MySarahAI

Home Contact
See Sarah AI in Action

This Data Processing Agreement (“DPA”) outlines how Sarah AI processes personal data when providing its services (“Services”) to users (“You”). By using the Services, You agree to this DPA, which forms part of the Sarah AI Terms of Service.

1. Definitions

  • Personal Data: Any information related to an identified or identifiable natural person (“Data Subject”).
  • Processing: Operations performed on Personal Data, such as collection, storage, use, or deletion.
  • Controller: The entity determining the purposes and means of Processing Personal Data.
  • Processor: The entity Processing Personal Data on behalf of the Controller.
  • Sub-processor: A third party engaged by Sarah AI to Process Personal Data.
  • Data Breach: A security incident leading to unauthorized disclosure, alteration, or destruction of Personal Data.

2. Scope of Processing

  • Subject Matter: This DPA governs Sarah AI’s Processing of Personal Data to provide its Services to You.
  • Nature and Purpose: Sarah AI Processes Personal Data solely to deliver Services, which may include:
    • Contact information (e.g., names, phone numbers, email addresses).
    • Appointment details (e.g., dates, times, requested services).
    • Call recordings and transcriptions.
  • Duration: Sarah AI will Process Personal Data for the duration of the agreement and as required to fulfill its obligations.

3. Obligations of Sarah AI

  • Processing on Instructions: Sarah AI will only Process Personal Data according to documented instructions provided by You.
  • Confidentiality: Sarah AI ensures that personnel with access to Personal Data are bound by confidentiality obligations.
  • Security Measures: Sarah AI implements measures to protect Personal Data, including:
    • Access control (limiting access to authorized personnel).
    • Data encryption (in transit and at rest).
    • Regular security assessments.
    • Timely notification of Data Breaches.
  • Sub-processors: Sarah AI may engage Sub-processors to support service delivery and will:
    • Notify You of Sub-processors.
    • Ensure Sub-processors meet equivalent data protection standards.
    • Remain liable for Sub-processors’ compliance.
  • Data Subject Rights: Sarah AI will assist You in responding to Data Subjects’ rights requests, such as access, correction, and deletion.
  • Use of Anonymized Data: Sarah AI may use aggregated and anonymized data for improving its Services, provided it cannot identify individuals.

4. Your Obligations

  • Lawful Processing: You warrant that your instructions comply with applicable data protection laws.
  • Transparency: You must inform Data Subjects about the collection and use of their Personal Data, including:
    • The identity of the Controller.
    • Purpose of the Processing.
    • Rights of the Data Subjects.
  • Minimization: You will only provide Personal Data necessary for Sarah AI’s service delivery.
  • Indemnification: You agree to indemnify and hold harmless Sarah AI from any claims arising from your misuse of the Services or non-compliance with applicable laws.

5. Data Breach Notification

  • Notification Timeline: Sarah AI will inform You without undue delay upon discovering a Data Breach.
  • Details Provided: The notification will include:
    • Nature and scope of the breach.
    • Categories and volume of Personal Data affected.
    • Steps taken to mitigate risks.
    • Measures to prevent recurrence.
  • Collaboration: Sarah AI will work with You to address and resolve the breach.

6. Liability and Limitation of Liability

  • Liability Cap: Sarah AI’s total liability under this DPA is limited to the fees paid by You in the 12 months preceding the incident.
  • No Indirect Damages: Sarah AI is not liable for indirect, incidental, punitive, or consequential damages, including loss of revenue or data.

7. Termination and Data Return/Deletion

  • Upon termination of the Services:
    • Sarah AI will delete or return all Personal Data, as requested.
    • Secure deletion of backups will occur within 30 days unless retention is required by law.

8. Force Majeure

Sarah AI is not liable for delays or failures caused by events beyond its reasonable control, including natural disasters, cyberattacks, labor strikes, or government actions.

9. Governing Law and Dispute Resolution

  • Governing Law: This DPA is governed by the laws of [State].
  • Dispute Resolution: Any disputes arising out of this DPA will be resolved through binding arbitration in accordance with [Arbitration Association Rules], with venue in [State].

10. Modifications

Sarah AI reserves the right to modify this DPA to reflect changes in laws or operations. Continued use of the Services after modifications constitutes acceptance of the updated DPA.

By using Sarah AI’s Services, You agree to this DPA. This agreement is incorporated into and forms part of Sarah AI’s Terms of Service.

Copyright 2024 . All rights reserved
info@email.mysarahai.com
(702) 829-7688
Data Processing Agreement (DPA) Privacy Policy Terms of Service