TAAARS! - All-in-one platform for solopreneurs

US Privacy Addendum (CCPA/CPRA Service Provider Terms)

Effective date: August 9, 2025

This Addendum supplements the Agreement between the customer ("Business") and Payhouse Technologies, Inc., doing business as TAAARS! ("Service Provider") to address California Consumer Privacy Act as amended by the California Privacy Rights Act (collectively, "CCPA/CPRA") and similar U.S. state privacy laws where applicable.

1. Roles and Scope

Business discloses Personal Information to Service Provider solely for Business purposes to perform the Services under the Agreement.
Service Provider will not sell or share Personal Information (as defined by CCPA/CPRA).

2. Service Provider Obligations

Service Provider shall:

Process Personal Information only to provide the Services and as permitted by CCPA/CPRA.
Not retain, use, or disclose Personal Information outside the direct business relationship with Business.
Not combine Personal Information received from Business with Personal Information received from another source, except as permitted by CCPA/CPRA (e.g., to detect security incidents or improve the Services).
Comply with applicable obligations under CCPA/CPRA and provide the same level of privacy protection as required of Service Providers.
Notify Business if Service Provider can no longer meet its obligations under CCPA/CPRA.

3. Consumer Requests and Assistance

Service Provider will assist Business in responding to verifiable consumer requests to exercise their rights (access, deletion, correction, opt‑out of sale/sharing, etc.), taking into account the nature of the processing.

4. Sub‑processors

Service Provider may engage sub‑processors to assist in processing Personal Information for the Services, provided that such sub‑processors are bound by written contracts that protect Personal Information to the same extent required of Service Provider.

5. Audits

Upon reasonable written request, Service Provider will make available information necessary to demonstrate compliance with this Addendum and allow reasonable audits as described in the DPA or Agreement.

6. No Sale or Sharing; Sensitive Personal Information

Service Provider certifies it understands and will comply with the obligations applicable to Service Providers. Service Provider will not sell or share Personal Information or use or disclose Sensitive Personal Information for purposes other than those necessary to provide the Services.

7. Conflict

In the event of a conflict between this Addendum and the Agreement or DPA, this Addendum controls solely with respect to California Personal Information.