MyReviewRamp Data Processing Addendum (DPA)

Last updated: December 2, 2025

This Data Processing Addendum (“Addendum”, “DPA”) forms part of the Terms of Service (“Agreement”) between:

Swift & Associates Ventures Corp.
d/b/a MyReviewRamp™
Topeka, Kansas
(“Processor”, “MyReviewRamp”, “we”, “us”, “our”)

and the business or individual using MyReviewRamp’s services
(“Controller”, “Customer”, “you”, “your”).

This DPA governs how MyReviewRamp processes personal data on your behalf when you upload, store, or transmit information through the MyReviewRamp platform.

1. Definitions

“Personal Data” means any information relating to an identified or identifiable person.

“Processing” means any operation performed on Personal Data.

“Controller” means the party that determines the purpose and means of processing Personal Data — you.

“Processor” means the party that processes Personal Data on behalf of the Controller — MyReviewRamp.

“Sub-processor” means a third party engaged by the Processor to perform specific processing activities.

2. Scope & Application

This DPA applies whenever the Controller uses MyReviewRamp to process Personal Data belonging to their customers, leads, or contacts, including but not limited to:

  • Names

  • Email addresses

  • Phone numbers

  • Company information

  • Review request details

  • Customer messaging or uploaded content

  • Review helper interactions

  • Analytics related to customer behavior within the review funnel

3. Roles of the Parties

Controller Responsibilities (You)

You confirm that:

  • You have the legal right to collect and upload customer data.

  • You have obtained appropriate consent when required.

  • You will comply with all applicable privacy laws (e.g., GDPR, CAN-SPAM, TCPA, etc.).

  • You will not upload data you are not legally allowed to process.

  • You will determine how long customer data is stored in your account.

You indemnify MyReviewRamp against any claims arising from improper submission or use of Personal Data.

Processor Responsibilities (MyReviewRamp)

MyReviewRamp will:

  • Process Personal Data only on your documented instructions.

  • Not sell or share Personal Data except as required to operate the service.

  • Implement appropriate technical and organizational security measures.

  • Restrict access to Personal Data to staff with a strict need-to-know.

  • Ensure confidentiality obligations for all staff with access.

  • Notify you promptly in the event of a data breach.

  • Assist in fulfilling data subject requests when applicable (access, deletion, etc.).

  • Delete or return Personal Data at account termination (unless retention is legally required).

4. Nature & Purpose of Processing

The Processor may process Personal Data for the following purposes:

  • Generating review pages and QR codes

  • Sending review request emails or SMS (if enabled)

  • Hosting and storing review funnel submissions

  • Providing account dashboards and analytics

  • Delivering customer support

  • Processing subscription payments

  • Operating authentication and login systems

  • Maintaining backups

  • Improving product performance and reliability

Processing is limited to what is necessary to provide MyReviewRamp services.

5. Sub-processors

MyReviewRamp uses third-party providers to support the platform. These may include:

  • Hosting providers

  • Email/SMS delivery providers

  • CRMs or automation engines (if connected by the Controller)

  • Analytics tools

  • Payment processors (Stripe)

A current list is available upon request.

The Processor will ensure all Sub-processors are bound by comparable data protection obligations.

6. International Transfers

Some Sub-processors may be located outside the Controller’s country.
MyReviewRamp will ensure that transfers comply with applicable data protection requirements and utilize:

  • Standard contractual clauses

  • Adequate safeguards

  • Vendor-level certifications (e.g., Stripe, Cloud providers)

7. Security Measures

MyReviewRamp maintains administrative, technical, and physical controls including:

  • SSL/TLS encryption

  • Restricted access controls

  • Encrypted backups

  • Secure hosting infrastructure

  • Firewalls and intrusion monitoring

  • Password hashing

  • Regular system updates and patching

Details available upon request.

8. Data Subject Rights

When required by privacy law, the Controller is responsible for responding to data subject requests.

MyReviewRamp will assist with:

  • Access

  • Rectification

  • Deletion

  • Export/portability

  • Objection

…when feasible and permitted.

9. Breach Notification

If MyReviewRamp becomes aware of a security incident affecting Personal Data, we will:

  1. Notify the Controller without undue delay.

  2. Provide known details of the breach.

  3. Cooperate in remediation efforts.

10. Data Deletion or Return

Upon termination of your account:

  • Personal Data will be deleted from active systems within commercially reasonable timeframes.

  • Backups will be deleted during scheduled cycles.

  • Data may be retained where required by law (e.g., financial retention periods).

11. Limitation of Liability

Both parties’ liability related to this DPA is subject to the limitations set forth in the main Terms of Service.

12. Term

This DPA remains in effect as long as MyReviewRamp processes Personal Data on behalf of the Controller.

13. Contact

For inquiries regarding this DPA, contact:

Swift & Associates Ventures Corp.
Topeka, Kansas
Email: info@ReviewRamp.app