Effective Date: February 26, 2026
Company: Accurate List, Inc.
Website: www.accuratelist.com
This Data Processing Addendum (“DPA”) forms part of the agreement between Accurate List, Inc. (“Company,” “Processor,” “We,” “Us”) and the Client (“Controller,” “Customer,” “You”) governing the processing of Personal Data in connection with the services provided.
This DPA applies where applicable data protection laws, including the General Data Protection Regulation (GDPR), UK GDPR, CCPA, and other similar regulations, require a data processing agreement.
1. Definitions
For the purposes of this DPA:
- Personal Data means any information relating to an identified or identifiable natural person.
- Processing means any operation performed on Personal Data, including collection, storage, transmission, or deletion.
- Controller means the entity that determines the purposes and means of processing Personal Data.
- Processor means the entity that processes Personal Data on behalf of the Controller.
- Applicable Data Protection Laws means all laws governing the protection of personal data applicable to the parties.
2. Scope and Roles
2.1 Nature of Services
Accurate List, Inc. provides licensed marketing contact databases for business outreach purposes.
2.2 Role of the Parties
Depending on usage:
- Accurate List, Inc. may act as an independent Controller when compiling and maintaining its database.
- Upon transfer of data to the Client, the Client acts as an independent Controller responsible for determining how the data is used.
Where legally required and applicable, Accurate List, Inc. may act as a Processor solely in limited processing activities performed on behalf of the Client.
3. Categories of Data Subjects
Personal Data processed under this DPA may include:
- Business professionals
- Corporate decision-makers
- Healthcare professionals
- Technology users
- Industry-specific professionals
4. Categories of Personal Data
The data may include:
- First and last name
- Job title
- Business email address
- Business phone number
- Company name
- Business address
- Industry information
- Professional credentials
- Publicly available business information
No sensitive personal data is intentionally collected or processed unless explicitly agreed in writing.
5. Purpose of Processing
Personal Data is processed for:
- B2B marketing outreach
- Business development
- Sales prospecting
- Market research
- Industry engagement
The Client is solely responsible for ensuring that its intended use complies with Applicable Data Protection Laws.
6. Obligations of Accurate List, Inc.
Accurate List, Inc. shall:
- Process Personal Data in accordance with applicable laws
- Implement appropriate technical and organizational measures to protect Personal Data
- Maintain reasonable safeguards against unauthorized access
- Restrict internal access to authorized personnel
- Update and maintain data accuracy through periodic verification processes
7. Obligations of the Client
The Client agrees to:
- Use the data only for lawful purposes
- Comply with GDPR, CCPA, CAN-SPAM, and other applicable regulations
- Provide legally required notices to data subjects
- Obtain consent where required
- Honor opt-out and data subject requests
- Implement appropriate security measures to protect the data
The Client assumes full responsibility for how the data is used after delivery.
8. Data Subject Rights
Where applicable, Accurate List, Inc. shall:
- Maintain processes to address data subject access requests
- Support reasonable requests related to rectification or deletion
- Maintain suppression lists where required
The Client is responsible for handling requests received as a result of its marketing activities.
9. Security Measures
Accurate List, Inc. implements reasonable technical and organizational safeguards, including:
- Secure data storage systems
- Access controls
- Encrypted data transmission where applicable
- Regular system monitoring
- Restricted personnel access
However, no system can guarantee absolute security.
10. Subprocessors
Accurate List, Inc. may engage trusted service providers for:
- Hosting services
- Cloud infrastructure
- Data management
- Email communication
All subprocessors are required to maintain appropriate data protection standards.
11. International Data Transfers
Where Personal Data is transferred across borders, such transfers shall be conducted in accordance with applicable legal mechanisms, including:
- Standard Contractual Clauses where required
- Adequacy decisions
- Other lawful transfer frameworks
12. Data Retention
Accurate List, Inc. retains Personal Data only as long as necessary for legitimate business purposes and compliance with applicable laws.
Clients are responsible for managing retention policies after receiving the data.
13. Data Breach Notification
In the event of a confirmed data breach affecting Personal Data under our control, Accurate List, Inc. will:
- Investigate promptly
- Take reasonable mitigation steps
- Notify affected Clients when legally required
14. Audit Rights
Where legally required and reasonable, Clients may request information regarding security measures. Any audit must:
- Be reasonable in scope
- Not disrupt business operations
- Be subject to confidentiality obligations
15. Limitation of Liability
Accurate List, Inc.’s liability under this DPA shall be subject to the limitations set forth in the main Terms and Conditions agreement.
16. Governing Law
This DPA shall be governed by the same governing law specified in the main Terms and Conditions.
17. Contact Information
For any questions regarding this Data Processing Addendum, please contact:
Accurate List, Inc.
Email: [email protected]
Website: www.accuratelist.com