The Digital Co-Op

Menu

Cooperative Database Privacy Standards

Certain data privacy laws may affect Member and Company’s ability to use or transfer some or all of the data in the Cooperative Database, in particularly data that relates to an identified or identifiable person provided or received in connection with the Database Participation Agreement (“Personal Information”). Either Party may be subject to these laws, and in accordance with each Party’s obligations under the Database Participation Agreement, each Party is responsible for determining and complying with its own obligations under applicable data privacy law. Notwithstanding the foregoing, to the extent required by applicable law, each Party will uphold the following privacy standards:

  1. Each Party will take commercially reasonable steps to provide legally sufficient notices and obtain consent for its processing of data contemplated by the Database Participation Agreement, provided however, that Member is solely responsible for providing any notice or, if applicable, obtaining consent for Member Data that such Member contributes to the Cooperative Database.
  2. To the extent either Party does not directly collect certain Personal Information that will be provided to the other Party, but rather obtains it from another party, each Party will take commercially reasonable steps (including as appropriate through contractual provisions and periodic audits) to ensure that its data sources have taken the steps, where legally required, outlined in this standards document and required by law.
  3. Each Party will only use Personal Information received under the Database Participation Agreement in compliance with a) applicable data privacy laws, b) applicable privacy policies, c) for the purposes stated in the Database Participation Agreement, and d) in any event, only for purposes an average consumer would reasonably expect or other disclosed purposes compatible with the context in which it was collected.
  4. Neither Party has nor will provide the other Party with any Personal Information contrary to an “opt out” preference expressed by a consumer.
  5. Neither Party will attempt to re-identify any pseudonymized, anonymized, aggregate, or de-identified Personal Information without the other Party’s express written permission.
  6. Upon sufficient notice, each Party will:
    1. reasonably assist the other Party in fulfilling its obligations to timely respond to consumer requests to exercise their rights under applicable data privacy laws, including promptly forwarding consumer requests to the other Party if relevant.follow a verified consumer request to “opt out” or “delete” their information from the Cooperative Database, and the other Party will promptly delete the information associated with such consumer that it obtained from the notifying Party.
    2. provide reasonable assistance to and cooperation with the other Party for its consultation with regulatory authorities in relation to the Personal Information.
    3. provide documentation sufficient to demonstrate compliance with this standards document.
  7. Each Party will take appropriate technical and organizational measures designed to protect the Personal Information in its possession.
  8. Each Party may take reasonable and appropriate steps to stop and remediate unauthorized use of Personal Information.
  9. Each Party will notify the other Party if it determines that it can no longer meet these standards or comply with applicable data privacy law.

Capitalized terms not defined herein have the meaning set forth in the Database Participation Agreement.