SmashOne US
Start free trial
Legal · Data Processing Addendum

Data Processing Addendum

Effective July 1, 2026·Last updated 31 May 2026

This addendum forms part of our Terms of Service and sets out how SmashOne processes Personal Information on your behalf under the CCPA/CPRA. See also our Privacy Policy and Acceptable Use Policy.

01Parties & Scope

This Data Processing Addendum forms part of the Terms of Service between SMASHONE CORPORATION ("SmashOne", "we") and the business customer ("Customer", "you"). It governs SmashOne’s processing of Personal Information on your behalf when you use the Service to manage your social media channels and customer messages.

02Roles (CCPA/CPRA)

For Personal Information you submit or that we collect on your behalf (your end-customers’ messages, contact details, social profile data), you are the Business and SmashOne acts as your Service Provider under the CCPA/CPRA. SmashOne processes such Personal Information only to provide the Service and for the limited purposes set out in this DPA.

03Service-Provider Restrictions

SmashOne shall not: (a) sell or share Personal Information; (b) retain, use, or disclose it for any purpose other than performing the Service, or as permitted by the CCPA; (c) retain, use, or disclose it outside the direct business relationship; or (d) combine it with Personal Information from other sources except as permitted by the CCPA. SmashOne certifies it understands and will comply with these restrictions.

04Sub-Processors

SmashOne uses vetted sub-processors to deliver the Service (cloud hosting, content delivery, payment processing, and AI text-generation). Each is bound by contract to service-provider-equivalent obligations. A current list is available on request to [email protected]. AI-generation providers process content solely to return outputs to you on a paid, no-training basis (Service-Provider role, not a sale).

05Security

SmashOne maintains reasonable administrative, technical, and physical safeguards appropriate to the nature of the Personal Information, including encryption in transit and at rest, access controls, and OAuth-token protection. (See also our Security page.)

06Assisting the Business

SmashOne will reasonably assist you in responding to verifiable consumer requests (know, delete, correct, opt-out) and in meeting your CCPA obligations, taking into account the nature of processing and information available to SmashOne.

07Deletion / Return

On termination or your request, SmashOne will delete or return Personal Information processed on your behalf, subject to retention required by law and standard backup cycles.

08Notification

SmashOne will notify you without undue delay after becoming aware of a security incident affecting your Personal Information and will provide information reasonably necessary for you to meet your notification obligations.

09Contact

Privacy & DPA inquiries: [email protected]. Entity: SMASHONE CORPORATION, 5784 Keith Rd, Jupiter, FL 33458, United States. Governing law: State of Florida.

Privacy & DPA inquiries: [email protected].