This Service Provider Addendum (“Addendum”) supplements the Merchant Program Agreement, Publisher Program Terms & Conditions, or other written or electronic agreement for the provision of internet advertising services between Connexity, Inc. (“Connexity”) and the other party thereto (“Company”) (each respectively, the “Agreement”).
This Addendum reflects the agreement of Connexity and Company with respect to the following terms regarding the personal information of California consumers and covered information of Nevada residents. To the extent there is a conflict between this Addendum and the terms of the Agreement, this Addendum will control. Connexity may make reasonable changes to this Addendum from time to time, which shall become effective immediately on posting at https://www.connexity.com/california-privacy/addendum.
1.0 California Consumer Personal Information. With respect to personal information of California consumers that Connexity processes on behalf of Company pursuant to the Agreement, Connexity and Company agree that:
1.1 “CCPA” shall mean the California Consumer Privacy Act of 2018 (California Civil Code §§ 1798.100 to 1798.198), as amended or superseded, including any regulations or guidance provided by the California Attorney General.
1.2 The terms, “collect”, “commercial purpose”, “consumer”, “personal information”, “processing”, “sale“, “sell”, and “service provider” shall have the same meaning as in the CCPA, and their cognate terms shall be construed accordingly.
1.3 Connexity is a service provider under the CCPA.
1.4 The disclosure of personal information to Connexity is not for monetary or other valuable consideration.
1.5 Connexity will only process personal information on behalf of Company for fraud prevention, pricing optimization, ad placement, advertising campaign optimization, invoice amount, payment or invoice detail verification, or for any other business purpose set forth in the Agreement. In addition, (1) Connexity will not retain, use, or disclose personal information for any purpose other than for the specific purpose of performing the services specified in the contract for the business, or as otherwise permitted by the CCPA, as reasonably determined by Connexity; (2) Connexity will not further collect, sell, or use consumer personal information except as reasonably necessary and proportionate to achieve the operational purpose for which the information was collected or processed or, in Connexity’s reasonable discretion, for another operational purpose that is compatible with the context in which the personal information was collected; and (3) unless Company directs Connexity to sell personal information on Company’s behalf, Connexity is prohibited from selling such personal information. Connexity may disclose personal information to its own service providers, provided that Connexity shall require its service providers to comply with terms that are equivalent to those in this Addendum. Without limiting the foregoing, Connexity may also use personal information (i) internally to build or improve the quality of its services, (ii) to detect data security incidents, or protect against fraudulent or illegal activity, and (iii) for the purposes enumerated in Cal. Civil Code section 1798.145, subsections (a)(1) through (a)(4).
1.6 Company shall post a CCPA-compliant privacy notice. Section 2 of this Addendum describes the personal information categories that Connexity may collect and/or process under this Agreement. Connexity may update Section 2 from time to time, upon written notice to Company.
1.7 Connexity shall promptly and in good faith take such actions and provide such information and assistance as Company may reasonably request to enable Company to honor requests of individuals to exercise their rights under the CCPA, including requests to access, delete or opt-out of sale of personal information pertaining to them. If feasible and to the extent required by the CCPA, Connexity shall give Company written notice of any such requests that Connexity may receive directly from consumers that pertain to the services provided to Company and performed by Connexity for Company under the Agreement.
2.0 Personal Information Categories. Connexity may process the following categories of personal information, as defined and classified by Cal. Civ. Code § 1798.140(o)(1)(A) through (K), from California consumers on Company’s behalf under the Agreement: identifiers (e.g. unique personal identifier and IP address); commercial information (e.g. records of purchase order value); internet or other similar network activity (e.g. consumer’s interaction with website or advertisement); and geolocation data (e.g. IP address). The foregoing listing of personal information categories does not necessarily indicate that all (or any) of such categories are applicable to the Agreement or the services provided thereto. Information is only personal information to the extent it identifies, relates to, describes, is reasonably capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer or household.
Connexity may also collect personal information from Company, its representatives and personnel through CRM tools and business to business communications between the parties. Related categories of personal information may include those listed above as well as those listed in Cal. Civ. Code § 1798.80(e) and professional or employment-related information.
Additional information regarding Connexity’s personal information collection is set forth in its California Privacy Notice at https://connexity.com/california-privacy.
3.0 Nevada Residents. With respect to the covered information of consumers who reside in the State of Nevada that Connexity processes on behalf of Company pursuant to the Agreement, Connexity and Company agree that:
3.1 The terms “sale“, “consumer“, and “covered information” shall have the meanings set forth in or applicable to Nevada Senate Bill 220, which amends and supplements Nevada’s Online Privacy Law, Nev. Rev. Stat. 603A, et seq., and their cognate terms shall be construed accordingly.
3.2 Connexity shall not sell covered information.
