1. Definitions

Capitalized terms not defined in this DPA have the meanings set forth in the Agreement or applicable Data Protection Laws.

• "Data Protection Laws" means all applicable laws and regulations relating to the processing of Personal Data, including GDPR, UK GDPR, and CCPA/CPRA, as applicable.
• "Personal Data" means any information relating to an identified or identifiable natural person processed by Livedemo.ai on behalf of the Customer.
• "Processing", "Controller", "Processor", and "Data Subject" have the meanings given under applicable Data Protection Laws.

2. Scope and Roles

3. Nature and Purpose of Processing

• Purpose: Provision, maintenance, and improvement of the Services; customer support; security and abuse prevention.
• Nature of Processing: Collection, storage, organization, use, transmission, and deletion of Personal Data.
• Duration: For the term of the Agreement and any applicable retention period thereafter.

Categories of Personal Data

May include:

• Names
• Email addresses
• User identifiers
• IP addresses
• Usage and interaction data
• Content submitted to the Services

Categories of Data Subjects

• Customer's authorized users
• Customer's end users

4. Confidentiality

Livedemo.ai ensures that persons authorized to process Personal Data are bound by confidentiality obligations or are subject to appropriate statutory obligations of confidentiality.

5. Security Measures

Livedemo.ai implements appropriate technical and organizational measures designed to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access, including:

• Encryption in transit using industry-standard TLS
• Encryption at rest
• Logical access controls and least-privilege access
• Infrastructure hosted on Google Cloud Platform, which maintains SOC 2 Type II–compliant infrastructure
• Ongoing monitoring and security reviews

6. Sub-processors

7. Data Subject Rights

Livedemo.ai will, to the extent legally permitted, promptly notify the Customer of any request received directly from a Data Subject and will reasonably assist the Customer in responding to such requests.

8. Personal Data Breach

Livedemo.ai will notify the Customer without undue delay after becoming aware of a Personal Data Breach affecting Personal Data processed under this DPA and will provide reasonable information to assist the Customer in meeting its legal obligations.

9. Data Transfers

Personal Data may be transferred to and processed in the United States or other jurisdictions where Livedemo.ai or its sub-processors operate. Where required, such transfers will be governed by appropriate safeguards, including Standard Contractual Clauses.

10. Deletion or Return of Data

Upon termination of the Agreement, Livedemo.ai will, at the Customer's choice and where technically feasible, delete or return Personal Data, unless retention is required by applicable law.

11. Audits

Upon reasonable written request, and subject to confidentiality obligations, Livedemo.ai will provide information reasonably necessary to demonstrate compliance with this DPA.

12. Limitation of Liability

Liability arising out of or relating to this DPA is subject to the limitations of liability set forth in the Agreement.

13. Governing Law

This DPA is governed by the same law and jurisdiction as the Agreement, unless required otherwise by applicable Data Protection Laws.

14. Order of Precedence

In the event of a conflict between this DPA and the Agreement, this DPA shall prevail with respect to data protection obligations.

Effective Date:

The date the Customer accepts or enters into the Agreement with Livedemo.ai.

Livedemo.ai