The Parties:
GetTrueFlame.com
and
The Client
1. Background
GetTrueFlame.com provides a multipurpose digital assistant and analytics system that helps the Client understand and interact with its users across websites and digital platforms. In order to provide these services, GetTrueFlame.com may receive non-sensitive personal data such as names and email addresses from the Client.
This Privacy Policy outlines the obligations of both GetTrueFlame.com and the Client in accordance with Regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016 (GDPR).
This Privacy Policy is part of the broader agreement between the Client and GetTrueFlame.com. The two agreements are interdependent and cannot be terminated independently, except in the case of this policy being replaced by another valid data processing agreement.
2. Objectives and Party Roles
The Client agrees that GetTrueFlame.com will process personal data solely to deliver the services outlined in the primary agreement. The Client is the Data Controller and is responsible for ensuring that all personal data provided to GetTrueFlame.com may be legally processed.
GetTrueFlame.com acts as the Data Processor on behalf of the Client and will fulfill all responsibilities as required under GDPR.
3. Obligations of GetTrueFlame.com
GetTrueFlame.com will only process personal data based on documented instructions from the Client. This includes any transfers to third countries or international organizations, unless required by law. If such a requirement exists, GetTrueFlame.com will notify the Client unless legally prohibited.
Any employee or agent acting under GetTrueFlame.com who accesses personal data will do so only under instruction and will be bound by confidentiality obligations.
4. Security Measures
GetTrueFlame.com will implement technical and organizational security measures to prevent data breaches, unauthorized access, and unlawful use of personal data. This may include:
• Pseudonymization and encryption
• Ensuring availability and resilience of systems
• Rapid data recovery protocols
• Ongoing assessments of system security
If a data breach occurs, GetTrueFlame.com will immediately inform the Client.
5. Use of Subprocessors
GetTrueFlame.com will not engage a subprocessor without the Client’s written approval. If general consent is granted, GetTrueFlame.com will notify the Client of any intended changes, giving the Client time to object.
Any subprocessor engaged will be contractually obligated to follow the same terms as outlined in this agreement.
6. Assistance and Support
GetTrueFlame.com will assist the Client with:
• Responding to user data requests under GDPR
• Ensuring appropriate technical and security measures are in place
• Supporting audits or inspections upon request
GetTrueFlame.com reserves the right to charge hourly fees for these services if they extend beyond typical usage.
7. Data Erasure
Upon termination of the Client relationship, GetTrueFlame.com will either delete or return all personal data to the Client, unless otherwise required to retain it by law.
8. Use of Google User Data
GetTrueFlame.com’s use of data obtained from Google APIs will comply with the Google API Services User Data Policy, including the Limited Use policy.
We will not transfer Google user data to third parties without the Client’s explicit consent. We may collect Google Analytics and Google Ads data solely for generating reports for the Client.
Contact Information
If you have any questions or concerns about this policy, please contact us at:
Email: support@gettrueflame.com