We have updated our Data Processing Addendum (“DPA”) in accordance with Article 28 – which now contains additional provisions to assist our customers with their compliance with the GDPR. If your organization is located in the EU or your state law requires, usage of tawk.to is governed by tawk.to’s online Terms of Service, tawk.to has automatically incorporated the following DPA, which will apply to its processing of personal data, and covers GDPR.

Just as tawk.to is not able to negotiate its Terms of Service, it is not able to negotiate this Data Processing Addendum, you enter into a legally binding contract with tawk.to as a data processor.

This tawk.to Data Processing Addendum (“Addendum”) amends the tawk.to Terms of Service (the “Agreement”) by and between you and tawk.to Inc., a US corporation with registered offices at 187 East Warm Springs Rd, SB298, Las Vegas, Nevada, 89119, on behalf of itself and its UK affiliate Tawk.to Ltd. (“tawk.to”) and forms part of the Master Services Agreement or Terms of Service available at https://www.tawk.to/terms-of-service/ or such other location as the Terms of Service may be posted from time to time (as applicable, the “Agreement”), entered into by and between the Customer and tawk.to, Inc. (“tawk.to”), pursuant to which Customer has accessed tawk.to’s services as defined in the applicable Agreement.

The purpose of this DPA is to reflect the parties’ agreement with regard to the processing of personal data in accordance with the requirements of Data Protection Legislation as defined below. This DPA shall not replace or supersede any agreement or addendum relating to processing of personal data negotiated by Customer and referenced in the Agreement, and any such individually negotiated agreement or addendum shall apply instead of this DPA. Should you require further information, you can make a request to compliance@tawk.to.

1. Definitions

(a) “Data Protection Legislation” means European Directives 95/46/EC and 2002/58/EC, and any legislation and/or regulation implementing or made pursuant to them, or which amends or replaces any of them (including the General Data Protection Regulation, Regulation (EU) 2016/679);

(b) “Data Processor”, “Data Subject”, “Processor”, “Processing”, “Subprocessor”, and “Supervisory Authority” shall be interpreted in accordance with applicable Data Protection Legislation;

(c) “Personal Data” as used in this Addendum means information relating to an identifiable or identified Data Subject who visits or engages in transactions through your store (a “Customer”), which tawk.to Processes as a Data Processor in the course of providing you with the Services. Notwithstanding the foregoing sentence, Personal Data does not include information that tawk.to processes in the context of services that it provides directly to a consumer; and

2. Data Protection

2.1. Where a Data Subject is located in the European Economic Area, that Data Subject’s Personal Data will be processed by tawk.to’s UK affiliate, tawk.to Ltd. As part of providing the Services, this Personal Data may be transferred to other regions, including to the United States. Such transfers will be completed in compliance with relevant Data Protection Legislation. To the extent that Personal Data includes information about Data Subjects who are located in the European Economic Area, which tawk.to’s US operations stores or otherwise accesses outside of the European Economic Area, the parties agree that the Standard Contractual Clauses for the Transfer of Personal Data to Data Processors Established In Third Countries pursuant to Commission Decision 2010/87/EU of 5 February 2010 or any amendments to same by the European Commission (link) (“Model Processor Clauses”), including the appendices attached thereto, apply and are incorporated into this DPA by reference, and shall apply to such transfers. Tawk.to’s US operations shall be the “data importer” and Customer is the “data exporter,” and the data processing activities in Appendix 1 and Appendix 2 to the Model Processor Clauses shall be as described in the Master Services Agreement and our Privacy Policy. If you are a “data exporter” based in the EEA you must sign acceptance of the tawk.to SCC which can be requested here.

2.2. When tawk.to Processes Personal Data in the course of providing the Services, tawk.to will:

2.2.1. Process the Personal Data as a Data Processor, only for the purpose of providing the Services in accordance with documented instructions from you (provided that such instructions are commensurate with the functionalities of the Services), and as may subsequently be agreed to by you. If tawk.to is required by law to Process the Personal Data for any other purpose, tawk.to will provide you with prior notice of this requirement, unless tawk.to is prohibited by law from providing such notice;

2.2.2. notify you if, in tawk.to’s opinion, your instruction for the processing of Personal Data infringes applicable Data Protection Legislation;

2.2.3. notify you promptly, to the extent permitted by law, upon receiving an inquiry or complaint from a Data Subject or Supervisory Authority relating to tawk.to’s Processing of the Personal Data;

2.2.4. implement and maintain appropriate technical and organizational measures to protect the Personal Data against unauthorized or unlawful processing and against accidental loss, destruction, damage, theft, alteration or disclosure. These measures shall be appropriate to the harm which might result from any unauthorized or unlawful processing, accidental loss, destruction, damage or theft of Personal Data and appropriate to the nature of the Personal Data which is to be protected;

2.2.5. notify you promptly upon becoming aware of and confirming any accidental, unauthorized, or unlawful processing of, disclosure of, or access to the Personal Data;

2.2.6. ensure that its personnel who access the Personal Data are subject to confidentiality obligations that restrict their ability to disclose the Customer Personal Data; and

2.2.7. upon termination of the Agreement, tawk.to will promptly initiate its purge process to delete or anonymize the Personal Data.

2.3 In the course of providing the Services, you acknowledge and agree that tawk.to may use Subprocessors to Process the Personal Data. tawk.to’s use of any specific Subprocessor to process the Personal Data must be in compliance with Data Protection Legislation and must be governed by a contract between tawk.to and Subprocessor. For a list of subproccessors please visit: https://www.tawk.to/data-protection/sub-processors/

3. Miscellaneous

3.1 In the event of any conflict or inconsistency between the provisions of the Agreement and this Addendum, the provisions of this Addendum shall prevail. For avoidance of doubt and to the extent allowed by applicable law, any and all liability under this Addendum, including limitations thereof, will be governed by the relevant provisions of the Agreement. You acknowledge and agree that tawk.to may amend this Addendum from time to time by posting the relevant amended and restated Addendum on tawk.to’s website, available at https://www.tawk.to/terms-of-service/ and such amendments to the Addendum are effective as of the date of posting. Your continued use of the Services after the amended Addendum is posted to tawk.to’s website constitutes your agreement to, and acceptance of, the amended Addendum. If you do not agree to any changes to the Addendum, do not continue to use the Service.

3.2 Save as specifically modified and amended in this Addendum, all of the terms, provisions and requirements contained in the Agreement shall remain in full force and effect and govern this Addendum. If any provision of the Addendum is held illegal or unenforceable in a judicial proceeding, such provision shall be severed and shall be inoperative, and the remainder of this Addendum shall remain operative and binding on the parties.

3.3 The terms of this Addendum shall be governed by and interpreted in accordance with the laws of the State of Nevada and the laws of United States applicable therein, without regard to principles of conflicts of laws. The parties irrevocably and unconditionally submit to the exclusive jurisdiction of the courts of the State of Nevada with respect to any dispute or claim arising out of or in connection with this Addendum.