers to (sub-) processors, also specify subject matter, nature and duration of the processing

See above.

C. COMPETENT SUPERVISORY AUTHORITY

Identify the competent supervisory authority/ies in accordance with Clause 13

The Irish Supervisory Authority – The Data Protection Commission, unless the data exporter notifies the data importer of an alternative competent supervisory authority from time to time.

ANNEX II – TECHNICAL AND ORGANISATIONAL MEASURES INCLUDING TECHNICAL AND ORGANISATIONAL MEASURES TO ENSURE THE SECURITY OF THE DATA

Encryption at rest
Encryption in transit
Firewall
Intrusion detection system
Regular backups
Role-based access controls

ANNEX III – LIST OF SUB-PROCESSORS

The controller has authorised the use of the following sub-processors:

Google Cloud Platform

/End

LAST MODIFIED ON JANUARY 21, 2023

Product

Featured

Product

Featured

Learn

Featured

Learn

Featured

About Us

About Us

Product

Featured

Product

Featured

Learn

Featured

Learn

Featured

About Us

About Us

Terms of Use

1. Acceptance of Terms

2. Your Access to Our Service

3. Restrictions on Your Use of Our Intellectual Property

4. Reservation of Rights

5. Suspension of the Service

6. Aggregated Data

7. Your Responsibilities

8. Fees and Payment

9. Confidential Information

10. Intellectual Property Ownership

11. Term and Termination

12. Messages from Fraud Blocker

13. Your Account

14. Support Services and Maintenance

15. Modification and Monitoring of the Service

16. Software Quality

17. Disclaimer of Warranties

18. Limitation of Liability

19. Indemnification

20. Your Personal Information

21. Disclosures Required by Law

22. Legal Compliance

23. Governing Law; Mediation; Jurisdiction

24. Binding Arbitration

25. Security of Data Transmission and Storage

26. Hyperlinks

27. Trademarks and Copyrights

28. Miscellaneous Terms

Fraud Blocker LLCData Processing Agreement

1. Scope and Roles

2. Definitions

3. The Processing

4. Obligations and Rights of the Controller

5. Obligations of the Processor

6. Data Transfers

7. Duration and Applicable Law

Exhibit AStandard Contractual Clauses(Module 2: Controller to Processor)

SECTION I

SECTION II – OBLIGATIONS OF THE PARTIES

8.1 Instructions

8.2 Purpose limitation

8.3 Transparency

8.4 Accuracy

8.5 Duration of processing and erasure or return of data

8.6 Security of processing

8.7 Sensitive data

8.8 Onward transfers

8.9 Documentation and compliance

SECTION III – LOCAL LAWS AND OBLIGATIONS IN CASE OF ACCESS BY PUBLIC AUTHORITIES

15.1 Notification

15.2 Review of legality and data minimisation

SECTION IV – FINAL PROVISIONS

A. TRANSFER PARTIES

B. DESCRIPTION OF TRANSFER

C. COMPETENT SUPERVISORY AUTHORITY

Block Click Fraud and Boost Your Profits Today

Fraud Blocker LLC
Data Processing Agreement

Exhibit A
Standard Contractual Clauses
(Module 2: Controller to Processor)