Last updated: November 6, 2025
These Checkmate for Brands Terms of Service ("Terms") are a legally binding contract entered into by and between Checkmate Intelligence Inc. d/b/a 'Checkmate for Brands' ("Checkmate" or "Provider") and you, the user of the Checkmate's Services ("Customer") (each individually a "Party" and collectively the "Parties"). By accessing, using, downloading, or installing the Checkmate Services and/or Software (collectively the "Services"), Customer acknowledges that Customer has read, will be bound by, and will comply with these Terms, as may be amended at the sole discretion of Checkmate.
Except as expressly permitted by these Terms, Customer will not (and will not allow anyone else to): (i) reverse engineer, decompile, or attempt to discover any source code or underlying ideas or algorithms of the Services (except to the extent Applicable Laws prohibit this restriction); (ii) provide, sell, transfer, sublicense, lend, distribute, rent, or otherwise allow others to access or use the Services; (iii) remove any proprietary notices or labels; (iv) copy, modify, or create derivative works of the Services; (v) conduct security or vulnerability tests on, interfere with the operation of, cause performance degradation of, or circumvent access restrictions of the Services; (vi) access accounts, information, data, or portions of the Services to which Customer does not have explicit authorization; (vii) use the Services to develop a competing service or product; (viii) use the Services with activity prohibited by Applicable Laws; (ix) use the Services to obtain unauthorized access to anyone else's networks or equipment; or (x) upload, submit, or otherwise make available to the Services any Customer Content to which Customer and Users do not have the proper rights.
Use of the Services must comply with all Documentation.
If Customer (a) has an outstanding, undisputed balance on its account for more than 30 days; (b) breaches Section 3.1 (Restrictions on Customer); or (c) uses the Services in violation of the Terms or in a way that materially and negatively impacts the Services or others, then Provider may temporarily suspend Customer's access to the Services. Provider will reinstate Customer's access to the Services only if Customer resolves the underlying issue.
Subject to these Term, Provider will (a) make the Services available to Customer in accordance with the Documentation, (b) provide Provider's standard support, as set forth in the Documentation, and (c) use commercially reasonable efforts to make the Services available 24 hours a day, 7 days a week, except for (i) any planned downtimes, or (ii) any unavailability caused by circumstances beyond Provider's reasonable control, including, for example, an act of God, act of government, flood, fire, earthquake, civil unrest, act of terror, strike or other labor problem (other than one involving Provider's employees), failure or delay of providers of Internet service or third party applications, or denial of service attack.
Provider will be responsible for the performance of Provider's personnel (including Provider employees and contractors) and their compliance with Provider's obligations under these Terms.
Certain Products may be subject to a payment of particular fees ("Fee" or "Fees"), as determined by Checkmate in its sole discretion. Checkmate will provide notice of such Fees then in effect in relation to the Services provided by the Services on its website. Checkmate reserves the right to change its Fees at any time, upon advance notice to Customer. All Fees are in U.S. Dollars and are exclusive of taxes. Except for the refund of prepaid Fees allowed with specific termination rights given in the Terms, Fees are non-refundable.
All fees for the Services will be billed to your credit card. You authorize us to charge your credit card for your use of the Services and you authorize the card issuer to pay any amounts described herein and authorize us (or a billing agent acting on our behalf) to continue charging all such amounts to your credit card account until you or we cancel or terminate your use of the Services as provided herein or these amounts are paid in full, whichever is later. You must provide current, complete, and accurate billing and credit card information. You must promptly update all billing information (such as billing address, card number, and expiration date) to keep your Account(s) current, complete, and accurate, and you must promptly contact Checkmate if your credit card is lost or stolen, or if you become aware of a potential breach of Account(s) security (such as an unauthorized disclosure or use of your Checkmate username or password). You authorize us to obtain or determine updated or replacement expiration dates for your credit card in the event that the credit card you provided us expires. We reserve the right to charge any renewal card issued to you to the same extent as the expired card. If payment is not received from your credit card issuer, you agree to pay all amounts due upon demand. If payment is not received as a result of an expired credit card, we reserve the right to cancel your use of the Services and or remove access to your Account(s). You agree to pay all costs of collection, including attorney's fees and costs, and interest on any outstanding balance. In certain instances, the issuer of your credit card may charge you a foreign transaction fee or related charges, which you will be responsible to pay. Please check with your bank and credit card issuer for details.
Customer is responsible for all duties, taxes, and levies that apply to Fees, including sales, use, VAT, GST, or withholding, that Provider itemizes and includes in an invoice. However, Customer is not responsible for Provider's income taxes.
If Customer has a good-faith disagreement about the Fees charged or invoiced, Customer must notify Provider about the dispute within 30 days of any automatic payment, and must pay all undisputed amounts on time. The parties will work together to resolve the dispute within 15 days. If no resolution is agreed, each party may pursue any remedies available under the Terms or Applicable Laws.
Personal Data. Customer and Provider agree to process all Personal Data in compliance with the data processing addendum attached as Annex A ("DPA"). The terms of the DPA will control each party's rights and obligations as to Personal Data, and the terms of the DPA will control in the event of any conflict with these Terms.
These Terms commence on the date of receipt by Checkmate of any completed instructions as per the Documentation, unless otherwise agreed in writing between the Parties. These Terms shall continue in effect until either Party terminates.
Either party may terminate their use of the Services at any time with thirty (30) days written notice, or immediately if any of the following occurs:
Upon any expiration or termination:
The following sections will survive expiration or termination of the Terms: Section 2.3 (Usage Data) Section 3.1 (Restrictions on Customer), Section 4 (Payment & Taxes), Section 6.3 (Effect of Termination), Section 6.4 (Survival), Section 7 (Representations & Warranties), Section 8 (Disclaimer of Warranties), Section 9 (Limitation of Liability), Section 10 (Indemnification), Section 11 (Confidentiality), Section 12 (Reservation of Rights), Section 13 (General Terms), Annex I.
Each Recipient may retain Discloser's Confidential Information as required to fulfill the terms of these Terms.
Each party represents and warrants to the other that: (a) it has the legal power and authority to enter into these Terms; (b) it is duly organized, validly existing, and in good standing under the Applicable Laws of the jurisdiction of its origin; and (c) it will comply with all Applicable Laws in performing its obligations or exercising its rights in these Terms.
Customer represents and warrants that: (a) it has all rights, licenses, and consents required to license Customer Personal Data to Checkmate under these Terms of Service, (b) that Checkmate has the rights to use the Customer Personal as authorized under these Terms of Service, (c) that the Customer Personal Data and Customer Content does not infringe the rights of any third party or violate any applicable law or regulation, and (d) Customer complies with all Applicable Laws and the Data Processing Addendum found in Annex I.
Provider represents and warrants to Customer that: (a) it will not materially reduce the functionality of the Services during the subscription period; (b) in providing the Services, Provider is not infringing on the intellectual property rights or copyright owned by or exclusively licensed to a third-party; (c) in providing the Services, Provider has obtained all legally necessary licenses or has a valid legitimate basis in providing Provider Personal Data; and (e) Provider complies with all Applicable Laws and the Data Processing Addendum found in Annex I.
If Provider breaches the warranty in Section 7.3 (Representations & Warranties from Provider), Customer must give Provider notice (with enough detail for Provider to understand or replicate the issue) within sixty (60) days of discovering the issue. Within fifteen (15) days of receiving sufficient details of the warranty issue, Provider will restore the general functionality of the Services. If Provider cannot resolve the issue, Provider will pay to Customer a prorated refund of prepaid Fees for the remainder of the subscription period. Provider's restoration obligation, and Customer's termination right, are Customer's only remedies if Provider does not meet the warranty in Section 7.3 (Representations & Warranties from Provider).
Provider makes no guarantees that the Services will always be safe, secure, or error-free, or that it will function without disruptions, delays, or imperfections. The warranties in Section 7 (Representations & Warranties) do not apply to any misuse or unauthorized modification of the Services, nor to any product or service provided by anyone other than Provider. Except for the warranties in Section 6 (Representations & Warranties), Provider and Customer each disclaim all other warranties and conditions, whether express or implied, including the implied warranties and conditions of merchantability, fitness for a particular purpose, title, and non-infringement. These disclaimers apply to the maximum extent permitted by Applicable Laws.
Except as provided in Section 9.4 (Exceptions), each party's total cumulative liability for all claims arising out of or relating to these Terms will not be more than the fees paid or payable by Customer to Provider in the twelve (12) month period immediately before the claim.
Except as provided in Section 9.4 (Exceptions), under no circumstances will either party be liable to the other for lost profits or revenues (whether direct or indirect), or for consequential, special, indirect, exemplary, punitive, or incidental damages relating to these Terms, even if the party is informed of the possibility of this type of damage in advance.
The limitations and waivers contained in Sections 9.1 (Liability Caps) and 9.2 (Damages Waiver) apply to all liability, whether in tort (including negligence), contract, breach of statutory duty, or otherwise.
The liability cap in Section 9.1 does not apply to (i) losses due to the fraud or gross negligence of either Party; or (ii) losses in relation to a Security Incident resulting from either Party's negligence or willful misconduct. Nothing in this Agreement will limit, exclude, or restrict a party's liability to the extent prohibited by Applicable Laws.
Provider will indemnify, defend, and hold harmless Customer from and against any action, proceeding, or claim that the Services, when used by the Customer according to the terms of the Terms, violates, misappropriates, or otherwise infringes upon anyone else's intellectual property or other proprietary rights, and all out- of-pocket damages, awards, settlements, costs, and expenses, including reasonable attorneys' fees and other legal expenses, that arise from such claims.
Customer will indemnify, defend, and hold harmless Provider from and against any action, proceeding, or claim that (1) results from Customer's breach or alleged breach of Section 3.1 (Restrictions on Customer), and all out-of-pocket damages, awards, settlements, costs, and expenses, including reasonable attorneys' fees and other legal expenses, that arise from such claims.
Obligations in this section for the party responsible for indemnification ("Indemnifying Party") are contingent upon the indemnified party ("Protected Party"): (a) promptly notifying the Indemnifying Party of each Covered Claim for which it seeks protection; (b) providing reasonable assistance to the Indemnifying Party at the Indemnifying Party's expense; and (c) giving the Indemnifying Party sole control over the defense and settlement of each Covered Claim. A Protected Party may participate in a Covered Claim for which it seeks protection with its own attorneys only at its own expense. The Indemnifying Party may not agree to any settlement of a Covered Claim that contains an admission of fault or otherwise materially and adversely impacts the Protected Party without the prior written consent of the Protected Party.
This Section 10 (Indemnification), together with any termination rights, describes each Protected Party's exclusive remedy and each Indemnifying Party's entire liability for a Covered Claim.
Except as otherwise authorized in the Terms or as needed to fulfill its obligations or exercise its rights under these Terms, the party receiving Confidential Information ("Recipient") will not (a) use the disclosing party's ("Discloser") Confidential Information; nor (b) disclose Discloser's Confidential Information to anyone else. In addition, Recipient will protect Discloser's Confidential Information using at least the same protections Recipient uses for its own similar information but no less than a reasonable standard of care.
Confidential Information does not include information that (a) Recipient knew without any obligation of confidentiality before disclosure by Discloser; (b) is or becomes publicly known and generally available through no fault of Recipient; (c) Recipient receives under no obligation of confidentiality from someone else who is authorized to make the disclosure; or (d) Recipient independently developed without use of or reference to Discloser's Confidential Information.
Recipient may disclose Discloser's Confidential Information to the extent required by Applicable Laws if, unless prohibited by Applicable Laws, Recipient provides Discloser reasonable advance notice of the required disclosure and reasonably cooperates, at Discloser's expense, with Discloser's efforts to obtain confidential treatment for the Confidential Information.
Recipient may disclose Discloser's Confidential Information to Users, employees, advisors, contractors, and representatives who each have a need to know the Confidential Information, but only if the person or entity is bound by confidentiality obligations at least as protective as those in this Section 11 (Confidentiality) and Recipient remains responsible for everyone's compliance with the terms of this Section 11 (Confidentiality).
Except for the limited license to copy and use Software and Documentation in Section 2.1 (Access and Use), Provider retains all right, title, and interest in and to the Products and Services (including all data, software, technology, materials, and Documentation), whether developed before or during the Term. This ownership also includes any modifications, enhancements, improvements, derivative works, or other developments of the Services, whether created independently by Provider or jointly with, or at the request or suggestion of, Customer ("Developments"). All Developments shall be deemed the sole property of Provider. To the extent any ownership rights in Developments may otherwise vest in Customer, Customer hereby irrevocably assigns, and agrees to assign, all such rights to Provider. Provider grants Customer a non-exclusive, non-transferable license to use such Developments during the subscription period solely in connection with its authorized use of the Services. Customer retains all right, title, and interest in and to the Customer Content.
These Terms are the only agreement between the parties about its subject and these Terms supersedes all prior or contemporaneous statements (whether in writing or not) about its subject. Provider expressly rejects any terms included in Customer's purchase order or similar document, which may only be used for accounting or administrative purposes. No terms or conditions in any Customer documentation or online vendor portal will apply to Customer's use of the Services unless expressly agreed to in a legally binding written agreement signed by an authorized Provider representative, regardless of what such terms may say.
Any waiver, modification, or change to the Terms must be in writing and signed or electronically accepted by each party. If any term of these Terms is determined to be invalid or unenforceable by a relevant court or governing body, the remaining terms of these Terms will remain in full force and effect. The failure of a party to enforce a term or to exercise an option or right in these Terms will not constitute a waiver by that party of the term, option, or right.
The laws of California will govern all interpretations and disputes about these Terms, without regard to its conflict of laws provisions. The parties will bring any legal suit, action, or proceeding about these Terms in the courts (whether state, federal, or otherwise) located in Los Angeles County, California and each party irrevocably submits to the exclusive jurisdiction of these courts.
Despite Section 13.3 (Governing Law and Chosen Courts), a breach of Section 11 (Confidentiality) or the violation of a party's intellectual property rights may cause irreparable harm for which monetary damages cannot adequately compensate. As a result, upon the actual or threatened breach of Section 11 (Confidentiality) or violation of a party's intellectual property rights, the non-breaching or non-violating party may seek appropriate equitable relief, including an injunction, in any court of competent jurisdiction without the need to post a bond and without limiting its other rights or remedies.
Except where the Terms provide for an exclusive remedy, seeking or exercising a remedy does not limit the other rights or remedies available to a party.
Neither party may assign any rights or obligations under these Terms without the prior written consent of the other party. However, either party may assign these Terms upon notice if the assigning party undergoes a merger, change of control, reorganization, or sale of all or substantially all its equity, business, or assets to which these Terms relate. Any attempted but non-permitted assignment is void. These Terms will be binding upon and inure to the benefit of the parties and their permitted successors and assigns.
Provider may identify Customer and use Customer's name and logo in marketing to identify Customer as a user of Provider's products and services, with prior permission from the Customer.
Any notice, request, or approval about the Terms must be in writing. Notices will be deemed given (a) upon confirmed delivery if by email, registered or certified mail, or personal delivery; or (b) two days after mailing if by overnight commercial delivery.
These Terms are not intended, and shall not be construed, to create any association, joint venture, agency relationship or partnership between the parties or to impose any such obligation or liability upon either party. Neither party shall have any right, power or authority to enter into any agreement or undertaking for, or act as or be an agent or representative of, or otherwise bind, the other party.
There are no third-party beneficiaries of these Terms.
Neither party will be liable for a delay or failure to perform its obligations of these Terms if caused by a Force Majeure Event. However, this section does not excuse Customer's obligations to pay Fees.
Neither party will take any action that would be a violation of any Applicable Laws that prohibit the offering, giving, promising to offer or give, or receiving, directly or indirectly, money or anything of value to any third party to assist Provider or Customer in retaining or obtaining business. Examples of these kinds of laws include the U.S. Foreign Corrupt Practices Act and the UK Bribery Act 2010.
Section titles are for convenience and reference only. All uses of "including" and similar phrases are non-exhaustive and without limitation. The United Nations Convention for the International Sale of Goods and the Uniform Computer Information Transaction Act do not apply to these Terms.
This Data Processing Addendum (the "DPA"), is entered into by and between Checkmate Intelligence Inc., d/b/a 'Checkmate for Brands' ("Checkmate" or "Provider") and you, the user of the Service ("Customer"), dated as of the effective date of the execution of a written agreement between the parties, including acceptance of the online Terms of Service (each individually a "Party" and collectively the "Parties"). This DPA governs all agreements including the Checkmate for Brands Terms and Conditions between the Parties (collectively, the "Agreement").
In consideration of the mutual promises and obligations set out herein, the Parties hereby agree to the following terms:
All terms not defined herein shall have the definitions set forth in the Agreement.
The Parties acknowledge and agree that with regard to the Covered Data, depending on the nature of the Processing activity, (i) the Parties may concurrently be Controllers at times, and (ii) at other times Customer may be a Controller while Provider is a Processor. The categories of disparate Processing activities are:
Each Party shall comply with the obligations that apply to it under Data Protection Law. If either Party becomes aware that processing for the permitted purpose infringes Data Protection Law, such Party shall promptly inform the other. Notwithstanding the foregoing, neither Party shall be under any obligation to actively monitor the other Party's compliance with Data Protection Law.
Each Party shall promptly inform the other if it is unable to comply with this DPA or Data Protection Law. If the non-complying Party cannot comply within a reasonable period of time, or is in substantial or persistent breach of this DPA, the complying Party shall be entitled to remediate the non-compliant action and/or terminate the DPA and the Agreement insofar as it concerns processing of Covered Data.
In connection with the performance of the Services, the Parties shall process the Covered Data for any purposes specified in the Terms, or as otherwise agreed on in writing by the Parties. Each Party grants to the other Party all rights and licenses associated with the Covered Data under the Agreement for use with the applicable Services.
Each Party shall cooperate with the other in complying with Data Protection Law. As it pertains to Covered Data, each Party shall be responsible for responding to enquiries from regulators and for responding to Data Subject Requests and shall implement mechanisms to facilitate such enquiries and requests. With respect to objection or opt-out requests related to the onward transfer or 'sale' of Covered Data in conjunction with the Services, each Party shall forward, or make available, to the other Party any applicable Data Subject Requests within fifteen (15) days of receipt by that Party, and comply with any such Data Subject Requests within fifteen (15) days of receipt from the other Party. In the event any request, correspondence, enquiry or complaint is made directly to a Party by a regulator under Data Protection Law related to the Services, then that Party shall promptly inform the other Party of such regulator request, correspondence, enquiry or complaint.
The Parties shall implement and maintain appropriate technical and organizational measures in order to protect the Covered Data from: (i) accidental or unlawful destruction; (ii) loss, alteration, unauthorized disclosure of, or access to the Covered Personal Data (a "Security Incident"); (iii) confidentiality of Covered Data; and (iv) integrity of Covered Data. Each Party shall ensure that any person it authorizes to process the Covered Data (an "Authorized Person") is bound by an appropriate obligation of confidentiality (whether statutory or contractual).
If either Party becomes aware of a confirmed Security Incident related to Covered Data, that Party shall inform the other Party without undue delay (and, in any event, within seventy two (72) hours) and shall provide reasonable information and cooperation to fulfill any data breach reporting obligations it may have under (and in accordance with the timescales required by) Data Protection Law. Further, the Party reporting the Security Incident shall, at its own cost and expense, take such reasonably necessary measures and actions to remedy or mitigate the effects of the Security Incident and shall keep the other Party informed of all material developments in connection with the Security Incident.
When Checkmate is processing Customer Personal Data exclusively as a Processor, the following terms shall apply:
To the extent any Covered Data is subject to Provider's role as 'Service Provider' under the CCPA, Service Provider agrees not to: (i) "sell" or "share" the Covered Data as such terms are defined under the CCPA; (ii) retain, use, or disclose Covered Data for any purpose other than for the specific purpose of performing the Services or as otherwise expressly permitted under the Agreement including retaining, using or disclosing the Covered Data for a commercial purpose other than the business purposes specified in this Addendum or the Agreement, or as otherwise permitted by the CCPA; (iii) retain, use or disclose the Covered Data outside of the direct business relationship with Controller; (iv) combine Covered Data it receives from Controller with Covered Data it receives from or on behalf of another person or collects from its own interactions with consumers, except where required to provide the Services.
Service Provider shall at all times comply with written instructions from Controller pursuant to the Terms and all applicable laws, rules and regulations, including but not limited to, Data Protection Law. Processor may engage in the following processing purposes on its behalf:
Processor shall provide reasonable assistance to Controller with any data protection impact assessments, audits, certifications, or prior consultations with legal or regulatory authorities or other competent data protection authorities, which Controller reasonably considers to be appropriate or required under any Data Protection Law, in relation to processing of Customer Personal Data by Processor.
Controller specifically authorizes the Processor to engage any Sub-Processors necessary for the Services. In accordance with applicable Data Protection Law, Controller may request a list of Provider sub-processors on-demand and, may be granted additional subprocessor rights to receive notifications and issue objections to the addition of new sub-processors.
The Processor is responsible for ensuring the compliance of Sub-Processors with Data Protection Law in connection with the processing of Covered Data. Processor will remain liable to Controller for the acts and omissions of its Sub-Processor to the same extent the Processor would be liable if performing the relevant Services directly under this DPA.
Upon Controller's request, Processor shall securely return to Controller or securely destroy (at Controller's election), all Covered Personal Data obtained by Processor in connection with the Services. This requirement shall not apply to the extent that the Processor is required by any applicable law to retain some or all of the Covered Personal Data, in which event the Processor shall isolate and protect the Covered Personal Data from any further Processing except to the extent required by such law until deletion is possible.
With a minimum of thirty (30) days written request, the Parties shall provide, if available, any compliance reports or audit reports that assess the effectiveness of the Party's compliance with Data Protection Law. Should these reports be deemed materially insufficient, and upon reasonable advance written notice, the auditing Party may, during normal business hours, not more than once per year, at its own expense, audit the other Party's systems, procedures, and processing of Covered Data, and compliance with this DPA. Additionally, the auditing Party has the right to take reasonable and appropriate steps to stop and remediate unauthorized use of Covered Data.
When processing Personal Data as a Controller, Controller agrees that it shall:
Disclose to consumers, via an appropriate privacy notice, that it augments collected personal data with information from third parties and may use such information for direct marketing, and/or cross-contextual behavioral/targeted advertising. If required by law, such privacy notice shall offer to Data Subjects, as applicable, instructions and/or a mechanism to consent or opt-out regarding the collection and sharing of their Personal Data with third parties for cross-contextual and/or targeted advertising or other 'sales' activities.
A Controller shall enter into appropriate contractual arrangements with any additional third party partners or providers, requiring all parties to comply with Data Protection Law including honoring consent or opt-out choices and coordinating with the other parties as necessary to facilitate such requests within the statutory periods defined by Data Protection Law.
If the Services involves the transfer of Personal Data of Data Subjects in the EEA or the UK, to a country or territory outside of those regions which has not received an applicable adequacy decision, the Parties will comply with any requirements under Data Protection Law regarding the transfers.
At the time of the execution of the Agreement, Checkmate has applied to participate in and certifies compliance with the Data Privacy Framework. As required by the Data Privacy Framework, Checkmate will: (i) provide at least the same level of privacy protection as is required by the Data Privacy Framework principles; (ii) notify Controller if Checkmate makes a determination it can no longer meet its obligation to provide the same level of protection as is required by the Data Privacy Framework principles (in which event Checkmate will cease such processing or take other reasonable and appropriate steps to remediate). Where and to the extent that the Data Privacy Framework applies, Checkmate will use the Data Privacy Framework to lawfully process Covered Personal Data in the United States.
To the extent legally required (for example, if the Data Privacy Framework does not cover the transfer to Checkmate and/or the Data Privacy Framework is invalidated), the Parties are deemed to hereby incorporate, and agree to comply with, the Standard Contractual Clauses set out by the European Commission Decision 2021/914/EU and approved for use in data transfers under the UK GDPR, located at https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj (the "SCCs"). In such case: (i) the Parties will complete the relevant Annexes included with this DPA; and (ii) the Parties represent that they do not believe the laws and practices in any country to which Personal Data is transferred for purposes of the Agreement will prevent the importing Party from fulfilling its obligations under this DPA or the SCCs. By entering into this DPA, to the extent legally required, the Parties are deemed to have signed the EU SCCs incorporated herein, including their Annexes, which are deemed entered into (and incorporated this DPA by this reference) and completed as follows:
To the extent legally required (for example, if the Data Privacy Framework does not cover the transfer to Checkmate and/or the Data Privacy Framework is invalidated), the Parties agree that transfer of Personal Data of UK Data Subject outside the UK, and such transfer is not governed by an adequacy decision made by the Secretary of State in accordance with the relevant provisions of the UK GDPR and the Data Protection Act 2018 are made pursuant to the SCCs as well as the International Data Transfer Addendum to the European Commission's Standard Contractual Clauses for International Data Transfers located at https://ico.org.uk/for-organisations/guide-to-data-protection/
This DPA and all provisions herein shall survive so long as, and to the extent that, the Parties process Covered Data. Upon termination, you will no longer be authorized to access the Service or use any associated data and must promptly delete any Covered Data without undue delay.
In case of contradictions between this DPA and the provisions of the Agreement, unless conflicting with applicable laws, the provisions of the Terms or any Statements of Work shall prevail.
The applicable law and jurisdiction as set forth in the Terms.