Data Processing Addendum (DPA)

Effective Date: October 15, 2025

Operated by: Ventures of Bird, LLC

Platform: APRNJobs.org

This Data Processing Addendum (“Addendum” or “DPA”) forms part of and is incorporated into the Terms and Conditions, Privacy Policy, or other written agreement governing use of APRNJobs.org (the “Agreement”) between Ventures of Bird, LLC (“Company,” “APRNJobs,” “we,” “us,” or “our”) and any customer, employer, recruiter, or business user (“Customer”) who provides or makes available Personal Data through use of the Services.

This Addendum applies only to the extent that APRNJobs processes Personal Data on behalf of the Customer and such processing is subject to Data Protection Laws.

This Addendum is deemed accepted and legally binding upon the Customer’s use of the Services, execution of an agreement incorporating this Addendum by reference, or acceptance of the Terms and Conditions.

1. Definitions

“Personal Data” means any information relating to an identified or identifiable individual, as defined under applicable Data Protection Laws.

“Processing” means any operation performed on Personal Data, including collection, storage, use, disclosure, or deletion.

“Data Protection Laws” means all applicable privacy and data protection laws, including but not limited to the General Data Protection Regulation (EU) 2016/679 (“GDPR”), UK GDPR, CCPA/CPRA, TDPSA, CPA, VCDPA, CTDPA, UCPA, and other applicable U.S. state or international privacy laws.

“Controller,” “Processor,” “Business,” “Service Provider,” and similar terms have the meanings given under applicable Data Protection Laws.

2. Roles of the Parties

For Personal Data submitted by a Customer relating to job applicants, employees, or candidates, the Customer acts as the Controller (or “Business” under U.S. law), and APRNJobs acts as a Processor or Service Provider, as applicable.

For Personal Data collected directly by APRNJobs for its own purposes (such as platform security, analytics, billing, or compliance), APRNJobs acts as an independent Controller or Business.

Nothing in this Addendum transfers ownership or control of Customer Personal Data to APRNJobs.

3. Scope and Purpose of Processing

APRNJobs processes Personal Data solely to provide, operate, secure, and support the Services, including hosting job postings, facilitating applications, enabling communications, managing accounts, processing payments, and maintaining platform integrity.

Processing is limited to what is necessary, relevant, and proportionate to perform the Services and comply with legal obligations.

4. Categories of Data Subjects and Personal Data

Personal Data processed under this Addendum may relate to job seekers, applicants, recruiters, hiring managers, and employer representatives.

Personal Data may include identifiers, contact information, professional and employment information, resumes, application materials, licensing and certification details, communications, usage data, and limited billing information.

APRNJobs does not intentionally process Special Category Data unless explicitly provided by a user and required for recruitment purposes.

5. Customer Obligations

The Customer represents and warrants that it has a lawful basis to provide Personal Data to APRNJobs and that all required notices and consents have been obtained.

The Customer is responsible for ensuring that Personal Data submitted through the Services complies with applicable laws, including employment, discrimination, and privacy requirements.

The Customer shall not provide Personal Data that exceeds what is necessary for recruitment purposes.

6. Confidentiality

APRNJobs ensures that personnel authorized to process Personal Data are bound by confidentiality obligations and receive appropriate data protection training.

Access to Personal Data is limited to individuals with a legitimate need to perform their job functions.

7. Security Measures

APRNJobs implements appropriate technical and organizational measures designed to protect Personal Data against unauthorized access, loss, alteration, or disclosure. These measures include access controls, encryption in transit, monitoring, and incident response procedures.

No system can be guaranteed to be completely secure, and APRNJobs does not warrant absolute security.

8. Subprocessors

APRNJobs may engage subprocessors to support the Services, such as hosting providers, payment processors, analytics services, and customer support platforms.

All subprocessors are subject to contractual obligations that provide data protection standards no less protective than those set forth in this Addendum.

A current list of subprocessors may be provided upon reasonable request.

9. International Data Transfers

Personal Data may be processed in the United States or other jurisdictions where APRNJobs or its subprocessors operate.

Where required by law, APRNJobs uses appropriate safeguards for international data transfers, including contractual protections and other legally recognized mechanisms.

10. Assistance With Data Subject Rights

APRNJobs will assist the Customer, to the extent legally permitted and technically feasible, in responding to data subject requests such as access, correction, deletion, or restriction of processing.

Where a request is directed to APRNJobs that relates to Customer-controlled data, APRNJobs will notify the Customer unless legally prohibited from doing so.

11. Personal Data Breach Notification

APRNJobs maintains procedures to identify, investigate, and respond to suspected Personal Data breaches.

Where required by law, APRNJobs will notify the Customer without undue delay after becoming aware of a breach affecting Customer Personal Data and will provide information reasonably necessary to support the Customer’s compliance obligations.

12. Data Retention and Deletion

APRNJobs retains Personal Data only for as long as necessary to provide the Services or as required by law.

Upon termination of the Services, APRNJobs will delete or anonymize Customer Personal Data within a reasonable period unless retention is required for legal, regulatory, or security purposes.

13. Audits and Compliance

Upon reasonable written request and subject to confidentiality obligations, APRNJobs will provide information necessary to demonstrate compliance with this Addendum.

Audit rights are limited to what is required by law and shall not unreasonably disrupt APRNJobs operations or compromise security.

14. Limitation of Liability

This Addendum does not expand or modify liability provisions set forth in the Agreement. All liability arising under this Addendum is subject to the limitations and exclusions contained in the Agreement, except where prohibited by law.

15. Precedence

In the event of a conflict between this Addendum and the Agreement, this Addendum governs with respect to data protection and privacy obligations.

16. Governing Law

This Addendum is governed by the same law specified in the Agreement, except where Data Protection Laws require application of another jurisdiction’s law.

Nothing in these Terms limits or overrides mandatory consumer or data protection rights granted under applicable local law, including the GDPR, UK GDPR, or U.S. state privacy laws.

17. Contact Information

Questions regarding this Addendum or data processing practices may be directed to:

Privacy Contact: privacy@aprnjobs.org
General Contact: info@aprnjobs.org