Data Processing Agreement
Last Updated: May 30, 2024
This Data Processing Agreement (“DPA”) is entered by and between Overwolf Ltd. and its Affiliates (“Company” or “Vendor”) and the Developer signed the Overwolf Developer Terms and Conditions executed between the parties (“Developer” and “Agreement”), and is entered into force on the date on which the Developer accepted the Agreement (“Effective Date”).
Capitalized terms used herein but not defined herein shall have the meanings ascribed to them in the Agreement (each of Vendor and Developer, a “party” and together the “parties”).
WHEREAS, Vendor is the developer, owner, and operator of the platform/s, APIs, SDKs, tools, plugins, codes, technology, content, and other services that are provided to third party Developers (as such terms may be defined in the Agreement and for the purpose of this DPA shall be referred to as the “Services”);
WHEREAS, during the use of the Services by the Developer, the parties will process and share Personal Data (as such terms are defined below) subject to the terms and conditions of this DPA; and
WHEREAS, the parties desire to supplement this DPA to achieve compliance with the UK, EU, Swiss, United States, and other data protection laws and agree on the following:
- DEFINITIONS
-
“Adequate Country” is a country that has an adequacy decision from the European Commission.
-
“CCPA” means the California Consumer Privacy Act (Cal. Civ. Code §§ 1798.100 - 1798.199) of 2018, including as modified by the California Privacy Rights Act (“CPRA”) as well as all regulations promulgated thereunder from time to time.
-
“CPA” means the Colorado Privacy Act C.R.S.A. § 6-1-1301 et seq. (SB 21-190), including any implementing regulations and amendments.
-
“CTDPA” means the Connecticut Data Privacy Act, S.B. 6 (Connecticut 2022), including any implementing regulations and amendments thereto.
-
“Controller”, “Processor”, “Data Subject”, “Personal Data”, “Processing” (and “Process”), “Personal Data Breach” and “Special Categories of Personal Data” shall all have the meanings given to them in EU Data Protection Law, CPA, VCDPA and CTDPA. The terms “Business”, “Business Purpose”, “Consumer”, “Cross Context Behavioral Advertising” (also known as "CCBA"), “Contractor”, “First-Party Business”, “Service Provider”, “De-identified Data” or “Deidentified Data”, “Share”, “Sale”, “Sell”, “Third-Party Business” and “Targeted Advertising”, shall have the same meanings as ascribed to them in the US Data Protection Laws. “Data Subject” shall also mean and refer to a
-