Data Protection Agreement

This Data Protection Agreement (“DPA”) reflects the agreement between MAS Ventures LLC dba QuantLynk (“QuantLynk”, “we”, “us”, or “our”) and users who register to use the Platform ("Traders", "you" or "your") with respect to the protection of Personal Data by QuantLynk on your behalf in connection with your access and ongoing use of the Platform. This DPA is made pursuant to the QuantLynk Terms and Conditions (located at: www.quantlynk.io/terms-of-use/) (“Agreement”) and supplements and forms an integral part of the Agreement and is effective as of your first use of the Platform. All terms and conditions of the Agreement shall apply to this DPA unless clearly stated otherwise herein. Should a conflict between this DPA and the Agreement exist, the terms of this DPA shall control.

Acceptance of this DPA

‍Your access to and use of the Platform is conditional on your acceptance of the terms and conditions of this DPA. By accessing and using the Platform, you agree to accept and abide by this DPA. If you do not agree with all terms and conditions of this DPA, please do not access or use any QuantLynk Platform.

Modification to this DPA

‍We reserve the right to modify this DPA at any time by posting an updated DPA on the Site. We may also, at our sole discretion, provide active Traders with an email notice of changes. You are responsible for regularly reviewing this DPA and and your continued use of the Platform after the effective date of any change shall constitute your acceptance of the updated DPA. If any modification is unacceptable to you, you shall cease using the Platform. If you have any questions about this DPA you may contact us at support@quantlynk.io.

1. Definitions

Capitalized terms not defined herein have the meaning set forth in the Agreement.

“California Consumer Privacy Protection Act” or “CCPA” means California Civil Code § 1798.100 et seq.

“California Personal Information” or “CA Personal Information” means Personal Data that is subject to the protection of the CCPA.

“Consumer” means any natural person who provides Personal Data to the Platform.

“Data Protection Laws” means data protection laws or privacy laws of the United States and the US state in which you reside.

“Personal Data” means: (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number, or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) “nonpublic Private Information” as that term is defined in the Gramm-Leach-Bliley Act (“GLB”); (iii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iv) “personal information” as defined by CCPA; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation.

“Processing” means any operation or set of operations which is performed on Personal Data, encompassing the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction or erasure of Personal Data. The terms “Process”, “Processes” and “Processed” will be construed accordingly.

“Processor” means a natural or legal person, public authority, agency or other body which Processes Personal Data on behalf of the Consumer.
‍
“Subcontractor” means QuantLynk vendors, agents, subcontractors, and all other persons, entities, or organizations, exclusive of Third-Party Service providers who are subject to the direction, supervision, and control of Trader.

“Sub-Processor” means any Subcontractor engaged by QuantLynk to Process Trading Data who are identified by QuantLynk in the Agreement or otherwise to you.

2. Scope

This DPA applies if and to the extent Trading Data contains Personal Data and is received by QuantLynk from or on your behalf as a data Processor while providing the Platform.

3. Term

This DPA begins on the date QuantLynk first receives or has access to Trading Data and continues thereafter for the period during which QuantLynk is a data Processor and has possession or access to Trading Data in connection with the Platform until expiration or termination of the Agreement.

4. QuantLynk Responsibilities

QuantLynk will Process Trading Data, including Personal Data, solely for the purpose of providing the Platform in accordance with the Agreement and this DPA, or as otherwise instructed by you. QuantLynk will comply with all applicable Data Protection Laws and any reasonable instructions provided by you in the Processing of Trading Data. If QuantLynk cannot provide such compliance for whatever reason, it agrees to promptly inform you of its inability to comply. QuantLynk will implement and maintain policies, procedures, and practices that satisfy the applicable requirements set forth in this DPA.

5. Your Responsibilities

You are responsible for compliance with your requirements under the applicable Data Protection Laws with respect to Trading Data. Without limiting the generality of the foregoing, you are solely responsible for: (i) the accuracy, quality, integrity, and legality of your Trading Data and the means by which you acquire Trading Data; and (ii) ensuring you have the right to transfer, or provide access to, Trading Data in order for us to provide the Platform. You recognize and agree that hosting content online involves risks of unauthorized disclosure or exposure and that, in using the Platform, you assume such risks. QuantLynk shall not, in any way, be responsible for any intentional or unintentional misuse of Trading Data by you.

6. Processing

 QuantLynk may Process Trading Data as necessary to provide the Platform, including where applicable for issue resolution; applying new product or system versions, patches, updates; monitoring, and testing system use and performance; IT security purposes including incident management; maintenance and performance of technical support systems; and migration, implementation, configuration, and performance testing. QuantLynk shall not: (i) modify Trading Data other than as necessary to provide the Platform; (ii) disclose Trading Data except as compelled by law or as expressly permitted in writing by you; or (iii) access Trading Data except to provide the Platform or address service or technical problems, or at your request in connection with customer support matters.

7. Sub-Processors

 QuantLynk may subcontract its Processing work that relates to Trading Data under the Agreement to Third-Party Service providers identified in the Agreement or any addenda thereto. You agree that QuantLynk may later use Sub-Processors not identified in the Agreement or listed in any addenda. We will require that all our Sub-Processors maintain adequate measures reasonably appropriate to such Sub-Processor’s storage, maintenance or processing activities that comply in all material respects with the relevant obligations in this DPA, to the extent applicable to the nature of the services provided by such Sub-Processors. We will remain responsible for each Sub-Processor’s compliance with the obligations of this DPA and for any acts or omissions of such Sub-Processor that cause us to breach any of its obligations under this DPA.

8. International Transfers

 Unless otherwise provided in the Agreement or any applicable addenda, QuantLynk may Process Trading Data globally as necessary to perform the Services.

9. Confidentiality and Information Security

QuantLynk will maintain appropriate technical and organizational security measures for the Processing of Trading Data designed to prevent accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Trading Data. All QuantLynk employees that Process Trading Data are subject to written confidentiality agreements.

10. Data Breach Incidents

QuantLynk will inform you without undue delay if it becomes aware of a Personal Data breach while providing the Platform under the Agreement. QuantLynk will take appropriate measures to address the Personal Data breach, including securing Personal Data.

11. Deletion of Trading Data.

QuantLynk will, except to the extent provided in the Agreement or prohibited by applicable law, destroy and delete all Trading Data subject to Processing in accordance with the Agreement.

12. Legal Requirements

We may be required by law to provide access to Personal Data, such as to comply with a subpoena or other legal process, or to respond to government requests, including public and government authorities for national security and/or law enforcement purposes. We agree to promptly inform you of requests for access to Personal Data, unless otherwise required by law.

13. General Provisions

13.1 Severability. If any provision of this DPA is held invalid or unenforceable by any court of competent jurisdiction, the Parties shall mutually agree on an alternate, legally valid and enforceable provision. The remainder of this DPA shall continue in full force and effect to the extent that continued operation without the invalid or unenforceable provision is consistent with the intent of the Parties.

13.2 Disclaimer. WE SHALL NOT BE LIABLE FOR: (I) VIOLATION OF ANY APPLICABLE DATA PROTECTION LAW, (II) PERSONAL DATA BREACH, OR (III) VIOLATION OF ANY PRIVACY OR INTELLECTUAL PROPERTY RIGHTS, CAUSED BY YOUR OWN ACTS, OMISSIONS, OR NEGLIGENCE.

13.3 Limitation of Liability. Each party' liability, taken in aggregate, arising out of or related to this DPA, whether in contract, tort, or under any other theory of liability, will be subject to the limitations and exclusions of liability set out in the 'Limitation of Liability' section of the Agreement and any reference in such section to the liability of a party means aggregate liability of that party under the Agreement (including this DPA).

13.4 Indemnity. In addition to any indemnification provisions provided in the Agreement, the Parties further agree that if one Party is held liable for a violation of Data Protection Laws committed by the other Party, the latter will, to the extent to which it is liable, indemnify the other Party for any cost, charge, damages, expenses, or loss it has incurred as part of its obligations.

13.5 Governing Law. This DPA will be governed by the choice of law and jurisdiction provisions contained in the Agreement unless otherwise required by mandatory and applicable Data Protection Laws.

13.6 Integration. Except as otherwise set forth in this DPA, all terms and conditions contained in the Agreement and not amended herein shall remain in full force and effect. In the event of a conflict between the Agreement and this DPA or any other confidentiality term in an agreement between us, the order of precedence in respect of the Processing of Trading Data shall be: this DPA and then the Agreement.