Sorxi Logo

Terms

CCPA Data Processing Addendum

This CCPA Addendum (“Addendum”) is entered into pursuant to the Master Service Agreement and any agreements incorporating it (jointly referred to as the “Agreement”) between the Customer, on behalf of itself and its affiliates (“Customer”), and SORXI, LLC, Sheridan WY 82801 (“Vendor”). This Addendum is effective as of April 6, 2025, and governs the processing of Personal Information by Vendor on behalf of Customer in compliance with the California Consumer Privacy Act of 2018 (California Civil Code §§ 1798.100 to 1798.199), including its implementing regulations, as amended or superseded from time to time (collectively, the “CCPA”).

This Addendum prevails over any conflicting terms of the Agreement but does not otherwise modify the Agreement.

1. Definitions

Capitalized terms used in this Addendum that are not defined in the Agreement shall have the meanings set forth in the CCPA or this Addendum.

2. Roles and Scope

2.1. This Addendum applies to the collection, retention, use, disclosure, and processing of Personal Information provided by Customer or collected on behalf of Customer by Vendor to perform services under the Agreement or to carry out a Business Purpose as defined under Cal. Civ. Code § 1798.140(e).

2.2. Customer is a Business and appoints Vendor as its Service Provider under the CCPA to process Personal Information on its behalf.

2.3. Vendor’s use of Personal Information for purposes independent of Customer’s use of the services is outside the scope of this Addendum and the Agreement.

3. Restrictions on Processing

3.1. Vendor is prohibited from retaining, using, or disclosing Personal Information for any purpose other than performing services under the Agreement, as provided in this Addendum, or as otherwise permitted by the CCPA.

3.2. Vendor shall not further collect, sell, or use the Personal Information except as necessary to perform a Business Purpose. Vendor shall not use Personal Information to provide services to another person or entity except as allowed by the CCPA.

3.3. Vendor certifies that it understands the restrictions set forth in this Addendum and the CCPA and will comply with them.

4. Notice

Customer represents and warrants that it has provided notice to Consumers, as required by Cal. Civ. Code § 1798.140(t)(2)(C)(i), regarding the collection and use of their Personal Information.

5. End User Rights

5.1. Vendor shall provide reasonable assistance to Customer in responding to verified Consumer rights requests, including requests to access, delete, or opt-out.

5.2. Upon Customer’s direction and within no more than 30 days of receipt, Vendor shall delete the applicable Personal Information unless an exception under Cal. Civ. Code § 1798.105(d) applies. If such an exception applies, Vendor shall notify Customer of the exception and limit any further use of the retained information solely as permitted by law.

6. Deidentified Information

If either Party shares Deidentified Information, the receiving Party shall:

  • (i) implement technical safeguards to prevent reidentification;
  • (ii) implement business processes prohibiting reidentification;
  • (iii) prevent inadvertent release of deidentified data; and
  • (iv) make no attempt to reidentify any individual.

7. Mergers, Sales, or Asset Transfers

In the event either Party transfers Personal Information as part of a merger, acquisition, bankruptcy, or similar transaction, the recipient must use and disclose the information in accordance with applicable law. If the new entity materially changes how it uses or shares such information, it must provide prior notice to Consumers, as required by law.

8. As Required by Law

Vendor may disclose Personal Information to law enforcement or other authorities if it reasonably and in good faith believes such disclosure is necessary to comply with applicable law.

9. Indemnification

To the extent that Vendor processes Personal Information strictly as directed by Customer, Customer shall be solely liable and agrees to indemnify and hold harmless Vendor for any claims, damages, or reasonable costs (including attorneys’ fees and interest) arising from such processing.

10. Security

Vendor represents and warrants that it will implement and maintain reasonable security procedures appropriate to the nature of the Personal Information, to protect against unauthorized access, use, destruction, modification, or disclosure.

11. Return or Destruction of Personal Information

Upon termination or expiration of the Agreement, Vendor shall promptly return or securely delete all Personal Information in its possession unless retention is required by applicable law.

12. No Sale of Personal Information

The Parties agree that the disclosure of Personal Information under the Agreement does not constitute a “sale” as defined in the CCPA. No monetary or other valuable consideration is exchanged for Personal Information.

13. Governing Law

This Addendum shall be governed by and construed in accordance with the laws of the State of Wyoming, without regard to conflict of law principles.

Become a 'Sourcerer' today!

Join the community and instantly explore a world of curated knowledge across all nursing disciplines. 

Get Started

Copyright © Sorxi, LLC. All rights reserved.