LIVEINTENT DATA USAGE POLICY &  GDPR ACKNOWLEDGEMENT

This LiveIntent Data Usage Policy (the “Data Usage Policy”) is attached and made a part of any agreement(s) (the ‘Agreement) entered into by and between LiveIntent, Inc. (“LiveIntent”) and Company in connection with the Services. This Data Usage Policy is separate from our Consumer Privacy policy, which may be referenced here; and our Website Privacy policy, which is available here. If there is a conflict between any of the provisions of this Data Usage Policy and any other terms in the Agreement, the provisions of this Data Usage Policy shall prevail with respect to that conflict. This Data Usage Policy shall continue in force until the termination of the Agreement.

1. Definitions: Capitalized terms used but not defined in this Data Usage Policy shall have the meaning ascribed to them by the Agreement. For the purposes of this Data Usage Policy, the following terms shall have the following meanings:
1. “LiveIntent Support Tags” is defined as LiveIntent technologies including the LiveTag, LiveConnect Web Tag, and LiveConnect InApp Tag that are used to collect and transmit data to LiveIntent.
2. “Direct Data Sharing” is defined as other ways in which Company shares data with LiveIntent including file sharing, server to server syncing or other means.
3. “LiveIntent Graph” is defined as the data asset that LiveIntent creates that connects hashed email addresses, cookies, and other information for the purposes of LiveIntent providing its Services. The LiveIntent Graph is only maintained in the United States and Canada.
4. “Services” is defined as the services LiveIntent performs on behalf of its customers, including, but not limited to, LiveIntent’s Services Privacy Policy, which is available at https://www.liveintent.com/services-privacy-policy/, and the Service Order Forms associated with this agreement.
2. In the course of LiveIntent providing its Services, Company makes information available to LiveIntent regarding Company’s customers, end users, email recipients, and other individuals that (i) alone or in combination with other information could reasonably be used to identify, contact, or derive information regarding a particular individual or household, and (ii) may be considered to be personal data or personal information as defined under, or otherwise governed by, applicable data protection laws (“Personal Information”).  Company discloses or makes available such Personal Information to LiveIntent through Direct Data Sharing or through the implementation of LiveIntent Support Tags to perform Services and, except for Personal Information collected from individuals in the European Economic Area, the United Kingdom, or Switzerland, to develop and deliver LiveIntent’s  offerings and Services, including (i) adding Personal Information to and referencing data that already exists in the LiveIntent Graph in order for LiveIntent to improve and provide its Services; and (ii) authenticating and validating data to improve the performance of Services provided by LiveIntent. Notwithstanding the rest of this paragraph 2, LiveIntent shall use and disclose Personal Information collected from individuals in the European Economic Area, the United Kingdom, or Switzerland only for purposes of providing Marketing and Advertising Services, as described in the Marketing and Advertising Services Privacy Policy, available at https://www.liveintent.com/services-privacy-policy/#marketing-services.
3. Company hereby represents that at or before the point of collecting Personal Information, Company provides all individuals to whom Personal Information relates any legally required notices, obtains any legally required consents from such individuals, and provides such individuals with any legally required opportunities to opt-out of the sharing of Personal Information, in order for LiveIntent to be able to provide its Services.    
4. Under data protection laws applicable in the European Economic Area, the United Kingdom, and Switzerland, including but not limited to the European Union’s General Data Protection Regulation, LiveIntent is considered a Processor of Personal Information. Applicable Data Protection language regarding the protection of applicable data is expressly agreed to and incorporated herein under Exhibit C of this Agreement.

 GDPR ACKNOWLEDGEMENT

The undersigned customer (“Customer”) of LiveIntent, Inc. (“LiveIntent”) represents and warrants that after May 25, 2018, it will not engage in the processing of personal data of European Union data subjects subject to the European Union’s General Data Protection Regulation (i.e., European Union Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data) (the “GDPR”) with respect to (1) any websites, email newsletters, or other web properties that it owns, operates, represents, or controls and on which it authorizes LiveIntent to drop cookies or place HTML tags for the provision of LiveIntent’s services to Customer, and (2) any user identifiers that it provides to LiveIntent in order to facilitate the placement of Customer’s advertisements to those user identifiers. This representation and warranty is incorporated into any agreement(s) between Company and LiveIntent and is in addition to, and without limitation to, any other representations and warranties therein.  In the event that Company begins to engage in the processing of personal data of European Union data subjects (as each term is defined in the GDPR) under the GDPR, or Company otherwise determines that the provision of LiveIntent’s services is subject to the GDPR, Company will immediately notify LiveIntent, and Company and LiveIntent will negotiate in good faith to enter into a data processing agreement in order to allow personal data to be transferred or processed to or by LiveIntent consistent with applicable law.