Mimecast Customer Data Processing Addendum
To assist you with your organization’s data privacy compliance efforts, Mimecast makes available it’s Data Processing Addendum (DPA) that contains additional provisions to your underlying services agreement regarding the processing of personal data.
The DPA addresses matters such as audit, breach notification, transfer of data, and the technical and organizational measures we have in place. The DPA incorporates into our services agreement the requirements under Article 28 of the GDPR for contracts between controllers and processors and is necessarily tailored to our unique cloud platform, processes, procedures, and services. In addition, the DPA also incorporates the requirements for businesses and service providers under the California Consumer Privacy Act of 2018 (the CCPA) as well as certain other data protection regulations.
If you already have a DPA with us, and/or are looking for assistance with your CCPA compliance efforts, please download the Mimecast CCPA Addendum that contains additional provisions to your underlying services agreement regarding the processing of personal information. The CCPA Addendum addresses matters such as restrictions on the sale of personal information, as well as notifications in the event of a breach, and addressing consumer requests.
If you already have data processing terms in place with us which incorporate the former Standard Contractual Clauses and you wish to update these to the new EU Standard Contractual Clauses and/or UK Addendum, please download the Mimecast SCC Amendment.
To assist you further and, in parts supplemental to the DPA, CCPA Addendum, and SCC Amendment, our Trust Center provides information you may find helpful when assessing Mimecast services against your own internal requirements.
We also encourage you to look to our website, blogs, and knowledgebase for how Mimecast can help inform your data privacy program, as well as garner insights from our own internal lessons learned.
If you require a DPA, a CCPA Addendum, or a SCC Amendment, please download the applicable PDF, arrange for signature by an authorized representative of your company and return the signed copy to your Customer Success representative. Once the DPA, CCPA Addendum, and/or SCC Amendment is signed by your company and returned to your Customer Success representative, you will receive an acknowledgment of receipt from your Customer Success representative. Upon receipt of the acknowledgment, the DPA will become a legally binding agreement between us.
If you are a Channel Partner, or purchase our services through these parties, or are a vendor or otherwise have a different contractual relationship in place with us, please contact your Channel Partner or Mimecast representative.
To access our data processing terms click here.
If you have any questions around Mimecast’s DPA, please visit our DPA FAQs page.