You agree that we can share your Customer Data with Sub-Processors in order to provide you the Service. We will impose contractual obligations on our Sub-Processors, and contractually obligate our Sub-Processors to impose contractual obligations on any further sub-contractors which they engage to process Customer Data, which provide the same level of data protection for Customer Data in all material respects as the contractual obligations imposed in this DPA, to the extent applicable to the nature of the Service provided by such Sub-Processor. A list of our current Sub-Processors as of the effective date of this DPA is available in Exhibit A below.
Pocket Risk will notify you in advance (by email and by notice in the Service) of any changes to the list of Sub-Processors in place on the effective date of this DPA, except for emergency replacements or deletions of Sub-Processors without replacement. If you object to any Sub-Processor and your objection is reasonable and related to data protection concerns, we will use commercially reasonable efforts to make available to you a means of avoiding the processing by the protested Sub-Processor. If we are unable to make available such suggested change within a reasonable period of time, we will notify you and if you still object to our use of such Sub-Processor, you may cancel or terminate Your Account or, if possible, the areas of the Service that involve use of such Sub-Processor. Except as set forth in this section, or as you may otherwise authorize, we will not permit any Sub-Processor to access your Customer Data. Except as set forth in this section, if you object to any Sub-Processors, you may not use or access the Service.
Pocket Risk may change a Sub-Processor where the reason for the change is outside of Pocket Risk’s reasonable control. In this case, Pocket Risk will inform Customer of the replacement Sub-Processor as soon as possible. Customer retains its right to object to a replacement Sub-Processor as laid forth in this section.
Pocket Risk will remain responsible for its compliance with the obligations of this DPA and for any acts or omissions of any Sub-Processor or their further sub-contractors that process Your Customer Data and cause Pocket Risk to breach any of Pocket Risk’s obligations under this DPA, solely to the extent that Pocket Risk would be liable under the Agreement if the act or omission was Pocket Risk’s own.