Data Processing Agreement

1. Parties

Zolvari Technologies LLC (hereinafter referred to as the "Processor") and the downloading entity (hereinafter referred to as the "Controller").

2. Definitions

"Personal Data", "Processing", and "Data Subject" shall have the meanings given to them under applicable global data protection laws, including the GDPR and CCPA.

3. Scope

This DPA applies to the Processing of Personal Data carried out by the Processor on behalf of the Controller in connection with the provision of the SevenTwelvez platform and services.

4. Data Processing Details

The types of data processed include account information, transaction data, and creative assets. Categories of data subjects include platform buyers, creators, and affiliates. The purpose of processing is solely for platform operation, payment processing, performance analytics, and order fulfillment.

5. Processor Obligations

The Processor will process data only on documented instructions from the Controller, ensure confidentiality of personnel, implement appropriate technical and organizational security measures, assist with responding to data subject requests, and delete or return data upon agreement termination.

6. Sub-processors

A complete list of approved sub-processors is available at zolvaritech.com/subprocessors. The Processor agrees to notify the Controller of any intended changes concerning the addition or replacement of sub-processors.

7. Data Transfers

Data processing occurs primarily in the United States. Where restricted transfers occur, Standard Contractual Clauses (SCCs) or other valid transfer mechanisms will be applied upon written request.

8. Security Measures

The Processor enforces AES-256 encryption at rest, TLS 1.2+ encryption in transit, strict role-based access controls, and detailed documented incident response procedures.

9. Breach Notification

The Processor will notify the Controller without undue delay, and in any event within 72 hours, after becoming aware of a confirmed Personal Data breach as detailed in our incident response plan.

10. Audit Rights

The Controller may reasonably request evidence of compliance with these terms, subject to customary confidentiality agreements.

11. Term and Termination

This DPA is co-terminous with the underlying Terms of Service agreement.

12. Contact

For privacy inquiries, rights assertions, or DPA questions, contact privacy@zolvaritech.com.