Community Edition Joint Controller Addendum

This Community Edition Joint Controller Addendum (“Addendum”) to the Community Edition Terms of Use (“Terms”) applies to you if you are located in the European Economic Area (“EEA”) or the United Kingdom (“UK”).

Capitalized terms used but not defined in this Addendum have the meanings given in the Terms, unless otherwise defined in this Addendum. The terms “controller,” “data subject,” “joint controller,” “personal data,” “processing,” and “supervisory authority” when used in this Addendum shall have the meaning set forth in the General Data Protection Regulation and the UK General Data Protection Regulation (collectively, the “GDPR”).

ZoomInfo and you (each a “Party,” and together the “Parties”) agree to the following:

  1. Joint Controllership. When you initially collect personal data through emails that you send or receive from your email account, you are acting independently of ZoomInfo and such data collection and processing that is necessary or incidental to such activity does not create any obligation on the part of ZoomInfo. When the Parties, through use of the Application, transmit Contact Data to ZoomInfo (the “Joint Processing”), you and ZoomInfo may be considered joint controllers. The scope of the Joint Processing and this Addendum is the transmission of the Contact Data to ZoomInfo. The subsequent processing of Contact Data by ZoomInfo does not form part of the Joint Processing and ZoomInfo acts as an independent controller with respect to such processing. 
  2. Allocation of GDPR Obligations. This Addendum outlines ZoomInfo’s and your respective responsibilities for compliance with applicable GDPR obligations with regard to the Joint Processing in accordance with GDPR Article 26. The parties’ responsibilities for compliance with applicable GDPR obligations are as follows:

    2.1 Data Subject Rights. As between the Parties: 
    2.1.1.You are responsible for enabling data subjects’ rights under Articles 15-21 of the GDPR with regard to your processing of personal data prior to the Joint Processing.
    2.1.2.ZoomInfo is responsible for enabling data subjects’ rights under Articles 15-21 of the GDPR with regard to the processing of personal data during and subsequent to the Joint Processing.
    2.2 Provision of Information Under Articles 13 and 14. As between the Parties:
    2.2.1.You are responsible for providing information under Article 13 of the GDPR with regard to your processing of personal data prior to the Joint Processing.
    2.2.2.ZoomInfo is responsible for providing information under Articles 13 and/or 14, as applicable, with regard to the processing of personal data during and subsequent to the Joint Processing.
    2.3 Other Responsibilities. All other responsibilities for compliance with applicable GDPR obligations regarding the Joint Processing remain with each Party individually. You agree to comply with appliable legal obligations, including any obligations arising under the GDPR, from the Joint Processing, and your use of the Services. ZoomInfo will be responsible for complying with its obligations under this Addendum and the GDPR. 
  3. Additional Terms.

    3.1 Requests. If you are contacted by a data subject or a supervisory authority under the GDPR (or other applicable law) with regard to the Joint Processing or the obligations assumed by ZoomInfo and you under this Addendum (each such contact, a “Request”), you agree to notify ZoomInfo within three (3) business days by forwarding such Request and all relevant information we reasonably require regarding such Request to us at privacy@zoominfo.com. ZoomInfo will answer Requests in accordance with our obligations under this Addendum, the GDPR, and other applicable law. You agree to take all reasonable efforts to cooperate with ZoomInfo in a timely manner in answering any such Request.
    3.2 Supervisory Authority.
    3.2.1.UK Users. If you are located in the UK, then you agree that the lead supervisory authority for data processing under this Addendum is the Information Commissioner’s Office. 
    3.2.2.EEA Users. If you are located in the EEA, then you agree that the lead supervisory authority for data processing under this Addendum is the Irish Data Protection Commission. Notwithstanding anything to the contrary in the Terms, if you are located in the EEA, you agree that the laws of Ireland, without recourse to its conflict of laws provisions, will govern this Addendum, and you irrevocably submit to the exclusive jurisdiction of the courts of Ireland for the purpose of litigating any claim, cause of action, or dispute you have against ZoomInfo that arises out of or relates to this Addendum or the Joint Processing.

Effective Date: November 15, 2021