California Consumer Privacy Act - Data Privacy Annexure

Effective Date: 1st July 2025

This Jangosocial by Synoviq, Inc. (Company) California Consumer Privacy Act ("CCPA") Data Processing Agreement and its Annexes ("DPA") reflects the parties' agreement with respect to the Processing of Personal Information by Jangosocial by Synoviq, Inc. (Company) on behalf of Customer in connection with the Services under the Jangosocial by Synoviq, Inc. (Company) Master Service Agreement (including any Professional Services Statement of Work) between Jangosocial by Synoviq, Inc. (Company) and Customer (the "Agreement").

This DPA is supplemental to, and forms an integral part of, the Agreement and is effective upon its incorporation into the Agreement, which incorporation may be specified in the Agreement, an executed amendment to the Agreement. The terms and conditions of the Data Processing Agreement apply where the CCPA applies to Customer or to Jangosocial by Synoviq, Inc. (Company) or to any of their respective Affiliates.

We periodically update the terms of this DPA. Jangosocial by Synoviq, Inc. (Company) will let you know when we do via email.

The term of this DPA shall follow the Term of the Agreement. Word or phrases not otherwise defined herein shall have the meaning as set forth in the Master Service Agreement.

Definitions

"California Personal Information" means Personal Data in relation to which Customer is a Business under the CCPA.

"CCPA" means California Civil Code Sec. 1798.100 et seq. (also known as the California Consumer Privacy Act of 2018), as amended by the California Privacy Rights Act ("CPRA").

"Business" means the business that determines the purposes and means of the processing of consumers' personal information.

"Service Provider" means a for-profit legal entity that processes information on behalf of a business and to which the business discloses a consumer's personal information for a business purpose pursuant to a written contract.

"Consumer" means a California resident, as defined in Section 17014 of Title 18 of the California Code of Regulations.

"Personal Information" means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.

"Sell" means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer's personal information by the business to a third party for monetary or other valuable consideration.

"Share" means sharing, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer's personal information by the business to a third party for cross-context behavioral advertising, whether or not for monetary or other valuable consideration.

1. CCPA Compliance Overview

Jangosocial by Synoviq, Inc. is committed to complying with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). This document outlines our data processing practices and your rights as a California consumer.

As a Service Provider under the CCPA, we process personal information on behalf of our business customers and do not sell or share personal information for cross-context behavioral advertising purposes.

2. Categories of Personal Information We Collect

We collect the following categories of personal information in connection with our WhatsApp Business API marketing platform:

  • Identifiers: Name, email address, phone number, IP address, device identifiers
  • Account Information: Username, password, account preferences, subscription details
  • Business Information: Company name, business address, website URL, business phone number
  • WhatsApp Business Data: WhatsApp Business account information, phone numbers, message templates, contact lists
  • Integration Data: Third-party platform credentials and customer data from integrations
  • Payment Information: Billing address, payment method details (processed securely through Stripe)
  • Usage Data: Campaign performance metrics, message analytics, platform usage patterns
  • Technical Data: Browser type, device information, cookies and usage data
  • Communication Data: Customer support communications, feedback, and inquiries

3. Sources of Personal Information

We collect personal information from the following sources:

  • Directly from You: When you create an account, use our services, or contact us
  • From Your Business Operations: When you integrate third-party platforms and share customer data
  • From WhatsApp Business API: When you connect your WhatsApp Business account
  • From Third-Party Integrations: When you connect platforms like Shopify, WooCommerce, HubSpot, etc.
  • Automatically: Through cookies, web beacons, and other tracking technologies
  • From Service Providers: Such as payment processors, analytics providers, and hosting services

4. Business Purposes for Collecting Personal Information

We collect and use personal information for the following business purposes:

  • Providing Our Services: To provide and maintain our WhatsApp Business API marketing platform
  • Processing Messages: To process and deliver messages through WhatsApp Business API
  • Managing Integrations: To connect and manage third-party platform integrations
  • Processing Payments: To process payments and manage billing for our services
  • Improving Services: To analyze usage patterns and improve our platform
  • Customer Support: To provide customer support and technical assistance
  • Communications: To communicate with you about your account and our services
  • Legal Compliance: To comply with legal obligations and regulatory requirements
  • Security: To prevent fraud and ensure platform security
  • Analytics: To understand how our services are used and improve user experience

5. Categories of Third Parties with Whom We Share Personal Information

We may share personal information with the following categories of third parties:

  • Service Providers: Payment processors (Stripe), hosting providers, analytics services, and other service providers who assist us in providing our services
  • WhatsApp/Meta: When you connect your WhatsApp Business account, we share necessary information with Meta's WhatsApp Business API
  • Third-Party Integrations: When you connect platforms like Shopify, WooCommerce, HubSpot, etc., we may share data as necessary to provide integration services
  • Legal Authorities: When required by law, regulation, or legal process
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

Important: We do not sell personal information to third parties for monetary consideration. We do not share personal information for cross-context behavioral advertising purposes.

6. Your CCPA Rights

As a California consumer, you have the following rights under the CCPA:

  • Right to Know: You have the right to request that we disclose what personal information we collect, use, disclose, and sell about you.
  • Right to Delete: You have the right to request that we delete your personal information that we have collected from you.
  • Right to Opt-Out: You have the right to opt-out of the sale or sharing of your personal information (though we do not sell or share personal information).
  • Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising your CCPA rights.
  • Right to Correct: You have the right to request that we correct inaccurate personal information that we maintain about you.
  • Right to Limit: You have the right to request that we limit the use and disclosure of your sensitive personal information.

7. How to Exercise Your CCPA Rights

To exercise your CCPA rights, you may:

  • Email Us: Send an email to [email protected] with the subject line "CCPA Rights Request"
  • Contact Support: Use our customer support channels to submit your request
  • Account Dashboard: Use the data management features in your account dashboard

Verification: We will need to verify your identity before processing your request. We may ask for additional information to verify your identity, such as your email address, account information, or other identifying information.

Response Time: We will respond to your request within 45 days of receipt. If we need additional time, we will notify you and may extend the response period by an additional 45 days.

8. Authorized Agent Requests

You may designate an authorized agent to make CCPA requests on your behalf. To do so, you must:

  • Provide written authorization to the agent
  • Verify your own identity with us
  • Confirm that you have given the agent permission to submit the request

We may deny a request from an agent that does not submit proof that they have been authorized by you to act on your behalf.

9. Data Retention and Deletion

We retain personal information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes and enforce our agreements
  • Protect against fraud and abuse

When you request deletion of your personal information, we will:

  • Delete your personal information from our active systems
  • Instruct our service providers to delete your personal information
  • Retain certain information as required by law or for legitimate business purposes
  • Provide you with confirmation of the deletion

10. Sensitive Personal Information

We may collect and process sensitive personal information, including:

  • Account credentials and authentication information
  • Payment information (processed securely through Stripe)
  • Precise geolocation data (if you enable location-based features)
  • Biometric information (if you use biometric authentication)

We use sensitive personal information only for the purposes for which it was collected and do not use or disclose it for purposes other than those specified in this notice.

11. Children's Privacy

Our services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately.

If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

12. Security Measures

We implement appropriate technical and organizational security measures to protect personal information, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security assessments and monitoring
  • Employee training on data protection
  • Incident response procedures
  • Secure development practices

13. Updates to This Notice

We may update this CCPA notice from time to time to reflect changes in our practices or applicable law. We will notify you of any material changes by:

  • Posting the updated notice on our website
  • Sending you an email notification
  • Providing notice through our services

The effective date of this notice is shown at the top of this document.

14. Contact Information

If you have any questions about this CCPA notice or wish to exercise your rights, please contact us:

Address: Jangosocial by Synoviq, Inc.
131 Continental Dr Suite 305
Newark, DE, 19713, USA

Last Updated: 1st July 2025