Privacy Policy

Callbox, Inc. ("Callbox") owns and operates a proprietary marketing technology platform. Using unique phone numbers with personalization components combined with database management, Callbox provides networks, advertisers, agencies, publishers (directly and indirectly "Clients"), and consumers with marketing automation services (the "Services"). Privacy is important to Callbox and any information that is collected or used is limited to what is necessary to create and maintain innovative and reliable Services without compromising the The use of information collected through Callbox Services shall be limited to the purpose of providing the service for which the Client has engaged Callbox, Inc.

1. CONSUMER PRIVACY:

What information does Callbox collect from consumers?

Web Services:

In general, when a consumer uses the Callbox services by visiting the website or by calling a unique phone number associated with one of our Clients, Callbox collects that consumer’s personal information if it is made available by the consumer or by a third party. This information includes limited personal data such as the caller’s name, address, phone number and email address. Callbox will not knowingly collect personal information from children under the age of eighteen.

Callbox or its Clients may also set up order forms, questionnaires or other mechanisms through which a consumer may be asked to provide certain information either online or via telephone or other communication medium. Callbox will collect such consumer-supplied information. If, however, such communications are initiated by one of Callbox’s Clients and the Client collects the information, Callbox cannot be responsible for that information, though Callbox does endeavor to ensure that its Clients maintain reasonable and appropriate privacy policies. Participation in any of these communications is purely voluntary; any consumer not wanting to participate or provide information may decline or terminate contact by navigating away from the web page or hanging up the phone.

When a consumer responds to or views an internet advertisement served by an Callbox Client or visits an Callbox website, Callbox sends one or more cookies to the consumer’s computer to uniquely identify that consumer’s browser. As is common practice of doing business on the Internet, Callbox uses cookies to improve the quality of the Services by storing user preferences and tracking user trends and also to determine how the Services are used and navigated. Cookies that Callbox services on third party websites only collect data in the aggregate. While many cookies are automatically deleted at the end of a web session, Callbox may use persistent cookies that remain on a specific browser after termination of a session. Any consumer may set their browser to refuse cookies or automatically clear cookies after termination of a session.

Phone Services:

Callbox provides Client’s with unique telephone numbers to utilize on websites, emails, mobile or offline promotions. This enables Callbox to both determine what the consumer was viewing when making a phone call and also personalize the experience for that consumer. Callbox’s phone servers automatically collect the caller ID results when a consumer calls a number. Callbox may also collect usage information from third-party databases, including the name, address and/or geographic location of the caller when such information is available.

In addition, Callbox’s phone servers use software that may be employed on behalf of a Client to record calls. This recorded information may be evaluated in order to determine the quality of that call from the Client’s perspective and for training or other purposes. The recorded information also enables Callbox to identify high-quality calls and collect additional usage data which help improve the Services and boost sales for Clients.

Callbox may also use third-party services or technology for the transcription or analysis of such recorded information. In the event that Callbox records a call on behalf of a Client, Callbox will ensure that call participants are advised of the existence and intent of the recording in a manner consistent with applicable state and federal laws. Callbox is not responsible in any way for the accuracy or validity of the content of any such recordings, and takes no steps to evaluate such accuracy or validity.

While Callbox strongly encourages Clients to adopt responsible approaches to marketing, Callbox is not responsible for the information practices of Clients or their partners. The collection, use, and disclosure of information by Clients and their partners are subject to their respective privacy policies, which may differ from Callbox’s policy.

What are Callbox’s reasons for collecting usage information?

Callbox collects usage information when an internet user clicks on a link, creates a lead, initiates a phone call, receives a phone call, makes a purchase on a Client’s website, sends Callbox or a Client a text message, receives a text message from Callbox or a Client or makes an inquiry or a purchase during a phone call to a Client. Primarily, Callbox collects this information for the purpose of attributing calls back to the originating ads or paying commissions to third parties and also to personalize the internet or phone user’s experience. If the internet user revisits the Client’s site directly or if the phone user calls the Client using the unique phone number again, Callbox is able to continue to track the user’s activities on the Client’s site and compensate third parties that referred the user. Callbox reserves the right to retain all data as long as may be reasonably necessary for accounting and audit purposes.

Like most standard Website servers, Callbox uses log files to collect Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, platform type, and date/time stamp. Callbox may use the information to analyze site usage, administer the site, understand usage and navigation trends in aggregate, and determine the relevance of content. We do link this automatically collected data to other information we collect about you.

Callbox also may develop predictive statistical user profiles of consumers’ needs and interests by collecting both internet browsing and online purchase data and phone user data. For improved audience targeting, some Callbox services may use marketing technology to allow advertisers to supplement non-personally-identifying demographic information, such as age, gender, area code, or ZIP code, to the non-identifiable profile data.

Callbox may collect personal information, such as consumers’ names, physical addresses, email addresses, phone numbers and other information in order to better target campaigns to meet user’s interests and to provide customized experiences as well as to provide the Services to Clients. Callbox will share this information only as described herein. Callbox will retain this data on behalf of Clients for as long as needed to provide the Services to that Client. Callbox may also retain and use personal information as necessary to comply with any legal obligations, resolve disputes and/or enforce agreements.

Does Callbox share usage information with others?

Callbox does not share consumers’ personal information with companies or individuals outside of Callbox except as described below:

  • Callbox obtains consumer consent by requiring consumers to opt-in prior to Callbox sharing information with Callbox’s trusts third parties.
  • Callbox provides information to its subsidiaries, affiliated companies or other trusted businesses or persons for the purpose of processing personal information on Callbox’s behalf. Callbox requires these parties to agree to process such information only as necessary to provide Callbox service, based on Callbox’s instructions and in compliance with this privacy policy and other appropriate confidentiality and security measures.
  • Callbox provides such information to its Clients to enable them to better provide consumers with information about products or services about which the consumer may be inquiring.
  • Callbox may share personal information with our affiliates and other third parties to provide consumers with goods or services requested by them.
  • Callbox may share personal information in connection with the sale, merger, consolidation, change in control, transfer of substantial assets, reorganization or liquidation of Callbox. In this case, consumers will be notified via a prominent notice on our website of any change in ownership or uses of consumer’s personal information, as well as any choices consumers may have regarding their personal information.
  • Callbox may release personal information when it believes such release is appropriate to respond to a subpoena or to otherwise comply with the law, enforce or apply Callbox’s Terms of Service and other agreements or protect the rights, property or safety of Callbox or others. This includes exchanging information with other companies and organizations for fraud protection.

Can a consumer opt-out of providing information?

For consumers accessing the Callbox Services through the internet, some of its cookies may have an "opt-out" option. This process does not remove the Callbox cookie from a consumer’s system; it simply replaces the cookie with an opt-out cookies that does not contain any unique identifiers. Some of Callbox’s cookies do not have an "opt-out" option, but consumers always have the option of blocking the use of cookies by changing a setting in their internet browser. Callbox does not maintain a process for an individual consumer to opt-out of an Callbox ad serving cookie. However, any consumer may set their browser to refuse cookies or automatically clear cookies after termination of a session.

With regard to phone services, consumers are able to submit their phone numbers to "do-not-call" registries. Callbox will use its best efforts to observe do-not-call registries in any call campaign it performs or facilitates. However, consumers who have opted-in to receive such messages, either with a Client or with Callbox, shall not be subject to any do-not-call restriction.

Callbox also partners with third-party ad networks to either display advertising on the Callbox website or to manage its advertising on other sites. These ad network partner(s) may use cookies and web beacons to collect non-personal information about a user’s activities on websites to provide the user with targeted advertising based upon its interests. If a user wishes to not have this information used for the purpose of being served targeted ads, a user may opt-out by clicking here (or if located in the European Union click here). Please note this does not opt a user out of being served all advertising. The user will continue to receive generic ads.

Can a consumer access the personal information acquired by Callbox?

Callbox’s services are not directed toward individual consumers. Callbox collects personal information only on behalf of our Clients to provide them a service. Callbox may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our Clients. If you are a customer of one of Callbox’s Clients and would no longer like to be contacted by a Client that uses the Callbox Services, please contact that Client directly as that Client controls such data. Callbox has no direct relationship with the individuals whose personal data it processes. An individual who seeks access to or otherwise seeks to correct, amend or delete inaccurate data should direct such inquiry to Callbox’s Client. If you do contact Callbox regarding such a request, Callbox will respond within sixty days.

2. CLIENT PRIVACY

What information does Callbox collect from its Clients?

Callbox collects personal information from all of our Clients, which include networks, agencies, advertisers and publishers. The collection of this information is part of Callbox’s normal business practices. Advertisers or their representatives will be asked to provide personal information through the sign up and registration process either directly by Callbox or indirectly through a network or agency partner. This information may include name, address, phone number, hours of operation, coverage areas and email address.

Technologies such as: cookies, beacons, tags and scripts are used by Callbox and our marketing partners, affiliates, or analytics or third party administrative. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

We use Local Storage Objects (LSOs) such as HTML5 or Flash to store content information and preferences. Third parties with whom we partner to provide certain features on our site or to display advertising based upon your Web browsing activity use LSOs such as HTML 5 or Flash to collect and store information. Various browsers may offer their own management tools for removing HTML5 LSOs. To manage Flash LSOs please click here:http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

When using the Callbox Services, Clients may enter third-party personal information on the platform, such as entering another user’s email. This information is only used to provide the Client access to the system and is not used for any other purpose.

How does Callbox use its Clients’ information?

Much of the information collected from Clients is required to be collected for administrative needs, such as accounting and performance reporting. Periodically, Callbox may use Clients’ information to communicate via email newsletters or other avenues to offer strategic marketing information and other communications to assist in business-related activities. Clients can opt-out from future communications by clicking on the unsubscribe links in such emails.

Please note that under the CAN-SPAM Act, an advertiser is required to provide an opt-out mechanism for consumers to unsubscribe from future emails from the advertiser. Callbox is committed to proper Internet practices and full compliance with the CAN-SPAM Act of 2003 (15 U.S.C. § 7701). It is Callbox’s policy to prohibit the sending of unsolicited or "Spam" e-mail by Callbox or any of its marketing partners.

Except as otherwise provided, Callbox keeps all personal data provided by individual Clients in strict confidence and treats such data with the same level of care and respect that Callbox treats its own proprietary information. We do not sell, rent, exchange or barter any personal Client information to or with any third party for financial gain or marketing purposes. Callbox may, from time to time, provide personal information to certain third-party administrative vendors for efficient purposes in providing administrative or program management services. Examples include an email service provider, marketing solutions provider and a blog provider. Any third-party vendor so used has agreed to protect the confidentiality of information provided by Callbox.

Callbox may also share information in connection with the sale, merger, consolidation, change in control, transfer of substantial asset, reorganization or liquidation of Callbox.

Callbox may release information when it believes release is appropriate to respond to a subpoena or otherwise comply with the law, to enforce or apply Callbox’s Terms of Service and other agreements or to protect the rights, property, or safety of Callbox or others. This includes exchanging information with other companies and organizations for fraud protection.

Can a client opt out of providing information?

Collecting information from Clients is required as a part of doing business. Callbox’s primary intent in collecting information is for administrative purposes. However, it may periodically use collected information for marketing and communication purposes targeted to our Clients. Clients wishing not to receive such communications may do so by informing their designated Callbox representative in writing at any time or by clicking on the unsubscribe link in the promotional communication.

When a Client logs on to any browser-based Callbox reporting system, a cookie is placed within their computer. The cookie allows us to validate the Client’s identity and maintain the security and privacy of the Client’s account data. This cookie does not contain any personal information. It is required to log into Callbox’s reporting systems and there is no method to opt-out of this cookie.

If you are a Client, and would like the personal information Callbox holds about you corrected, updated or deleted, please contact [email protected] or contact your designated Callbox representative. Callbox will respond to your request to access information within 30 days.

DATA RETENTION

Callbox retains all information for as long as a Client’s account is active or as needed to provide Services to the Client. If a Client wishes to cancel an account or request that Callbox no longer use information to provide the Services, contact [email protected]. Callbox will retain and use a Client’s information as necessary to comply with any legal obligations, resolve disputes and enforce any agreements.

3. GENERAL:

Public Forums:

Callbox’s website offers publically accessible blogs or community forums. Any user of the Callbox website should be aware that any information provided in these areas may be read, collected and used by others who access these sites. To request removal of any personal information from the Callbox blog or other community forum, contact [email protected]. In some cases, Callbox may not be able to remove the personal information, in which case Callbox will respond accordingly. Callbox will only post Client testimonials with the Client’s consent to do so.

Our blog is also managed by a third party application that may require you to register to post a comment. We do not have access or control of the information posted to the blog. You will need to contact or login into the third party application if you want the personal information that was posted to the comments section removed. To learn how the third party application uses your information, please review their privacy policy.

Links to other websites:

The Callbox website and platform may include links to other websites whose privacy practices may differ from those of Callbox. If a user submits personal information to any of those sites, that user’s information is governed by that third party’s privacy statements. We encourage users to carefully read the privacy statement of any website it visits.

Social Media Widgets:

Callbox’s corporate website (www.usecallbox.com) includes Social Media Features and Widgets, such as the Facebook "Like" button and the "Share This" button, or other interactive mini-programs that run on the site. These Features may collect a user’s IP address and the page a user visits on the site and may also set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on the Callbox website. A user’s interactions with these Features are governed by the privacy policy of the company providing them.

How does Callbox protect the security of personal information?

Callbox takes appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. When a user enters sensitive information (such as login information), Callbox encrypts the transmission of that information using secure socket layer technology (SSL). Any data stored on Callbox’s servers is treated as proprietary and confidential and is not available to the public. Callbox restricts access to personal information to those employees or third parties who have a need to know such information for the purpose of effectively delivering Callbox products and Services by means of user login and password requirements. Callbox routinely evaluates its data security practices to identify security threats or opportunities for improvement.

No transmission of data over the Internet or the phones is guaranteed to be completely secure. It may be possible for third parties not under the control of Callbox to intercept or access transmissions or private communications unlawfully. While Callbox strives to protect users’ personal information, it cannot ensure or warrant the security of any information a user transmits.

How are changes made to the Privacy Policy?

Callbox may find it necessary or be legally obligated to update this Privacy Policy from time to time. When it does update this policy, Callbox will post those changes on this page and update the effective date so that everyone is aware of the information that is collected, how Callbox uses it and under what circumstances Callbox discloses it. Except as otherwise required by law, modifications to this Privacy Policy will not affect the privacy of data collected by Callbox prior to the effective date of the policy change. If Callbox makes any material changes, Callbox will notify you by email (sent to the email address specified in your account) or by means of a notice within the Services platform or the corporate website prior to the changes becoming effective. Callbox encourages all users to periodically review this page for the latest information on Callbox’s privacy practices.

What are Callbox’s policies regarding children and SPAM?

The Callbox Services are not developed for or directed at children. Children (persons under the age of 18) are not eligible to do business with Callbox and it does not collect personal information from any person it actually knows is under the age of 18. If you believe your child has provided Callbox with any personally identifiable data, please contact [email protected] to have that user removed.

Safe Harbor Compliance:


The European Union ("EU") maintains strict privacy laws. These rules differ significantly from U.S. laws. To reconcile these differences, the United States and the EU have created a Safe Harbor that defines mutually acceptable privacy operations for personal data transferred from the EU to the United States. The U.S. and Switzerland have created a similar, but separate Safe Harbor that defines mutually acceptable privacy operations for personal data transferred from Switzerland to the United States. Callbox complies with the U.S. – E.U. Safe Harbor Framework, as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from the European Union member countries. Callbox has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access and enforcement. To learn more about the Safe Harbor program, and to view Callbox’s certification, please visit http://export.gov/safeharbor.

Contact Callbox:

18. DATA PROESSING AGREEMENT

DATA PROCESSING AGREEMENT This Data Processing Agreement ( DPA) is between Partner and Callbox (as defined under the Terms and Conditions) and forms an integral part of Terms and Conditions available at https://www.UseCallbox.com/terms-of-service and/or to the user agreement https://usecallbox.com/privacy-policy (if applicable). Partner and Callbox are hereinafter jointly referred to as the “Parties”. In the event of any conflict between this DPA and the Terms and Conditions, the terms of this DPA shall prevail. This Agreement only applies to the extent that the EU Data Protection Law applies to the Processing of Personal Data under this Agreement, including if (a) the Processing is carried out in the context of the activities of an establishment of either Party in the European Economic Area (“EEA”), and/or (b) the Personal Data relates to Data Subjects who are in the EEA and the Processing relates to the offering to them of goods or services or the monitoring of their behavior in the EEA. DEFINITIONS: “Controller” or “Data Controller” means the entity that determines the purposes and means of the Processing of Personal Data.“Processor” or “Data Processor” means the entity which Processes Personal Data on behalf of the Data Controller.“Data Subject” means the individual to whom Personal Data relates, including End Users.“End User” means the end user of an internet connected device, such as a visitor to a web page, a user of a mobile app, or a user of an IoT device, or a visitor on advertisement or campaign webpage.“GDPR” means Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (also known as “General Data Protection Regulation”).“Personal Data” means any information relating to an identified or identifiable person as defined in Article 4.1 of the GDPR.“Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction (“Process”, “Processes” and “Processed” shall have the same meaning).“Sub-Processor” means any Data Processor engaged by the Processor.“Services” means services provided by the Callbox in accordance with the general legal terms mentioned above. PROCESSING OF PERSONAL DATA: Under this DPA and with respect to Personal Data, Partner is the Data Controller or Processor and Callbox is engaged by Partner as Processor in respect to Personal Data, as applicable. The terms of this Agreement shall apply to either of the relations between the Parties regarding the Processing of Personal Data mentioned herein.Within the scope of this DPA, Partner hereby engages Callbox to collect, process and/or use Personal Data on Partner’s behalf.Callbox will only Process Personal Data on Partnerr behalf and in accordance with Partner instructions. The instructions from the Partner to Process Personal Data are the following: (i) Processing shall be carried out in accordance with this DPA, the Terms and Conditions and pursuant to the features and limitations of the applicable Services which Callbox provides to Partner; and (ii) Processing shall be carried out in compliance with other reasonable instructions provided by the Partner, where such instructions are consistent with the Terms and Conditions. Callbox will be under no obligation to comply with instructions that Callbox deems as violating applicable laws.Callbox uses the Personal Data solely to provide the Services in accordance with Terms & Conditions, i.e. in order to perform tracking services / serve End Users with interest–based advertising, as well as to measure the effectiveness of advertising campaigns and provide Partner with advertising reports. In that context, Callbox – on Partnerr demand – may also combine Personal Data from different sources in order to improve Services and integrate Services with external platforms, all of which will be conducted on Partnerr behalf. Callbox also processes Personal Data on Partnerr behalf and to serve Partnerr interests for the purposes of fraud prevention, bot detection, rating, analytics, viewability, ad security services. Callbox may also process data based on the extracts of Personal Data in aggregated and non-identifiable forms, including for the purposes of testing, development, control and operation of the Services.Callbox may process the following information on Partnerr behalf: IP addresses, language information, session-based browsing behavior, header information, End User’s device-related data (such as the type or model of the device), operating system, wireless carrier providing communication services to such device, geographical location (geo-location) of the device, cookies, advertising identifiers of the device, as well as other information we may receive from Partner or from third parties engaged by the Callbox on Partnerr behalf, such as non-precise device location based on the IP address, device specifications and user’s interest’s information. Partner also authorizes Callbox to store and use cookies or pixel tags on End User’s device on behalf of the Partner in order to perform Services.Without derogating from any of the obligations of the Partner hereunder, the Partner shall not provide Callbox with any data a) which by itself identifies an individual, such as name, address, phone number, email address; and b) regarding children, or any special categories of personal data, as defined under Article 9 of the GDPR, except as may otherwise be expressly agreed in writing between the Parties and in accordance with the applicable law. This type of data is not necessary to use the Callbox’s Services.Partner is responsible for ensuring their own compliance with various laws and regulations, including the GDPR. To the extent required under the applicable law, Partner shall provide an appropriate notice to Data Subjects about the Processing of their Personal Data in connection with the use of Services under this DPA and under the legal terms, and Partner shall receive and document the Data Subjects’ consent thereof to the extent required under the applicable law.To the extent required under the applicable law, Partner must also use commercially reasonable efforts to ensure that the End User is provided with clear and comprehensive information about cookies or other information on the End User’s device in connection with the use of Services by the Partner and, if applicable, consents to their storing and accessing. To the extent required under the applicable law, Partner shall inform the End User about third party cookies (or other tracking technologies) which may be placed on Partner’s site(s), specifying the purpose of these cookies (e.g., targeted advertising) and the type of data collected on the Partner’s site(s). Partner shall also inform End Users of options to deactivate Callbox’s cookies by including in its privacy policy a link to the Callbox’s legal terms and when legally compulsory, appropriate notice, consent and choice mechanisms that comply with relevant laws and regulations, including GDPR.Partner acknowledge and agree that Partner retain sole responsibility for the lawfulness of the Processing and warrant to the Callbox that Partner are legally allowed to engage the Callbox to process Personal Data on Partnerr behalf, have provided all necessary notices and obtained all required consents from the Data Subjects (if apply) for the purposes of the Processing described in this DPA. RIGHTS OF DATA SUBJECTS: Callbox shall notify Partner via e-mail if he receives a request from a Data Subject in the subject of access to, correction, amendment, deletion of or objection to the processing of that Data Subject’s Personal Data. Callbox shall not respond to any such Data Subject request without Partner’s prior written consent, except in order to confirm that the request relates to the Partner.To the extent that Partner responds to any such Data Subject request, Callbox shall provide Partner, to the extent required by law, with commercially reasonable cooperation and assistance in relation to handling of a Data Subject’s request, to the extent legally permitted.Callbox reserves the right to charge additional fees in relation to the cooperation with the Partner in regard to this DPA.Callbox’s staff: Callbox shall ensure that its personnel engaged in the Processing of Personal Data is informed of the confidential nature of the Personal Data, has received appropriate training on their responsibilities and is subject to obligations of confidentiality. Such obligations shall survive the termination of that individual’s engagement with the Callbox.Callbox shall ensure that access to Personal Data is limited only to those members of personnel who require that access in order to fulfil Callbox’s obligations under the Terms and Conditions. SECURITY: Pursuant to Article 28, Section 3(c) of the General Data Protection Regulation, the Callbox shall take the measures required by the Article 32 of the GDPR.Callbox shall provide sufficient guarantees of implementation of the appropriate technical and organizational measures in a manner that the processing will meet the requirements of the GDPR and ensure the protection of the rights of the Data Subject.Callbox imposes appropriate contractual obligations upon its personnel that engages in the Processing of Personal Data, including relevant obligations regarding confidentiality, data protection and data security. Callbox ensures that its applicable personnel has been properly informed of the confidential nature of the Personal Data, has received appropriate training and has executed written confidentiality agreements. Callbox will further ensure that such confidentiality agreements will survive the termination of employment or another form of engagement of its personnel. AUDIT RIGHT. To the extent that the applicable law requires Partner to be in a position to monitor the adequate Processing of Personal Data, Partner as the Partner have the right to request an audit from Callbox to the extent necessary to review whether Callbox and our Sub-Processors are compliant with the following regulations: (i) any provisions of the Law, (ii) the terms of this DPA, and (iii) Partner’s instructions.Callbox may provide Partner with a copy of its most recent third-party audits or certifications issued by an independent, third-party auditor, as applicable, or any summaries thereof in order to fulfil Partnerr audit rights. If an audit is required by law and where its requirements cannot be fulfilled by the provision of such certification, Partner may conduct, either by Partnerrself or through a third party independent contractor selected by Partner at Partnerr expense, an on-site audit of the Callbox. Such audit may be conducted subject to the following terms: (i) the audit will be pre-scheduled in writing with Callbox at least 30 days in advance and will be performed once a year at most; (ii) if applicable, all of Partner personnel performing the audit, whether employed or contracted by Partner, will execute a Callbox’s standard non-disclosure agreement prior to the initiation of the audit, and a third party auditor will in addition execute a non-competition undertaking; (iii) Partner will undertake all necessary measures to ensure and verify that the auditors do not access, disclose or compromise the confidentiality and security of Personal Data other than Partnerr Personal Data on Callbox’s information and network systems; (iv) Partner will take all necessary measures to prevent any damage or interference with Callbox or its service providers’ information and network systems; (v) Partner will bear all costs and assume responsibility and liability for the audit and for any failures or damage caused as a result thereof; and (vi) any audit activities on Callbox’s third-party service providers’ information systems will be pre-scheduled and agreed on with the applicable providers; (vii) Partner will keep the audit results in strict confidentiality, use them solely for the specific purposes of the audit under this Section 6 and the GDPR will not use the results for any other purpose, or share them with any third party, without the Callbox’s prior explicit written confirmation; (viii) If Partner are required to disclose the audit results to a competent authority, Partner will provide the Callbox with a prior written notice, explaining the details and necessity of the disclosure, as well as provide all further necessary assistance to prevent such disclosure. SECURITY BREACH MANAGEMENT AND NOTIFICATIONIf Callbox becomes aware of any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to any Personal Data transmitted, stored, or otherwise Processed on Callbox’s equipment or in Callbox’s facilities (“Security Breach”), Callbox will promptly: (i) notify the Partner of the Security Breach; (ii) investigate the Security Breach and provide Partner with all relevant information about the Security Breach; and (iii) take all commercially reasonable steps to mitigate the effects and minimize any damage resulting from the Security Breach. SUBPROCESSING AND TRANSBORDER DATA TRANSFERS Partner authorizes Callbox to appoint Sub-Processors in order to provide the Services.Callbox may continue to use the Sub-Processors already engaged by the Callbox according to this DPA.Callbox may integrate the Partner’s services with external service providers’ platforms for the purpose of providing its Services, on Partner’s behalf and for the purposes of serving the Partner’s interests, where such external service providers may be Sub-Processors, which Partner hereby agrees to. A full list of such Sub-Processors is available upon the Partner’s written request directed to the Callbox.Notwithstanding the provisions above, Partner hereby authorize Callbox to subcontract the Processing to the Sub-Processors based outside of the European Economic Area (EEA) to the extent necessary to duly perform the Service(s), under the condition that the Sub-Processors will provide sufficient guarantees in relation to the required level of data protection, e.g. through a Privacy Shield certification according to the EU Commission Decision 2016/1250, or a subcontracting agreement based on the standard contractual clauses launched by virtue of the EU Commission Decision on standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC or GDPR (the “Model Contract Clauses”), or based on other applicable transborder data transfer mechanisms. OTHERS Term: This Agreement shall become effective as of May 25, 2018. Partner authorizes Callbox to retain Personal Data for a period of 3 months from the date of its collection on Partner’s behalf and for the purpose of serving its interests, including for fraud prevention, ad security services, reporting services, complaints or chargebacks handling. This data may be deleted from Callbox’s servers after this retention period and/or after the termination of Agreement or earlier, at Partnerr written request.Notices: If Partner wish to make any inquiries about this Agreement, please contact [email protected]: Partner shall indemnify and hold Callbox, its officers, directors, employees, contractors, and agents harmless from and against all claims, liabilities, administrative fines, suits, judgments, actions, investigations, settlements, penalties, fines, damages and losses, demands, costs, expenses, and fees including reasonable attorneys’ fees and expenses, arising out of or in connection with any claims, demands, investigations, proceedings, or actions brought by data subjects, legal persons (e.g., corporations and organizations), or supervisory authorities under the data protection laws that apply to Callbox in respect of processing of Personal Data on behalf of Partner through Services.The liability of each party under this Agreement shall be subject to the exclusions and limitations of liability set out in the legal terms.Governing law:This Agreement shall be governed by, and is construed in accordance with, the laws of the State of Spain, without giving any effect to any choice of law and provisions thereof that would cause the application of the laws of any other jurisdiction.

For more information or if you have questions or concerns regarding the Callbox Privacy Policy, please contact [email protected] or send correspondence to the following address: 9068406 Canada Inc, 925 De Maisonneuve Ouest, H3A0A5, Suite #335, Montreal, Quebec, Canada

Last Updated: October 25, 2022