We are comprehensive cloud management for modern enterprises, services providers, and the public sector.
Everything you need to manage and allocate costs, optimize spending, and save money.
Unified secure configuration, activity monitoring, and IAM tracking for the public cloud.
Give financial operations a complete picture of IT costs across hybrid cloud infrastructure.
The next step in cloud security—ensure your cloud infrastructure is audit-ready for 35 regulatory standards.
Built to optimize the best features of the major cloud providers in a single pane of glass.
With an integrated ecosystem carefully chosen for your success.
Our technology partners amplify the advantages of the cloud.
Comprehensive management and automation of cost, security, compliance, inventory, and utilization for the modern enterprise.
A full suite of modules and tools to support the unique business needs of MSPs, CSPs and resellers, from custom invoicing to analytics and reporting.
Unified cloud management for federal, state, local, and higher education institutions.
This Data Processing Addendum (“Addendum”) supplements the End User License Agreement found at https://cloudcheckr.com/end-user-license-agreement, as updated from time to time between Customer and CloudCheckr, or other written or electronic agreement between Customer and CloudCheckr governing Customers’ use of the Services (the “Agreement”) between CloudCheckr Inc. and its affiliates (CloudCheckr”) and the entity you represent (“Customer”). This Addendum applies when CloudCheckr Processes Customer Personal Data in the course of providing the Services to Customer. Terms not otherwise defined herein shall have the meaning given to them in the Agreement. Except as modified below, the terms of the Agreement shall remain in full force and effect.
2. Processing of Customer Personal Data
3. CloudCheckr Personnel
CloudCheckr shall take reasonable steps to ensure the reliability of any employee, agent, or contractor of CloudCheckr who may have access to the Customer Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know and/or access the relevant Customer Personal Data, as strictly necessary for the purposes of the Agreement, and to comply with Applicable Laws in the context of that individual’s duties, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.
6. Data Subject Rights
7. Personal Data Breach
8. Data Protection Impact Assessment and Prior Consultation
Where Customer or, where applicable, the relevant End User, reasonably determines that CloudCheckr’s Processing of Customer Personal Data, taking into account the nature, scope, context, and purposes of CloudCheckr’s Processing, is likely to result in a high risk to the rights and freedoms of natural persons, then the Customer or relevant End User may request, and CloudCheckr shall provide, upon reasonable notification to CloudCheckr not less than 10 business days, reasonable assistance, during CloudCheckr’s regular business hours, to Customer or the relevant End User, with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, in each case solely in relation to Processing of Customer Personal Data.
9. Deletion or return of Customer Personal Data
10. Audit rights
11. Restricted Transfers
In the event CloudCheckr Processes any Personal Data pursuant to a Restricted Transfer, the Parties agree that the provisions in the European Commission Standard Contractual Clauses for the Transfer of Personal Data to Processors Established in Third Countries (2010/87/EU) the Standard Contractual Clauses shall apply and are incorporated herein by reference. Pursuant to the Standard Contractual Clauses, Customer shall be the “data exporter,” and CloudCheckr shall be a “data importer.” The (i) Data Subjects in Appendix 1 to the Standard Contractual Clauses shall be Customer employees, Customer subcontractors authorized by Customer to use the Services, and any Customer end user authorized by Customer to use the Services; (ii) the Categories of Data shall be first and last name, contact information (company, email, phone, business address), billing information, job title and/or department, and geolocation data (country and/or IP address); (iii) the Special Categories of data shall be N/A, and (iv) the Processing operations shall be to allow CloudCheckr to perform the Services pursuant to the Agreement, as further specified in the Documentation, and as instructed by Customer while it uses the Services.. The data security measures in Appendix 2 to the Standard Contractual Clauses are those identified in Exhibit A of this Addendum.
12. General Terms
Governing law and jurisdiction
Order of precedence
Changes in Data Protection Laws, etc.
APPENDIX 2 TO THE STANDARD CONTRACTUAL CLAUSES
Description of the technical and organisational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c) (or document/legislation attached):
CloudCheckr’s technical and organizational security measures are those measures described in CloudCheckr’s confidential SOC 2 Type 2 Report, which CloudCheckr makes available to Customers upon request.