Data Protection Agreement (DPA)

Last updated: August 2025

1. Introduction

This Data Protection Agreement (“DPA”) forms part of the agreement between Vodiomedia.com (“Processor”) and its publishers, advertisers, and partners (“Controller”) in compliance with GDPR, CCPA, and other applicable laws.

2. Roles of the Parties

Controller determines the purpose and means of processing personal data. Processor (Vodiomedia) processes data only on behalf of Controller.

3. Data Processing Scope

Processor may process personal data such as IP addresses, device identifiers, cookies, and ad interaction data solely for the purposes of:

• Ad delivery and performance measurement
• Fraud prevention and security
• Compliance with legal obligations

4. Processor Obligations

• Process data only on documented instructions from Controller
• Implement appropriate technical and organizational measures (TOMs)
• Ensure confidentiality and restrict access to authorized staff
• Notify Controller of data breaches without undue delay

5. Sub-Processors

Vodiomedia may engage sub-processors (e.g., hosting, analytics providers) under written agreements ensuring equivalent protections. A current list is available upon request.

6. International Transfers

Data may be transferred outside the EEA. Vodiomedia ensures adequate safeguards such as Standard Contractual Clauses (SCCs).

7. Data Subject Rights

Processor will assist Controller in fulfilling data subject rights requests under GDPR, CCPA, or other applicable laws.

8. Audit Rights

Controller may request audits or obtain audit reports of Processor’s compliance, subject to reasonable notice.

9. Duration & Termination

This DPA remains valid for the duration of the commercial relationship. Upon termination, Vodiomedia will delete or return all personal data, unless legally required to retain it.

10. Contact

Email: dpo@vodiomedia.com