This Dailybot® Data Processing Addendum ("Addendum") amends the Terms of Service for Software as a Service Subscription or the Software as a Service Agreement, as applicable (the "Agreement"), by and between you acting as Customer under the Agreement ("you," "your") and Dailybot, Inc., a Delaware corporation ("Dailybot").
1. Definitions
a) "Data Protection Legislation" means European Union Regulation 2016/679 (the "General Data Protection Regulation") or California Civil Code Section 1798.100-1798.199 (the "California Consumer Privacy Act of 2018"), as applicable, and any legislation and/or regulation implementing or made pursuant to it, or which amends or replaces any of it;
b) "Data Processor", "Data Controller", "Data Subject", "Processing", "Subprocessor", and "Supervisory Authority" shall be interpreted in accordance with the General Data Protection Regulation;
c) "Service Provider" shall be interpreted in accordance with the California Consumer Privacy Act of 2018;
d) "Personal Data" as used in this Addendum means information that relates to, or could reasonably be linked with, to an identifiable or identified Data Subject who participates in chatbot, collaboration and/or productivity tools you offer or make available to your users through the Platform (each, an "End User"), which information Dailybot processes as a Data Processor or Service Provider in the course of providing you with the Cloud Services;
e) "Data Subject Request" as used in this Addendum means a request for access, erasure, rectification, or portability of your End User's Personal Data; and
f) All other capitalized terms in this Addendum shall have the same definition as in the Agreement.
2. Data Protection
a) Where a Data Subject is located in the European Economic Area, such Data Subject's Personal Data will be processed by Dailybot in the United States of America and may be transferred to other regions. Such transfers will be completed in compliance with the applicable Data Protection Legislation.
b) You understand and agree that you are acting as a Data Controller with respect to all Personal Data you input or upload to the Platform in the course of using the Cloud Services and will observe all applicable Data Protection Legislation with respect to your collection and use of Personal Data.
c) When Dailybot processes Personal Data in the course of providing the Cloud Services, Dailybot will: (i) process the Personal Data as a Data Processor or Sub-Processor and/or Service Provider, only for the purpose of providing the Cloud Services in accordance with documented instructions from you; (ii) notify you if, in Dailybot's opinion, your instruction for the processing of Personal Data infringes applicable Data Protection Legislation; (iii) notify you promptly upon receiving an inquiry or complaint from a Supervisory Authority; (iv) implement reasonable technical and organizational measures enabling you to execute Data Subject Requests; (v) implement and maintain appropriate technical and organizational measures to protect the Personal Data; (vi) notify you without undue delay upon becoming aware of any accidental, unauthorized, or unlawful processing of, disclosure of, or access to the Personal Data; (vii) ensure that Dailybot's personnel who access the Personal Data are subject to confidentiality duties; and (viii) upon termination or expiration of the Agreement, Dailybot will promptly initiate its purge process to delete or anonymize the Personal Data. If you request a copy of such Personal Data within 30 days of termination, Dailybot will provide you with a copy of such Personal Data in its original format.
d) With respect to the Cloud Services, you acknowledge and agree that Dailybot may use sub-processors to process the Personal Data. Dailybot's use of any specific sub-processor will be in compliance with the applicable Data Protection Legislation and must be governed by a contract between Dailybot and sub-processor that requires comparable protections to this Data Processing Addendum. A current list of sub-processors may be found online at https://www.dailybot.com. If you object to the appointment of any sub-processor, you may terminate the Agreement by giving us a 30-day advance written notice specifying the nature of your objection and the name of the sub-processor.
3. Miscellaneous
a) In the event of any conflict or inconsistency between the provisions of the Agreement and this Addendum, the provisions of this Addendum shall prevail.
b) For avoidance of doubt and to the extent allowed by applicable law, any and all Dailybot's liability under this Addendum, including limitations thereof, will be governed by the relevant provisions of the Agreement. You acknowledge and agree that Dailybot may amend this Addendum from time to time by posting the relevant amended and restated Addendum on Dailybot's website, available at https://www.dailybot.com. Your continued use of the Cloud Services after the amended Addendum is posted constitutes your agreement to, and acceptance of, the amended Addendum.
c) Save as specifically modified and amended in this Addendum, all of the terms, provisions and requirements contained in the Agreement shall remain in full force and effect and govern this Addendum.
d) The terms of this Addendum shall be governed by and interpreted in accordance with the laws of the State of New York, U.S.A., without regard to principles of conflicts of laws. THE PARTIES IRREVOCABLY AND UNCONDITIONALLY SUBMIT TO THE EXCLUSIVE JURISDICTION OF THE COURTS OF THE NEW YORK COUNTY, STATE OF NEW YORK WITH RESPECT TO ANY DISPUTE OR CLAIM ARISING OUT OF OR IN CONNECTION WITH THIS ADDENDUM AND WAIVE ALL RIGHTS TO A JURY TRIAL.
For questions about this DPA, contact us at: [email protected]
Last Modified: December 1, 2025
This Dailybot Data Processing Agreement and its Annexes ("DPA") states the parties' agreement with respect to the Processing of Personal Data by us on behalf of you as Customer in connection with the provision of Cloud Services under the Dailybot Terms of Service or, as applicable, Dailybot Cloud Services Agreement, between you and us (also collectively referred to in this DPA as the "Agreement").
This DPA is supplemental to, and forms an integral part of, the Agreement and is effective upon its incorporation into the Agreement. In case of any conflict or inconsistency with the terms of the Agreement, this DPA will take precedence over the terms of the Agreement to the extent of such conflict or inconsistency.
The term of this DPA is coterminous with the term of the Agreement. Terms not otherwise defined in this DPA will have the meaning as set forth in the Agreement.
1. Definitions
"California Personal Information", "CCPA", "Consumer", "Business", "Sell", "Service Provider", "Controller", "Data Protection Laws", "Data Subject", "Europe", "European Data", "European Data Protection Laws", "Instructions", "Permitted Affiliates", "Personal Data", "Personal Data Breach", "Processing", "Processor", "Standard Contractual Clauses", and "Sub-Processor" shall have the meanings as defined in the full DPA available at dailybot.com/legal/data-processing-addendum.
2. Customer Responsibilities
You will be responsible for complying with all requirements that apply to you under applicable Data Protection Laws for your Processing of Personal Data and the Instructions you issue to us. You acknowledge and agree that you will be solely responsible for: (i) the accuracy, quality, and legality of Customer Data; (ii) complying with transparency and lawfulness requirements; (iii) ensuring you have the right to transfer Personal Data to us; (iv) ensuring your Instructions comply with applicable laws; and (v) complying with all laws applicable to content created through the Cloud Services.
3. Dailybot Obligations
We will only Process Personal Data for the purposes described in this DPA or as otherwise agreed within the scope of your lawful Instructions. We will implement and maintain appropriate technical and organizational measures to protect Personal Data (as described in Annex 2). We will notify you without undue delay after we become aware of any Personal Data Breach. We will delete or return all Customer Data on termination or expiration of your subscription in accordance with our Agreement.
4. Data Subject Requests
The Platform may provide you with controls to retrieve, correct, delete or restrict Personal Data. To the extent that you are unable to independently address a Data Subject Request through the Platform, we will provide reasonable assistance upon your written request. If a Data Subject Request is made directly to us, we will promptly inform you and advise the Data Subject to submit their request to you.
5. Sub-Processors
You agree that we may engage Sub-Processors to Process Personal Data on your behalf. We have currently appointed the third parties listed in Annex 3. We will notify you if we add or replace any Sub-Processors at least 30 days prior to any such changes. We will remain responsible for each Sub-Processor's compliance with the obligations of this DPA.
6. Data Transfers
You acknowledge that Personal Data may be transferred to and Processed by Dailybot, Inc. in the United States and to other jurisdictions where Dailybot Affiliates and Sub-Processors have operations. Wherever Personal Data is transferred outside its country of origin, each party will ensure such transfers are made in compliance with Data Protection Laws.
7. Additional Provisions for European Data
When Processing European Data, you are the Controller and we are the Processor. The parties agree to abide by and process European Data in compliance with the Standard Contractual Clauses (Annex 4). For UK GDPR and Swiss DPA, the UK and Swiss Addendum to the Standard Contractual Clauses applies.
8. Additional Provisions for California Personal Information
When processing California Personal Information, you are a Business and we are a Service Provider for the purposes of the CCPA. We will Process California Personal Information strictly for the purpose of performing the Cloud Services under the Agreement.
9. General Provisions
We reserve the right to make updates and changes to this DPA. If any provision is determined to be invalid or unenforceable, the validity of the other provisions will not be affected. Liability under this DPA is subject to the limitations and exclusions of liability set out in the Agreement.
10. Annexes
Annex 1 - Details of Processing: Data exporter (Customer) and Data importer (Dailybot, Inc., 68 Mountain Ave, Westwood, NJ 07675, USA). Categories of Data Subjects: Customer's employees, external collaborators, and clients. Categories of Personal Data: Contact information, identification data, and any other Personal Data submitted via the Cloud Services.
Annex 2 - Security Measures: Access control (outsourced processing, physical security, authentication, authorization), transmission control (HTTPS in-transit, AES256 at-rest), input control (logging, incident response), availability control (99.9% uptime, redundancy, backups).
Annex 3 - List of Sub-Processors: Amazon Web Services, Inc. (Cloud Service Provider); Google LLC (Cloud Service Provider, documents storage); Not Just Tickets Ltd (Customer support); Slack Technologies, LLC (Internal communication); Paddle.com, Inc. (Payment Processor); Stripe, Inc. (Payment Processor); OpenAI, L.L.C. (AI Computation, if customer enables AI).
Annex 4 - Standard Contractual Clauses: Module Two (Transfer Controller to Processor). The full text of the EU Standard Contractual Clauses (Decision (EU) 2021/914) is incorporated by reference. For the complete EU Version including all Annexes and the UK and Swiss Addendum, please see dailybot.com/legal/data-processing-addendum.
For questions about this DPA, contact us at: [email protected]