RBT Connected
Last Updated: June 2026
This Data Processing Addendum (“DPA”) forms part of and is incorporated into the Terms of Service between RBT Connected (“RBT Connected”, “Processor”, “we”, “our”, or “us”) and the customer (“Customer”, “Controller”, “you”, or “your”) that uses the Services.
This DPA governs the processing of Personal Data by RBT Connected on behalf of the Customer in connection with the Services.
1. Definitions
For purposes of this DPA:
Applicable Data Protection Laws means all applicable privacy and data protection laws and regulations, including but not limited to:
- General Data Protection Regulation (GDPR)
- UK GDPR
- California Consumer Privacy Act (CCPA)
- California Privacy Rights Act (CPRA)
- Other applicable privacy and data protection laws
Personal Data means any information relating to an identified or identifiable natural person.
Processing means any operation performed on Personal Data, including collection, storage, organization, use, disclosure, transmission, modification, or deletion.
Controller means the entity that determines the purposes and means of processing Personal Data.
Processor means the entity processing Personal Data on behalf of the Controller.
2. Scope of Processing
RBT Connected provides software and business management services that may allow Customers to collect, manage, organize, store, transmit, and process Personal Data.
The Customer determines what Personal Data is submitted to the Services and remains solely responsible for the legality of such processing.
RBT Connected acts as a Processor only with respect to Personal Data processed on behalf of Customers through the Services.
3. Customer Responsibilities
The Customer represents and warrants that:
- It has all necessary rights, permissions, and lawful bases to collect and process Personal Data.
- It has provided all required privacy notices.
- It complies with all Applicable Data Protection Laws.
- It has obtained any required consent from data subjects.
- The Personal Data submitted to the Services does not violate applicable law.
The Customer remains solely responsible for the accuracy, quality, legality, and appropriateness of all Personal Data uploaded to the Services.
4. Processing Instructions
RBT Connected shall process Personal Data only:
- To provide the Services.
- To maintain and secure the Services.
- To comply with documented Customer instructions.
- To comply with applicable legal obligations.
RBT Connected will not sell Customer Personal Data.
5. Categories of Data Processed
Depending on how the Customer uses the Services, Personal Data may include:
- Names
- Email addresses
- Phone numbers
- Business information
- Customer records
- Lead information
- Contact information
- Communication history
- User account information
- Employee information
- Marketing and sales records
The Customer controls what Personal Data is submitted to the Services.
6. Security Measures
RBT Connected shall implement reasonable administrative, technical, and organizational safeguards designed to protect Personal Data against:
- Unauthorized access
- Accidental loss
- Destruction
- Alteration
- Disclosure
Such safeguards may include:
- Access controls
- Authentication mechanisms
- Encryption where appropriate
- Network security protections
- Monitoring and logging
- Employee confidentiality obligations
While RBT Connected maintains commercially reasonable security measures, no system can guarantee absolute security.
7. Confidentiality
RBT Connected shall ensure that personnel authorized to process Personal Data are subject to appropriate confidentiality obligations.
Such obligations shall survive termination of employment or engagement.
8. Subprocessors
Customer acknowledges and agrees that RBT Connected may engage third-party service providers (“Subprocessors”) to support the delivery of the Services.
Examples may include providers of:
- Cloud infrastructure
- Hosting services
- Email delivery
- Payment processing
- Communication services
- Analytics services
- Customer support tools
RBT Connected shall maintain appropriate agreements with Subprocessors that require protection of Personal Data consistent with this DPA.
9. International Data Transfers
Customer acknowledges that Personal Data may be processed in the United States and other jurisdictions where RBT Connected or its Subprocessors operate.
Where required by Applicable Data Protection Laws, RBT Connected shall implement appropriate safeguards for international data transfers.
10. Data Subject Requests
To the extent legally permitted and technically feasible, RBT Connected will provide reasonable assistance to the Customer in responding to requests from data subjects regarding:
- Access
- Correction
- Deletion
- Restriction
- Portability
- Objection to processing
The Customer remains responsible for responding to such requests.
11. Security Incidents
In the event RBT Connected becomes aware of a confirmed security incident affecting Customer Personal Data, RBT Connected shall:
- Take reasonable steps to contain and mitigate the incident.
- Notify the Customer without undue delay when legally required.
- Provide available information reasonably necessary to assist the Customer.
Notification does not constitute an admission of fault or liability.
12. Data Retention and Deletion
Upon termination of the Services, Customer may export its data during any applicable retention period provided by the Services.
After such period, RBT Connected may permanently delete Customer Personal Data unless retention is required by law or necessary for legitimate business purposes.
Backup copies may remain temporarily until overwritten in accordance with standard backup procedures.
13. Audits
Upon reasonable written request and no more than once per calendar year, RBT Connected may provide information reasonably necessary to demonstrate compliance with this DPA.
Any audit request must:
- Be reasonable in scope.
- Not interfere with business operations.
- Protect confidential information and security controls.
14. Limitation of Liability
The liability of each party arising under this DPA shall be subject to the limitations and exclusions of liability contained in the Terms of Service.
Nothing in this DPA shall expand either party’s liability beyond the limits established in the Terms of Service.
15. Governing Law
This DPA shall be governed by and construed in accordance with the governing law provisions contained in the RBT Connected Terms of Service.
16. Contact Information
Questions regarding this Data Processing Addendum may be directed to:
RBT Connected
RBT Connected
Website: Contact form
