This Data Processing Agreement ("DPA") supplements the Power AMS Terms of Service and governs how Power AMS processes personal data on behalf of customers as a data processor.
Capitalized terms not defined here have the meaning given in the Terms of Service or applicable data-protection law (including GDPR and similar U.S. state laws).
The customer is the controller of Customer Data. Power AMS is the processor and will process Customer Data only on documented instructions from the customer — typically expressed through use of the platform's features.
The customer authorizes Power AMS to engage sub-processors to deliver the service — including infrastructure providers, email delivery vendors, and the payment processor (MXMerchant). The current list is available on request to info@powerams.com. We'll provide reasonable advance notice of new sub-processors and the customer may object on reasonable grounds.
Where Customer Data is transferred outside the customer's region, Power AMS will rely on a valid transfer mechanism — Standard Contractual Clauses or another approved framework — and apply appropriate supplementary measures.
Power AMS will make available to the customer the information reasonably necessary to demonstrate compliance with this DPA, including responses to security questionnaires and access to relevant audit reports under NDA.
On termination of the underlying agreement, Power AMS will, at the customer's choice, return or delete Customer Data within 30 days, except as required to be retained by law.
Privacy and security inquiries: info@powerams.com.
Need this DPA countersigned for your records? Email info@powerams.com and we'll prepare a signature copy.
