Effective Date: June 21, 2025
This Data Processing Agreement ("Agreement") forms part of the Terms of Service between you ("Customer") and Thumper ("Processor") and applies when Thumper processes personal data on your behalf as part of providing services.
The Processor will process Personal Data only as necessary to provide the Service and in accordance with the Customer’s documented instructions.
The Customer authorizes Thumper to use sub-processors for hosting, email delivery, and infrastructure. A list of sub-processors is available upon request. Thumper ensures sub-processors are bound by data protection obligations no less protective than this Agreement.
The Processor will implement appropriate technical and organizational measures to protect Personal Data against unauthorized access, loss, or destruction.
Processor will assist Customer in fulfilling its obligations to respond to data subject requests to access, rectify, or erase Personal Data, or to restrict or object to processing, as required by applicable law.
In the event of a data breach involving Personal Data, the Processor will notify the Customer without undue delay and provide relevant information as it becomes available.
Thumper may transfer Personal Data to countries outside the EEA or the UK as necessary, provided such transfers comply with applicable data protection laws and appropriate safeguards (such as Standard Contractual Clauses) are in place.
Upon termination of the Service, the Processor will delete or return all Personal Data to the Customer, unless retention is required by law.
Upon written request, the Customer may conduct a review of Thumper’s data processing practices and security measures, subject to confidentiality obligations and reasonable limits on frequency.
For questions regarding this Agreement, please contact us at: