Effective: March 15, 2026 · GDPR Ready

Data Protection Addendum

This DPA forms part of the Terms of Service between TrapRoyaltiesPro and you (the Controller) when processing EU/UK personal data.

1. Definitions

"Controller", "Processor", "Personal Data", "Processing", "Subprocessor" have the meanings given in the GDPR (Regulation 2016/679).

2. Processing Details

Subject matter: Royalty auditing, split verification, and forensic documentation.
Duration: Until account termination + 7 years legal hold.
Categories of data: Names, IPI numbers, email, royalty statements, contracts.
Purpose: Providing the Service as requested by Controller.

3. Processor Obligations

4. Subprocessors

Controller authorizes engagement of subprocessors listed below. Notice of changes will be given (30 days) and Controller may object.

5. Data Subject Rights

Processor shall provide Controller with tools to access, rectify, delete, or port data via the dashboard. For complex requests, Processor will assist as required by Art. 28.

6. International Transfers

For transfers from EEA to third countries, the parties enter into the EU Standard Contractual Clauses (Module 2 – Controller to Processor). Controller acknowledges that transfers to Hostinger servers within EEA remain intra‑EU.

7. Audit Rights

Controller may request an audit (at Controller's expense) of Processor's compliance, limited to once per year. Processor may provide a SOC2 report in lieu of on‑site audit.

8. Liability

Each party's liability under this DPA is subject to the limitations in the Terms of Service. Processor's liability shall be several, not joint.

9. Contact

By using the Service, you agree to this DPA. For signed copies, email dpa@traproyaltiespro.com.

SMPT Logo ← Return to Home