Due to the stringent security and privacy controls that AWS implements, direct physical access to these data centers by customers, including inspections or audits, is not typically permitted. This policy is in place to protect the integrity and security of the infrastructure, which hosts data for numerous customers globally. If the data you will be managing, storing, maintaining, or using on behalf of the Customer includes personally identifiable details, what provisions do you have in place to: ● Ensure compliance with European data privacy provisions (GDPR), as needed. ● Ensure compliance with data privacy provisions in other countries or regions. ● Ensure compliance with United States data breach laws (as needed, in those states where notification is required). ● Ensure that measures, as appropriate, are in place for the ongoing protection of personally identifiable data and that a program is in place to notify the company in the event of any variance from these measures. Yes, we have comprehensive provisions in place to ensure compliance with various data privacy laws and regulations, including the GDPR in Europe, data privacy provisions in other countries or regions, and United States data breach laws. Additionally, we maintain ongoing protection of personally identifiable data and have a robust notification program for any variances from our security measures. We have DPAs in place with all our data processors, ensuring GDPR compliance. We collect only the data necessary for the intended purpose and ensure it's processed in alignment with GDPR principles. We have procedures to promptly respond to data subject requests, such as access, rectification, and erasure requests. Conducted for high-risk data processing activities to identify and mitigate risks. We adhere to the data protection laws of each country or region where we operate or process data, including but not limited to CCPA in California, PIPEDA in Canada, and others. We regularly consult with legal experts to stay updated on evolving data privacy regulations globally. We comply with data breach laws of all U.S. states where our customers are located, including breach notification requirements. We have a well-defined incident response plan for timely notification and remediation in case of data breaches. See our Data Processing Agreement, above. Does RELAYTO utilize any Artificial Intelligence utilities such as ChatGPT or any similar utility? We have AI content chat, which allows you to ask questions about user content on RELAYTO. The content data is stored on our side. The response goes through the OpenAi model to generate human-readable output. We & OpenAi do not use your content to train our models. 47 of 52
Terms, Conditions, Policies & Plans Page 46 Page 48