TreMate | Maintenance is easier with TreMate

This Agreement is between you and Atlantic Voyager, LLC, a New Jersey Limited Liability Company (“Atlantic Voyager”), and governs your use of certain product and all associated services (“TreMate”) owned by Atlantic Voyager and made available by Atlantic Voyager as further described in this Agreement.

By accepting this Agreement by (i) clicking a box indicating acceptance, or (ii) using free or paid version of TreMate, you agree to the terms of this Agreement. If you are accepting this Agreement on behalf of a company or other legal entity, you represent that you have the authority to bind such entity and its affiliates. If you do not have such authority, or do not agree with these terms and conditions, you must not accept this Agreement and may not use TreMate.

TreMate may not be accessed for competitive purposes. Atlantic Voyager’s competitors are prohibited from accessing TreMate except with Atlantic Voyager’s prior written consent.

This Agreement was last updated on January 1, 2023. It is effective between you and Atlantic Voyager as of the date of you accepting this Agreement.

Atlantic Voyager and its Affiliates have developed TreMate to be used by you for free or on a paid subscription basis, if applicable, subject to the terms and conditions of this Agreement and in accordance with applicable laws and government regulations. Atlantic Voyager acts solely as web-based service provider and does not exercise supervisory authority over you, your company, its employees, vendors, affiliates or contractors or its employees.

By using TreMate (including without limitation all content accessible from the TreMate website), and all associated services, you agree to comply with the conditions imposed on your use of TreMate, as set out in this Agreement and elsewhere in the Tremate website.

Some contents of TreMate, included but not limited to market data, news, and other services, are provided by third parties as a convenience to you ("Third Party Content"). Third Party Content is outside of Atlantic Voyager’s control. Atlantic Voyager cannot guarantee the continued availability of Third Party Content, and may cease providing Third Party Content without entitling you to any refund, credit or compensation. Atlantic Voyager takes no responsibility for the suitability of the Third Party Content. The provision of the Third Party Content is not an endorsement of the Third Party Content, any third party service, or its sponsoring organization.

DEFINITIONS

“Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity.

“Control,” for the purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.

“Agreement” means this User Agreement.

“Beta Services” means Atlantic Voyager’s services or functionality that may be made available to you to try at your option at no additional charge which is clearly designated as beta, pilot, limited release, developer preview, non-production, evaluation, or by a similar description.

“Content” means information obtained by Atlantic Voyager from publicly available sources or its third party content providers and made available to you through TreMate.

“Customer Data” means electronic data and information submitted by or for you to Atlantic Voyager, excluding Content and Third Party Content.

“TreMate”- means the TreMate website and all associated online, offline and mobile products and services owned and provided by Atlantic Voyager to you free of charge or for a fee (if applicable) to assist you with maintenance and service of your boat(s) and/or marine equipment.

FEES AND PAYMENT

You have an option to subscribe to certain TreMate website features and services that Atlantic Voyager may offer for a fee. Fees are based on TreMate subscription purchased and not on actual usage. Payment obligations are non-cancelable and fees paid are non-refundable. Atlantic Voyager’s fees do not include any taxes, levies, duties or similar governmental assessments of any nature, including, for example, value-added, sales, use or withholding taxes, assessable by any jurisdiction whatsoever (collectively “Taxes”). You are responsible for paying all Taxes associated with your purchases hereunder. If Atlantic Voyager has the legal obligation to pay or collect Taxes for which you are responsible under this section, Atlantic Voyager will invoice you and you will pay that amount unless you provide Atlantic Voyager with a valid tax exemption certificate authorized by the appropriate taxing authority. For clarity, Atlantic Voyager is solely responsible for taxes assessable against it based on its income, property and employees.

RESPONSIBILITIES, REPRESENTATIONS AND WARRANTIES

Atlantic Voyager will make TreMate available to you pursuant to the terms of this Agreement and in accordance with all applicable laws and government regulations. Atlantic Voyager is not responsible for any unavailability of TreMate caused by circumstances beyond Atlantic Voyager’s control, including, for example, an act of God, act of government, flood, fire, earthquake, civil unrest, act of terror, strike or other labor problem, Internet service provider failure or delay, non-TreMate application, or denial of service attack.

Atlantic Voyager warrants that (a) this Agreement accurately describes the applicable administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Customer Data, (b) Atlantic Voyager will not materially decrease the overall security of TreMate, (c) TreMate will perform materially in accordance with the terms of this Agreement, and (d) subject to the integration with non-TreMate applications, Atlantic Voyager will not materially decrease the overall functionality of TreMate.

You represent, warrant and covenant that you will not (a) use TreMate or any of its parts, features or functions for the benefit of anyone other than yourself, (b) sell, resell, license, sublicense, distribute, make available, rent or lease TreMate or any of its parts, features or functions, or include TreMate or any of its parts, features or functions in a service bureau or outsourcing offering, (c) interfere with or disrupt the integrity or performance of TreMate or third-party data contained therein, (d) attempt to gain unauthorized access to TreMate or its related systems or networks, (e) permit direct or indirect access to or use of TreMate or any of its parts, features or functions in a way that circumvents the use of TreMate as permitted under this Agreement; (e) modify, copy, or create derivative works based on TreMate or any of its parts, features or functions or user interface thereof, (f) copy TreMate or any of its parts, features or functions except as permitted herein, (g) except to the extent permitted by applicable law, disassemble, reverse engineer, or decompile TreMate or any of its parts, features or functions or access it to (1) build a competitive product or service, (2) build a product or service using similar ideas, features, functions or graphics of TreMate, (3) copy any ideas, features, functions or graphics of TreMate, or (4) determine whether TreMate is within the scope of any patent.

You further represent, warrant and covenant that: (a) you will not upload, post or transmit to, or distribute or otherwise publish through TreMate either directly or indirectly any materials which (i) restrict or inhibit any other user from using and enjoying TreMate, (ii) are unlawful, threatening, abusive, libelous, defamatory, obscene, vulgar, offensive, pornographic, profane, sexually explicit, or indecent, (iii) constitute or encourage conduct that would constitute a criminal offense, give rise to civil liability or, otherwise violate law, (iv) violate, plagiarize, or infringe the rights of third parties including, without limitation, copyright, trademark, patent, rights of privacy or publicity, or any other proprietary right, (v) contain a virus or other harmful component, (vi) contain any information, software or other material of a commercial nature, (vii) are unsolicited email ("Spam"), or (viii) constitute or contain false or misleading indications of origin or statements of fact; and (b) that you are at least eighteen (18) years old. You specifically agree to comply with all applicable laws and rules regarding online conduct and acceptable content.

You, or third parties, are not allowed to frame TreMate, or use Atlantic Voyager’s or TreMate’s proprietary marks as meta tags, or any other “hidden text” techniques or technologies without Atlantic Voyager’s written consent. You may not use frames or utilize framing techniques or technology to enclose any TreMate content without Atlantic Voyager’s express written consent.

If you receive notice that any content or a non-TreMate application must be removed, modified and/or disabled to avoid violating applicable law or third-party rights, you will promptly do so. If you do not take required action in accordance with the above, Atlantic Voyager may disable the applicable features or parts of TreMate and/or non-TreMate application until the potential violation is resolved. If requested by Atlantic Voyager, you shall confirm such deletion and discontinuance of use in writing and Atlantic Voyager shall be authorized to provide a copy of such confirmation to any such third party claimant or governmental authority, as applicable. In addition, if Atlantic Voyager is required by any third rights holder to remove any content, or receives information that any content provided to you may violate applicable law or third-party rights, Atlantic Voyager may discontinue your access to TreMate.

PROPRIETARY RIGHTS AND LICENSES

Subject to the limited rights expressly granted hereunder, TreMate is the intellectual property of Atlantic Voyager and its Affiliates. Atlantic Voyager and its Affiliates reserve all of their right, title and interest in and to TreMate, including all of its related intellectual property rights. Such content is protected by copyright and other intellectual property laws, and all ownership rights remain with Atlantic Voyager and its Affiliates or the relevant data and information services providers or other third parties that provide it, as the case may be.

You grant Atlantic Voyager, its Affiliates and applicable contractors a worldwide, limited-term license to host, copy, use, transmit, and display Customer Data as appropriate for Atlantic Voyager to provide and ensure proper operation of TreMate and associated systems in accordance with this Agreement. If you choose to use a non-TreMate application with TreMate, you grant Atlantic Voyager permission to allow the non-TreMate application and its provider to access Customer Data and information about your usage of the non-TreMate application as appropriate for the interoperation of that non-TreMate application with TreMate. Subject to the limited licenses granted herein, Atlantic Voyager acquires no right, title or interest from you or your licensors under this Agreement in or to any Customer Data, non-TreMate application or such program code.

You further grant Atlantic Voyager and Affiliates a worldwide, perpetual, irrevocable, royalty-free license to use and incorporate into TreMate any suggestion, enhancement request, recommendation, correction or other feedback provided by you relating to the operation of TreMate.

REMEDIES, DISCLAIMERS, INDEMNIFICATION

Tremate (including all content and information therein) is provided "as is." atlantic voyager, its affiliates and other providers of materials on tremate site disclaim any warranty of any kind, whether express or implied, as to any matter whatsoever relating to tremate, including without limitation the implied warranties of merchantability, fitness for a particular purpose, and noninfringement.

Neither atlantic voyager, its affiliates nor any third party shall be liable to you or any third party for any loss or damage, direct, indirect or consequential, arising from (i) any inaccuracy or incompleteness in, or delays, interruptions, errors or omissions in the delivery of the data or any other information supplied to you through tremate or (ii) any decision made or action taken by you or any third party in reliance upon tremate. Neither atlantic voyager, its affiliates nor any other providers shall be liable for loss of business revenues, lost profits or any punitive, indirect, consequential, special or similar damages whatsoever, whether in contract, tort or otherwise, even if advised of the possibility of such damages incurred by you or any third party.

Neither atlantic voyager, its employees, contractors, affiliates, or any third party makes any warranties, as to the accuracy, adequacy, quality or fitness, timeless, non-infringement, title, of any information for a particular purpose or use and all such warranties are expressly excluded to the fullest extent that such warranties may be excluded by law. You bear all risk from any use or results of using any information. You are responsible for validating the integrity of any information received over the internet.

Transmission may be subject to arbitrary delays beyond atlantic voyager’s control, which may delay the provision of tremate and associated services and the execution of your requests. You acknowledge that neither atlantic voyager, its employees, contractors, affiliates, nor any third party will be liable to you or any third party for any losses arising from such delay. You accept at your own risk that the internet and online communications medium may not perform as intended despite the efforts of atlantic voyager, your internet service provider and you.

In no event will atlantic voyager, its employees, contractors, affiliates or third party be liable for any consequential loss including but not limited to special, incidental, direct or indirect damages resulting from delay or loss of use of tremate site, or for any damage to your computer, software, modem, telephone or other property resulting from your use of tremate site or services.

In the event atlantic voyager is obligated to defend and indemnify you pursuant to the paragraph immediatelly below, atlantic voyager will not be required to spend more than three times the amount of fees paid by you for your use of tremate, including without limitation attorneys’ fees, court costs, settlements, judgments, and reimbursement of costs.

Atlantic Voyager will defend you against any claim, demand, suit or proceeding made or brought against you by a third party alleging that TreMate infringes or misappropriates such third party’s intellectual property rights, and will indemnify you for any damages, attorney fees and costs finally awarded against you as a result of, or for amounts paid by you under a settlement approved by Atlantic Voyager in writing of a claim against you, provided that you (a) promptly give Atlantic Voyager written notice of the claim against you; (b) give Atlantic Voyager sole control of the defense and settlement of the claim against you (except that Atlantic Voyager may not settle any claim against you unless it unconditionally releases you of all liability); and (c) give Atlantic Voyager all reasonable assistance, at Atlantic Voyager’s expense. If Atlantic Voyager receives information about an infringement or misappropriation claim related to TreMate, Atlantic Voyager may in its discretion and at no cost to you (i) modify TreMate or any of its parts, functions or features so that they are no longer claimed to infringe or misappropriate, without breaching Atlantic Voyager’s warranties under “Responsibilities, Representations and Warranties” above, (ii) obtain a license for your continued use of TreMate in accordance with this Agreement, or (iii) terminate your access or subscription to TreMate upon 7 days’ written notice and refund you any prepaid fees covering the remainder of the term of the terminated subscription. The above defense and indemnification obligations do not apply if (1) the allegation does not state with specificity that TreMate is the basis of the claim against you; (2) a claim against you arises from the use or combination of TreMate or any part thereof with software, hardware, data, or processes not provided by Atlantic Voyager, if TreMate or use thereof would not infringe without such combination; (3) if a claim against you arises from TreMate or any of its parts, features or functions for which there is no charge; (4) a claim against you arises from your use of non-current versions of TreMate if such claim of infringement or misappropriation could have been avoided by your use of such current version of TreMate; or (5) a claim against you arises from Content, a non-TreMate application or your breach of this Agreement.

You will defend Atlantic Voyager and its Affiliates against any claim, demand, suit or proceeding (including, without limitation, reasonable attorneys' fees and costs) as a result of (i) your use of TreMate; (ii) any violation by you of your obligations under this Agreement; (iii) any violation by you of the rights of others; or (iv) if any Customer Data or your use of Customer Data with TreMate, with non-TreMate application, or the combination of the non-TreMate application provided by you and used with TreMate, infringes or misappropriates a third party’s intellectual property rights. Atlantic Voyager reserves the right, but not the obligation to, at its own expense, assume control of the defense of any action subject to indemnification by you under this Agreement. You agree not to settle any claim arising under this Agreement without the prior written consent of Atlantic Voyager. You will use your best efforts to cooperate with Atlantic Voyager in the defense of any claim.

PROTECTION OF DATA, PRIVACY AND CONFIDENTIALITY

Atlantic Voyager will maintain appropriate administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Customer Data. Those safeguards will include, but not limited to, measures designed to prevent unauthorized access to or disclosure of Customer Data (other than by you). The terms of the data processing addendum (“DPA”) attached to this Agreement are hereby incorporated by reference and shall apply to the extent Customer Data includes personal data as defined in DPA.

Upon request in writing by you made within 30 days after the latest of (a) your last log on in TreMate’s website; or (b) effective date of termination or your TreMate subscription, Atlantic Voyager will make Customer Data available to you for export or download. After such 30-day period, Atlantic Voyager will have no obligation to maintain or provide any Customer Data, and can thereafter delete or destroy all copies of Customer Data in its systems or otherwise in its control, unless legally prohibited.

BETA SERVICES

From time to time, Atlantic Voyager may make Beta Services available to you at no charge. You may choose to try such Beta Services or not in your sole discretion. Any use of Beta Services is subject to the terms of this Agreement and DPA.

CONFIDENTIALITY

“Confidential Information” means all information disclosed by a party (“Disclosing Party”) to the other party (“Receiving Party”), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Your Confidential Information includes Customer Data; Confidential Information of Atlantic Voyager includes products and services information, potential products and services information, marketing data, marketing procedures, appraisals, trade secrets, software, know-how, and all other information provided by Atlantic Voyager in connection with your use of TreMate, whether disclosed or provided electronically, orally, or in writing, regardless of the media being used, before or after the execution of this Agreement. Confidential Information does not include any information that (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party, (ii) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party; (iii) is received from a third party without breach of any obligation owed to the Disclosing Party; or (iv) was independently developed by the Receiving Party.

As between the parties, each party retains all ownership rights in and to its Confidential Information. The Receiving Party will use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but not less than reasonable care) to (i) not use any Confidential Information of the Disclosing Party for any purpose outside of the scope of this Agreement and (ii) except as otherwise authorized by the Disclosing Party in writing, limit access to Confidential Information of the Disclosing Party to those of its and its Affiliates’ employees and contractors who need the access for purposes consistent with this Agreement and who have signed confidentiality agreements with the Receiving Party containing protections not materially less protective of the Confidential Information than those herein.

The Receiving Party may disclose Confidential Information of the Disclosing Party to the extent compelled by law to do so, provided the Receiving Party gives the Disclosing Party prior notice of the compelled disclosure (to the extent legally permitted) and reasonable assistance, at the Disclosing Party’s cost, if the Disclosing Party wishes to contest the disclosure. If the Receiving Party is compelled by law to disclose Disclosing Party’s Confidential Information as part of a civil proceeding to which the Disclosing Party is a part, and the Disclosing Party is not contesting the disclosure, the Disclosing Party will reimburse the Receiving Party for its reasonable cost of compiling and providing secure access to that Confidential Information.

COLLECTION AND USE OF YOUR INFORMATION (including via Cookies)

Atlantic Voyager uses cookies, web beacons and similar technologies (called "Cookies") to track information provided by your browser and by Atlantic Voyager’ software application when you use TreMate. A cookie is a small piece of information that a website stores on the web browser on your device and can later retrieve. "Session" Cookies are temporary and will expire at the end of a browser session; that is, when you leave a website. Session Cookies allow a website to recognize you and carry information as you navigate between pages during a single browser session and allow you to use the website most efficiently. "Persistent" Cookies, in contrast, remain in the Cookie file of your browser even after you leave a website and after the browser is closed. They enable a website to recognize you on your return, remember your preferences and provide tailored services to you. A cookie will not contain information that will enable us to contact you via telephone, e-mail, or other means.

Atlantic Voyager, its Affiliates, and third party service providers acting on Atlantic Voyager’s behalf, use session and persistent Cookies to:

Remember preferences that you submit as well as those generated from your usage data, your confirmation of being an institutional investor or consultant in the United States, and your responses to polls and surveys on TreMate;
Measure your use of TreMate in an effort to improve its quality and enhance your overall experience, including tracking page views, time and date of TreMate access, and other usage data, and identifying your operating system and browser type (but not other information about your computer or the programs on it) and your general geographic location; and
Allow you to share certain information via social media bookmarking buttons, email or on social networking sites.

The third party service providers mentioned above use any personal information they collect to provide the contracted service to Atlantic Voyager. They have also agreed to confidentiality restrictions.

Most browsers are initially set to accept Cookies. However, you have the ability to change your browser settings. It may also be possible to configure your browser settings to enable acceptance of specific Cookies or to notify you each time a new Cookie is about to be stored on your device enabling you to decide whether to accept or reject the Cookie. You can also disable Cookies by configuring your browser setting to reject Cookies. Please refer to the help section of your browser for instructions on disabling Cookies. For more information about Cookies, how they work, why they are so useful and how to disable them, you can visit www.allaboutcookies.org

If you do not wish to accept Cookies, please either disable them or refrain from using TreMate. If Cookies are disabled, it may mean that you experience reduced functionality or will be prevented from using all or part of TreMate.

Atlantic Voyager may use aggregated usage data to track trends and analyze patterns. You may also voluntarily submit information, including by responding to Atlantic Voyager’s online polls and surveys, requesting information from Atlantic Voyager or asking to be contacted by one of Atlantic Voyager’s representatives. If you work for one of Atlantic Voyager’s institutional (business) clients, Atlantic Voyager may obtain your business contact information from your firm. If you register to enter an area of TreMate website, TreMate will recognize who you are and collect all information that you submit (including subscription to emails, etc.). Any information collected about you may be associated with other identifying information that Atlantic Voyager has about you.

In addition to the above uses, Atlantic Voyager may use your information for the purpose of conducting business with you, managing our relationship with you, and advising you of products and services that Atlantic Voayger believes might be of interest. The information collected also is used to provide a record of communications between Atlantic Voyager and the TreMate website visitors and to comply with any applicable legal and/or regulatory requirements.

Additionally, TreMate website is a password-protected site (a) once you submit your password and enter, TreMate website will recognize who you are and will collect all information that you submit, including all electronic instructions (including all transaction information), and (b) any information collected about you may be associated with other identifying information that Atlantic Voyager havs about you.

SHARING OF YOUR INFORMATION

Atlantic Voyager does not sell or rent your personally identifiable information to third parties. Atlantic Voyager shares your information only with its (i) Affiliates; (ii) service providers that have agreed to confidentiality restrictions and use any personal information they collect on Atlantic Voyager’s behalf solely for the purpose of providing the contracted service to Atlantic Voyager; (iii) as otherwise described in this Agreement; and (iv) to comply with all applicable laws, regulations and rules, and requests of law enforcement, regulatory and other governmental agencies. Also, Atlantic Voyager may share in aggregate, statistical form, non-personal information regarding the visitors to TreMate website, traffic patterns, and TreMate usage with Atlantic Voyager’s partners, Affiliates or advertisers.

Atlantic Voyager may also export your information to other jurisdictions where Atlantic Voyager, or our service providers, do business, subject to the terms of this Agreement and DPA.

Atlantic Voyager may, in the future, sell or otherwise transfer some or all of its assets to a third party. Your personally identifiable information, technical information about your device or browser and/or other anonymous information Atlantic Voyager obtains from you may be disclosed to any potential or actual third-party purchasers of such assets and/or may be among those assets transferred.

THIRD PARTY ADVERTISERS

Atlantic Voyager may use third party advertising companies to serve ads on Atlantic Voyager’s behalf on other websites across the Internet. In order to measure and track the effectiveness of such ads, these companies typically use Cookies; so a Cookie may be set in the Cookie file of your browser when you click on one of Atlantic Voyager’s ads or visit a webpage associated with Atlantic Voyager’s ad campaigns. These companies may also use and measure information about your visits as part of this same process. The information provided to Atlantic Voyager by these companies about you will be de-identified.

THIRD PARTY SITES

TreMate may contain links to third party sites (including social media bookmarking buttons that enable you to share certain content). Please review the cookie and privacy statements of these third-party sites to understand how they may use Cookies and your information. The DPA attached to this Agreement does not apply to your use of a third-party site.

SECURITY OF PERSONAL INFORMATION

Atlantic Voyager utilizes reasonable security technologies to protect sensitive information as further described in DPA. However, the security of this information depends in part on the security of the computer you use, the security you use to protect User IDs and passwords, and the security provided by your internet access services provider. Atlantic Voyager is not responsible for the security of your internet access services provider; you should review the security and privacy policies of your internet access services provider carefully. Information that you access from Atlantic Voyager may be stored on your computer for your convenience. If others have access to your computer or your User ID and password, they may be able to access this information. Atlantic Voyager is not responsible for the security or privacy of information communicated to or from such a computer. Finally, you should keep any correspondence you receive from Atlantic Voyager or its Affiliates, or any information, products and/or services relating to TreMate (including, but not limited to registration information, emails, or any other information) confidential and in a safe place.

CHILDREN'S INFORMATION (Children's Online Privacy Protection Act)

We respect the privacy of your children, Atlantic Voyager may collect or retain personally identifiable information about your children under the age of 13 only to assist you with immigration procedures and when required by law.

GOVERNING LAW

This Agreement, your rights and obligations, and all actions contemplated by this Agreement will be governed by the laws of the United States of America and the State of New Jersey (except with respect to its conflict of law provisions), as if the Agreement were a contract wholly entered into and wholly performed in Monmouth County, New Jersey, independent of your actual state or country of residence. Any dispute arising out of or relating to this Agreement whether at law or in equity will be resolved exclusively in the federal or state courts located in Monmouth County, New Jersey, and you hereby irrevocably and unconditionally consent to the exclusive jurisdiction and venue of such courts.

COMPLIANCE WITH EXPORT CONTROL LAWS

Some software, documentation, products and technical information available on or through TreMate may be subject to U.S. or foreign export controls. By accessing, downloading, purchasing or using such software, documentation, products or technical information you represent and warrant that you are in compliance with and shall abide by any such applicable laws and regulations. Atlantic Voyager makes no representation that TreMate materials, software, online or offline services or any other features or functions are appropriate or available for use in locations outside the United States, and accessing them from territories where their contents are illegal is prohibited.

MISCELLANEOUS

This Agreement constitutes the entire agreement between Atlantic Voyager and you with respect to your use of TreMate. Any cause of action you may have with respect to your use of TreMate must be commenced within one (1) year after the claim or cause of action arises. If for any reason a court of competent jurisdiction finds any provision of the Agreement, or portion thereof, to be unenforceable, that provision shall be enforced to the maximum extent permissible so as to effect the intent of the Agreement, and the remainder of this Agreement shall continue in full force and effect. All provisions of this Agreement that impose obligations continuing in their nature shall survive the termination or expiration of this Agreement, including but not limited to, provisions for indemnity and any licenses granted by you to Atlantic Voyager. The failure of Atlantic Voyager to exercise or enforce any provision of this Agreement shall not constitute a waiver of such right or provision.

COMPANY CONTACT INFORMATION

All notices related to this Agreement will be in writing and will be effective upon (a) personal delivery, (b) the second business day after mailing; or (c) except for notices of an indemnifiable claim, the day of sending by mail. Notices shall be address to:

Webmaster
Atlantic Voyager, LLC
PO Box 502
Holmdel, NJ 07733
Email: info@temate.com

NOTIFICATION OF CHANGES

Atlantic Voyager may change the terms of this Agreement or DPA from time to time for any reason. When Atlantic Voyager makes such changes, it will post notification of them on TreMate website. Your continued use of TreMate after notification of such changes have been posted shall constitute your consent to be bound by these changes.

DATA PROCESSING ADDENDUM

This Data Processing Addendum (“DPA”) is incorporated into, and is subject to the terms and conditions of, the Agreement between Atlantic Voyager and you. All capitalized terms not defined in this DPA shall have the meanings set forth in the Agreement. For the avoidance of doubt, all references to the “Agreement” shall include this DPA (including the SCCs (where applicable), as defined herein).

Definitions

“Data Protection Laws” means all data protection laws and regulations applicable to a party’s processing of Customer Data under the Agreement, including, where applicable, European Data Protection Laws and Non-European Data Protection Laws.

“European Data Protection Laws” means all data protection laws and regulations applicable to Europe, including (i) Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) (“GDPR”); (ii) Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector; (iii) applicable national implementations of (i) and (ii); (iv) the GDPR as it forms part of UK law by virtue of section 3 of the UK European Union (Withdrawal) Act 2018 and the UK Data Protection Act 2018 (together, “UK Data Protection Laws”); and (v) the Swiss Federal Data Protection Act of 19 June 1992 and its Ordinance (“Swiss DPA”).

“Europe” means, for the purposes of this DPA, the European Economic Area and its member states (“EEA”), Switzerland and the United Kingdom (“UK”).

“Non-European Data Protection Laws” means the California Consumer Privacy Act (“CCPA”); the Canadian Personal Information Protection and Electronic Documents Act (“PIPEDA”); the Brazilian General Data Protection Law (“LGPD”), Federal Law no. 13,709/2018; and the Privacy Act 1988 (Cth) of Australia, as amended (“Australian Privacy Law”).

“SCCs” means (i) the standard contractual clauses between controllers and processors adopted by the European Commission in its Implementing Decision (EU) 2021/91 of 4 June 2021, and currently located here (the “2021 Controller-to-Processor Clauses”); or (ii) the standard contractual clauses between processors adopted by the European Commission in its Implementing Decision (EU) 2021/91 of 4 June 2021, and currently located here (the “2021 Processor-to-Processor Clauses”); as applicable in accordance with Section 6.3.

“Security Incident” means any unauthorized or unlawful breach of security that leads to the accidental or unlawful destruction, loss, or alteration of, or unauthorized disclosure of or access to, Customer Data on systems managed or otherwise controlled by Atlantic Voyager.

“Sensitive Data” means (a) social security number, tax file number, passport number, driver’s license number, or similar identifier (or any portion thereof); (b) credit or debit card number (other than the truncated (last four digits) of a credit or debit card); (c) employment, financial, credit, genetic, biometric or health information; (d) racial, ethnic, political or religious affiliation, trade union membership, information about sexual life or sexual orientation, or criminal record; (e) account passwords; or (f) other information that falls within the definition of “special categories of data” under applicable Data Protection Laws.

“Sub-processor” means any processor engaged by Atlantic Voyager or its Affiliates to assist in fulfilling its obligations pursuant to the Agreement or this DPA. Sub-processors may include third parties or Affiliates of Atlantic Voyager but shall exclude Atlantic Voyager employees, contractors, or consultants.

"UK Addendum" means the International Data Transfer Addendum (version B1.0) issued by Information Commisioners Office under S.119(A) of the UK Data Protection Act 2018, as updated or amended from time to time.

The terms “personal data”, “controller”, “data subject”, “processor” and “processing” shall have the meaning given to them under applicable Data Protection Laws or if not defined thereunder, the GDPR, and “process”, “processes" and “processed”, with respect to any Customer Data, shall be interpreted accordingly.
Roles and Responsibilities

2.1 Parties’ roles. If European Data Protection Laws or the LGPD applies to either party’s processing of Customer Data, the parties acknowledge and agree that with regard to the processing of Customer Data, Atlantic Voyager is a processor acting on behalf of you (whether itself a controller or a processor). For the avoidance of doubt, this DPA shall not apply to instances where Atlantic Voyager is the controller (as defined by European Data Protection Laws) unless otherwise described in Annex C (Jurisdiction-Specific Terms) of this DPA.

2.2 Purpose limitation. Atlantic Voyager shall process Customer Data, as further described in Annex A (Details of Data Processing) of this DPA, only in accordance with your documented lawful instructions as set forth in this DPA, as necessary to comply with applicable law, or as otherwise agreed in writing (“Permitted Purposes”). The parties agree that the Agreement, including this DPA, along with your configuration of or use of any settings, features, or options in TreMate (as you may be able to modify from time to time) constitute your complete and final instructions to Atlantic Voyager in relation to the processing of Customer Data (including for the purposes of the SCCs), and processing outside the scope of these instructions (if any) shall require prior written agreement between the parties.

2.3 Prohibited data. You will not provide (or cause to be provided) any Sensitive Data to Atlantic Voyager for processing under the Agreement, and Atlantic Voyager will have no liability whatsoever for Sensitive Data, whether in connection with a Security Incident or otherwise. For the avoidance of doubt, this DPA will not apply to Sensitive Data.

2.4 Your compliance. You represent and warrant that (i) you have complied, and will continue to comply, with all applicable laws, including Data Protection Laws, in respect of your processing of Customer Data and any processing instructions you issue to Atlantic Voyager; and (ii) you have provided, and will continue to provide, all notice and have obtained, and will continue to obtain, all consents and rights necessary under Data Protection Laws for Atlantic Voyager to process Customer Data for the purposes described in the Agreement. You shall have sole responsibility for the accuracy, quality, and legality of Customer Data and the means by which you acquired Customer Data. Without prejudice to the generality of the foregoing, you agree that you shall be responsible for complying with all laws (including Data Protection Laws) applicable to any content created, sent, or managed through TreMate, including those relating to obtaining consents (where required) to send emails, the content of the emails and its email deployment practices.

2.5 Lawfulness of your instructions. You will ensure that Atlantic Voyager’s processing of the Customer Data in accordance with your instructions will not cause Atlantic Voyager to violate any applicable law, regulation, or rule, including, without limitation, Data Protection Laws. Atlantic Voyager shall promptly notify you in writing, unless prohibited from doing so under European Data Protection Laws, if it becomes aware or believes that any data processing instruction from you violate European Data Protection Laws. Where you act as a processor on behalf of a third-party controller (or other intermediary to the ultimate controller), you warrant that your processing instructions as set out in the Agreement and this DPA, including your authorizations to Atlantic Voyager for the appointment of Sub-processors in accordance with this DPA, have been authorized by the relevant controller. You shall serve as the sole point of contact for Atlantic Voyager and Atlantic Voyager need not interact directly with (including to provide notifications to or seek authorization from) any third-party controller other than through regular provision of service to the extent required under the Agreement. You shall be responsible for forwarding any notifications received under this DPA to the relevant controller, where appropriate.
Sub-processing

3.1 Authorized Sub-processors. You agree that Atlantic Voyager may engage Sub-processors to process Customer Data on your behalf. Atlantic Voyager shall notify you if it adds or removes Sub-processors at least 10 days prior to any such changes if you opt in to receive such notifications by notifying Atlantic Voyager in writing in advance.

3.2 Sub-processor obligations. Atlantic Voyager shall: (i) enter into a written agreement with each Sub-processor containing data protection obligations that provide at least the same level of protection for Customer Data as those in this DPA, to the extent applicable to the nature of the service provided by such Sub-processor; and (ii) remain responsible for such Sub-processor’s compliance with the obligations of this DPA and for any acts or omissions of such Sub-processor that cause Atlantic Voyager to breach any of its obligations under this DPA. You acknowledge and agree that, where applicable, Atlantic Voyager fulfills its obligations under Clause 9 of the 2021 Controller-to-Processor Clauses and 2021 Processor-to-Processor Clauses (as applicable) by complying with this Section 3 and that Atlantic Voyager may be prevented from disclosing Sub-processor agreements to you due to confidentiality restrictions but Atlantic Voyager shall, upon request, use reasonable efforts to provide you with all relevant information it reasonably can in connection with Subprocessor agreements.
Security

4.1 Security Measures. Atlantic Voayger shall implement and maintain appropriate technical and organizational security measures that are designed to protect Customer Data from Security Incidents and designed to preserve the security and confidentiality of Customer Data in accordance with Atlantic Voyager’s security standards described in Annex B (“Security Measures”) of this DPA.

4.2 Confidentiality of processing. Atlantic Voyager shall ensure that any person who is authorized by Atlantic Voyager to process Customer Data (including its staff, agents, and subcontractors) shall be under an appropriate obligation of confidentiality (whether a contractual or statutory duty).

4.3 Updates to Security Measures. You are responsible for reviewing the information made available by Atlantic Voyager relating to data security and making an independent determination as to whether the information meets your requirements and legal obligations under Data Protection Laws. You acknowledge that the Security Measures are subject to technical progress and development and that Atlantic Voyager may update or modify the Security Measures from time to time, provided that such updates and modifications do not result in the degradation of the overall security obligations to you.

4.4 Security Incident response. Upon becoming aware of a Security Incident, Atlantic Voyager shall: (i) notify you without undue delay, and where feasible, within 48 hours of awareness; (ii) provide timely information relating to the Security Incident as it becomes known or as is reasonably requested by you; and (iii) promptly take reasonable steps to contain and investigate any Security Incident. Atlantic Voyager’s notification of or response to a Security Incident under this Section 4.4 shall not be construed as an acknowledgment by Atlantic Voyager of any fault or liability with respect to the Security Incident.

4.5 Your responsibilities. Notwithstanding the above, you agree that except as provided by this DPA, you are responsible for your secure use of TreMate, including securing its account authentication credentials, protecting the security of Customer Data when in transit to and from TreMate, and taking any appropriate steps to securely encrypt or backup any Customer Data uploaded to TreMate.
Security Reports and Audits

5.1 Audit rights. Atlantic Voyager shall make available to you all information reasonably necessary to demonstrate compliance with this DPA and allow for and contribute to audits, including inspections by you in order to assess compliance with this DPA. You acknowledge and agree that you shall exercise your audit rights under this DPA (including this Section 5.1 and where applicable, the SCCs) and any audit rights granted by Data Protection Laws, by instructing Atlantic Voyager to comply with the audit measures described in Section 5.2 below.

5.2 Security due diligence. Atlantic Voyager shall respond to all reasonable requests for information made by you to confirm Atlantic Voyager’s compliance with this DPA, including responses to information security, due diligence, and audit questionnaires, by making additional information available regarding its information security program upon your written request to info@tremate.com, provided that you shall not exercise this right more than once per calendar year.
International Transfers

6.1Data center locations. Subject to Section 6.2, you acknowledge that Atlantic Voyager may transfer and process Customer Data to and in the United States and anywhere else in the world where Atlantic Voyager, its Affiliates or its Sub-processors maintain data processing operations. Atlantic Voyager shall at all times ensure that such transfers are made in compliance with the requirements of Data Protection Laws and this DPA.

6.2 Australian data. To the extent that Atlantic Voyager is a recipient of Customer Data protected by the Australian Privacy Law, the parties acknowledge and agree that Atlantic Voyager may transfer such Customer Data outside of Australia as permitted by the terms agreed upon by the parties and subject to Atlantic Voyager complying with this DPA and the Australian Privacy Law.

6.3 EEA Data Transfers. To the extent that Atlantic Voyager is a recipient of Customer Data protected by GDPR in a country outside of EEA that is not recognized as providing an adequate level of protection for personal data (as described in applicable European Data Protection Laws), the parties agree to abide by and process such Customer Data in compliance with the SCCs, which shall be incorporated into and form an integral part of this DPA.

6.4 UK Data Transfers. With respect to transfers to which the UK Data Protection Laws apply, the SCCs shall apply and shall be deemed amended as specified by the UK Addendum. The UK Addendum shall be deemed executed by the parties and incorporated into and form an integral part of this DPA. In addition: Tables 1 to 3 in Part 1 of the UK Addendum shall be deemed completed with the information set out in Annexes I and II of the relevant SCCs; and Table 4 in Part 1 of the UK Addendum shall be deemed completed by selecting "neither party".

6.5 Swiss Data Transfers. With respect to transfers to which the Swiss DPA apply, the SCCs shall apply in accordance with Section 6.3 with the following modifications: (i) references to "Regulation (EU) 2016/679" shall be interpreted as references to the Swiss DPA; (ii) references to specific Articles of "Regulation (EU) 2016/679" shall be replaced with the equivalent article or section of the Swiss DPA; (iii) references to "EU", "Union" and "Member State law" shall be replaced with "Switzerland"; (iv) Clause 13(a) and Part C of Annex Il shall be deleted; (v) references to the "competent supervisory authority" and "competent courts" shall be replaced with "the Swiss Federal Data Protection and Information Commissioner" and "relevant courts in Switzerland"; (vi) Clause 17 shall be replaced to state "The Clauses are governed by the laws of Switzerland"; and (vii) Clause 18 shall be replaced to state "Any dispute arising from these Clauses shall be resolved by the applicable courts of Switzerland. The parties agree to submit themselves to the jurisdiction of such courts".

6.6 Compliance with the SCCs. The parties agree that if Atlantic Voyager cannot ensure compliance with the SCCs, it shall promptly inform you of its inability to comply. If you intend to suspend the transfer of European Data and/or terminate the affected parts of TreMate, you shall first provide notice to Atlantic Voyager and provide Atlantic Voyager with a reasonable period of time to cure such non-compliance, during which time Atlantic Voyager and you shall reasonably cooperate to agree what additional safeguards or measures, if any, may be reasonably required. You shall only be entitled to suspend the transfer of data and/or terminate the affected parts TreMate for non-compliance with the SCCs if Atlantic Voyager has not or cannot cure the non-compliance within a reasonable period.

6.7 Alternative transfer mechanism. To the extent Atlantic Voyager adopts an alternative lawful data transfer mechanism for the transfer of European Data not described in this DPA (“Alternative Transfer Mechanism”), the Alternative Transfer Mechanism shall apply instead of the transfer mechanisms described in this DPA (but only to the extent such Alternative Transfer Mechanism complies with applicable European Data Protection Laws and extends to the countries to which European Data is transferred). In addition, if and to the extent that a court of competent jurisdiction or supervisory authority orders (for whatever reason) that the measures described in this DPA cannot be relied on to lawfully transfer European Data (within the meaning of applicable European Data Protection Laws), Atlantic Voyager may implement any additional measures or safeguards that may be reasonably required to enable the lawful transfer of European Data.
Return or Deletion of Data

Deletion or return on termination. Upon termination or expiration of the Agreement, Atlantic Voyager shall (at your election) delete or return to Customer all Customer Data (including copies) in its possession or control, except that this requirement shall not apply to the extent Atlantic Voyager is required by applicable law to retain some or all of the Customer Data, or to Customer Data it has archived on back-up systems, which Customer Data Atlantic Voyager shall securely isolate, protect from any further processing and eventually delete in accordance with Atlantic Voyager’s deletion policies, except to the extent required by applicable law. The parties agree that the certification of deletion of Customer Data described in Clause 8.5 and 16(d) of the 2021 Controller-to-Processor Clauses and 2021 Processor-to-Processor Clauses (as applicable) shall be provided by Atlantic Voyager to you only upon your written request.
Data Subject Rights and Cooperation

8.1 Data subject requests. As part of TreMate, Atlantic Voyager provides you with a number of self-service features, that you may use to retrieve, correct, delete, or restrict the use of Customer Data, which you may use to assist it in connection with its (or its third-party controller’s) obligations under the Data Protection Laws with respect to responding to requests from data subjects via your account at no additional cost. In addition, Atlantic Voyager shall, considering the nature of the processing, provide reasonable additional assistance to you to the extent possible to enable you (or its third-party controller) to comply with its data protection obligations with respect to data subject rights under Data Protection Laws. In the event that any such request is made to Atlantic Voyager directly, Atlantic Voyager shall not respond to such communication directly except as appropriate (for example, to direct the data subject to contact you) or legally required, without your prior authorization. If Atlantic Voyager is required to respond to such a request, Atlantic Voyager shall, where you are identified or identifiable from the request, promptly notify you and provide you with a copy of the request unless Atlantic Voyager is legally prohibited from doing so. For the avoidance of doubt, nothing in the Agreement (including this DPA) shall restrict or prevent Atlantic Voyager from responding to any data subject or data protection authority requests in relation to personal data for which Atlantic Voyager is a controller.

8.2 Data protection impact assessment. To the extent required under applicable Data Protection Laws, Atlantic Voyager shall (considering the nature of the processing and the information available to Atlantic Voyager) provide all reasonably requested information regarding TreMate to enable you to carry out data protection impact assessments or prior consultations with data protection authorities as required by Data Protection Laws. Atlantic Voyager shall comply with the foregoing by: (i) complying with Section 5 (Security Reports and Audits); (ii) providing the information contained in the Agreement, including this DPA; and (iii) if the foregoing sub-sections (i) and (ii) are insufficient for you to comply with such obligations, upon request, providing additional reasonable assistance (at your expense).
Jurisdiction-Specific Terms

To the extent Atlantic Voyager processes Customer Data originating from and protected by Data Protection Laws in one of the jurisdictions listed in Annex C, then the terms specified in Annex C with respect to the applicable jurisdiction(s) (“Jurisdiction-Specific Terms”) apply in addition to the terms of this DPA. In the event of any conflict or ambiguity between the Jurisdiction-Specific Terms and any other terms of this DPA, the applicable Jurisdiction-Specific Terms will take precedence, but only to the extent of the Jurisdiction-Specific Terms’ applicability to Atlantic Voyager.
Limitation of Liability

10.1 Each party’s and all of its Affiliates’ liability taken together in the aggregate arising out of or related to this DPA (including the SCCs) shall be subject to the exclusions and limitations of liability set forth in the Agreement.

10.2 Any claims made against Atlantic Voyager or its Affiliates under or in connection with this DPA (including, where applicable, the SCCs) shall be brought solely by you as a party to the Agreement.

10.3 In no event shall any party limit its liability with respect to any individual’s data protection rights under this DPA or otherwise.
Relationship with the Agreement

11.1 This DPA shall remain in effect for as long as Atlantic Voyager carries out Customer Data processing operations on your behalf or until termination of the Agreement (and all Customer Data has been returned or deleted in accordance with Section 7.1 above).

11.2 The parties agree that this DPA shall replace any existing data processing agreement or similar document that the parties may have previously entered into in connection with TreMate.

11.3 Except for any changes made by this DPA, the Agreement remains unchanged and in full force and effect.

11.4 No one other than a party to this DPA, its successors and permitted assignees shall have any right to enforce any of its terms.

11.5 This DPA shall be governed by and construed in accordance with the governing law and jurisdiction provisions in the Agreement, unless required otherwise by applicable Data Protection Laws.

Annex A – Details of Data Processing

(a) Categories of data subjects:

The categories of data subjects whose personal data is processed include (i) Members (i.e., individual end users with access to a Atlantic Voyager account) and (ii) Contacts (i.e., Member’s subscribers and other individuals about whom a Member has given Atlantic Voyager information or has otherwise interacted with a Member).

(b) Categories of personal data:

You may upload, submit, or otherwise provide certain personal data to Atlantic Voyager, the extent of which is typically determined and controlled by you in your sole discretion, and may include the following types of personal data:

Members: Identification and contact data (name, address, title, contact details, username); financial information (credit card details, account details, payment information); employment details (employer, job title, geographic location, area of responsibility).

Contacts: Identification and contact data (name, date of birth, gender, general, occupation or other demographic information, address, title, contact details, including email address); personal interests or preferences (including purchase history, marketing preferences and publicly available social media profile information); IT information (IP addresses, usage data, cookies data, online navigation data, location data, browser data); financial information (credit card details, account details, payment information).

Atlantic Voyager does not want to, nor does it intentionally, collect or process any Sensitive Data in connection with the Agreement.

(d) Frequency of processing:

Continuous and as determined by you.

(e) Subject matter and nature of the processing:

The subject matter of the data processing under this DPA is the Customer Data. Customer Data will be processed in accordance with the Agreement (including this DPA) and may be subject to the following processing activities:

Storage and other processing necessary to provide, maintain and improve TreMate and associated services to you pursuant to the Agreement; and/or Disclosures in accordance with the Agreement and/or as compelled by applicable law.

(f) Purpose of the processing:

Atlantic Voyager shall only process Customer Data for the Permitted Purposes, which shall include: (i) processing as necessary to in accordance with the Agreement; (ii) processing initiated by you in your use of TreMate; and (iii) processing to comply with any other reasonable instructions provided by you that are consistent with the terms of the Agreement.

(g) Duration of processing and period for which personal data will be retained:

Atlantic Voyager will process Customer Data as outlined in Section 7 (Return or Deletion of Data) of this DPA.

Annex B – Security Measures

The Security Measures applicable to the Agreement are described here (as updated from time to time in accordance with Section 4.3 of this DPA).

Annex C - Jurisdiction-Specific Terms

Europe:

Objection to Sub-processors. You may object in writing to Atlantic Voyager’s appointment of a new Sub-processor within five (5) calendar days of receiving notice in accordance with Section 3.1 of the DPA, provided that such objection is based on reasonable grounds relating to data protection. In such event, the parties shall discuss such concerns in good faith with a view to achieving a commercially reasonable resolution. If no such resolution can be reached, Atlantic Voyager will, at its sole discretion, either not appoint such Sub-processor, or permit you to suspend or terminate the Agreement or affected portion thereof in accordance with the termination provisions in the Agreement without liability to either party (but without prejudice to any fees incurred by you prior to suspension or termination).

Government data access requests. As a matter of general practice, Atlantic Voyager does not voluntarily provide government agencies or authorities (including law enforcement) with access to or information about Atlantic Voyager accounts (including Customer Data). If Atlantic Voyager receives a compulsory request (whether through a subpoena, court order, search warrant, or other valid legal process) from any government agency or authority (including law enforcement) for access to or information about an Atlantic Voyager account (including Customer Data) belonging to you whose primary contact information indicates that you are located in Europe, Atlantic Voyager shall: (i) review the legality of the request; (ii) inform the government agency that Atlantic Voyager is a processor of the data; (iii) attempt to redirect the agency to request the data directly from you; (iv) notify you via email sent to your primary contact email address of the request to allow you to seek a protective order or other appropriate remedy; and (v) provide the minimum amount of information permissible when responding to the agency or authority based on a reasonable interpretation of the request. As part of this effort, Atlantic Voyager may provide your primary and billing contact information to the agency. Atlantic Voyager shall not be required to comply with this paragraph 2 if it is legally prohibited from doing so, or it has a reasonable and good-faith belief that urgent access is necessary to prevent an imminent risk of serious harm to any individual, public safety, or Atlantic Voyager’s property, or TreMate, but where Atlantic Voyager is legally prohibited from notifying you of requests it shall use its best efforts to obtain a waiver of the prohibition.

California:

Except as described otherwise, the definitions of: “controller” includes “Business”; “processor” includes “Service Provider”; “data subject” includes “you”; “personal data” includes “Personal Information”; in each case as defined under the CCPA.

For this “California” section of Annex C only, “Permitted Purposes” shall include processing Customer Data only for the purposes described in this DPA and in accordance with your documented lawful instructions as set forth in this DPA, as necessary to comply with applicable law, as otherwise agreed in writing, including, without limitation, in the Agreement, or as otherwise may be permitted for “service providers” under the CCPA.

Atlantic Voyager’s obligations regarding data subject requests, as described in Section 8 (Data Subject Rights and Cooperation) of this DPA, extend to rights requests under the CCPA.

Notwithstanding any use restriction contained elsewhere in this DPA, Atlantic Voyager shall process Customer Data as per the terms of the Agreement, for the Permitted Purposes and/or in accordance with your documented lawful instructions, or as otherwise permitted or required by applicable law.

Notwithstanding any use restriction contained elsewhere in this Annex C, Atlantic Voyager may de-identify or aggregate Customer Data.

Where Sub-processors process the Personal Information of your contacts, Atlantic Voyager takes steps to ensure that such Sub-processors are Service Providers under the CCPA with whom Atlantic Voyager has entered into a written contract that includes terms substantially similar to this “California” section of Annex C or are otherwise exempt from the CCPA’s definition of “sale”. Atlantic Voyager conducts appropriate due diligence on its Sub-processors.

Canada:

Atlantic Voyager takes steps to ensure that Atlantic Voyager’s Sub-processors, as described in Section 3 (Sub-processing) of the DPA, are third parties under PIPEDA, with whom Atlantic Voyager has entered into a written contract that includes terms substantially similar to this DPA. Atlantic Voyager conducts appropriate due diligence on its Sub-processors.

Atlantic Voyager will implement technical and organizational measures as set forth in Section 4 (Security) of the DPA.

Effective January 1, 2023