Amrit Thomas
"Your Paragraph text goes Lorem ipsum dolor sit amet, consectetur adipisicing elit. "
John Smith
"Your Paragraph text goes Lorem ipsum dolor sit amet, consectetur adipisicing elit. "
Marc Jacobs
"Your Paragraph text goes Lorem ipsum dolor sit amet, consectetur adipisicing elit. "
Data Processing Agreement
Last Updated: July 2025
1. Overview
Business Automation Professionals, LLC (“Business Automation Professionals, LLC,” “we,” “us,” and “our”) respects your privacy and is committed to protecting it through compliance with this Privacy Policy (“Privacy Policy”). This Privacy Policy describes how we collect and use your Personal Information when you visit our website at www.businessautomationprofessionals.com or otherwise use the Platform as described further in the Terms of Service, and that you may provide in electronic messages to Business Automation Professionals, LLC.
Please read this Privacy Policy to understand our policies and practices regarding your Personal Information and how we will handle it. If you do not agree with our policies and practices, do not use the Platform. By accessing or using the Platform, you agree and consent to this Privacy Policy.
Business Automation Professionals, LLC may change this Privacy Policy at any time, at its discretion. Your continued use of the Platform after we make changes is deemed to be acceptance of and consent to those changes, so please check the Privacy Policy periodically for updates.
This Privacy Policy is subject to and governed by the Business Automation Professionals, LLC Terms of Service. The Services are part of the Platform and are described further in the Terms of Service.
2. The Types of Information That Business Automation Professionals, LLC Collects About You and How Business Automation Professionals, LLC Collects Information About You
Business Automation Professionals, LLC may collect two types of information from you when you visit the Platform: Personal Information and Non-Personal Information (collectively “Information”).
-“Personal Information” refers to data by which you may be personally identified, such as name, email address, employer, job title and department, and telephone number.
-“Non-Personal Information” means data that is about you, but does not identify you specifically. If you do nothing during your visit to our Platform but browse, read pages, or view content, we will gather and store Information about your visit that does not identify you personally.
We collect Information:
-Directly from you when you provide it to us. When you subscribe to a newsletter, create an account, make a purchase or request information from Business Automation Professionals, LLC, we will ask for things like your name, contact, billing, shipping and communication information, and account ID or credentials in order to fulfill your request. If you set up an appointment with us through the Platform, attend a trade show or event, or otherwise contact us, you may also voluntarily provide similar information. If you submit any Personal Information about other people to us or to our service providers, you are responsible for making sure that you have the authority to do so and to allow us to use their Personal Information in accordance with this Privacy Policy (for example, by you asking for their consent).
-From third parties. We obtain information through partners, vendors, suppliers and other third parties. The parties from whom we obtain information are typically corporate enterprises (although some may also be educational or public enterprises) and they may be located in any of the locations in which we do business. These enterprises largely fall into the following categories: Advertising and marketing companies, data set and information vendors, public database providers, social media platforms, partners, providers of products or services, hosts or vendors at events or trade shows, research partners, or enterprises that use Business Automation Professionals, LLC Services. We take steps to confirm that information we receive from these third parties has been collected with their consent or that these parties are otherwise legally permitted to disclose your Personal Information to us. We might also obtain information through a partner, or co-create datasets with a partner, as part of our business operations. This kind of data is used for work like improving the Platform and other Business Automation Professionals, LLC Services, enhancing existing products and developing new capabilities and features. In some cases we combine Personal Information about individuals that we receive from multiple sources, including directly collected from you or through your use of the Platform.
-Automatically as you navigate through the Platform or during the time in which you utilize our Services. We collect information about how you interact with the Platform through the use of cookies, pixel tags, and similar technologies. Please view our separate Cookies Policy for more information on our use of cookies and similar technologies, how you can manage cookies and how we respond to Do Not Track signals.
3. How Business Automation Professionals, LLC Uses Personal Information It Collects About You and the Purposes for the Collection and Use
We use Personal Information that we collect about you or that you provide to us for the following purposes:
-For Functionality and Development of the Platform and Business Automation Professionals, LLC Services. We use information to provide, offer, and personalize the Platform and other Business Automation Professionals, LLC Services provided to you. Some information, like your IP address, is used to communicate with your device to provide network connectivity, measure usage levels of the Platform, diagnose server problems and provide security features. Other business purposes that depend on use of your information include data analysis related to testing, modifying, improving or developing new products, services and technologies, and to identify trends. Some Platform features may leverage artificial intelligence (“AI”) tools to enhance performance capabilities. We do NOT retain Personal Information to develop, improve, or train generalized AI or machine learning models, including user data provided via third party APIs, including but not limited to Google Workspace APIs. Business Automation Professionals, LLC Platform’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements. We use cookies to make our websites and the Platform operate, work more efficiently, and provide analytic information. Technologies similar to cookies, such as pixel tags are also used in connection with the Platform. For more information on our use of cookies, please read our Cookies Policy.
-For Customer Support, Platform Updating and Reporting. The Platform may use information to provide Business Automation Professionals, LLC with updates and reports, and to check that the Platform is working properly. Update functions may automatically check your system to see whether files need to be refreshed, updated, or modernized, in order to provide you with the up-to-date security, versions, features, options and controls associated with your systems or devices. We rely on information to analyze performance and improve and maintain the Platform. We also rely on Personal Information you provide to us to provide you with customer support for the Platform and other Business Automation Professionals, LLC Services, and to verify eligibility for promotional offers.
-For Business Operations. We use information to operate our business; for example, to perform accounting, auditing, billing, reconciliation, and collection activities. Other business purposes that depend on use of your Personal Information include crime or fraud monitoring and prevention, protecting our legal rights, and performing contractual obligations. We also use Personal Information to contact you to advertise, market and sell Business Automation Professionals, LLC Services in accordance with your communications preferences.
-To Communicate. We use contact information to send messages; to provide Business Automation Professionals, LLC Services; to respond to customer service requests; to provide alerts such as security updates or changes in our policies or about subscriptions that are ending; and to send marketing or informational materials like newsletters or white papers, in accordance with your communication preferences. We occasionally conduct surveys, or do focused research or studies which may require you to voluntarily share Personal Information in order to participate. These activities typically have additional notices that provide more information about the use of your Personal Information and to which you may be asked to consent.
-For Advertising and Marketing. We may use Personal Information collected from you, combined with information about what advertisements you viewed and other information we collect, to enable us to provide personalized content and to study the effectiveness of advertising and marketing campaigns. You may choose whether to allow or deny uses or sharing of your device’s location by changing your device settings, but if you choose to deny such uses or sharing, we may not be able to provide you with certain personalized Business Automation Professionals, LLC Services and content on the Platform.
-For Statistical Purposes to Improve the Platform. We may compile Platform statistics into traffic reports, which help Business Automation Professionals, LLC understand, anticipate, and respond to user needs. If we learn, for example, of heightened interest in certain aspects of the Business Automation Professionals, LLC Platform, we are likely to highlight that information on the Platform home page. This information helps us create a better overall experience for Platform users.
4. How Business Automation Professionals, LLC Protects Your Information
The Platform is designed to provide reasonable and appropriate administrative, technical and organizational security measures to protect your Personal Information against risks such as temporary or permanent loss, destruction, and unauthorized or unlawful access, alteration, use or disclosure. We require our suppliers and vendors to apply similar protections when they access or use Personal Information that we share with them. Users of the Platform must also do their part in protecting the data, systems, networks, and service they are utilizing. No technology, data transmission or system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that your password to any Business Automation Professionals, LLC account has been compromised), please immediately notify us by contacting us using the instructions in the “HOW TO CONTACT US” section below.
5. When Business Automation Professionals, LLC Shares Your Information
We work with authorized suppliers and business partners. When we share your Personal Information with these companies, we put in place appropriate measures to limit the use of your information only for legal and authorized purposes that are consistent with this Privacy Policy, as well as appropriate confidentiality and security measures.
We also share information with third parties for advertising and marketing; when required by law or to respond to legal process; to protect our customers; to protect lives; to maintain the security of the Platform; and to protect our legal rights. We may disclose Personal Information that we collect or you provide as described in this Privacy Policy:
-With Affiliates and Subsidiaries. For purposes limited to and consistent with this Privacy Policy.
-With Suppliers. Our authorized vendors and suppliers may require Personal Information to provide services we have contracted for, such as product delivery, website hosting, data analysis, IT services, auditing, or customer service. We use a wide variety of software and tools at Business Automation Professionals, LLC, and we process Personal Information using these tools as a regular course of business. Our contracts with suppliers and vendors include provisions to protect your Personal Information and limit its use.
-With Partners. We occasionally have relationships with third parties that are not suppliers or vendors but are working with us to offer certain opportunities such as marketing and similar promotions, to enable joint products or research studies, or to facilitate services on the Platform. In these cases, additional terms or Privacy Policies may be provided. For third parties or uses not described in this Privacy Policy, we share your information only with a lawful basis to do so.
-For Advertising and Marketing. We share your information with our third-party company partners to prepare and deliver advertising and marketing content, to provide content services and to enable them to provide you with more personalized ads and to study the effectiveness of our campaigns. In particular, we use third-party companies to communicate regarding goods and services that may be of interest to you, in accordance with your preferences. You may receive this content by a variety of means such as email, phone or when you access and use the Platform or other Business Automation Professionals, LLC Services, and other websites. Content may be based on information obtained, for example, through prior purchases or transactions, through your device’s physical location, through information about what advertisements and content you have viewed, or through cookies and similar technologies relating to your access to and use of the Platform and other websites. You can choose whether to allow or deny uses and/or sharing of your device’s location by changing your device settings, but if you choose to deny such uses or sharing, our partners may not be able to provide you with the applicable Platform Services and content.
-For Connections to Social Networks and Third Party Services. Where you are using our Services and have chosen to connect your social networks profiles to the Business Automation Professionals, LLC Services, or if you authorize a third party service to access your account, you are agreeing to provide information about you to the social networks and the third party services under their respective terms and privacy policies. For example, if you choose to connect your YouTube account to the Business Automation Professionals, LLC Services, this connection uses YouTube’s API services, and the Google Privacy Policy (located here) will apply to you. If you have authorized us to access your information via the YouTube API services, in addition to our normal procedure for deleting stored data, you may revoke our access to your data via the Google security settings page, located here.
-Sales, Mergers & Acquisitions. We may disclose Personal Information as part of a contemplated or actual corporate transaction such as a reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
-With Your Consent. Business Automation Professionals, LLC may disclose your Personal Information to any other person or entity where you consent to the disclosure. For information about how to decline our advertising and marketing, please see the section entitled "Your Choices & Rights" below.
-We do NOT share your phone number or opt-in consent with third parties unless we’ve received your express written consent to do so.
We also share non-personally identifiable information, such as anonymized or aggregated information, with suppliers for purposes such as analysis, identifying trends in the areas of our products and to help research and develop new Business Automation Professionals, LLC Services.
Business Automation Professionals, LLC does not sell any of your Personal Information for monetary compensation.
6. Information From Children
We do not knowingly collect, use, or disclose Information from children under 16. If we learn that we have collected the Personal Information of a child under 16—or the equivalent minimum age depending on the jurisdiction, such as 13 in the United States per the Children’s Online Privacy Protection Act—we will take steps to delete the information as soon as possible. If you are under 16, do not provide any Information about yourself to Business Automation Professionals, LLC, including your name, address, telephone number or email address. If you become aware that information of a child under 16 years of age has been provided, please use one of the methods provided under the “HOW TO CONTACT US” section below.
7. Links to Other Websites and Services
We are not responsible for the practices employed by websites or services linked to or from the Platform, including the information or content contained therein. This Privacy Policy does not address, and we are not responsible for, the policies and practices of third parties or other organizations that are not operating on Business Automation Professionals, LLC’s behalf, including policies and practices related to privacy and security, data collection, processing, use, storage, and disclosure. This includes: (a) any third party operating any site or service to which the Platform links – the inclusion of a link on the Platform does not imply endorsement of the linked site or service by us or by our affiliates; or (b) any app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer (such as Facebook, Apple, Google, Microsoft, LinkedIn, etc.) – including any Personal Information you disclose to other organizations through or in connection with the Platform or other Business Automation Professionals, LLC Services.
8. Do Not Track
Some browsers incorporate a "Do Not Track" (“DNT”) feature that, when turned on, signals to websites and online services that you do not want to be tracked. At this time, the Platform does not respond to DNT signals.
9. YOUR LEGAL RIGHTS
Business Automation Professionals, LLC respects your rights in how your Personal Information is used and shared. Depending on where you live, you may have rights to request access or corrections to your personal data and make choices about the kinds of marketing materials you receive (or choose not to receive marketing from Business Automation Professionals, LLC at all). See below for more information, depending on your location.
10. International Compliance
Business Automation Professionals, LLC is a company with its headquarters in the United States. We may transfer your Personal Information to our third-party service providers, who may be located in a different country to you.
Business Automation Professionals, LLC transfers information internationally in order to operate efficiently, to improve performance, and to create redundancies to protect information in the event of an outage or other problem. In so doing, we will process your Personal Information in a way that meets the commitments of this Privacy Policy and complies with the law wherever we transfer it.
Whenever Business Automation Professionals, LLC transfers Personal Information beyond the country of origin, we will do so in accordance with applicable laws. For Personal Information originating in the European Economic Area (EEA), the United Kingdom (UK), or Switzerland that is transferred to a Business Automation Professionals, LLC entity outside the EEA, UK, or Switzerland, Business Automation Professionals, LLC participates in the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and, as applicable, the UK extension to the EU-U.S. DPF, and/or the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF). Business Automation Professionals, LLC commits to the DPF Principles and, as needed, will take additional steps to provide appropriate safeguards for the Personal Information we transfer. The Federal Trade Commission has jurisdiction over Business Automation Professionals, LLC’s compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. Business Automation Professionals, LLC may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Business Automation Professionals, LLC is liable in cases of onward transfers to third parties.
11. Data Privacy Framework
Business Automation Professionals, LLC complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/. Business Automation Professionals, LLC further agrees to notify you without undue delay, if its self-certification under any of the Data Privacy Framework is withdrawn, terminated, revoked or otherwise invalidated and take appropriate steps to stop and remediate any unauthorized processing of such personal data.
12. California Privacy Rights
This section is addressed to California residents only and provides more information about your rights under the California Consumer Privacy Act or “CCPA” (California Civil Code Section 1798.100 et seq.), as amended. Subject to certain exceptions, the CCPA grants to California residents the rights to: be notified about the collection, use, disclosure, sale or sharing of their Personal Information; request access to, deletion of, or correction of their Personal Information; request to opt out of the “sale” or “sharing” of Personal Information (where such information is sold or shared); limit the use or disclosure of Sensitive Personal Information (as defined under CCPA); and to not be discriminated against for exercising such rights.
Business Automation Professionals, LLC does not sell your Personal Information. If you wish to exercise your right to opt-out of Business Automation Professionals, LLC using your Personal Information for cross-contextual targeted advertising purposes (called “sharing” under the CCPA), you may do so by using the details in the “HOW TO CONTACT US” section or the appropriate withdrawal mechanism provided to you on the Platform.
You can request access to, correction of or deletion of your Personal Information by using the details in the “HOW TO CONTACT US” section. If you request a deletion of your Personal Information, please note that Business Automation Professionals, LLC may still need to retain certain information for recordkeeping purposes, to complete any transactions that you began prior to requesting such deletion, to comply with applicable law, or for other purposes permitted by CCPA. If you submit a request to exercise rights under CCPA, Business Automation Professionals, LLC will ask you to provide certain information to verify your identity. This information will depend on your prior interactions with Business Automation Professionals, LLC and the sensitivity of Personal Information at issue. If Business Automation Professionals, LLC denies your request, we will explain why.
You can designate an authorized agent to make a request under the CCPA on your behalf in certain circumstances. If you use an authorized agent for this purpose, Business Automation Professionals, LLC may ask you to verify your identity or that you provided the authorized agent signed permission to submit a request under the CCPA. If you provide an authorized agent with power of attorney pursuant to Probate Code sections 4000 to 4465, it may not be necessary to perform these steps and Business Automation Professionals, LLC will respond to any request from such authorized agent in accordance with the CCPA.
The Privacy Policy describes the categories of Personal Information that Business Automation Professionals, LLC collects and how Business Automation Professionals, LLC uses such Personal Information. If Business Automation Professionals, LLC collects Sensitive Personal Information, we limit our use of the Sensitive Personal Information to uses: (1) you have authorized, (2) that are required to fulfill your requests for goods or services, or (3) that are otherwise allowed by the CCPA or required by other laws or regulations.
13. Colorado Privacy Rights
This section is addressed to Colorado residents only and provides more information about your rights under the Colorado Privacy Act or “CPA.” Subject to certain exceptions, the CPA grants to Colorado residents the rights to: be notified about the collection, use, disclosure, or sale of their Personal Information; request access to, deletion of, or correction of their Personal Information; and request to opt out of the use of Personal Information for targeted advertising, sale, or certain profiling.
You can request access to, correction of or deletion of your Personal Information by using the details in the “HOW TO CONTACT US” section. If you request a deletion of your Personal Information, please note that Business Automation Professionals, LLC may still need to retain certain information for recordkeeping purposes, to complete any transactions that you began prior to requesting such deletion, to comply with applicable law, or for other purposes permitted by CPA. If you submit a request to exercise rights under CPA, Business Automation Professionals, LLC will ask you to provide certain information to verify your identity. This information will depend on your prior interactions with Business Automation Professionals, LLC and the sensitivity of Personal Information at issue. If Business Automation Professionals, LLC denies your request, we will explain why. If we have not responded to your request or asked for additional time to respond to your request within 45 days after you send us a request, you have the right to appeal our failure to take action. To appeal our failure to take action, contact us using the details in the “HOW TO CONTACT US” section.
You can designate an authorized agent to make a request under the CPA on your behalf in certain circumstances. If you use an authorized agent for this purpose, Business Automation Professionals, LLC may ask you to verify your identity or that you provided the authorized agent signed permission to submit a request under the CPA.
14. Connecticut Privacy Rights
This section is addressed to Connecticut residents only and provides more information about your rights under the Connecticut Data Privacy Act or “CTDPA.” You can exercise your rights by using the details in the “HOW TO CONTACT US” section. If we inform you that we decline to take action regarding your request, you have the right to appeal our failure to take action by contacting us using the details in the “HOW TO CONTACT US” section.
15. Utah Privacy Rights
This section is addressed to Utah residents only and provides more information about your rights under the Utah Consumer Privacy Act or “UCPA.” You can exercise your rights by using the details in the “HOW TO CONTACT US” section.
16. Virginia Privacy Rights
This section is addressed to Virginia residents only and provides more information about your rights under Virginia’s Consumer Data Protection Act or “VCDPA.” Subject to certain exceptions, the VCDPA grants to Virginia residents the rights to: be notified about the collection, use, disclosure, or sale of their Personal Information; request access to, deletion of, or correction of their Personal Information; request to opt out of the use of Personal Information for targeted advertising, sale, or certain profiling; and to not be discriminated against for exercising such rights.
You can request access to, correction of or deletion of your Personal Information by using the details in the “HOW TO CONTACT US” section. If you request a deletion of your Personal Information, please note that Business Automation Professionals, LLC may still need to retain certain information for recordkeeping purposes, to complete any transactions that you began prior to requesting such deletion, to comply with applicable law, or for other purposes permitted by VCDPA. If you submit a request to exercise rights under VCDPA, Business Automation Professionals, LLC will ask you to provide certain information to verify your identity. This information will depend on your prior interactions with Business Automation Professionals, LLC and the sensitivity of Personal Information at issue. If Business Automation Professionals, LLC denies your request, we will explain why. If we inform you that we decline to take action regarding your request, you have the right to appeal our failure to take action. To appeal our failure to take action, contact us using the details in the “HOW TO CONTACT US” section.
HOW TO CONTACT US
The Company welcomes your questions or comments regarding this Policy. If you believe that the Company has not adhered to this Policy, please contact the Company at:
BUSINESS AUTOMATION PROFESSIONALS LLC
Email Address:
Phone Number:
(435) 315-4067
Effective as of May 07, 2025
DATA PROCESSING AGREEMENT
Last Updated: July 2025
This Business Automation Professionals, LLC Data Processing Agreement and its Annexes A, B, and C (“DPA”) is between Business Automation Professionals, LLC (the “Company”) and the party executing this agreement as Customer (“Customer”). This DPA reflects the parties’ agreement with respect to the Processing of Personal Data by Business Automation Professionals, LLC on behalf of Customer in connection with the Service under the contemporaneously-executed Terms of Service agreement between the parties (“Agreement”).
This DPA is part of the Agreement and is effective upon execution or another time as specified in the Agreement, an Order or an executed amendment to the Agreement. In case of any conflict or inconsistency with the terms of the Agreement, this DPA will take precedence over the terms of the Agreement to the extent of such conflict or inconsistency, and it will supersede any previous DPA.
1. Definitions
a. CCPA means California Civil Code Sec. 1798.100 et seq. as amended (also known as the California Consumer Privacy Act of 2018), including the California Privacy Rights Act amendments to the CCPA.
b. California Personal Information means Personal Data that is subject to the protection of the CCPA.
c. Business Purpose, Controller, Processor, Data Subject, Personal Data, Personal Data Breach, Process, and Processing shall have the meaning given to them in the Data Protection Laws;
d. Customer Personal Data means any information relating to an identified or identifiable individual where (i) such information is contained within Customer Data provided under the Agreement; and (ii) is protected as personal data, personal information or personally identifiable information under applicable Data Protection Laws.
e. Data Protection Laws means all applicable worldwide legislation relating to data protection and privacy which applies to the respective party in the role of Processing Personal Data in question under the Agreement, including without limitation, the European Data Protection Laws, the CCPA, and other US laws; in each case as amended, repealed, consolidated or replaced from time to time.
f. Europe means the European Union, the European Economic Area and/or their member states, Switzerland and the United Kingdom.
g. European Data means Personal Data that is subject to the protection of European Data Protection Laws.
h. European Data Protection Laws means data protection laws applicable in Europe, including:
(i) Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the Processing of personal data and on the free movement of such data, the GDPR;
(ii) Directive 2002/58/EC concerning the Processing of personal data and the protection of privacy in the electronic communications sector; and
(iii) applicable national implementations of (i) and (ii); or
(iii) GDPR as it forms parts of the United Kingdom domestic law by virtue of Section 3 of the European Union (Withdrawal) Act 2018 ("UK GDPR"); and
(iv) Swiss Federal Data Protection Act on 19 June 1992 and its Ordinance ("Swiss DPA");
in each case, as may be amended, superseded or replaced.
i. GDPR means the General Data Protection Regulation ((EU) 2016/679), and the retained UK version of the same;
j. Standard Contractual Clauses means the standard contractual clauses annexed to the European Commission’s Decision (EU) 2021/914 of 4 June 2021 currently found at https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc/standard-contractual-clauses-international-transfers_en, as may be amended, superseded or replaced;
k. UK Addendum means the International Data Transfer Addendum issued by the UK Information Commissioner under section 119A(1) of the Data Protection Act 2018 currently found at https://ico.org.uk/media/for-organisations/documents/4019539/international-data-transfer-addendum.pdf, as may be amended, superseded, or replaced.
2. Compliance
Both parties will comply with all applicable requirements of Data Protection Laws. This schedule is in addition to, and does not relieve, remove or replace, a party's obligations or rights under Data Protection Laws.
3. Controller/Processor
The parties have determined that for the purposes of Data Protection Laws, Business Automation Professionals, LLC shall process the Customer Personal Data as processor on behalf of the Customer. Customer may be either a Controller or Processor.
4. Consents
Customer will ensure that it has all necessary appropriate consents and notices in place to enable lawful transfer of Customer Personal Data to Business Automation Professionals, LLC, and the lawful collection of the same by the Customer using the Business Automation Professionals, LLC Services for the duration and purposes of the Agreement and DPA, and shall indemnify Business Automation Professionals, LLC against all loss and damage (including fines) arising from a failure to do so.
5. Nature, Scope, Purpose of Processing, and Data Subjects
Annex A sets out the scope, nature, and purpose of Customer Personal Data Processing by Business Automation Professionals, LLC, the duration of the Processing and the types of Customer Personal Data and categories of Data Subjects.
6. Customer Instructions
Business Automation Professionals, LLC shall process Customer Personal Data only on the documented instructions of the Customer, unless Business Automation Professionals, LLC is required by any applicable laws to otherwise process that Customer Personal Data. The Agreement and DPA are deemed to be the instructions of Customer; the parties may agree to additional instructions. Business Automation Professionals, LLC shall inform the Customer if, in the opinion of Business Automation Professionals, LLC, the instructions of the Customer breach Data Protection Laws.
7. Business Automation Professionals, LLC Obligations
Business Automation Professionals, LLC will:
a. Implement and maintain appropriate technical and organizational measures to protect Customer Personal Data from Personal Data Breaches, as described under Annex B to this DPA ("Security Measures"). Notwithstanding any provision to the contrary, Business Automation Professionals, LLC may modify or update the Security Measures at its discretion provided that such modification or update does not result in a material degradation in the protection offered by the Security Measures;
b. Ensure that any personnel engaged and authorised by Business Automation Professionals, LLC to process Customer Personal Data have committed themselves to confidentiality or are under an appropriate statutory or common law obligation of confidentiality;
c. Assist the Customer insofar as this is reasonably possible (taking into account the nature of the Processing and the information available to Business Automation Professionals, LLC), and at the Customer's cost and written request, in responding to any request from a Data Subject and in ensuring the Customer's compliance with its obligations under Data Protection Laws with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
d. Notify the Customer without undue delay on becoming aware of a Personal Data Breach involving the Customer Personal Data;
e. At the written direction of the Customer, delete or return Customer Personal Data and copies thereof to the Customer on termination of the Agreement unless Business Automation Professionals, LLC is required by any applicable law to continue to process that Customer Personal Data. For the purposes of this paragraph, Customer Personal Data shall be considered deleted where it is put beyond further use by Business Automation Professionals, LLC;
f. For European Data, assist Customer in ensuring compliance with Articles 32 to 36 of the GDPR; make available all information reasonably necessary to demonstrate compliance with this DPA available to Customer and allow for and reasonably contribute to audits, including inspections conducted by Customer to assess compliance with this DPA to the extent required by Data Protection Laws; and will make available all information reasonably necessary to demonstrate compliance with GDPR Article 28 requirements for Processors; and
g. Maintain records to demonstrate its compliance with this paragraph,
8. Service Provider.
The parties agree that if the CCPA applies, Customer is a “business” and Business Automation Professionals, LLC is a “service provider” as defined under the CCPA. Business Automation Professionals, LLC will not retain, use, or disclose the California Personal Information it collects pursuant to the Agreement for any purposes other than for the Business Purposes specified in the Agreement, including retaining, using, or disclosing the personal information for a commercial purpose other than the business purposes specified in the Agreement, or as otherwise permitted by the CCPA; and (b) Business Automation Professionals, LLC will not retain, use, or disclose the California Personal Information it collects pursuant to this the Agreement outside of the direct business relationship between Business Automation Professionals, LLC and Customer, unless otherwise permitted by the CCPA. Business Automation Professionals, LLC will not “sell” or “share” California Personal Information as those terms are defined in the CCPA or combine the California Personal Information with personal information obtained from sources other than Customer, except to the extent permitted by the CCPA. From time to time, Customer may ask for, and Business Automation Professionals, LLC will provide, reasonable evidence of its compliance with this Section 8.
9. Subprocessors.
The Customer provides its prior, general authorization for Business Automation Professionals, LLC to appoint Processors to process the Customer Personal Data, provided that Business Automation Professionals, LLC shall ensure that the terms on which it appoints such processors comply with Data Protection Laws, and are consistent with the obligations imposed on Business Automation Professionals, LLC in this paragraph; and shall remain responsible for the acts and omission of any such Processor as if they were the acts and omissions of Business Automation Professionals, LLC. Business Automation Professionals, LLC has currently appointed, as Sub-Processors, the third parties listed in Annex C to this DPA. Business Automation Professionals, LLC will notify Customer if Business Automation Professionals, LLC adds or replaces any Sub-Processors listed in Annex C at least 30 days prior to any such changes, if Customer opts-in to receive such emails by contacting Business Automation Professionals, LLC. Business Automation Professionals, LLC will include substantially the same protections for Customer Personal Data as those in the DPA.
10. Amendments.
Notwithstanding anything else to the contrary in the Agreement, Business Automation Professionals, LLC reserves the right to make any updates and changes to this DPA, including to address changes in Data Protection Laws and to revise the security provisions in this DPA, so long as Business Automation Professionals, LLC does not materially reduce the overall security level provided to Customer Personal Data.
ANNEX A – Details of Processing
A. List of Parties
Data exporter:
-Name: You, as defined in Business Automation Professionals, LLC’s Terms of Service
- Address: Your address as specified by your Platform Account
- Contact person’s name, position and contact details: Your contact details, as specified by your Platform Account
- Activities relevant to the data transferred under these Clauses: Performance of the Agreement between the parties as a Controller.
-Role (controller/processor): Controller or Processor
Data importer:
-Name: Business Automation Professionals, LLC
-Address: 169 Geneva Dr., Midway, UT 84049, USA
-Contact persons’ name, position and contact details: Christopher Walker, Co-Founder; Elizabeth Collins, Co-Founder
-Activities relevant to the data transferred under these Clauses: Performance of the Agreement between the parties.
-Role (controller/processor): Processor
B. Description of Transfer
-Categories of Data Subjects whose Personal Data is Transferred: Customers and potential customers of clients.
-Categories of Personal Data Transferred: The Personal Data input and collected as decided by the Customer, including name, age, date of birth, phone number, email address, social media profiles.
-Sensitive Data transferred and applied restrictions or safeguards: The parties do not anticipate the transfer of sensitive data.
-Frequency of the transfer: Variable during the Agreement term.
-Subject Matter and Nature of the Processing: Business Automation Professionals, LLC will provide the Services to the Customer under the Agreement between the parties. The Customer will use the Services to collect and process Personal Data of their customers and potential customers for the purposes of managing and carrying out marketing activities, which may be targeted to their customers and potential customers. The Processing will involve collecting, storing, recording, contacting and managing Personal Data, in particular for the purpose of running marketing campaigns, providing marketing services, and managing marketing generally.
-Purpose of the transfer and further Processing: Business Automation Professionals, LLC will Process Personal Data as necessary to provide the Service pursuant to the Agreement, as further specified in an order form, and as further instructed by Customer in Customer’s use of the Service.
-Period for which Personal Data will be retained:
The duration of the period in which the Customer accesses and uses the Business Automation Professionals, LLC platform under the Services Agreement.
C. Competent Supervisory Authority:
For the purposes of the Standard Contractual Clauses, the supervisory authority that will act as competent supervisory authority will be determined in accordance with the Transfer Mechanisms for Data Transfers section of this DPA.
ANNEX B to the Standard Contractual Clauses
Description of the technical and organizational security measures implemented by the data importer in accordance with clause 4(d) and clause 5(c)
Measure: Measures of pseudonymisation and encryption of personal data
Description: All personal data at rest is encrypted with: AES 256 CBC. All personal data in transit is encrypted with: TLS V1.2+.
Measure: Measures for ensuring ongoing confidentiality, integrity, availability and resilience of processing systems and services
Description: Processor has endpoint protection on its APIs. Processor has uptime monitors to help ensure availability and to alert Processor if there is downtime. Processor has implemented access control measures such as user-based authentication and subaccount-based authentication. Processor uses managed services (AWS, GoogleCloud) to help ensure integrity.
Measure: Measures for ensuring the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
Description: Personal data backed up on AWS and GoogleCloud with 5 minute granularity to enable Processor to restore personal data in case of an incident.
Measure: Measures for user identification and authorization
Description: Processor uses encrypted signed tokens and role-based authorizations, as well as password protection.
Measure: Measures for the protection of data during transmission
Description: SSL certificates and https are used during personal data transmission. Protected with TLS v1.2+.
Measure: Measures for the protection of data during storage
Description: Personal data is encrypted at rest with AES-256 CBC encryption.
Measure: Measures for ensuring physical security of locations at which personal data are processed
Description: Processor uses managed services to ensure physical security of server locations. All personal data stored on AWS and GoogleCloud, with physical security described in AWS and GoogleCloud Ts&Cs, respectively.
Measure: Measures for ensuring events logging
Description: Processor uses logging for all user actions and audit logs. In particular, Processor uses GoogleCloud ops for both application and infrastructure monitoring. In addition, Processor uses AWS’s Cloudwatch.
Measure: Measures for ensuring system configuration, including default configuration
Description: Processor has configurations stored in version control. All containers are created from standardized images hosted by AWS and GoogleCloud. Updates and upgrades are performed automatically and managed by GoogleCloud. Patching of any vulnerabilities is managed by GoogleCloud, according to its standard policies.
Measure: Measures for internal IT and IT security governance and management
Description: Processor uses a third-party vendor (iWerk) for internal IT and IT security.
Measure: Measures for certification/assurance of processes and products
Description: the Compliancy Group has issued Processor a HIPAA Seal of Compliance Certificate.
Measure: Measures for ensuring data minimization
Description: Minimum data requirement set by Processor. Users can decide not to enter personal data into optional fields.
Measure: Measures for ensuring data quality
Description: Processor enables customers to update relevant personal data to the latest date, and Processor uses two-factor authentication. Application monitoring conducted by GoogleCloud and custom monitors.
Measure: Measures for ensuring limited data retention
Description: Data retention can be configured with respect to specific individuals by the customer administrator.
Measure: measures for ensuring accountability
Description: Processor access to personal data is restricted based on rules.
Measure: Measures for allowing data portability and ensuring erasure
Description: Customers can download their personal data from within the Service. Customers can request a copy, or deletion, of their personal data upon separation. Processor uses support tickets to ensure the foregoing.
Measure: Self-Service
Description: Personal data can be downloaded by customers from within the Service. Customer admins can set data retention for terminated personnel.
Measure: Customer and Product Support
Description: FAQs, support tickets for specific queries not addressed by collateral on Processor customer/product support website.
ANNEX C – Sub-processors
This list represents Business Automation Professionals, LLC's list of sub-processors as of the date of this Data Processing Agreement and is subject to change at any time.
Business Automation Professionals, LLC. Affiliate Sub-processors
Name of Authorized Subcontractor: HighLevel India
Address: HighLevel India Private Limited, C/O 91 Springboard Business Hub Private Limited, B1/H3, Mohan Cooperative, Mathura Road, Industrial Area, Block B, Pul Pahladpur, New Delhi - 110044, India
Contact Information: [email protected]
Description of Processing: Data storage; support for performance of this Agreement
Country in which Sub-processing Will Take Place: India
Name of Authorized Subcontractor: LeadConnector LLC
Address: 400 North Saint Paul St. Suite 920, Dallas, TX 75201, United States
Contact Information: [email protected]
Description of Processing: Data storage; support for performance of this Agreement
Country in which Sub-processing Will Take Place: US
Third-party Sub-processors
Name of Authorized Subcontractor: Google Cloud Services
Address: 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States
Contact Information: [email protected]
Description of Processing: Data storage; support for performance of this Agreement
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: Amazon Web Services, Inc.
Address: 410 Terry Avenue North, Seattle, WA 98109-5210, United States
Contact Information: 206.266.7010
Description of Processing: Data storage; support for performance of this Agreement
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: Twilio
Address: 101 Spear Street, Fifth Floor, San Francisco, CA 94105, United States
Contact Information: 1-903-500-7655
Description of Processing: Data storage; support for performance of this Agreement
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: Mailgun
Address: 112 E Pecan Street #1135, San Antonio, TX 78205, United States
Contact Information: (888) 571-8972
Description of Processing: Data storage; support for performance of this Agreement
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: Chargebacks911
Address: 18167 US Hwy 19 North #600, Clearwater, FL 33764, United States
Contact Information: [email protected]
Description of Processing: Data storage; support for performance of this Agreement
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: Pendo
Address: 301 Hillsborough Street, Raleigh, NC 27603, United States
Contact Information: (877) 320-8484
Description of Processing: Data storage; support for performance of this Agreement
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: ChartMogul
Address: ChartMogul GmbH & Co. KG, c/o WeWork Kemperplatz 1, 10785 Berlin, Germany
Contact Information: [email protected]
Description of Processing: Data storage; support for performance of this Agreement
Country in which Sub-processing Will Take Place: Germany, Ireland, UK, Italy, France, Spain, Sweden, Switzerland
Name of Authorized Subcontractor: Freshworks
Address: 2950 S. Delaware Street, Suite 201, San Mateo, CA 94403, United States
Contact Information: [email protected]
Description of Processing: Data storage; support for performance of this Agreement
Country in which Sub-processing Will Take Place: Germany, Ireland, UK, Italy, France, Spain, Sweden, Switzerland
Name of Authorized Subcontractor: Yext
Address: 61 Ninth Avenue, New York, NY 10011, United States
Contact Information: [email protected]
Description of Processing: Data transfer; support for performance of this Agreement
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: Zapier
Address: 548 Market Street #62411, San Francisco, CA 94104, United States
Contact Information: [email protected]
Description of Processing: Data transfer; support for performance of this Agreement
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: Stripe
Address: Corporation Trust Center, 1209 Orange Street, Wilmington, DE 19801, United States
Contact Information: [email protected]
Description of Processing: Data transfer and Storage; support for performance of this Agreement
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: Zoom
Address: 55 Almaden Blvd., Suite 600, San Jose, CA 95113, United States
Contact Information: [email protected]
Description of Processing: Support for performance of this Agreement
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: Authorize.net
Address: 900 Metro Center Boulevard, Foster City, CA 94404, United States
Contact Information: [email protected]
Description of Processing: Payment processing
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: ClickUp
Address: 350 Tenth Ave, Suite 500, San Diego, CA 92101, United States
Contact Information: [email protected]
Description of Processing: Data storage for project management
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: Loom
Address: 5214F Diamond Heights Blvd #3391, San Francisco, CA 94131, United States
Contact Information: [email protected]
Description of Processing: Data storage and transfer for customer support
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: OpenAI
Address: 3180 18th Street, San Francisco, CA 94110, United States
Contact Information: [email protected]
Description of Processing: data storage and transfer of payment information
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: Meta (for WhatsApp)
Address: Meta Platforms, Inc., ATTN: Privacy Operations, 1601 Willow Road, Menlo Park, CA 94025, United States
Contact Information: [email protected]
Description of Processing: data storage and transfer for communication
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: Mozart Data
Address: 250 King Street #514, San Francisco, CA 94107, United States
Contact Information: [email protected]
Description of Processing: Data storage; support for performance of this Agreement
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: Accredible
Address: 800 West El Camino Real, Suite 180, Mountain View, CA 94040, United States
Contact Information: 1 (628) 214-2701
Description of Processing: Data storage; support for performance of this Agreement
Country in which Sub-processing Will Take Place: US
Name of Authorized Subcontractor: OnRocket.com, LLC
Address: 126 Bayberry Circle, Jupiter, FL 33458, United States
Contact Information: [email protected]
Description of Processing: Hosting services; support for performance of this Agreement
Country in which Sub-processing Will Take Place: US
HOW TO CONTACT US
The Company welcomes your questions or comments regarding this Agreement. If you believe that the Company has not adhered to this Agreement, please contact the Company at:
BUSINESS AUTOMATION PROFESSIONALS LLC
Email Address:
[email protected]
Phone Number:
(435) 315-4067
Effective as of July 2nd, 2025
©2025 Business Automation Professionals - All Rights Reserved.
(435) 315-4067