Rivalry2

Mastercard – Customer Data Processing Agreement — Mastercard Dynamic Yield

2026-02-28 18:57 Diff

https://www.dynamicyield.com/dpa/

Effective Date: July 2nd, 2025.

This Data Processing Agreement (the “DPA”), which includes Annexes 1 and 2, is incorporated into and forms an integral part of the Agreement (the “Principal Agreement”) and governs the Processing of Personal Data in the context of the Services between Mastercard and Customer, as defined under the Principal Agreement.

Mastercard and Customer are collectively referred to as the “Parties” or each individually as a “Party”. For the purposes of this DPA only, and except where indicated otherwise, the term “Mastercard” and “Customer” include Mastercard’s and Customer’s respective Affiliates insofar as they are a party to the Principal Agreement or any collateral thereto.

The Parties agree that the DPA is supplemental to any existing confidentiality or privacy and data protection terms contained in the Principal Agreement. To the extent of an overlap, inconsistency, or direct conflict between the terms of the Principal Agreement (or a collateral contract to the Principal Agreement) and this DPA, the terms of this DPA shall govern and control.

For the avoidance of doubt, this DPA applies to all Personal Data collected by Mastercard in the context of the Principal Agreement, including Personal Data collected by Mastercard in the context of the Principal Agreement before the effective date of this DPA.

1. Definitions.

1.1. The terms “Personal Data Breach”, “Processing/Process”, “Sell”, “Sensitive Data”, “Share”, and “Supervisory Authority” have the meanings given to those terms under applicable Privacy and Data Protection Law. In the event of a conflict, the meaning from the law applicable to the residence of the relevant Data Subject applies.

1.2. “Affiliate” means, in relation to a Party, any other entity which directly or indirectly Controls, is Controlled by, or is under direct or indirect common Control with that Party from time to time. “Control”, for the purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.

1.3. “Controller” means the entity which determines the purposes and means of the Processing of Personal Data, including as applicable a “business” or equivalent term as defined under applicable Privacy and Data Protection Law.

1.4. “Data Protection Rights” means all rights granted to Data Subjects under Privacy and Data Protection Law, which may include – depending on applicable law – the right to know, the right of access, rectification, erasure, complaint, data portability, restriction of Processing, objection to the Processing, and rights relating to automated decision-making and indemnification against misuse of Personal Data.

1.5. “Data Subject” means the identified or identifiable individual to whom Personal Data relates.

1.6. “EU Data Protection Law” means the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the e-Privacy Directive 2002/58/EC (as amended by Directive 2009/136/EC), their national implementations in the European Economic Area (“EEA”), including the European Union (“EU”), and all other data protection laws of the EEA, the United Kingdom (“UK”), Monaco, and Switzerland, each as applicable, and as may be amended or replaced from time to time.

1.7. “Mastercard BCRs” means the Mastercard Binding Corporate Rules as approved by the data protection authorities and available at https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.

1.8. “Personal Data” means information that can reasonably identify, relate to, describe, be capable of being associated with, or be linked, directly or indirectly, to a particular individual or household, including “personal data”, “personal information”, or equivalent terms as defined under applicable Privacy and Data Protection Law. To the extent permitted by applicable Privacy and Data Protection Law, “Personal Data” does not include information that is deidentified, aggregated, or anonymized in accordance with applicable law, or otherwise excluded from the scope of applicable Privacy and Data Protection Law.

1.9. “Privacy and Data Protection Law” means any law, statute, declaration, decree, legislation, enactment, order, ordinance, regulation or rule (as amended and replaced from time to time) which relates to the privacy and protection of Personal Data, and to which the Parties are subject, including but not limited to EU Data Protection Law; State Privacy Laws; the U.S. Gramm-Leach-Bliley Act; laws regulating unsolicited email, telephone, and text message communications; security breach notification laws; laws imposing minimum security requirements; laws requiring the secure disposal of records containing certain Personal Data; laws governing the portability and/or cross-border transfer of Personal Data; and all other similar international, federal, state, provincial, and local requirements; each as applicable.

1.10. “Processor” means the entity which Processes Personal Data on behalf of the Controller, including as applicable a “service provider” or equivalent term as defined under applicable Privacy and Data Protection Law.

1.11. “Services” means the services provided by Mastercard to Customer under the Principal Agreement.

1.12. “Standard Contractual Clauses” means the clauses annexed to the EU Commission Implementing Decision 2021/914 of June 4, 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council (OJ L 199, 7.6.2021, p. 31-61), as amended or replaced from time to time.

1.13. “State Privacy Laws” means the California Consumer Privacy Act, Cal. Civ. Code 1798.100 et seq., as amended including by the California Privacy Rights Act, the Virginia Consumer Data Protection Act, Code of Virginia title 59.1, Chapter 52, the Colorado Privacy Act, Colorado Rev. Stat. 6-1-1301 et seq., the Utah Consumer Privacy Act, Utah Code 13-61-101 et seq., the Connecticut Personal Data Privacy and Online Monitoring Act, Public Act No. 22-15, and any other U.S. state privacy laws and their implementing regulations issued pursuant thereto, as amended and superseded from time to time.

1.14. “Sub-Processor” means a Processor engaged by a Processor to carry out Processing on behalf of a Controller.

1.15. “Swiss Addendum” means the addendum to the Standard Contractual Clauses required by the Swiss Federal Data Protection and Information Commissioner to satisfy the requirements of the Swiss Federal Data Protection Act (“FADP”).

1.16. “UK Addendum” means the addendum to the Standard Contractual Clauses issued by the UK Information Commissioner under Section 119A of the UK Data Protection Act 2018 (version B1.0, in force March 21, 2022).

2. Roles of the Parties and Processing by Mastercard.

2.1. Processing of Personal Data subject to Privacy and Data Protection Law. This Section 2.1 applies only to the Processing of Personal Data that is subject to Privacy and Data Protection Law that require the Controller and Processor to enter into a data processing agreement. For the avoidance of doubt, this also applies where the applicable Privacy and Data Protection Law does not specifically use the terms Controller and Processor.

2.1.1. Roles of the Parties. Mastercard acts as Processor on behalf of Customer and Customer acts as a Controller (or a Processor on behalf of another Controller) in the context of the Services described in Annex 1.

2.1.2. Processing by Mastercard. Customer hereby authorizes Mastercard to Process, as permitted by applicable Privacy and Data Protection Law, as a Controller, Personal Data relating to the operation, support, or use of the Services to (i) conduct internal analyses of Personal Data, (ii) develop and improve existing and future products and services, including through the development of algorithmic models, (iii) monitor and prevent fraud, (iv) prepare and furnish reports of aggregated information, and to anonymize information, provided that such reports do not identify the Customer or any Data Subjects, and Mastercard will not, and will not allow its Sub-Processors to, attempt to re-identify any such anonymized or aggregated information, and (v) for other purposes for which consent has been provided by the Data Subject to whom the Personal Data relates. Mastercard represents and warrants that it will Process Personal Data for these purposes in compliance with applicable Privacy and Data Protection Law and the Mastercard BCRs.

2.2. Processing of Covered Personal Data Subject to State Privacy Laws. This Section 2.2 applies only to the Processing of Personal Data that is subject to the State Privacy Laws by Mastercard on behalf of Customer (“Covered Personal Data”). Notwithstanding any provision to the contrary of this DPA or this Section, the terms of this Section shall not apply to Mastercard’s Processing of Covered Personal Data that is exempt from the State Privacy Laws. Except as expressly permitted by the State Privacy Laws, Mastercard will not (i) Sell or Share Covered Personal Data; (ii) retain, use, or disclose Covered Personal Data for any purpose other than for the specific purpose of performing the Services under the Principal Agreement and Annex 1 for Customer; (iii) retain, use, or disclose Covered Personal Data outside the direct business relationship between the Parties; or (iv) combine Covered Personal Data with Personal Data obtained from, or on behalf of, sources other than Customer, except as expressly permitted under applicable State Privacy Laws.

2.3. Categories of Personal Data. Customer represents and warrants that Customer will not share or make available any (i) special categories of Personal Data, as defined under applicable Privacy and Data Protection Law, or (ii) Personal Data relating to Data Subjects being minors, with Mastercard in the context of the Services.

3. Additional Obligations of the Parties.

3.1. Compliance with Privacy and Data Protection Law. Customer and Mastercard represent and warrant that they will comply with Privacy and Data Protection Law when Processing Personal Data in the context of the Services and will provide the level of privacy protection required by the Privacy and Data Protection Laws. Customer and Mastercard agree to cooperate in good faith to enter into additional terms to address any modifications, amendments, or updates to applicable Privacy and Data Protection Law. In particular, the Parties agree to the following:

3.1.1. Notice and Consent for the Processing of Personal Data. As a Controller, Customer is responsible for complying with Privacy and Data Protection Law in the context of the Processing of Personal Data as set forth in Annex 1, which may include the profiling of Data Subjects. Customer represents and warrants that it will, as required under Privacy and Data Protection Law, (i) provide clear and transparent notice to Data Subjects in an easily accessible form that includes appropriate references to the categories of Personal Data involved, the Customer’s legal basis for the Processing, and the sharing of the Personal Data with Mastercard; and (ii) rely on a valid legal ground, including Data Subjects’ consent when required under Privacy and Data Protection Law, for the Processing of Personal Data as set forth in Annex 1.

3.1.2. Cookies Notice and Consent. Customer is responsible for providing notice and obtaining consent as required under Privacy and Data Protection Law to allow for the storing or gaining access to information stored on Data Subjects’ terminal equipment via cookies and similar technologies. Customer must enable Data Subjects to withdraw such consent at any time as easily as it was originally given.

3.1.3. Proof of Consent. To the extent that Data Subjects’ consent is required under Privacy and Data Protection Law, Customer must be able to demonstrate that valid consent has been obtained from Data Subjects.

3.2. Instructions. Where Mastercard acts as a Processor on behalf of Customer as per Section 2.1.1 above, Mastercard will take steps to:

3.2.1. Only Process Personal Data in accordance with the Customer’s lawful documented instructions or as otherwise agreed by the Parties in writing, unless otherwise required or permitted by law.

3.2.2. Promptly inform Customer if, in its opinion, the Customer’s instructions infringe Privacy and Data Protection Law, or if Mastercard is unable to comply with the Customer’s instructions without failing to meet its obligations under Privacy and Data Protection Law.

3.2.3. Notify Customer when local laws prevent Mastercard from (1) fulfilling its obligations under this DPA or the Mastercard BCRs and have a substantial adverse effect on the guarantees provided by this DPA or the Mastercard BCRs; and (2) complying with the instructions received from the Customer via this DPA, except if such disclosure is prohibited by applicable laws, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation.

Notify Customer, as required under applicable Privacy and Data Protection Law, no later than five business days after determining that it can no longer meet its obligations under applicable State Privacy Laws. Upon receiving notice from Mastercard in accordance with this subsection, Customer may direct Mastercard to take reasonable and appropriate steps to stop and remediate unauthorized use of Personal Data.

3.3. Confidentiality. Mastercard will ensure that persons authorized to Process Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

3.4. Security. The Parties will take steps to ensure a level of security appropriate to the risk for the Personal Data and implement at the minimum the security measures listed in Annex 2. The Parties must notify a Personal Data Breach that relates to Personal Data Processed in the context of the Service to the other Party, without undue delay, and no later than 48 hours after having become aware of a Personal Data Breach.

3.5. Sub-Processing. Customer gives a general authorization and instructs Mastercard to engage internal and external Sub-Processors in the context of the Services under the conditions set forth below, including any addition or replacement of Sub-Processors, and Mastercard represents and warrants that when Sub-Processing the Processing of Personal Data in the context of the Services, and to the extent required by applicable Privacy and Data Protection Law, it will:

3.5.1. Bind its Affiliates acting as Sub-Processors to respect the Mastercard BCRs and to comply with the Customer’s instructions.

3.5.2. Require its other Sub-Processors, via a written agreement, to comply with applicable Privacy and Data Protection Law, with the Customer’s instructions and with substantially similar obligations as are imposed on Mastercard by this Section and the Mastercard BCRs.

3.5.3.Remain liable to the Customer for the performance of its Sub-Processors’ obligations.

3.5.4. Commit to provide a list of Sub-Processors to Customer upon request.

3.5.5 .Inform Customer of any addition or replacement of a Sub-Processor in a timely fashion and, if required by applicable Privacy and Data Protection Law, give Customer an opportunity to object to the change, except where the Services cannot be provided without the involvement of a specific Sub-Processor.

3.6. Assistance. To the extent required by Privacy and Data Protection Law and upon Customer’s prior written request, Mastercard will assist Customer, in so far as reasonably possible, in fulfilling Customer’s own data protection compliance obligations under Privacy and Data Protection Law, and provide to Customer all information available to Mastercard as reasonably necessary to demonstrate compliance with the Customer’s own obligations under Privacy and Data Protection Law, including Customer’s obligation to conduct data protection impact assessments or prior consultation with Supervisory Authorities.

3.7. Delete or Return Personal Data. Upon written request to delete or return Personal Data by Customer, except for any Personal Data which Mastercard Processes as a Controller, Mastercard will, at the choice of Customer, delete, anonymize, or return such Personal Data to Customer, except where Mastercard needs to retain a copy of such Personal Data to fulfill any legal obligations (in which case Mastercard will protect the confidentiality of the Personal Data).

3.8. Data Protection Audit. To the extent required by EU Data Protection Law and upon prior written request by Customer, Mastercard agrees to cooperate and within reasonable time provide Customer with: (a) a summary of the audit reports demonstrating Mastercard’s compliance with its obligations under this DPA and Mastercard BCRs where the transfer of Personal Data is based on the Mastercard BCRs, or such other relevant documentation, as required by Privacy and Data Protection Law, after redacting any confidential and commercially sensitive information; and (b) confirmation that the audit has not revealed any material vulnerability in Mastercard’s systems, or to the extent that any such vulnerability was detected, that Mastercard has fully remedied such vulnerability. If the above measures are not sufficient to meet the requirements of applicable Privacy and Data Protection Law and the Mastercard BCRs, or reveal some material issues, subject to the strictest confidentiality obligations, and maximum once a year, Mastercard allows Customer to request an audit of Mastercard’s data protection compliance program by external independent auditors, which are jointly selected by the Parties. The external independent auditor cannot be a competitor of Mastercard, and the Parties will mutually agree upon the scope, timing, and duration of the audit. Mastercard will make available to Customer the result of the audit of its data protection compliance program.

3.9. Data Subject Requests. The Services may provide Customer with features to assist Customer with its obligations relating to responding to requests from Data Subjects to exercise their Data Protection Rights (“Data Subject Requests”). To the extent the Services do not provide such features or Customer is unable to address a Data Subject Request through the Services, Mastercard will provide Customer with reasonable assistance to respond to Data Subject Requests as required under applicable Privacy and Data Protection Law relating to the Processing of Personal Data under the Principal Agreement and Customer will reimburse Mastercard for commercially reasonable costs arising from this assistance. If a Data Subject Request is made directly to Mastercard regarding the Processing of Personal Data under the Principal Agreement, and to the extent Customer is identified in the Data Subject Request or can easily be identified by Mastercard based on the Data Subject Request, Mastercard will direct the Data Subject to submit their request to Customer.

4. Personal Data Transfers.

4.1. Customer acknowledges that Mastercard may, and where required by applicable Privacy and Data Protection Law, Customer authorizes Mastercard to, transfer Personal Data Processed in connection with the Services globally in accordance with the Mastercard BCRs or any other lawful data transfer mechanism. Mastercard represents and warrants that it will abide by the Mastercard BCRs in the context of such transfers of Personal Data.

4.2. To the extent that the Mastercard BCRs cannot be relied upon as appropriate safeguards, the transfer shall be governed by the Standard Contractual Clauses and the UK Addendum or the Swiss Addendum, as applicable, which are incorporated into this DPA by reference.

4.2.1. The Parties conclude and complete module two (controller-to-processor) of the Standard Contractual Clauses as follows: (i) they implement the optional docking clause in Clause 7; strike the optional paragraph in Clause 11(a); choose option 2 in Clause 9(a); indicate Belgium in Clauses 13(a) and Clause 17, and indicate the courts of Brussels, Belgium in Clause 18(b); (ii) the “data exporter” is Customer; the “data importer” is Mastercard; and (iii) Annex I and II to the Standard Contractual Clauses are Annex 1 and 2 to this DPA respectively.

4.2.2. The Swiss Addendum is completed as follows: (i) in deviation of Clause 13(a) of the Standard Contractual Clauses in connection with its Annex I.C. incorporated in Annex 1 to this DPA, the competent supervisory authority in Annex 1 shall be the Swiss Federal Data Protection and Information Commissioner and all references to the “competent supervisory authority” shall be interpreted accordingly, (ii) the references to the “Regulation (EU) 2016/679” and specific articles thereof in the Standard Contractual Clauses should be interpreted as references to the FADP and its corresponding provisions, as applicable.

4.2.3. Part 1 of the UK Addendum is completed as follows: (i) in Table 1, the “Exporter” is Customer and the “Importer” is Mastercard, their details are set forth in the Principal Agreement and this DPA; (ii) in Table 2, the first option is selected and the “Approved EU SCCs” are the Standard Contractual Clauses referred to in Section 4.2.1 of this DPA; (iii) in Table 3, “Annex 1 (A and B) and II to the” Approved EU SCCs” are Annexes 1 and 2 to this DPA; and (iv) in Table 4, both the “Importer” and the “Exporter” can terminate the UK Addendum.

5. Liability. The Parties agree that if Mastercard has paid compensation, damages or fines, Mastercard is entitled to claim back from Customer that part of the compensation, damages or fines, corresponding to Customer’s part of responsibility for the compensation, damages or fines.

6. Applicable Law and Jurisdiction.

6.1. To the extent the Processing of Personal Data is subject to EU Data Protection Law, this DPA and the Processing of Personal Data will be governed by the law of Belgium and any dispute will be submitted to the Courts of Brussels.

6.2. To the extent the Processing of Personal Data is not subject to EU Data Protection Law, this DPA and the Processing of Personal Data will be governed by the law applicable to the Principal Agreement, and any dispute will be submitted to the Courts identified in the Principal Agreement.

7. Modification of this DPA. This DPA may only be updated by Mastercard or its Affiliates without notice, provided that the Customer shall be notified in advance of any material change Mastercard or its Affiliates deem adverse to the Customer.

8. Termination. The Parties agree that this DPA is terminated upon the termination of the Principal Agreement.

9. Invalidity and Severability. If any provision of this DPA is found by any court or administrative body of competent jurisdiction to be invalid or unenforceable, the invalidity or unenforceability of such provision will not affect any other provision of this DPA and all provisions not affected by such invalidity or unenforceability will remain in full force and effect.

Annex 1 – Description of processing activities

A. LIST OF PARTIES

Data exporter:

Name: Customer as defined in the Principal Agreement
Address: See signature page in the Principal Agreement
Contact person’s name, position and contact details: See signature in the Principal Agreement
Activities relevant to the data transferred: Receiving the Services as described in this DPA and the Principal Agreement
Signature and date: See signature page in the Principal Agreement
Role (Controller/Processor): Controller

Data importer:

Name: Mastercard as defined in the Principal Agreement
Address: See signature page in the Principal Agreement
Contact person’s name, position and contact details: See signature page in the Principal Agreement
Activities relevant to the data transferred: Providing the Services as described in this DPA and the Principal Agreement
Signature and date: See signature page in the Principal Agreement
Role (Controller/Processor): Processor

B. DESCRIPTION OF TRANSFER

Categories of Data Subjects whose Personal Data is transferred: End-users (i.e., cardholders and consumers)
Categories of Personal Data transferred:

○ Geographic information (city, state, country and as applicable, postal code);

○ Audience membership – based on real time user segmentation and backend historical calculations;

○ IP address;

○ Online identifiers (i.e., online data collected from end-user’s devices, applications and protocols), such as UDID, cookie identifiers, and other unique ID that Mastercard or Customer assigns to end-users’ devices;

○ Device and browser attributes;

○ Page views and interactions;

○ As applicable: Customer events (e.g., and “add to cart” or other interactions and engagement set up by Customer);

○ As applicable: search query terms;

○ Only as applicable, the information you provide to us:

■ email address;

■ CRM data and other data that Customer elects for onboarding (e.g., gender, status, average order value, number of items ordered, days since last order, net sales, items per order, days since first order, sessions since last order, days since last visit, average interpurchase time, last order site, loyalty status, etc.);

■ Online purchase history on the Customer website;

■ Offline purchase history;

■ For financial institutions only: transaction data (e.g., end-users’ spend history, predictive spend, travel spend).

Sensitive data transferred (if applicable) and applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialized training), keeping a record of access to the data, restrictions for onward transfers or additional security measures: No Sensitive Data.
The frequency of the transfer (e.g., whether the Personal Data is transferred on a one-off or continuous basis): On a continuous basis.
Nature of the Processing: The Personal Data will be processed and transferred as described in this DPA and the Principal Agreement.
Purpose(s) of the transfer and further Processing: The Personal Data will be processed and transferred for the provision of the Services as described in this DPA and the Principal Agreement, in particular to:

○ Personalize end users’ interaction with Customer’s online platforms across the web, mobile web, mobile apps and email and other channels;

○ Build actionable end users’ segments in real time, enabling Customer to take instant action via personalization, product/content recommendations, automatic optimization, real-time messaging and other activation modules offered by Mastercard from time to time;

○ As applicable, and for financial institutions only: examine spending patterns [on end-user transaction data/consumer payment cards] to improve card engagement and usage;

○ As applicable, and for financial institutions only: prepare and furnish aggregated reports on end-users’ spending patterns.

The period for which the Personal Data will be retained, or, if that is not possible, the criteria used to determine that period: Personal Data will be retained for as long as necessary taking into account the purpose of the Processing, and in compliance with applicable laws, including laws on the statute of limitations and Privacy and Data Protection Law.
For transfer to Sub-Processors, also specify subject matter, nature and duration of the Processing: The Personal Data may be transferred to Sub-Processors to provide the Services as described in this DPA and the Principal Agreement.

C. COMPETENT SUPERVISORY AUTHORITY

The Belgian Supervisory Authority shall act as the competent Supervisory Authority.

Annex 2 – Security Measures

The Parties will apply at least the following types of security measures to Personal Data:

1. Physical access control

Technical and organizational measures to prevent unauthorized persons from gaining access to the data processing systems available in premises and facilities (including databases, application servers and related hardware), where Personal Data are Processed, include:

Establishing security areas, restriction of access paths;
Establishing access authorizations for employees and third parties;
Access control system (ID reader, magnetic card, chip card);
Key management, card-keys procedures;
Door locking (electric door openers etc.);
Security staff, janitors;
Surveillance facilities, video/CCTV monitor, alarm system; and
Securing decentralized data processing equipment and personal computers.

2. Virtual access control

Technical and organizational measures to prevent data processing systems from being used by unauthorized persons include:

User identification and authentication procedures;
ID/password security procedures (special characters, minimum length, change of password);
Automatic blocking (e.g. password or timeout);
Monitoring of break-in-attempts and automatic turn-off of the user ID upon several erroneous password attempts;
Creation of one master record per user, user-master data procedures per data processing environment; and
Encryption of archived data media.

3. Data access control

Technical and organizational measures to ensure confidentiality and that persons entitled to use a data processing system gain access only to such Personal Data in accordance with their access rights, and that Personal Data cannot be read, copied, modified or deleted without authorization, include:

Internal policies and procedures;
Control authorization schemes;
Default configuration;
Differentiated access rights (profiles, roles, transactions and objects);
Monitoring and logging of accesses;
Disciplinary action against employees who access Personal Data without authorization;
Reports of access;
Access procedure;
Change procedure;
Deletion procedure; and
Encryption.

4. Disclosure control

Technical and organizational measures to ensure that Personal Data cannot be read, copied, modified or deleted without authorization during electronic transmission, transport or storage on storage media (manual or electronic), and that it can be verified to which companies or other legal entities Personal Data are disclosed, include:

Encryption/pseudonymization/tunneling;
Logging; and
Transport security.

5. Entry control

Technical and organizational measures to monitor whether Personal Data have been entered, changed or removed (deleted), and by whom, from data processing systems, include:

Logging and reporting systems; and
Audit trails and documentation.

6. Control of instructions

Technical and organizational measures to ensure that Personal Data are Processed solely in accordance with the instructions of the Controller include:

Unambiguous wording of the contract;
Formal commissioning (request form); and
Criteria for selecting the Processor.

7. Availability control

Technical and organizational measures to ensure the integrity, availability and resilience of the processing systems, and that Personal Data are protected against accidental destruction or loss (physical/logical) include:

Disaster recovery plan, in the event of a physical or technical incident.

8. Separation control

Technical and organizational measures to ensure that Personal Data collected for different purposes can be Processed separately include:

“Internal client” concept / limitation of use;
Segregation of functions (production/testing); and
Procedures for storage, amendment, deletion, transmission of data for different purposes.

9. Testing controls

Technical and organizational measures to test, assess and evaluate the effectiveness of the technical and organizational measures implemented in order to ensure the security of the processing include:

Periodical review and test of disaster recovery plan;
Testing and evaluation of software updates before they are installed;
Authenticated (with elevated rights) vulnerability scanning; and
Test bed for specific penetration tests.

10. IT governance

Technical and organizational measures to improve the overall management of IT and ensure that the activities associated with information and technology are aligned with the compliance efforts include:

Certification/assurance of processes and products;
Processes for data minimization;
Processes for data quality;
Processes for limited data retention;
Processes for ensuring accountability; and
Data subject rights policies.

<!DOCTYPE html> <!--[if IE 6]><html id="ie6" lang="en-US"> <![endif]--> <!--[if IE 7]><html id="ie7" lang="en-US"> <![endif]--> <!--[if IE 8]><html id="ie8" lang="en-US"> <![endif]--> <!--[if !(IE 6) | !(IE 7) | !(IE 8)  ]><!--><html lang="en-US"> <!--<![endif]--><head><meta name="msvalidate.01" content="1033997EC383621B874EB0392F261984"/><link rel="preconnect" href="//cdn.dynamicyield.com"><link rel="preconnect" href="//st.dynamicyield.com"><link rel="preconnect" href="//rcom.dynamicyield.com"><link rel="dns-prefetch" href="//cdn.dynamicyield.com"><link rel="dns-prefetch" href="//st.dynamicyield.com"><link rel="dns-prefetch" href="//rcom.dynamicyield.com"> <script data-cfasync="false">window.dataLayer = window.dataLayer || [];
        window.gtag = function() { dataLayer.push(arguments); }
        window.gtag('consent', 'default', {
            ad_storage: 'denied',
            ad_user_data: 'denied',
            ad_personalization: 'denied',
            analytics_storage: 'denied',
            functionality_storage: 'denied',
            personalization_storage: 'denied',
            security_storage: 'granted', // Only this is granted by default
        });</script> <script data-cfasync="false">(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
        new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
        j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
        '//www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
        })(window,document,'script','dataLayer','GTM-MCQHF8');</script> <script data-cfasync="false" async>// Init the adobeDataLayer array
        var adobeDataLayer = adobeDataLayer || [];

        // Only when the API is ready
        function adobeWaitForDY() {
            if (typeof(window.DY) !== 'undefined' && typeof(window.DY.AdDetection) !== 'undefined' &&
                typeof($dy) !== 'undefined' && typeof($dy(window)) !== 'undefined' && typeof($dy.renderSmartTagSlider) !== 'undefined') {
                
                var zi_data = localStorage.getItem('ZoomInfoData'),
                    ada_page_info = {
                        "pageName": "Mastercard – Customer Data Processing Agreement",
                        "siteName": "Mastercard Dynamic Yield",
                        "pageTitle": "en_US :dpa", 
                        "pageURL": "https://www.dynamicyield.com/dpa/",
                        "country": "US",
                        "language": "en",
                        "dyID": DY.dyid,
                        "userStatus": "Guest"
                    };

                // Detect the hierarchy and 
                // site sections based on the URL slugs
                var current_pathname = window.location.pathname.replace(/^\/|\/$/g, '');

                if(current_pathname) {

                    var current_sitesections = current_pathname.split('/'),
                        current_hierarchy = current_sitesections.map(function(segment) {

                        return segment.split(/[-_]/).map(function(word) {
                            return word.charAt(0).toUpperCase() + word.slice(1);
                        })
                        .join(' ');
                    });

                    // Site section 1
                    if(current_sitesections[0]) {
                        ada_page_info.siteSection1 = current_sitesections[0];
                    }

                    // Site section 2
                    if(current_sitesections[1]) {
                        ada_page_info.siteSection2 = current_sitesections[1];
                    }

                    // Hierarchy
                    ada_page_info.hierarchy = current_hierarchy.join('|');
                }

                // Push the ZI params as well
                if(zi_data) {
                    zi_data = JSON.parse(zi_data);

                    if(zi_data.name) {
                        ada_page_info.ziCompany = zi_data.name;
                    }

                    if(zi_data.domain) {
                        ada_page_info.ziDomain = zi_data.domain;
                    }

                    if(zi_data.employeesrange) {
                        ada_page_info.ziEmployees = zi_data.employeesrange;
                    }

                    if(zi_data.industry) {
                        ada_page_info.ziIndustry = zi_data.industry;
                    }
                }

                // Decode HTML prior to dispatching the event
                Object.keys(ada_page_info).forEach(function(key) {
                    ada_page_info[key] = $('<textarea/>').html(ada_page_info[key]).text();
                });

                adobeDataLayer.push({
                    "event": "pageLoad", 
                    "pageInfo": ada_page_info
                });

            } else {
                setTimeout(adobeWaitForDY, 150);
            }
        }

        adobeWaitForDY();</script>  <script type="text/javascript">function OptanonWrapper() {
            console.log('OneTrust Loaded');
            DY_API_update_consent_mode();
            OneTrust.OnConsentChanged(DY_API_update_consent_mode);
        }

        function DY_API_update_consent_mode() {
            var groups = OnetrustActiveGroups.split(',');

            DY.userActiveConsent = {accepted: groups.includes('C0004')};
            DYO.ActiveConsent.updateConsentAcceptedStatus(groups.includes('C0004'));

            if(groups.includes('C0004')) {
                console.log('OneTrust_Consent_Is_Granted');
                DY.API('event',{ name: 'OneTrust_Consent_Is_Granted', properties: {}});
            }

            console.log('OneTrust - DY API is ' + (groups.includes('C0004') ? 'Enabled' : 'Disabled'));
        }
        
        window.addEventListener('OTConsentApplied', function() {
            var groups = OnetrustActiveGroups.split(',');

            if(groups.includes('C0004')) {
                console.log('OneTrust_Initial_Consent_Granted');
                DY.API('event',{ name: 'OneTrust_Initial_Consent_Granted', properties: {}});
            }
        });</script>  <script type="text/javascript">/*WebFontConfig = {
		 google: { families: [ 'Shadows+Into+Light::latin', 'Handlee::latin', 'Roboto:400,100,300,500:latin' ] }
		 };
		 (function() {
		 var wf = document.createElement('script');
		 wf.src = ('https:' == document.location.protocol ? 'https' : 'http') +
		 '://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js';
		 wf.type = 'text/javascript';
		 wf.async = 'true';
		 var s = document.getElementsByTagName('script')[0];
		 s.parentNode.insertBefore(wf, s);
		 })(); */

        console.log(
            '%cLet’s personalize experiences together.\n%cDynamic Yield is hiring smart engineers like you to help solve hard problems.\n%cSee our jobs page: https://www.dynamicyield.com/careers',
            'font-size:2.2em;line-height:1.4em;margin-top:20px;color:rgb(93, 56, 185);',
            'font-size:1.1em;line-height:1.6em;color:rgb(0, 0, 0);',
            'font-size:1.1em;line-height:1.6em;margin-bottom:20px;color:rgb(0, 0, 0);'
        );

        function waitForElementToDisplay(selector, time, functionName) {
            if (document.getElementById(selector) != null) {
                functionName();
                return;
            } else {
                setTimeout(function () {
                    waitForElementToDisplay(selector, time, functionName);
                }, time);
            }
        }

        function dcWaitForJQuery(time, functionName) {
            if (window.jQuery || window.n2) {
                functionName();
                return;
            } else {
                setTimeout(function () {
                    dcWaitForJQuery(time, functionName);
                }, time);
            }
        }</script> <meta name="msvalidate.01" content="451B75B70520F4C76D67F116C9EFFE5C"/><meta property="twitter:account_id" content="4503599629852947"/><meta name="p:domain_verify" content="f8112f57c09778e892850075a87dc1cf"/><meta name="google-site-verification" content="9FbmfdC4cM7JG8sgYh6w9HhFlxvEHewltexeUVzuSfE"/><meta charset="UTF-8"/><link rel="pingback" href="https://www.dynamicyield.com/xmlrpc.php"/> <!--[if lt IE 9]> <script src="https://www.dynamicyield.com/wp-content/themes/Divi/js/html5.js" type="text/javascript"></script> <![endif]--> <script type="text/javascript">document.documentElement.className = 'js';</script> <script type="text/javascript">var getLangCode = 'en';</script> <link rel="prefetch" href="/wp-content/themes/Divi/css/custom-style.css" as="style" crossorigin="anonymous"><meta name='robots' content='index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1' /><link rel="alternate" hreflang="en" href="https://www.dynamicyield.com/dpa/" /><link rel="alternate" hreflang="es" href="https://www.dynamicyield.com/es/dpa/" /><link rel="alternate" hreflang="x-default" href="https://www.dynamicyield.com/dpa/" />  <script data-cfasync="false" data-pagespeed-no-defer>var gtm4wp_datalayer_name = "dataLayer";
	var dataLayer = dataLayer || [];</script> <title>Mastercard – Customer Data Processing Agreement &#8212; Mastercard Dynamic Yield</title><link rel="preload" as="font" href="https://www.dynamicyield.com/wp-content/themes/Divi/fonts/CircularXXTT/CircularXXWeb-Bold.woff2" crossorigin/><link rel="preload" as="font" href="https://www.dynamicyield.com/wp-content/themes/Divi/fonts/CircularXXTT/CircularXXWeb-Medium.woff2" crossorigin/><link rel="preload" as="font" href="https://www.dynamicyield.com/wp-content/themes/Divi/fonts/CircularXXTT/CircularXXWeb-Book.woff2" crossorigin/><link rel="canonical" href="https://www.dynamicyield.com/dpa/" /><meta property="og:locale" content="en_US" /><meta property="og:type" content="article" /><meta property="og:title" content="Mastercard – Customer Data Processing Agreement &#8212; Mastercard Dynamic Yield" /><meta property="og:description" content="Mastercard – Customer Data Processing Agreement Effective Date: July 2nd, 2025. This Data Processing Agreement (the “DPA”), which includes Annexes 1 and 2, is incorporated into and forms an integral part of the Agreement (the “Principal Agreement”) and governs the Processing of Personal Data in the context of the Services between Mastercard and Customer, as defined [&hellip;]" /><meta property="og:url" content="https://www.dynamicyield.com/dpa/" /><meta property="og:site_name" content="Mastercard Dynamic Yield" /><meta property="article:publisher" content="https://www.facebook.com/DynamicYield" /><meta property="article:modified_time" content="2025-07-01T13:18:31+00:00" /><meta property="og:image" content="https://www.dynamicyield.com/wp-content/uploads/2023/10/dy-mc-master-social-share-2.png" /><meta property="og:image:width" content="1200" /><meta property="og:image:height" content="628" /><meta property="og:image:type" content="image/png" /><meta name="twitter:card" content="summary_large_image" /><meta name="twitter:site" content="@DynamicYield" /><meta name="twitter:label1" content="Est. reading time" /><meta name="twitter:data1" content="22 minutes" /><meta name="twitter:label2" content="Written by" /><meta name="twitter:data2" content="Dynamic Yield Marketing" /> <script type="application/ld+json" class="yoast-schema-graph">{"@context":"https://schema.org","@graph":[{"@type":"WebPage","@id":"https://www.dynamicyield.com/dpa/","url":"https://www.dynamicyield.com/dpa/","name":"Mastercard – Customer Data Processing Agreement &#8212; Mastercard Dynamic Yield","isPartOf":{"@id":"https://www.dynamicyield.com/#website"},"datePublished":"2023-08-01T11:46:42+00:00","dateModified":"2025-07-01T13:18:31+00:00","breadcrumb":{"@id":"https://www.dynamicyield.com/dpa/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https://www.dynamicyield.com/dpa/"]}]},{"@type":"BreadcrumbList","@id":"https://www.dynamicyield.com/dpa/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.dynamicyield.com/"},{"@type":"ListItem","position":2,"name":"Mastercard – Customer Data Processing Agreement"}]},{"@type":"WebSite","@id":"https://www.dynamicyield.com/#website","url":"https://www.dynamicyield.com/","name":"Mastercard Dynamic Yield","description":"","publisher":{"@id":"https://www.dynamicyield.com/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https://www.dynamicyield.com/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https://www.dynamicyield.com/#organization","name":"Mastercard Dynamic Yield","url":"https://www.dynamicyield.com/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https://www.dynamicyield.com/#/schema/logo/image/","url":"https://www.dynamicyield.com/wp-content/uploads/2019/10/DY-Hero_Logo-Black@x2.png","contentUrl":"https://www.dynamicyield.com/wp-content/uploads/2019/10/DY-Hero_Logo-Black@x2.png","width":458,"height":458,"caption":"Mastercard Dynamic Yield"},"image":{"@id":"https://www.dynamicyield.com/#/schema/logo/image/"},"sameAs":["https://www.facebook.com/DynamicYield","https://x.com/DynamicYield","https://www.instagram.com/dynamic.yield/","https://www.linkedin.com/company/dynamic-yield","http://www.pinterest.com/dynamicyield/","https://www.youtube.com/channel/UCPWEcR8lQRadVKYW8H4sndQ","https://en.wikipedia.org/wiki/Dynamic_Yield"]}]}</script> <link rel="alternate" type="application/rss+xml" title="Mastercard Dynamic Yield &raquo; Feed" href="https://www.dynamicyield.com/feed/" /><link rel="alternate" type="application/rss+xml" title="Mastercard Dynamic Yield &raquo; Comments Feed" href="https://www.dynamicyield.com/comments/feed/" /><meta content="Divi v." name="generator"/><link rel='stylesheet' id='sbi_styles-css' href='https://www.dynamicyield.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.2.6' type='text/css' media='all' /><style id='wp-emoji-styles-inline-css' type='text/css'>img.wp-smiley, img.emoji {
		display: inline !important;
		border: none !important;
		box-shadow: none !important;
		height: 1em !important;
		width: 1em !important;
		margin: 0 0.07em !important;
		vertical-align: -0.1em !important;
		background: none !important;
		padding: 0 !important;
	}</style><link rel='stylesheet' id='wp-block-library-css' href='https://www.dynamicyield.com/wp-includes/css/dist/block-library/style.min.css?ver=935c7f8ce03960b02800bc8ae3231df8' type='text/css' media='all' /><style id='classic-theme-styles-inline-css' type='text/css'>/*! This file is auto-generated */
.wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-styles-inline-css' type='text/css'>body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flow > .alignleft{float: left;margin-inline-start: 0;margin-inline-end: 2em;}body .is-layout-flow > .alignright{float: right;margin-inline-start: 2em;margin-inline-end: 0;}body .is-layout-flow > .aligncenter{margin-left: auto !important;margin-right: auto !important;}body .is-layout-constrained > .alignleft{float: left;margin-inline-start: 0;margin-inline-end: 2em;}body .is-layout-constrained > .alignright{float: right;margin-inline-start: 2em;margin-inline-end: 0;}body .is-layout-constrained > .aligncenter{margin-left: auto !important;margin-right: auto !important;}body .is-layout-constrained > :where(:not(.alignleft):not(.alignright):not(.alignfull)){max-width: var(--wp--style--global--content-size);margin-left: auto !important;margin-right: auto !important;}body .is-layout-constrained > .alignwide{max-width: var(--wp--style--global--wide-size);}body .is-layout-flex{display: flex;}body .is-layout-flex{flex-wrap: wrap;align-items: center;}body .is-layout-flex > *{margin: 0;}body .is-layout-grid{display: grid;}body .is-layout-grid > *{margin: 0;}:where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}
.wp-block-navigation a:where(:not(.wp-element-button)){color: inherit;}
:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}
:where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}
.wp-block-pullquote{font-size: 1.5em;line-height: 1.6;}</style><link rel='stylesheet' id='rfw-style-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_7c036e0987ef80b703d7eb1abf922895.css?ver=2026020309' type='text/css' media='all' /><link rel='stylesheet' id='divi-style-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_ab3666a686d3dac03fd3032e5757637e.css?ver=935c7f8ce03960b02800bc8ae3231df8' type='text/css' media='all' /><link rel='stylesheet' id='et_lb_modules-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_c0102af27938567cb82cc02e4da3a673.css?ver=2.4' type='text/css' media='all' /><link rel='stylesheet' id='et-shortcodes-css-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_40cb404848bc2e556105c8aea77f29aa.css?ver=3.0' type='text/css' media='all' /><link rel='stylesheet' id='elementor-icons-css' href='https://www.dynamicyield.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.6.2' type='text/css' media='all' /><link rel='stylesheet' id='elementor-animations-css' href='https://www.dynamicyield.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.9.9' type='text/css' media='all' /><link rel='stylesheet' id='elementor-frontend-css' href='https://www.dynamicyield.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.9.9' type='text/css' media='all' /><link rel='stylesheet' id='elementor-pro-css' href='https://www.dynamicyield.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.10.0' type='text/css' media='all' /><link rel='stylesheet' id='font-awesome-css' href='https://www.dynamicyield.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0' type='text/css' media='all' /><link rel='stylesheet' id='elementor-global-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_12a32c87d5f3cd59de1889deefab8a86.css?ver=1727179740' type='text/css' media='all' /><link rel='stylesheet' id='elementor-post-197600-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_23017b0d283c1e6b7abdaf33c8585e2b.css?ver=1751375914' type='text/css' media='all' /><link rel='stylesheet' id='et-shortcodes-responsive-css-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_3a30a77569bc4544b9465acbee8e5f97.css?ver=3.0' type='text/css' media='all' /><link rel='stylesheet' id='wp-featherlight-css' href='https://www.dynamicyield.com/wp-content/plugins/wp-featherlight/css/wp-featherlight.min.css?ver=1.3.4' type='text/css' media='all' /><link rel='stylesheet' id='baskerville-font-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_8c23179f030d02e0065d2054eab34279.css?ver=935c7f8ce03960b02800bc8ae3231df8' type='text/css' media='all' /><link rel='stylesheet' id='markformc-font-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_0eb51906eca648ca4559d0a03b898d83.css?ver=935c7f8ce03960b02800bc8ae3231df8' type='text/css' media='all' /><link rel='stylesheet' id='mackinac-font-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_9c8fec2609ebc9764a6e16471d9451ae.css?ver=935c7f8ce03960b02800bc8ae3231df8' type='text/css' media='all' /><link rel='stylesheet' id='button-pulse-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_4cabc8dd29eaa9af7bf2df62f1c40af9.css?ver=935c7f8ce03960b02800bc8ae3231df8' type='text/css' media='all' /><link rel='stylesheet' id='fontawesome-css' href='https://www.dynamicyield.com/wp-content/themes/Divi/custom/font-awesome/css/font-awesome.min.css' type='text/css' media='all' /><link rel='stylesheet' id='bootstrap-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_d375e60add46d8de26a78728b517660f.css' type='text/css' media='all' /><link rel='stylesheet' id='slick-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_13b1b6672b8cfb0d9ae7f899f1c42875.css' type='text/css' media='all' /><link rel='stylesheet' id='slick-theme-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_f9faba678c4d6dcfdde69e5b11b37a2e.css' type='text/css' media='all' /><link rel='stylesheet' id='custom-theme-style-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_57f41281576414370c141cd00d2a80a9.css?ver=26.27' type='text/css' media='all' /><link rel='stylesheet' id='custom-style-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_417039b6d54561fe1e8c94ee67cd902c.css?ver=26.27' type='text/css' media='all' /><link rel='stylesheet' id='header-style-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_d75ad7543415df427913a5fe91606386.css?ver=26.27' type='text/css' media='all' /><link rel='stylesheet' id='footer-style-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_25400e1cfd7099cc557083769c928231.css?ver=26.27' type='text/css' media='all' /><link rel='stylesheet' id='video_tabs_module-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_f1109a8bc8c46ec9f2205cc8603c132f.css?ver=26.27' type='text/css' media='all' /><link rel='stylesheet' id='customers-shortcode-css' href='https://www.dynamicyield.com/wp-content/cache/autoptimize/css/autoptimize_single_c6bf61e9c8beb560d64d119f58757b8b.css?ver=26.27' type='text/css' media='all' /> <script type="text/javascript" src="https://www.dynamicyield.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1" id="jquery-core-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1" id="jquery-migrate-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/themes/Divi/js/blazy.min.js" id="blazy-js"></script> <link rel="https://api.w.org/" href="https://www.dynamicyield.com/wp-json/" /><link rel="alternate" type="application/json" href="https://www.dynamicyield.com/wp-json/wp/v2/pages/197600" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://www.dynamicyield.com/xmlrpc.php?rsd" /><link rel='shortlink' href='https://www.dynamicyield.com/?p=197600' /><link rel="alternate" type="application/json+oembed" href="https://www.dynamicyield.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.dynamicyield.com%2Fdpa%2F" /><link rel="alternate" type="text/xml+oembed" href="https://www.dynamicyield.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.dynamicyield.com%2Fdpa%2F&#038;format=xml" /><meta name="generator" content="WPML ver:4.6.8 stt:1,4,3,28,2;" /> <script type="text/javascript">(function(url){
	if(/(?:Chrome\/26\.0\.1410\.63 Safari\/537\.31|WordfenceTestMonBot)/.test(navigator.userAgent)){ return; }
	var addEvent = function(evt, handler) {
		if (window.addEventListener) {
			document.addEventListener(evt, handler, false);
		} else if (window.attachEvent) {
			document.attachEvent('on' + evt, handler);
		}
	};
	var removeEvent = function(evt, handler) {
		if (window.removeEventListener) {
			document.removeEventListener(evt, handler, false);
		} else if (window.detachEvent) {
			document.detachEvent('on' + evt, handler);
		}
	};
	var evts = 'contextmenu dblclick drag dragend dragenter dragleave dragover dragstart drop keydown keypress keyup mousedown mousemove mouseout mouseover mouseup mousewheel scroll'.split(' ');
	var logHuman = function() {
		if (window.wfLogHumanRan) { return; }
		window.wfLogHumanRan = true;
		var wfscr = document.createElement('script');
		wfscr.type = 'text/javascript';
		wfscr.async = true;
		wfscr.src = url + '&r=' + Math.random();
		(document.getElementsByTagName('head')[0]||document.getElementsByTagName('body')[0]).appendChild(wfscr);
		for (var i = 0; i < evts.length; i++) {
			removeEvent(evts[i], logHuman);
		}
	};
	for (var i = 0; i < evts.length; i++) {
		addEvent(evts[i], logHuman);
	}
})('//www.dynamicyield.com/?wordfence_lh=1&hid=7D5AB15D0FC3E988F255192E13DC93FB');</script> 
 <script data-cfasync="false" data-pagespeed-no-defer>var dataLayer_content = {"visitorLoginState":"logged-out","visitorType":"visitor-logged-out","pagePostType":"page","pagePostType2":"single-page","pagePostAuthor":"Dynamic Yield Marketing","pagePostDate":"August 1, 2023","pagePostDateYear":"2023","pagePostDateMonth":"08","pagePostDateDay":"01","pagePostDateDayName":"Tuesday","pagePostDateHour":"07","pagePostDateMinute":"46","pagePostDateIso":"2023-08-01T07:46:42-04:00","pagePostDateUnix":1690876002};
	dataLayer.push( dataLayer_content );</script> <script type="text/javascript">console.warn && console.warn("[GTM4WP] Google Tag Manager container code placement set to OFF !!!");
	console.warn && console.warn("[GTM4WP] Data layer codes are active but GTM container must be loaded using custom coding !!!");</script> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=3.0, user-scalable=1" /><link rel="icon" type="image/png" href="/favicon-16x16.png" sizes="16x16"><link rel="icon" type="image/png" href="/favicon-32x32.png" sizes="32x32"><link rel="icon" type="image/png" href="/favicon-96x96.png" sizes="96x96"><link rel="icon" type="image/png" href="/favicon-180x180.png" sizes="180x180"><link rel="icon" type="image/png" href="/favicon-192x192.png" sizes="192x192"><link rel="icon" type="image/png" href="/favicon-194x194.png" sizes="194x194"><link rel="shortcut icon" href="/favicon.ico"> <script type="text/javascript" data-noptimize>function dy_bind_adobe_mkto_events(form, form_id, form_name) {

        // Init the adobeDataLayer object
        window.adobeDataLayer = window.adobeDataLayer || [];

        var focus_reported = false;
        var form_completed = false;
        var form_started_reported = false;
        
        // Monitor input interactions - first focus (form start)
        form.getFormElem().find('input, select').on('focus', function() {
            
            // Only if it hasn't been reported yet
            if(! focus_reported) {
                focus_reported = true;
                form_started_reported = true;
                
                adobeDataLayer.push({
                    "event": "form_start",
                    "trackAction": {
                        "formName": form_name,
                        "formID": form_id,
                        "zoomInfo": localStorage.ZoomInfoData !== undefined,
                    }
                });
            }
        });

        // Detect dropoff if the form hasn't been completed
        window.addEventListener("beforeunload", function(event) {
            if (form_completed) return;
            
            var filledLabels = [];
            var count = 0;
            
            form.getFormElem().find('input, select').each(function() {
                var value = this.value && this.value.trim();
                if (value) {
                var label = form.getFormElem().find("label[for='" + this.id + "']").text().trim();
                if (label) {
                    filledLabels.push(label);
                    count++;
                }
                }
            });
            
            if (count > 0) {
                adobeDataLayer.push({
                    "event": "form_dropoff",
                    "formInfo": {
                        "formName": form_name,
                        "formID": form_id,
                        "zoomInfo": localStorage.ZoomInfoData !== undefined,
                        "completedFields": {
                            "labels": filledLabels.join("|"),
                            "count": count.toString()
                        }
                    }
                });
            }
        });

        // Hook into successful submission
        form.onSuccess(function(values, followUpUrl) {

            if(form_started_reported) {

                // Report form completed
                form_completed = true;

                // Send an Adobe Analytics DataLayer event
                adobeDataLayer.push({
                    "event": "form_complete",
                    "formInfo": {
                        "formName": form_name,
                        "formID": form_id,
                        "zoomInfo": localStorage.ZoomInfoData !== undefined,
                        "successAction": {
                            "action": "redirect",
                            "redirectUrl": followUpUrl
                        }
                    }
                });
            }
        });
    }

    function dy_bind_adobe_cta_event(cta, cta_type, cta_section) {
        var cta_name = cta.text().trim(),
            cta_url,
            page_url = window.location.href;

        // const domainName = window.location.origin;

        if (cta.attr('href') !== undefined) {
            // cta_url = domainName + cta.attr('href');
            cta_url = cta.attr('href');
        } else {
            cta_url = page_url;
        }

        adobeDataLayer.push({
            "event": "ctaClick",
            "clickInfo": {
                "ctaName": cta_name,
                "ctaType": cta_type,
                "destinationURL": cta_url,
                "ctaLocation": page_url,
                "ctaSection": cta_section
            }
        });
    }</script> <link rel="shortcut icon" href="https://www.dynamicyield.com/wp-content/uploads/2018/11/favicon-194x194.png" /></head><body class="page-template-default page page-id-197600 wp-featherlight-captions et_fixed_nav osx et_right_sidebar safari et_includes_sidebar elementor-default elementor-kit-140995 elementor-page elementor-page-197600 default_header"><div id="page-container"><header id="main-header" class="et_nav_text_color_dark"
 style="background: #fff;"><div class="container-fluid clearfix"><div class="dy-header-logo"> <a href="https://www.dynamicyield.com/"
 class="main-logo-container"><div id="logo_symbol"><svg xmlns="http://www.w3.org/2000/svg" xml:space="preserve" id="Layer_1" x="0" y="0" version="1.1" viewBox="0 0 266.8 164.9"><g id="XMLID_23_"><path fill="#ff5f00" d="M97.3 17.5h72.2v129.7H97.3z"/><path id="XMLID_35_" fill="#eb001b" d="M101.9 82.4c0-26.3 12.3-49.7 31.5-64.8-14-11-31.7-17.6-51-17.6C36.9-.1 0 36.8 0 82.4c0 45.5 36.9 82.5 82.5 82.5 19.2 0 36.9-6.6 51-17.6-19.3-15.2-31.6-38.6-31.6-64.9z"/><path d="M266.8 82.4c0 45.5-36.9 82.5-82.5 82.5-19.2 0-36.9-6.6-51-17.6 19.2-15.1 31.5-38.5 31.5-64.8s-12.3-49.7-31.5-64.8c14-11 31.7-17.6 51-17.6 45.6-.2 82.5 36.7 82.5 82.3zM259 133.5v-2.7h1.1v-.5h-2.7v.5h1.1v2.7h.5zm5.3 0v-3.2h-.8l-1 2.2-1-2.2h-.8v3.2h.6v-2.4l.9 2.1h.6l.9-2.1v2.4h.6z" fill="#f79e1b"/></g></svg></div> </a></div><div id="et-top-navigation" class="cd-morph-dropdown"><nav id="top-menu-nav" class="main-nav"><ul id="top-menu" class="nav"></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li><li class="has-dropdown product menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children" data-content="product" title=""> <a href="">Product</a></li><li class="has-dropdown solutions menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children" data-content="solutions" title=""> <a href="">Solutions</a></li><li class="has-dropdown why_dy menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children" data-content="why-dynamic-yield" title="Why DY"> <a href="">Why Dynamic Yield</a></li><li class="has-dropdown company menu-has-cta menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children" data-content="company" title=""> <a href="">Company</a></li><li class="has-dropdown learning_center menu-has-cta top-link-use-cases menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children" data-content="learning-center" title=""> <a href="">Learning Center</a></li><li class="contact top-link walker-last mobile-only menu-item menu-item-type-post_type menu-item-object-page" data-content="connect-with-us" title=""> <a href="https://www.dynamicyield.com/contact/"><span class="button-arrow">Connect with us</span></a></li></ul></nav><div class="morph-dropdown-wrapper"><div class="dropdown-list"><div class="dropdown-tooltip"></div><ul><li id="product" class="dropdown links"><a href="" class="label">Product</a><div class="content"><ul><li class="intro"><div class="exp_os-wrapper"><h2>Experience OS</h2><ul class="links-list"><li class=" menu-item menu-item-type-custom menu-item-object-custom"><a href="https://www.dynamicyield.com/experience-os/"><span class="menu-banner-img-wrap"><img class="menu-banner-img-desktop" src="/wp-content/uploads/2024/10/expos-nav-updated.png" width="218" height="131" /><img class="menu-banner-img-mobile" src="/wp-content/uploads/2024/10/expos-nav-updated-mobile.png" width="114" height="98" /></span><span class="menu-cta-text-wrap"><span class="menu-cta-subtitle">Get an overview of Dynamic Yield’s product and see why we’re known as the Experience OS.</span> <span class="menu-cta-button">Learn more →</span></span></a></li></ul></div></li><li class="left"><div class="key_caps-wrapper"><h2>Core Capabilities</h2><ul class="links-list"><li class="key-caps-segment menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/segmentation/"><svg version="1.1" id="audience" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 30 30" style="enable-background:new 0 0 30 30;" xml:space="preserve"><path id="audience-green" fill="#4FB294" d="M9.291,30H30V9.291C18.562737,9.291,9.291,18.562737,9.291,30z"/><path id="audience-black" d="M12.527,15.947C9.240353,12.385597,4.806085,10.093244,0,9.471V30h7.639 	C7.632218,24.897682,9.35532,19.943764,12.527,15.947z"/><circle id="audience-circle" fill="#4FB294" cx="15" cy="4.967" r="4.967"/></svg>Segmentation<span>Identify, build, and analyze audiences</span></a></li><li class="key-caps-omnichannel menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/targeting/"><svg version="1.1" id="personalization" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 20.987 30" style="enable-background:new 0 0 20.987 30;" xml:space="preserve"><path id="personalization-black-2" d="M20.987,19.507c0,5.795401-4.698099,10.4935-10.4935,10.4935S0,25.302401,0,19.507H20.987z"/><path id="personalization-pink" fill="#EE3968" d="M18.143,10.245c0,4.224978-3.425022,7.649999-7.65,7.649999S2.842999,14.469978,2.842999,10.245 	H18.143z"/><circle id="personalization-black-1" cx="10.494" cy="4.307" r="4.307"/></svg>Targeting<span>Serve each customer with unique offers</span></a></li><li class="key-caps-recs menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/recommendations/"><svg version="1.1" id="recs" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 30 30" style="enable-background:new 0 0 30 30;" xml:space="preserve"><path id="recs_4" d="M15.953,30H30V15.953H15.953V30z"/> <path id="recs_3" d="M0,15.953V30h14.047V15.953H0z"/><path id="recs_2" fill="#FFA354" d="M30,14.047V0H15.953v14.047H30z"/><path id="recs_1" d="M14.047,0H0v14.047h14.047V0z"/></svg>Recommendations<span>Algorithmically predict customers’ interests</span></a></li><li class="key-caps-email menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/journey-orchestration/"><svg version="1.1" id="trigger" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 26.017 30" style="enable-background:new 0 0 26.017 30;" xml:space="preserve"><path id="trigger-black" d="M14.017,12h12l-12,18V12z"/><path id="trigger-purple" fill="#5D39B9" d="M12,18H0L12,0V18z"/></svg>Journey Orchestration<span>Reach customers at critical moments</span></a></li><li class="key-caps-abtesting menu-item menu-item-type-custom menu-item-object-custom"><a href="/optimization/"><svg version="1.1" id="testing" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 28.713001 30" style="enable-background:new 0 0 28.713001 30;" xml:space="preserve"><path id="testing-blue" fill="#6BDADA" d="M15.831,0c7.114532,0,12.882001,5.767468,12.882001,12.882S22.945532,25.764,15.831,25.764l0,0V0z"/><path id="testing-black" d="M12.882,30C5.767468,30,0,24.232533,0,17.118S5.767468,4.236,12.882,4.236V30z"/></svg>Optimization<span>Experiment on any digital property</span></a></li><li class="key-caps-search menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/search/"><svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg"> <g clip-path="url(#clip0_4082_5186)" id="cap-search-svg-bg"> <path d="M11.6757 9.81054C8.73958 9.81054 6.35089 7.42177 6.35089 4.48562C6.35089 2.62899 7.30664 0.992133 8.75134 0.0388074C8.50309 0.0155936 8.25193 0.00238037 7.99762 0.00238037C3.58066 0.00238037 0 3.58304 0 8C0 12.417 3.58066 15.9976 7.99762 15.9976C12.4146 15.9976 15.9952 12.417 15.9952 8C15.9952 7.86848 15.9916 7.73782 15.9853 7.60785C15.0166 8.94122 13.4462 9.81054 11.6757 9.81054Z" fill="black"/> <path id="cap-search-svg-circle" d="M11.6757 0.161346C11.2226 0.161346 10.7857 0.231773 10.3749 0.361649C8.62429 0.915114 7.35156 2.55436 7.35156 4.48561C7.35156 6.87003 9.29141 8.80988 11.6757 8.80988C13.5373 8.80988 15.1277 7.62753 15.7358 5.97437C15.9066 5.51 16 5.00851 16 4.48561C16 2.10119 14.0602 0.161346 11.6757 0.161346Z" fill="#FFC61E"/> </g> <defs> <clipPath id="clip0_4082_5186"> <rect width="16" height="16" fill="white"/> </clipPath> </defs> </svg>Search<span>Help customers find what they want</span></a></li></ul></div></li><li class="right"><div class="scale-wrapper"><h2>Made for Scale</h2><ul class="links-list"><li class="key_caps-element menu-item menu-item-type-custom menu-item-object-custom"><a href="/element/">Element<span>A groundbreaking new dimension of hyper-personalization</span></a></li><li class="key_caps-adaptml menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/ai/">AI & Automation<span>Increase automation, lower operational costs, and drive more revenue with a holistic AI personalization system</span></a></li><li class="key_caps-apis menu-item menu-item-type-custom menu-item-object-custom"><a href="https://www.dynamicyield.com/experience-apis/">Experience APIs<span>Give developers the tools they need to build the best customer experiences</span></a></li><li class="key_caps-enterprise menu-item menu-item-type-custom menu-item-object-custom"><a href="https://www.dynamicyield.com/enterprise-grade-personalization/">Enterprise solutions<span>Scale with security, privacy, and compliance, made for the enterprise</span></a></li></ul></div></li></ul><a href="/shopping-muse/" target="" class="banner"><div class="menu-banner"><span class="menu-cta-text"><strong>Meet Shopping Muse: </strong> Conversational commerce meets cutting-edge personalization.</span> <span class="menu-cta-button">Learn more →</span></div></a></div></li><li id="solutions" class="dropdown links"><a href="" class="label">Solutions</a><div class="content"><ul><li class="left"><div class="industries-wrapper"><h2>Industries</h2><ul class="links-list"><li class="industry-ecomm menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/ecommerce/">eCommerce</a></li><li class="industry-finserv menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/financial-services/">Financial Services</a></li><li class="industry-qsr menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/restaurants/">Restaurants</a></li><li class="industry-grocery menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/grocery/">Grocery</a></li><li class="industry-b2b menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/b2b-ecommerce/">B2B eCommerce</a></li><li class="industry-travel menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/travel/">Travel</a></li><li class="industry-gaming menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/gaming/">iGaming</a></li><li class="industry-media menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/media/">Media</a></li></ul></div></li><li class="right"><div class="channels-wrapper"><h2>Channels</h2><ul class="links-list"><li class="channels-web menu-item menu-item-type-custom menu-item-object-custom"><a href="/web/">Web<span>Create customer-centric web experiences</span></a></li><li class="channels-email menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/channels/email/">Email<span>Personalize emails with a no-code builder</span></a></li><li class="channels-mobile-apps menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/mobile/">Apps<span>Optimize mobile app experiences</span></a></li><li class="channels-ads menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/advertising/">Ads<span>Improve customer acquisition results</span></a></li></ul></div></li></ul></div></li><li id="why-dynamic-yield" class="dropdown links"><a href="" class="label">Why Dynamic Yield</a><div class="content"><ul><li class="impact-wrapper"><h2>Proven impact and success services</h2><ul class="links-list"><li class=" menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/clients/">Select customers</a></li><li class=" menu-item menu-item-type-custom menu-item-object-custom"><a href="/case-studies/">Case studies</a></li><li class=" menu-item menu-item-type-custom menu-item-object-custom"><a href="/customer-success/">Customer success services</a></li></ul></li><li class="scale-wrapper"><h2>Built for scale</h2><ul class="links-list"><li class=" menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/enterprise-grade-personalization/">Enterprise-grade solutions</a></li><li class=" menu-item menu-item-type-custom menu-item-object-custom"><a href="/adaptml/">AI Technology</a></li><li class=" menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/gdpr-and-privacy/">GDPR and data privacy</a></li><li class=" menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/security/">Security</a></li><li class=" menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/compliance/">Compliance</a></li></ul></li><li class="network-wrapper"><h2>Robust partner network</h2><ul class="links-list"><li class=" menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/partners/">Partner library</a></li><li class=" menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/partner-program/">Partnership program</a></li><li class=" menu-item menu-item-type-custom menu-item-object-custom"><a href="/partners/#technology-partners">Tech Partners and Integrations</a></li></ul></li><li class="resources-wrapper"><h2>Extensive product resources</h2><ul class="links-list"><li class=" menu-item menu-item-type-custom menu-item-object-custom"><a href="https://support.dynamicyield.com/hc/en-us">Knowledge Base</a></li><li class=" menu-item menu-item-type-custom menu-item-object-custom"><a href="http://academy.dynamicyield.com/">Academy & Certification</a></li><li class=" menu-item menu-item-type-custom menu-item-object-custom"><a href="https://support.dynamicyield.com/hc/en-us/community/topics">Community</a></li><li class=" menu-item menu-item-type-custom menu-item-object-custom"><a href="https://dy.dev/">API documentation</a></li></ul></li></ul><a href="https://www.dynamicyield.com/personalization-awards/" target="_self" class="banner"><div class="menu-banner"><div class="menu-cta--left"> <img src="/wp-content/uploads/2023/11/2023-award-badge.svg" width="60" height="60" /></div><div class="menu-cta--right"> <strong class="menu-cta-title">The Personalization Awards</strong> <span class="menu-cta-subtitle">Celebrating customers and partners setting the gold-standard for personalization</span> <span class="menu-cta-button">Learn more →</span></div></div></a></div></li><li id="company" class="dropdown button"><a href="" class="label">Company</a><div class="content"><ul class="links-list"><li class=" menu-item menu-item-type-custom menu-item-object-custom"><a href="https://www.mastercard.com/us/en/for-the-world/about-us.html">About us</a></li><li class=" menu-item menu-item-type-custom menu-item-object-custom"><a href="/blog/">Blog</a></li><li class=" menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/labs/">DY Labs</a></li><li class=" menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/careers/">Careers</a></li><li class=" menu-item menu-item-type-custom menu-item-object-custom"><a href="https://events.dynamicyield.com/">Events</a></li><li class=" menu-item menu-item-type-custom menu-item-object-custom"><a href="https://www.mastercard.com/us/en/news-and-trends/stories.html">Press</a></li><li class=" menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/awards-and-recognitions/">Awards</a></li><li class=" menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/contact/">Contact us</a></li><li class=" menu-item menu-item-type-custom menu-item-object-custom"><a href="/request-demo/">Request a demo</a></li></ul></div></li><li id="learning-center" class="dropdown links"><a href="" class="label">Learning Center</a><div class="content"><ul><li class="top"><ul class="links-list"><li class="resources-xp hidden-mobile menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/learn/">Take your knowledge to exponential levels</a></li><li class="hidden-desktop menu-item menu-item-type-custom menu-item-object-custom"><a href="/learn/">XP<sup>2</sup> Hub<span>Take your knowledge to exponential levels</span></a></li><li class="resources-paths menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/learning-paths/">Learning Paths<span>Curated courses on key skill areas</span></a></li><li class="resources-webinars menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/talks/">Talks<span>Engaging discussions taking place in CX</span></a></li><li class="resources-articles menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/articles/">Articles<span>An expansive collection of in-depth playbooks</span></a></li><li class="resources-glossary menu-item menu-item-type-custom menu-item-object-custom"><a href="/glossary-terms/">Encyclopedia<span>A glossary of experience optimization terms</span></a></li><li class="resources-use-cases menu-item menu-item-type-post_type menu-item-object-page"><a href="https://www.dynamicyield.com/personalization-examples/">Inspiration Library<span>Personalization examples from real brands</span></a></li><li class="resources-maturity menu-item menu-item-type-custom menu-item-object-custom"><a href="https://www.dynamicyield.com/personalization-maturity/"><strong class="badge-new">Personalization Maturity</strong><span>How global businesses prioritize personalization</span></a></li><li class="resources-guides menu-item menu-item-type-custom menu-item-object-custom"><a href="/guides/">Guides & reports<span>Comprehensive topic-specific materials</span></a></li><li class="resources-benchmarks menu-item menu-item-type-custom menu-item-object-custom"><a href="https://marketing.dynamicyield.com/benchmarks/">Benchmarks<span>Industry performance metrics and insights</span></a></li></ul></li><li class="bottom"><a href="/rooted-personalization/" target="_self"><div class="menu-banner"><div class="menu-cta--left"> <img src="/wp-content/uploads/2023/03/rooted-icon.svg" width="60" height="60" /></div><div class="menu-cta--right"> <strong class="menu-cta-title">Rooted Personalization<span>new</span></strong> <span class="menu-cta-subtitle">Learn a scalable methodology for building an audience-based personalization program.</span> <span class="menu-cta-button">Find out more →</span></div></div></a></li></ul></div></li><li class="contact top-link walker-last mobile-only menu-item menu-item-type-post_type menu-item-object-page" data-content="connect-with-us" title=""> <a href="https://www.dynamicyield.com/contact/"><span class="button-arrow">Connect with us</span></a></li></ul><div class="bg-layer" aria-hidden="true"></div></div></div></li></ul></nav></div><div class="topnav-buttons"><div class="language-switcher header-language-switcher"><ul><li>en<ul><li><a class="active" href="https://www.dynamicyield.com/dpa/">English</a></li><li><a href="https://www.dynamicyield.com/es/dpa/">Español</a></li><li><a href="https://www.dynamicyield.com/de/">Deutsch</a></li><li><a href="https://www.dynamicyield.com/fr/">Français</a></li><li><a href="https://www.dynamicyield.com/ja/">日本語</a></li></ul></li></li></ul></div> <a class="pulse-button v5 pulsed nav_btn" href="/request-demo/"> <span class="button-inner"> Talk to sales </span> </a> <a href="" class="nav-trigger"> Open Nav <span class="nav-trigger-box"><span class="nav-trigger-inner"></span></span> </a></div></div></header><div id="top-nav-backdrop"></div><div id="et-main-area"><div id="main-content"><div class="container"><div id="content-area" class="clearfix"><div id="left-area"><article id="post-197600" class="post-197600 page type-page status-publish hentry"><div class="entry-content"><div data-elementor-type="wp-page" data-elementor-id="197600" class="elementor elementor-197600" data-elementor-settings="[]"><div class="elementor-inner"><div class="elementor-section-wrap"><section class="elementor-element elementor-element-f97fd5e elementor-section-boxed elementor-section-height-default elementor-section-height-default elementor-section elementor-top-section" data-id="f97fd5e" data-element_type="section"><div class="elementor-container elementor-column-gap-default"><div class="elementor-row"><div class="elementor-element elementor-element-4153413e elementor-column elementor-col-100 elementor-top-column" data-id="4153413e" data-element_type="column"><div class="elementor-column-wrap  elementor-element-populated"><div class="elementor-widget-wrap"><div class="elementor-element elementor-element-44601cec elementor-widget elementor-widget-text-editor" data-id="44601cec" data-element_type="widget" data-widget_type="text-editor.default"><div class="elementor-widget-container"><div class="elementor-text-editor elementor-clearfix"><h1 style="text-align: center; color: #000000; font-size: 32px;"><strong><span style="font-size: 32px;">Mastercard – Customer Data Processing Agreement</span></strong></h1><p style="text-align: center;"><strong>Effective Date: July 2nd, 2025.</strong></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">This Data Processing Agreement (the “<strong>DPA</strong>”), which includes <strong>Annexes 1 </strong>and <strong>2</strong>, is incorporated into and forms an integral part of the Agreement (the “<strong>Principal Agreement</strong>”) and governs the Processing of Personal Data in the context of the Services between Mastercard and Customer, as defined under the Principal Agreement.</span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Mastercard and Customer are collectively referred to as the “<strong>Parties</strong>” or each individually as a “<strong>Party</strong>”. For the purposes of this DPA only, and except where indicated otherwise, the term &#8220;Mastercard&#8221; and “Customer” include Mastercard’s and Customer’s respective Affiliates</span><span style="font-size: 13px;"> </span><span style="font-size: 13px;">insofar as they are a party to the Principal Agreement or any collateral thereto.</span></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">The Parties agree that the DPA is supplemental to any existing confidentiality or privacy and data protection terms contained in the Principal Agreement. To the extent of an overlap, inconsistency, or direct conflict between the terms of the Principal Agreement (or a collateral contract to the Principal Agreement) and this DPA, the terms of this DPA shall govern and control. </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">For the avoidance of doubt, this DPA applies to all Personal Data collected by Mastercard in the context of the Principal Agreement, including Personal Data collected by Mastercard in the context of the Principal Agreement before the effective date of this DPA.</span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">1.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Definitions</span></strong><span style="font-size: 13px;">.</span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">1.1.<span style="font-size: 9px;">   </span></span><span style="font-size: 13px;">The terms “<strong>Personal Data Breach</strong>”, “<strong>Processing/Process</strong>”, “<strong>Sell</strong>”, “<strong>Sensitive Data</strong>”, “<strong>Share</strong>”, and “<strong>Supervisory Authority</strong>” have the meanings given to those terms under applicable Privacy and Data Protection Law. In the event of a conflict, the meaning from the law applicable to the residence of the relevant Data Subject applies.</span><strong><span style="font-size: 13px;"> </span></strong></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">1.2.<span style="font-size: 9px;">   </span></span><span style="font-size: 13px;">“<strong>Affiliate</strong>” means, in relation to a Party, any other entity which directly or indirectly Controls, is Controlled by, or is under direct or indirect common Control with that Party from time to time. “Control”, for the purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">1.3.<span style="font-size: 9px;">   </span></span><span style="font-size: 13px;">“<strong>Controller</strong>” means the entity which determines the purposes and means of the Processing of Personal Data, including as applicable a “business” or equivalent term as defined under applicable Privacy and Data Protection Law.  </span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">1.4.<span style="font-size: 9px;">     </span></span><span style="font-size: 13px;">“<strong>Data Protection Rights</strong>” means all rights granted to Data Subjects under Privacy and Data Protection Law, which may include – depending on applicable law – the right to know, the right of access, rectification, erasure, complaint, data portability, restriction of Processing, objection to the Processing, and rights relating to automated decision-making and indemnification against misuse of Personal Data.</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">1.5.<span style="font-size: 9px;">     </span></span><span style="font-size: 13px;">“<strong>Data Subject</strong>” means the identified or identifiable individual to whom Personal Data relates. </span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">1.6.<span style="font-size: 9px;">     </span></span><span style="font-size: 13px;">“<strong>EU Data Protection Law</strong>” means the General Data Protection Regulation (EU) 2016/679 (“<strong>GDPR</strong>”) and the e-Privacy Directive 2002/58/EC (as amended by Directive 2009/136/EC), their national implementations in the European Economic Area (“<strong>EEA</strong>”), including the European Union (“<strong>EU</strong>”), and all other data protection laws of the EEA, the United Kingdom (“<strong>UK</strong>”), Monaco, and Switzerland, each as applicable, and as may be amended or replaced from time to time.</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">1.7.<span style="font-size: 9px;">     </span></span><span style="font-size: 13px;">“<strong>Mastercard BCRs</strong>” means the Mastercard Binding Corporate Rules as approved by the data protection authorities and available at </span><u><a style="color: purple;" href="https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf"><span style="color: #1155cc; font-size: 13px;">https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf</span></a></u><span style="font-size: 13px;">.</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">1.8.<span style="font-size: 9px;">     </span></span><span style="font-size: 13px;">“<strong>Personal Data</strong>” means information that can reasonably identify, relate to, describe, be capable of being associated with, or be linked, directly or indirectly, to a particular individual or household, including “personal data”, “personal information”, or equivalent terms as defined under applicable Privacy and Data Protection Law. To the extent permitted by applicable Privacy and Data Protection Law, “Personal Data” does not include information that is deidentified, aggregated, or anonymized in accordance with applicable law, or otherwise excluded from the scope of applicable Privacy and Data Protection Law.  </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">1.9.<span style="font-size: 9px;">     </span></span><span style="font-size: 13px;">“<strong>Privacy and Data Protection Law</strong>” means any law, statute, declaration, decree, legislation, enactment, order, ordinance, regulation or rule (as amended and replaced from time to time) which relates to the privacy and protection of Personal Data, and to which the Parties are subject, including but not limited to EU Data Protection Law; State Privacy Laws; the U.S. Gramm-Leach-Bliley Act; laws regulating unsolicited email, telephone, and text message communications; security breach notification laws; laws imposing minimum security requirements; laws requiring the secure disposal of records containing certain Personal Data; laws governing the portability and/or cross-border transfer of Personal Data; and all other similar international, federal, state, provincial, and local requirements; each as applicable.</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">1.10.<span style="font-size: 9px;">   </span></span><span style="font-size: 13px;"> </span><span style="font-size: 13px;">“<strong>Processor</strong>” means the entity which Processes Personal Data on behalf of the Controller, including as applicable a “service provider” or equivalent term as defined under applicable Privacy and Data Protection Law.</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">1.11.<span style="font-size: 9px;">   </span></span><span style="font-size: 13px;">“<strong>Services</strong>” means the services provided by Mastercard to Customer under the Principal Agreement.</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">1.12.<span style="font-size: 9px;">   </span></span><span style="font-size: 13px;">“<strong>Standard Contractual Clauses</strong>” means the clauses annexed to the EU Commission Implementing Decision 2021/914 of June 4, 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council (OJ L 199, 7.6.2021, p. 31-61), as amended or replaced from time to time.</span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">1.13.<span style="font-size: 9px;">   </span></span><span style="font-size: 13px;">“<strong>State Privacy Laws</strong>” means the California Consumer Privacy Act, Cal. Civ. Code 1798.100 et seq., as amended including by the California Privacy Rights Act, the Virginia Consumer Data Protection Act, Code of Virginia title 59.1, Chapter 52, the Colorado Privacy Act, Colorado Rev. Stat. 6-1-1301 et seq., the Utah Consumer Privacy Act, Utah Code 13-61-101 et seq., the Connecticut Personal Data Privacy and Online Monitoring Act, Public Act No. 22-15, and any other U.S. state privacy laws and their implementing regulations issued pursuant thereto, as amended and superseded from time to time.</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">1.14.<span style="font-size: 9px;">   </span></span><span style="font-size: 13px;">“<strong>Sub-Processor</strong>” means a Processor engaged by a Processor to carry out Processing on behalf of a Controller.</span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">1.15.<span style="font-size: 9px;">   </span></span><span style="font-size: 13px;">“<strong>Swiss Addendum</strong>” means the addendum to the Standard Contractual Clauses required by the Swiss Federal Data Protection and Information Commissioner to satisfy the requirements of the Swiss Federal Data Protection Act (“FADP”).</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">1.16.<span style="font-size: 9px;">   </span></span><span style="font-size: 13px;">“<strong>UK Addendum</strong>” means the addendum to the Standard Contractual Clauses issued by the UK Information Commissioner under Section 119A of the UK Data Protection Act 2018 (version B1.0, in force March 21, 2022).</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">2.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Roles of the Parties and Processing by Mastercard.</span></strong><strong><span style="font-size: 13px;"> </span></strong></p><p style="text-align: justify; color: #000000; font-size: 15px;"><span style="font-size: 13px;">2.1.<span style="font-size: 9px;">   </span></span><u><span style="font-size: 13px;">Processing of Personal Data subject to Privacy and Data Protection Law</span></u><span style="font-size: 13px;">. This Section 2.1 applies only to the Processing of Personal Data that is subject to Privacy and Data Protection Law that require the Controller and Processor to enter into a data processing agreement. For the avoidance of doubt, this also applies where the applicable Privacy and Data Protection Law does not specifically use the terms Controller and Processor.</span></p><p style="text-align: justify; color: #000000; font-size: 15px; margin-left: 20px;"><span style="font-size: 13px;">2.1.1. </span><u><span style="font-size: 13px;">Roles of the Parties</span></u><span style="font-size: 13px;">. Mastercard acts as Processor on behalf of Customer and Customer acts as a Controller (or a Processor on behalf of another Controller) in the context of the Services described in Annex 1.</span></p><p style="text-align: justify; color: #000000; font-size: 15px; border: medium; margin-left: 20px;"><span style="font-size: 13px;">2.1.2. </span><u><span style="font-size: 13px;">Processing by Mastercard</span></u><span style="font-size: 13px;">. Customer hereby authorizes Mastercard to Process, as permitted by applicable Privacy and Data Protection Law, as a Controller, Personal Data relating to the operation, support, or use of the Services to (i) conduct internal analyses of Personal Data, (ii) develop and improve existing and future products and services, including through the development of algorithmic models, (iii) monitor and prevent fraud, (iv) prepare and furnish reports of aggregated  information, and to anonymize information, provided that such reports do not identify the Customer or any Data Subjects, and Mastercard will not, and will not allow its Sub-Processors to, attempt to re-identify any such anonymized or aggregated information, and (v) for other purposes for which consent has been provided by the Data Subject to whom the Personal Data relates. Mastercard represents and warrants that it will Process Personal Data for these purposes in compliance with applicable Privacy and Data Protection Law and the Mastercard BCRs.</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">2.2.<span style="font-size: 9px;">     </span></span><u><span style="font-size: 13px;">Processing of Covered Personal Data Subject to State Privacy Laws</span></u><span style="font-size: 13px;">. This Section 2.2 applies only to the Processing of Personal Data that is subject to the State Privacy Laws by Mastercard on behalf of Customer (“<strong>Covered Personal Data</strong>”). Notwithstanding any provision to the contrary of this DPA or this Section, the terms of this Section shall not apply to Mastercard’s Processing of Covered Personal Data that is exempt from the State Privacy Laws. Except as expressly permitted by the State Privacy Laws, Mastercard will not (i) Sell or Share Covered Personal Data; (ii) retain, use, or disclose Covered Personal Data for any purpose other than for the specific purpose of performing the Services under the Principal Agreement and Annex 1 for Customer; (iii) retain, use, or disclose Covered Personal Data outside the direct business relationship between the Parties; or (iv) combine Covered Personal Data with Personal Data obtained from, or on behalf of, sources other than Customer, except as expressly permitted under applicable State Privacy Laws.</span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">2.3.<span style="font-size: 9px;">     </span></span><u><span style="font-size: 13px;">Categories of Personal Data</span></u><span style="font-size: 13px;">. Customer represents and warrants that Customer will not share or make available any (i) special categories of Personal Data, as defined under applicable Privacy and Data Protection Law, or (ii) Personal Data relating to Data Subjects being minors, with Mastercard in the context of the Services. </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><strong><span style="font-size: 13px;"> </span></strong></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">3.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Additional Obligations of the Parties.</span></strong><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">3.1.<span style="font-size: 9px;">   </span></span><u><span style="font-size: 13px;">Compliance with Privacy and Data Protection Law</span></u><span style="font-size: 13px;">. Customer and Mastercard represent and warrant that they will comply with Privacy and Data Protection Law when Processing Personal Data in the context of the Services and will provide the level of privacy protection required by the Privacy and Data Protection Laws. Customer and Mastercard agree to cooperate in good faith to enter into additional terms to address any modifications, amendments, or updates to applicable Privacy and Data Protection Law. In particular, the Parties agree to the following:</span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">3.1.1. </span><u><span style="font-size: 13px;">Notice and Consent for the Processing of Personal Data</span></u><span style="font-size: 13px;">. As a Controller, Customer is responsible for complying with Privacy and Data Protection Law in the context of the Processing of Personal Data as set forth in Annex 1, </span><span style="font-size: 13px;">which </span><span style="font-size: 13px;">may </span><span style="font-size: 13px;">include </span><span style="font-size: 13px;">the profiling of Data Subjects.  Customer represents and warrants that </span><span style="font-size: 13px;">it </span><span style="font-size: 13px;">will, as required under Privacy and Data Protection Law, (i) provide clear and transparent notice to Data Subjects in an easily accessible form that includes appropriate references to the categories of Personal Data involved, the Customer’s legal basis for the Processing, and the sharing of the Personal Data with Mastercard</span><span style="font-size: 13px;">;</span><span style="font-size: 13px;"> and (ii) </span><span style="font-size: 13px;"> </span><span style="font-size: 13px;">rely on a valid legal ground, including Data Subjects’ consent when required under Privacy and Data Protection Law, for the Processing of Personal Data as set forth in Annex 1. </span><span style="font-size: 13px;">     </span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">3.1.2. </span><u><span style="font-size: 13px;">Cookies Notice and Consent</span></u><span style="font-size: 13px;">. </span><span style="font-size: 13px;">Customer is responsible for providing notice and obtaining consent as required under Privacy and Data Protection Law to allow for the storing or gaining access to information stored on Data Subjects’ terminal equipment via cookies and similar technologies. Customer must </span><span style="font-size: 13px;">enable Data Subjects to withdraw such consent at any time as easily as it was originally given</span><span style="font-size: 13px;">.</span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">3.1.3. </span><u><span style="font-size: 13px;">Proof of Consent</span></u><span style="font-size: 13px;">. </span><span style="font-size: 13px;">To the extent that Data Subjects’ consent is required under Privacy and Data Protection Law, Customer must be able to demonstrate that valid </span><span style="font-size: 13px;">consent </span><span style="font-size: 13px;">has been obtained from Data Subjects</span><span style="font-size: 13px;">.</span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">3.2.<span style="font-size: 9px;">   </span></span><u><span style="font-size: 13px;">Instructions</span></u><span style="font-size: 13px;">. Where Mastercard acts as a Processor on behalf of Customer as per Section 2.1.1 above, Mastercard will take steps to:</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">3.2.1. </span><span style="font-size: 13px;">Only Process Personal Data in accordance with the Customer’s lawful documented instructions or as otherwise agreed by the Parties in writing, unless otherwise required or permitted by law. </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">3.2.2. </span><span style="font-size: 13px;">Promptly inform Customer if, in its opinion, the Customer’s instructions infringe Privacy and Data Protection Law, or if Mastercard is unable to comply with the Customer’s instructions without failing to meet its obligations under Privacy and Data Protection Law.   </span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">3.2.3. </span><span style="font-size: 13px;">Notify Customer when local laws prevent Mastercard from (1) fulfilling its obligations under this DPA or the Mastercard BCRs and have a substantial adverse effect on the guarantees provided by this DPA or the Mastercard BCRs; and (2) complying with the instructions received from the Customer via this DPA, except if such disclosure is prohibited by applicable laws, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation. </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Notify Customer, as required under applicable Privacy and Data Protection Law, no later than five business days after determining that it can no longer meet its obligations under applicable State Privacy Laws. Upon receiving notice from Mastercard in accordance with this subsection, Customer may direct Mastercard to take reasonable and appropriate steps to stop and remediate unauthorized use of Personal Data. </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">3.3.<span style="font-size: 9px;">   </span></span><u><span style="font-size: 13px;">Confidentiality</span></u><span style="font-size: 13px;">. Mastercard will ensure that persons authorized to Process Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">3.4.<span style="font-size: 9px;">   </span></span><u><span style="font-size: 13px;">Security</span></u><span style="font-size: 13px;">. The Parties will take steps to ensure a level of security appropriate to the risk for the Personal Data and implement at the minimum the security measures listed in Annex 2. The Parties must notify a Personal Data Breach that relates to Personal Data Processed in the context of the Service to the other Party, without undue delay, and no later than 48 hours after having become aware of a Personal Data Breach.    </span><strong><span style="font-size: 13px;"> </span></strong></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">3.5.<span style="font-size: 9px;">   </span></span><u><span style="font-size: 13px;">Sub-Processing</span></u><span style="font-size: 13px;">. Customer gives a general authorization and instructs Mastercard to engage internal and external Sub-Processors in the context of the Services under the conditions set forth below, including any addition or replacement of Sub-Processors, and Mastercard represents and warrants that when Sub-Processing the Processing of Personal Data in the context of the Services, and to the extent required by applicable Privacy and Data Protection Law, it will:</span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">3.5.1. </span><span style="font-size: 13px;">Bind its Affiliates acting as Sub-Processors to respect the Mastercard BCRs and to comply with the Customer’s instructions.</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">3.5.2. </span><span style="font-size: 13px;">Require its other Sub-Processors, via a written agreement, to comply with applicable Privacy and Data Protection Law, with the Customer’s instructions and with s<span style="color: black;">ubstantially similar</span> obligations as are imposed on Mastercard by this Section and the Mastercard BCRs.  </span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">3.5.3.</span><span style="font-size: 13px;">Remain liable to the Customer for the performance of its Sub-Processors’ obligations. </span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">3.5.4. </span><span style="font-size: 13px;">Commit to provide a list of Sub-Processors to Customer upon request. </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium; margin-left: 20px;"><span style="font-size: 13px;">3.5.5 .</span><span style="font-size: 13px;">Inform Customer of any addition or replacement of a Sub-Processor in a timely fashion and, if required by applicable Privacy and Data Protection Law, give Customer an opportunity to object to the change, except where the Services cannot be provided without the involvement of a specific Sub-Processor. </span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">3.6.<span style="font-size: 9px;">   </span></span><u><span style="font-size: 13px;">Assistance</span></u><span style="font-size: 13px;">. To the extent required by Privacy and Data Protection Law and upon Customer’s prior written request, Mastercard will assist Customer, in so far as reasonably possible, in fulfilling Customer’s own data protection compliance obligations under Privacy and Data Protection Law, and provide to Customer all information available to Mastercard as reasonably necessary to demonstrate compliance with the Customer’s own obligations under Privacy and Data Protection Law, including Customer’s obligation to conduct data protection impact assessments or prior consultation with Supervisory Authorities. </span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">3.7.<span style="font-size: 9px;">   </span></span><u><span style="font-size: 13px;">Delete or Return Personal Data</span></u><span style="font-size: 13px;">. Upon written request to delete or return Personal Data by Customer, except for any Personal Data which Mastercard Processes as a Controller, Mastercard will, at the choice of Customer, delete, anonymize, or return such Personal Data to Customer, except where Mastercard needs to retain a copy of such Personal Data to fulfill any legal obligations (in which case Mastercard will protect the confidentiality of the Personal Data). </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">3.8.<span style="font-size: 9px;">   </span></span><u><span style="font-size: 13px;">Data Protection Audit</span></u><span style="font-size: 13px;">.<strong> </strong>To the extent required by EU Data Protection Law and upon prior written request by Customer, Mastercard agrees to cooperate and within reasonable time provide Customer with: (a) a summary of the audit reports demonstrating Mastercard’s compliance with its obligations under this DPA and Mastercard BCRs where the transfer of Personal Data is based on the Mastercard BCRs, or such other relevant documentation, as required by Privacy and Data Protection Law, after redacting any confidential and commercially sensitive information; and (b) confirmation that the audit has not revealed any material vulnerability in Mastercard’s systems, or to the extent that any such vulnerability was detected, that Mastercard has fully remedied such vulnerability. If the above measures are not sufficient to meet the requirements of applicable Privacy and Data Protection Law and the Mastercard BCRs, or reveal some material issues, subject to the strictest confidentiality obligations, and maximum once a year, Mastercard allows Customer to request an audit of Mastercard’s data protection compliance program by external independent auditors, which are jointly selected by the Parties. The external independent auditor cannot be a competitor of Mastercard, and the Parties will mutually agree upon the scope, timing, and duration of the audit. Mastercard will make available to Customer the result of the audit of its data protection compliance program.</span><strong><em><span style="font-size: 13px;"> </span></em></strong></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">3.9.<span style="font-size: 9px;">   </span></span><u><span style="font-size: 13px;">Data Subject Requests</span></u><span style="font-size: 13px;">. The Services may provide Customer with features to assist Customer with its obligations relating to responding to requests from Data Subjects to exercise their Data Protection Rights (“<strong>Data Subject Requests</strong>”). To the extent the Services do not provide such features or Customer is unable to address a Data Subject Request through the Services, Mastercard will provide Customer with reasonable assistance to respond to Data Subject Requests as required under applicable Privacy and Data Protection Law relating to the Processing of Personal Data under the Principal Agreement and Customer will reimburse Mastercard for commercially reasonable costs arising from this assistance. If a Data Subject Request is made directly to Mastercard regarding the Processing of Personal Data under the Principal Agreement, and to the extent Customer is identified in the Data Subject Request or can easily be identified by Mastercard based on the Data Subject Request, Mastercard will direct the Data Subject to submit their request to Customer. </span></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">4.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Personal Data Transfers</span></strong><span style="font-size: 13px;">.</span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">4.1.<span style="font-size: 9px;">   </span></span><span style="font-size: 13px;">Customer acknowledges that Mastercard may, and where required by applicable Privacy and Data Protection Law, Customer authorizes Mastercard to, transfer Personal Data Processed in connection with the Services globally in accordance with the Mastercard BCRs or any other lawful data transfer mechanism. Mastercard represents and warrants that it will abide by the Mastercard BCRs in the context of such transfers of Personal Data.</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">4.2.<span style="font-size: 9px;">   </span></span><span style="font-size: 13px;">To the extent that the Mastercard BCRs cannot be relied upon as appropriate safeguards, the transfer shall be governed by the Standard Contractual Clauses and the UK Addendum or the Swiss Addendum, as applicable, which are incorporated into this DPA by reference.</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: 15px; border: medium; margin-left: 20px;"><span style="font-size: 13px;">4.2.1. </span><span style="font-size: 13px;">The Parties conclude and complete module two (controller-to-processor) of the Standard Contractual Clauses as follows: (i) they implement the optional docking clause in Clause 7; strike the optional paragraph in Clause 11(a); choose option 2 in Clause 9(a); indicate Belgium in Clauses 13(a) and Clause 17, and indicate the courts of Brussels, Belgium in Clause 18(b); (ii) the “data exporter” is Customer; the “data importer” is Mastercard; and (iii) Annex I and II to the Standard Contractual Clauses are Annex 1 and 2 to this DPA respectively.</span><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: 15px; border: medium; margin-left: 20px;"><span style="font-size: 13px;">4.2.2. </span><span style="font-size: 13px;">The Swiss Addendum is completed as follows: (i) in deviation of Clause 13(a) of the Standard Contractual Clauses in connection with its Annex I.C. incorporated in Annex 1 to this DPA, the competent supervisory authority in Annex 1 shall be the Swiss Federal Data Protection and Information Commissioner and all references to the &#8220;competent supervisory authority” shall be interpreted accordingly, (ii) the references to the “Regulation (EU) 2016/679” and specific articles thereof in the Standard Contractual Clauses should be interpreted as references to the FADP and its corresponding provisions, as applicable. </span></p><p style="text-align: justify; color: #000000; font-size: 15px; border: medium; margin-left: 20px;"><span style="font-size: 13px;">4.2.3. </span><span style="font-size: 13px;">Part 1 of the UK Addendum is completed as follows: (i) in Table 1, the “Exporter” is Customer and the “Importer” is Mastercard, their details are set forth in the Principal Agreement and this DPA; (ii) in Table 2, the first option is selected and the “Approved EU SCCs” are the Standard Contractual Clauses referred to in Section 4.2.1 of this DPA; (iii) in Table 3, “Annex 1 (A and B) and II to the” Approved EU SCCs” are Annexes 1 and 2 to this DPA; and (iv) in Table 4, both the “Importer” and the “Exporter” can terminate the UK Addendum. </span></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 20px;"><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">5.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Liability. </span></strong><span style="font-size: 13px;">The Parties agree that if Mastercard has paid compensation, damages or fines, Mastercard is entitled to claim back from Customer that part of the compensation, damages or fines, corresponding to Customer’s part of responsibility for the compensation, damages or fines.</span></p><p style="text-align: justify; color: #000000; font-size: medium;"><strong><span style="font-size: 13px;"> </span></strong></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">6.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Applicable Law and Jurisdiction</span></strong><span style="font-size: 13px;">.</span></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">6.1.<span style="font-size: 9px;">   </span></span><span style="font-size: 13px;">To the extent the Processing of Personal Data is subject to EU Data Protection Law, this DPA and the Processing of Personal Data will be governed by the law of Belgium and any dispute will be submitted to the Courts of Brussels.</span></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">6.2.<span style="font-size: 9px;">   </span></span><span style="font-size: 13px;">To the extent the Processing of Personal Data is not subject to EU Data Protection Law, this DPA and the Processing of Personal Data will be governed by the law applicable to the Principal Agreement, and any dispute will be submitted to the Courts identified in the Principal Agreement.</span></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">7.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Modification of this DPA</span></strong><span style="font-size: 13px;">. This DPA may only be updated by Mastercard or its Affiliates without notice, provided that the Customer shall be notified in advance of any material change Mastercard or its Affiliates deem adverse to the Customer.</span></p><p style="text-align: justify; color: #000000; font-size: medium;"><strong><span style="font-size: 13px;"> </span></strong></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">8.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Termination.</span></strong><span style="font-size: 13px;"> The Parties agree that this DPA is terminated upon the termination of the Principal Agreement.</span></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">9.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Invalidity and Severability.</span></strong><span style="font-size: 13px;"> If any provision of this DPA is found by any court or administrative body of competent jurisdiction to be invalid or unenforceable, the invalidity or unenforceability of such provision will not affect any other provision of this DPA and all provisions not affected by such invalidity or unenforceability will remain in full force and effect. </span></p><p style="text-align: center; color: #000000; font-size: 48px;"><strong><span style="font-size: 13px;">Annex 1 – Description of processing activities</span></strong></p><p style="text-align: start; color: #000000; font-size: medium;"><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium;"><strong><span style="font-size: 13px;">A.<span style="font-size: 9px;">             </span></span></strong><strong><span style="font-size: 13px;">LIST OF PARTIES</span></strong></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;"> </span><span style="font-size: 13px;">Data exporter:</span></p><ul><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Name: Customer as defined in the Principal Agreement</span></li><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Address: See signature  page in the Principal Agreement</span></li><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Contact person’s name, position and contact details: See signature in the Principal Agreement</span></li><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Activities relevant to the data transferred: Receiving the Services as described in this DPA and the Principal Agreement</span></li><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Signature and date: See signature page in the Principal Agreement</span></li><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;"><span style="font-size: 9px;"> </span></span><span style="font-size: 13px;">Role (Controller/Processor): Controller</span></li></ul><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Data importer:</span><span style="font-size: 13px;"> </span></p><ul><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;"><span style="font-size: 9px;"> </span></span><span style="font-size: 13px;">Name: Mastercard as defined in the Principal Agreement</span></li><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Address: See signature page in the Principal Agreement</span></li><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;"><span style="font-size: 9px;">  </span></span><span style="font-size: 13px;">Contact person’s name, position and contact details: See signature page in the Principal Agreement</span></li><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Activities relevant to the data transferred: Providing the Services as described in this DPA and the Principal Agreement</span></li><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Signature and date: See signature page in the Principal Agreement</span></li><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Role (Controller/Processor): Processor</span></li></ul><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;"> </span></p><p style="text-align: start; color: #000000; font-size: medium;"><strong><span style="font-size: 13px;">B.<span style="font-size: 9px;">    </span></span></strong><strong><span style="font-size: 13px;">      DESCRIPTION OF TRANSFER</span></strong></p><ul><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Categories of Data Subjects whose Personal Data is transferred: <em>End-users (i.e., cardholders and consumers)</em></span></li><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;"><span style="font-size: 9px;"> </span></span><span style="font-size: 13px;">Categories of Personal Data transferred: </span></li></ul><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 20px;"><span style="font-size: 13px;">○<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">Geographic information (city, state, country and as applicable, postal code);</span></em></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 20px;"><span style="font-size: 13px;">○<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">Audience membership &#8211; based on real time user segmentation and backend historical calculations;</span></em></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 20px;"><span style="font-size: 13px;">○<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">IP address;</span></em></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 20px;"><span style="font-size: 13px;">○<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">Online identifiers (i.e., online data collected from end-user’s devices, applications and protocols), such as UDID, cookie identifiers, and other unique ID that Mastercard or Customer assigns to end-users’ devices;</span></em></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 20px;"><span style="font-size: 13px;">○<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">Device and browser attributes;</span></em></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 20px;"><span style="font-size: 13px;">○<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">Page views and interactions;</span></em></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 20px;"><span style="font-size: 13px;">○<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">As applicable: Customer events (e.g., and “add to cart” or other interactions and engagement set up by Customer);</span></em></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 20px;"><span style="font-size: 13px;">○<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">As applicable: search query terms;</span></em></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 20px;"><span style="font-size: 13px;">○<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">Only as applicable, the information you provide to us:</span></em></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 40px;"><span style="font-size: 13px;">■<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">email address;</span></em></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 40px;"><span style="font-size: 13px;">■<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">CRM data and other data that Customer elects for onboarding (e.g., gender, status, average order value, number of items ordered, days since last order, net sales, items per order, days since first order, sessions since last order, days since last visit, average interpurchase time, last order site, loyalty status, etc.);</span></em></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 40px;"><span style="font-size: 13px;">■<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">Online purchase history on the Customer website;</span></em></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 40px;"><span style="font-size: 13px;">■<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">Offline purchase history;</span></em></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 40px;"><span style="font-size: 13px;">■<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">For financial institutions only: transaction data (e.g., end-users’ spend history, predictive spend, travel spend).</span></em></p><ul><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Sensitive data transferred (if applicable) and applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialized training), keeping a record of access to the data, restrictions for onward transfers or additional security measures: <em>No Sensitive Data.</em></span></li><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">The frequency of the transfer (e.g., whether the Personal Data is transferred on a one-off or continuous basis): <em>On a continuous basis.</em></span></li><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Nature of the Processing: <em>The Personal Data will be processed and transferred as described in this DPA and the Principal Agreement.</em></span><span style="font-size: 13px;"> </span></li><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Purpose(s) of the transfer and further Processing: <em>The Personal Data will be processed and transferred for the provision of the Services as described in this DPA and the Principal Agreement, in particular to: </em></span></li></ul><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 20px;"><span style="font-size: 13px;">○<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">Personalize end users’ interaction with Customer’s online platforms across the web, mobile web, mobile apps and email and other channels;</span></em></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 20px;"><span style="font-size: 13px;">○<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">Build actionable end users’ segments in real time, enabling Customer to take instant action via personalization, product/content recommendations, automatic optimization, real-time messaging and other activation modules offered by Mastercard from time to time;</span></em></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 20px;"><span style="font-size: 13px;">○<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">As applicable, and for financial institutions only: examine spending patterns [on end-user transaction data/consumer payment cards] to improve card engagement and usage;</span></em></p><p style="text-align: justify; color: #000000; font-size: medium; margin-left: 20px;"><span style="font-size: 13px;">○<span style="font-size: 9px;">      </span></span><em><span style="font-size: 13px;">As applicable, and for financial institutions only:</span></em><em><span style="font-size: 13px;"> prepare and furnish aggregated reports on end-users’ spending patterns.</span></em></p><ul><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">The period for which the Personal Data will be retained, or, if that is not possible, the criteria used to determine that period: <em>Personal Data will be retained for as long as necessary taking into account the purpose of the Processing, and in compliance with applicable laws, including laws on the statute of limitations and Privacy and Data Protection Law. </em></span></li><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">For transfer to Sub-Processors, also specify subject matter, nature and duration of the Processing: <em>The Personal Data may be transferred to Sub-Processors to provide the Services as described in this DPA and the Principal Agreement.</em></span></li></ul><p style="text-align: start; color: #000000; font-size: medium;"><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium;"><strong><span style="font-size: 13px;">C.<span style="font-size: 9px;">    </span></span></strong><strong><span style="font-size: 13px;">COMPETENT SUPERVISORY AUTHORITY</span></strong></p><p style="text-align: justify; color: #000000; font-size: medium;"><em><span style="font-size: 13px;"> </span></em><em><span style="font-size: 13px;">The Belgian Supervisory Authority shall act as the competent Supervisory Authority.</span></em><em><span style="font-size: 13px;"> </span></em></p><h3 style="text-align: center; color: #000000; font-size: 48px;"><strong><span style="font-size: 13px;">Annex 2 – Security Measures</span></strong></h3><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">The Parties will apply at least the following types of security measures to Personal Data:</span><span style="font-size: 13px;"> </span></p><h1 style="text-align: justify; color: #000000; font-size: 16px;"><span style="font-size: 13px;">1.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Physical access control</span></strong></h1><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Technical and organizational measures to prevent unauthorized persons from gaining access to the data processing systems available in premises and facilities (including databases, application servers and related hardware), where Personal Data are Processed, include:</span></p><ul><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Establishing security areas, restriction of access paths;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Establishing access authorizations for employees and third parties;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Access control system (ID reader, magnetic card, chip card);</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Key management, card-keys procedures;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Door locking (electric door openers etc.);</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Security staff, janitors;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;"><span style="font-size: 9px;"> </span></span><span style="font-size: 13px;">Surveillance facilities, video/CCTV monitor, alarm system; and</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Securing decentralized data processing equipment and personal computers.</span></li></ul><p><span style="font-size: 13px;">2.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Virtual access control </span></strong></p><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Technical and organizational measures to prevent data processing systems from being used by unauthorized persons include:</span></p><ul><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">User identification and authentication procedures;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">ID/password security procedures (special characters, minimum length, change of password);</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Automatic blocking (e.g. password or timeout);</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Monitoring of break-in-attempts and automatic turn-off of the user ID upon several erroneous password attempts;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Creation of <em>one </em>master record per user, user-master data procedures per data processing environment; and</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Encryption of archived data media.</span></li></ul><h1 style="text-align: justify; color: #000000; font-size: 16px;"><span style="font-size: 13px;">3.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Data access control </span></strong></h1><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Technical and organizational measures to ensure confidentiality and that persons entitled to use a data processing system gain access only to such Personal Data in accordance with their access rights, and that Personal Data cannot be read, copied, modified or deleted without authorization, include:</span></p><ul><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Internal policies and procedures;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Control authorization schemes;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Default configuration;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Differentiated access rights (profiles, roles, transactions and objects);</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;"><span style="font-size: 9px;"> </span></span><span style="font-size: 13px;">Monitoring and logging of accesses;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Disciplinary action against employees who access Personal Data without authorization;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;"><span style="font-size: 9px;"> </span></span><span style="font-size: 13px;">Reports of access;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Access procedure;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Change procedure;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Deletion procedure; and</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Encryption.</span></li></ul><h1 style="text-align: justify; color: #000000; font-size: 16px;"><span style="font-size: 13px;">4.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Disclosure control </span></strong></h1><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Technical and organizational measures to ensure that Personal Data cannot be read, copied, modified or deleted without authorization during electronic transmission, transport or storage on storage media (manual or electronic), and that it can be verified to which companies or other legal entities Personal Data are disclosed, include:</span></p><ul><li style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;"><span style="font-size: 9px;"> </span></span><span style="font-size: 13px;">Encryption/pseudonymization/tunneling;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Logging; and</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Transport security.</span></li></ul><h1 style="text-align: justify; color: #000000; font-size: 16px;"><span style="font-size: 13px;">5.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Entry control </span></strong></h1><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Technical and organizational measures to monitor whether Personal Data have been entered, changed or removed (deleted), and by whom, from data processing systems, include:</span></p><ul><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Logging and reporting systems; and</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Audit trails and documentation.</span></li></ul><h1 style="text-align: justify; color: #000000; font-size: 16px;"><span style="font-size: 13px;">6.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Control of instructions </span></strong></h1><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Technical and organizational measures to ensure that Personal Data are Processed solely in accordance with the instructions of the Controller include: </span></p><ul><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Unambiguous wording of the contract;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Formal commissioning (request form); and</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;"><span style="font-size: 9px;"> </span></span><span style="font-size: 13px;">Criteria for selecting the Processor.</span></li></ul><h1 style="text-align: justify; color: #000000; font-size: 16px;"><span style="font-size: 13px;">7.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Availability control </span></strong></h1><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Technical and organizational measures to ensure the integrity, availability and resilience of the processing systems, and that Personal Data are protected against accidental destruction or loss (physical/logical) include: </span></p><ul><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Disaster recovery plan, in the event of a physical or technical incident.</span></li></ul><h1 style="text-align: justify; color: #000000; font-size: 16px;"><span style="font-size: 13px;">8.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Separation control </span></strong></h1><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Technical and organizational measures to ensure that Personal Data collected for different purposes can be Processed separately include: </span></p><ul><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">“Internal client” concept / limitation of use;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Segregation of functions (production/testing); and</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Procedures for storage, amendment, deletion, transmission of data for different purposes.</span></li></ul><h1 style="text-align: justify; color: #000000; font-size: 16px;"><span style="font-size: 13px;">9.<span style="font-size: 9px;">     </span></span><strong><span style="font-size: 13px;">Testing controls</span></strong></h1><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Technical and organizational measures to test, assess and evaluate the effectiveness of the technical and organizational measures implemented in order to ensure the security of the processing include:</span></p><ul><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Periodical review and test of disaster recovery plan;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;"><span style="font-size: 9px;"> </span></span><span style="font-size: 13px;">Testing and evaluation of software updates before they are installed;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Authenticated (with elevated rights) vulnerability scanning; and</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Test bed for specific penetration tests.</span></li></ul><h1 style="text-align: justify; color: #000000; font-size: 16px;"><span style="font-size: 13px;">10.<span style="font-size: 9px;">  </span></span><strong><span style="font-size: 13px;">IT governance</span></strong></h1><p style="text-align: justify; color: #000000; font-size: medium;"><span style="font-size: 13px;">Technical and organizational measures to improve the overall management of IT and ensure that the activities associated with information and technology are aligned with the compliance efforts include: </span></p><ul><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Certification/assurance of processes and products;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Processes for data minimization;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Processes for data quality;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Processes for limited data retention;</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Processes for ensuring accountability; and</span></li><li style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;">Data subject rights policies.</span></li></ul><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;"> </span></p><p style="text-align: justify; color: #000000; font-size: medium; border: medium;"><span style="font-size: 13px;"> </span></p></div></div></div></div></div></div></div></div></section></div></div></div></div></article></div></div></div></div><footer id="main-footer" class=""><div class="footer-top"><div class="footer-container"><h4>Make hyper-personalization a reality</h4><p>Transform simple customer transactions into enduring relationships and unlock a new horizon of growth</p><div class="footer-btns-wrap"> <a href="https://www.dynamicyield.com/request-demo/" class="btn-teal">Contact Sales</a> <a href="https://www.dynamicyield.com/product-demo/" class="btn-transparent">Watch a product demo<svg xmlns="http://www.w3.org/2000/svg" width="15.625" height="15.625" viewBox="0 0 15.625 15.625"> <path id="Icon_ionic-ios-play-circle" data-name="Icon ionic-ios-play-circle" d="M10.688,3.375A7.313,7.313,0,1,0,18,10.688,7.311,7.311,0,0,0,10.688,3.375Zm2.946,7.45L8.81,13.743a.156.156,0,0,1-.236-.137V7.77a.156.156,0,0,1,.236-.137l4.823,2.918A.161.161,0,0,1,13.634,10.825Z" transform="translate(-2.875 -2.875)" fill="none" stroke="rgba(0,0,0,0.8)" stroke-width="1"/> </svg> </a></div><ul class="footer-certificates"><li class="retina_parent"> <a href="https://www.dynamicyield.com/compliance/"> <img src="/wp-content/uploads/2022/05/gdpr-icon.png" alt="gdpr icon" width="139" height="70"> </a></li><li class="retina_parent"> <a href="https://www.dynamicyield.com/compliance/"> <img src="/wp-content/uploads/2023/04/SOCII-Badge.png" alt="socii icon" width="70" height="70"> </a></li><li> <a href="https://www.dynamicyield.com/compliance/"> <img src="/wp-content/uploads/2022/05/ccpa-icon.svg" alt="ccpa icon" width="117" height="40"> </a></li><li class="retina_parent"> <a href="https://www.dynamicyield.com/compliance/"> <img src="/wp-content/uploads/2022/05/iso-27001.png" alt="iso icon" width="106" height="68"> </a></li></ul></div></div><div class="footer-container"><div id="footer-widgets"><div class="footer-widget"><div id="nav_menu-2" class="fwidget et_pb_widget widget_nav_menu"><h4 class="title">Key Capabilities</h4><div class="menu-core-capabilities-container"><ul id="menu-core-capabilities" class="menu"><li id="menu-item-230872" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-230872"><a href="https://www.dynamicyield.com/segmentation/">Segmentation</a></li><li id="menu-item-5913" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-5913"><a href="https://www.dynamicyield.com/targeting/">Targeting</a></li><li id="menu-item-198647" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-198647"><a href="https://www.dynamicyield.com/recommendations/">Recommendations</a></li><li id="menu-item-198648" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-198648"><a href="https://www.dynamicyield.com/journey-orchestration/">Journey Orchestration</a></li><li id="menu-item-230873" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-230873"><a href="https://www.dynamicyield.com/optimization/">Optimization</a></li></ul></div></div></div><div class="footer-widget"><div id="nav_menu-13" class="fwidget et_pb_widget widget_nav_menu"><h4 class="title">Industries</h4><div class="menu-industries-container"><ul id="menu-industries" class="menu"><li id="menu-item-51518" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-51518"><a href="/ecommerce/">eCommerce</a></li><li id="menu-item-51520" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-51520"><a href="/financial-services/">Financial Services</a></li><li id="menu-item-224041" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-224041"><a href="/restaurants/">Restaurants</a></li><li id="menu-item-224042" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-224042"><a href="/grocery/">Grocery</a></li><li id="menu-item-51519" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-51519"><a href="/b2b-ecommerce/">B2B eCommerce</a></li><li id="menu-item-13777" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-13777"><a href="https://www.dynamicyield.com/travel/">Travel</a></li><li id="menu-item-19895" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-19895"><a href="https://www.dynamicyield.com/gaming/">iGaming</a></li><li id="menu-item-13775" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-13775"><a href="https://www.dynamicyield.com/media/">Media</a></li></ul></div></div></div><div class="footer-widget"><div id="nav_menu-11" class="fwidget et_pb_widget widget_nav_menu"><h4 class="title">Why Dynamic Yield</h4><div class="menu-why-dynamic-yield-container"><ul id="menu-why-dynamic-yield" class="menu"><li id="menu-item-51524" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-51524"><a href="/customer-success/">Industry-Leading Services</a></li><li id="menu-item-31658" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-31658"><a href="https://www.dynamicyield.com/clients/">Global Scale</a></li><li id="menu-item-13718" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-13718"><a href="https://www.dynamicyield.com/case-studies/">Real Impact</a></li><li id="menu-item-224043" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-224043"><a href="/ai/">Personalization AI</a></li><li id="menu-item-224044" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-224044"><a href="/partners/">Rich Partner Network</a></li><li id="menu-item-224045" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-224045"><a href="/enterprise-grade-personalization/">Enterprise-Grade Security</a></li></ul></div></div></div><div class="footer-widget"><div id="nav_menu-5" class="fwidget et_pb_widget widget_nav_menu"><h4 class="title">Company</h4><div class="menu-company-container"><ul id="menu-company" class="menu"><li id="menu-item-242875" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-242875"><a href="https://www.mastercard.com/us/en/for-the-world/about-us.html">About Us</a></li><li id="menu-item-19360" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-19360"><a href="https://events.dynamicyield.com/">Events</a></li><li id="menu-item-242874" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-242874"><a href="https://www.mastercard.com/us/en/news-and-trends/stories.html">Press</a></li><li id="menu-item-130411" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-130411"><a href="https://www.dynamicyield.com/blog/">Blog</a></li><li id="menu-item-226" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-226"><a href="https://www.dynamicyield.com/contact/">Contact</a></li><li id="menu-item-198646" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-198646"><a href="https://www.dynamicyield.com/partner-program/">Become a Partner</a></li><li id="menu-item-11264" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-11264"><a href="/request-demo/">Request Demo</a></li></ul></div></div><div id="text-6" class="fwidget et_pb_widget widget_text"><div class="textwidget"><ul style="min-width: 150px; margin-top: -15px;"><li><a style="color: #fff; font-weight: 500;" href="/careers/">We&#8217;re hiring!</a></li></ul></div></div></div><div class="lc-footer-nav-block"><div class="lc-footer-nav-header"> <a href="https://www.dynamicyield.com/learn/" class="lc-footer-logo"></a> <span>Take your knowledge to exponential levels</span></div><div class="lc-footer-menu"><ul id="menu-lc-menu-footer" class="menu"><li id="menu-item-212992" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-212992"><a href="https://www.dynamicyield.com/articles/">Articles</a></li><li id="menu-item-212993" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-212993"><a href="https://www.dynamicyield.com/learning-paths/">Learning Paths</a></li><li id="menu-item-212994" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-212994"><a href="https://www.dynamicyield.com/rooted-personalization/">Rooted Personalization</a></li><li id="menu-item-212995" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-212995"><a href="https://www.dynamicyield.com/personalization-examples/">Personalization Examples</a></li><li id="menu-item-212996" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-212996"><a href="https://www.dynamicyield.com/guides/">Guides</a></li><li id="menu-item-212997" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-212997"><a href="https://www.dynamicyield.com/talks/">Talks</a></li><li id="menu-item-212999" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-212999"><a href="https://www.dynamicyield.com/glossary-terms/">Encyclopedia</a></li><li id="menu-item-212998" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-212998"><a href="https://marketing.dynamicyield.com/benchmarks/">Benchmarks</a></li></ul></div></div></div></div><div id="et-footer-nav"><div class="footer-container"><ul id="menu-footer-menu" class="bottom-nav"><li id="menu-item-19183" class="footer_menu_title menu-item menu-item-type-custom menu-item-object-custom menu-item-19183"><a>Recommended Guides:</a></li><li id="menu-item-211968" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-211968"><a href="https://www.dynamicyield.com/article/personalization-guide/">Personalization</a></li><li id="menu-item-138198" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-138198"><a href="https://www.dynamicyield.com/lesson/introduction-to-ab-testing/">A/B Testing</a></li><li id="menu-item-147897" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-147897"><a href="https://www.dynamicyield.com/lesson/cro-plan/">Conversion Rate Optimization</a></li><li id="menu-item-19184" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-19184"><a href="/lesson/shopping-cart-abandonment-strategy/">Shopping Cart Abandonment</a></li><li id="menu-item-19185" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-19185"><a href="/lesson/product-recommendations-guide/">Product Recommendations</a></li><li id="menu-item-22805" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-22805"><a href="/lesson/promise-and-pitfalls-omnichannel-retailing/">Omnichannel Retailing</a></li><li id="menu-item-22885" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-22885"><a href="/lesson/the-economics-of-ecommerce-conversion-optimization/">eCommerce Conversion Rate Optimization</a></li><li id="menu-item-28240" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-28240"><a href="/article/50-most-important-dynamicyield-personalization-stats/">Personalization Statistics</a></li><li id="menu-item-33877" class="menu-item menu-item-type-post_type menu-item-object-post menu-item-33877"><a href="https://www.dynamicyield.com/article/tj-maxx-spired-checkout-optimization/">Checkout Optimization</a></li><li id="menu-item-123711" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-123711"><a href="/article/ecommerce-personalization-must-haves/">eCommerce Personalization</a></li><li id="menu-item-144090" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-144090"><a href="https://www.dynamicyield.com/lesson/strategizing-omnichannel-personalization/">Omnichannel Personalization</a></li><li id="menu-item-148146" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-148146"><a href="https://marketing.dynamicyield.com/benchmarks/cart-abandonment-rate/">Shopping Cart Abandonment Rate</a></li></ul><div class="footer-mach-logo retina_parent"> <img src="/wp-content/uploads/2022/05/mach-cert-22-wh.png" alt="Mach logo" width="63" height="70"></div><div class="language-switcher footer-language-switcher"><ul><li>en<ul><li><a class="active" href="https://www.dynamicyield.com/dpa/">English</a></li><li><a href="https://www.dynamicyield.com/es/dpa/">Español</a></li><li><a href="https://www.dynamicyield.com/de/">Deutsch</a></li><li><a href="https://www.dynamicyield.com/fr/">Français</a></li><li><a href="https://www.dynamicyield.com/ja/">日本語</a></li></ul></li></li></ul></div></div></div><div id="footer-bottom"><div class="footer-container"><div class="footer_info_wrapper"><div id="footer-info"> <button id="ot-sdk-btn" class="ot-sdk-show-settings">Manage Cookies</button> <a href="/privacy-notice/" target="_blank" class="animlink">Privacy Notice</a> <a href="/tos/" target="_blank" class="animlink">Terms of use</a> <span>&copy; 2026 Mastercard Dynamic Yield</span></div></div><div class="footer_social_icons"><style>.et-social-icons .et-social-icon img {
        max-width: 16px;
        transition: 0.2s all;
    }

    .et-social-icons .et-social-icon img:not(:hover) {
        opacity: 0.5;
    }</style><span itemscope itemtype="http://schema.org/Organization"><link itemprop="url" href="https://www.dynamicyield.com"><ul class="et-social-icons"><li class="et-social-icon"> <a itemprop="sameAs" href="https://www.linkedin.com/company/dynamic-yield" class="icon" target="_blank"> <img src="https://www.dynamicyield.com/wp-content/uploads/2025/09/Frame-5.png" alt="LinkedIn Logo" /> </a></li><li class="et-social-icon"> <a itemprop="sameAs" href="https://www.instagram.com/dynamicyield/" class="icon" target="_blank"> <img src="https://www.dynamicyield.com/wp-content/uploads/2025/09/Frame-4.png" alt="Instagram Logo" /> </a></li><li class="et-social-icon"> <a itemprop="sameAs" href="https://www.youtube.com/c/Dynamicyield" class="icon" target="_blank"> <img src="https://www.dynamicyield.com/wp-content/uploads/2025/09/Frame-3.png" alt="Youtube Logo" /> </a></li><li class="et-social-icon"> <a itemprop="sameAs" href="https://www.tiktok.com/@dynamic.yield" class="icon" target="_blank"> <img src="https://www.dynamicyield.com/wp-content/uploads/2025/09/Frame-2.png" alt="TikTok Logo" /> </a></li><li class="et-social-icon"> <a itemprop="sameAs" href="https://www.facebook.com/DynamicYield" class="icon" target="_blank"> <img src="https://www.dynamicyield.com/wp-content/uploads/2025/09/Frame-1.png" alt="Facebook Logo" /> </a></li><li class="et-social-icon"> <a itemprop="sameAs" href="https://twitter.com/DynamicYield" class="icon" target="_blank"> <img src="https://www.dynamicyield.com/wp-content/uploads/2025/09/Frame.png" alt="X Logo" /> </a></li></ul> </span></div></div></div></footer></div></div><div id="mobile_menu_overlay"></div> <script type='text/javascript' src='//cdn.dynamicyield.com/api/8765281/api_dynamic.js'></script> <script type='text/javascript' src='//cdn.dynamicyield.com/api/8765281/api_static.js'></script>  <script type="text/javascript">var sbiajaxurl = "https://www.dynamicyield.com/wp-admin/admin-ajax.php";</script> <script type="text/javascript">!function(e,n){var r={"selectors":{"block":"pre.EnlighterJSRAW","inline":"code.EnlighterJSRAW"},"options":{"indent":2,"ampersandCleanup":true,"linehover":true,"rawcodeDbclick":false,"textOverflow":"break","linenumbers":true,"theme":"beyond","language":"generic","retainCssClasses":false,"collapse":false,"toolbarOuter":"","toolbarTop":"{BTN_RAW}{BTN_COPY}{BTN_WINDOW}{BTN_WEBSITE}","toolbarBottom":""},"resources":["https:\/\/www.dynamicyield.com\/wp-content\/plugins\/enlighter\/cache\/enlighterjs.min.css?tvrakvcLArVio6C","https:\/\/www.dynamicyield.com\/wp-content\/plugins\/enlighter\/resources\/enlighterjs\/enlighterjs.min.js"]},o=document.getElementsByTagName("head")[0],t=n&&(n.error||n.log)||function(){};e.EnlighterJSINIT=function(){!function(e,n){var r=0,l=null;function c(o){l=o,++r==e.length&&(!0,n(l))}e.forEach(function(e){switch(e.match(/\.([a-z]+)(?:[#?].*)?$/)[1]){case"js":var n=document.createElement("script");n.onload=function(){c(null)},n.onerror=c,n.src=e,n.async=!0,o.appendChild(n);break;case"css":var r=document.createElement("link");r.onload=function(){c(null)},r.onerror=c,r.rel="stylesheet",r.type="text/css",r.href=e,r.media="all",o.appendChild(r);break;default:t("Error: invalid file extension",e)}})}(r.resources,function(e){e?t("Error: failed to dynamically load EnlighterJS resources!",e):"undefined"!=typeof EnlighterJS?EnlighterJS.init(r.selectors.block,r.selectors.inline,r.options):t("Error: EnlighterJS resources not loaded yet!")})},(document.querySelector(r.selectors.block)||document.querySelector(r.selectors.inline))&&e.EnlighterJSINIT()}(window,console);</script><script type="text/javascript" id="rfw-script-js-extra">var rfw = {"speed":""};</script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/cache/autoptimize/js/autoptimize_single_a5ec58aa1f222bedaf60cdced3b8a004.js?ver=2026020309" id="rfw-script-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/cache/autoptimize/js/autoptimize_single_c1b7fbe6b1a3b777fddfe187094deb97.js?ver=2026020309" id="rfw-script-fitvid-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/cache/autoptimize/js/autoptimize_single_ea3fad8947382ebf8709507a11a805db.js" id="divi-fitvids-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/themes/Divi/js/waypoints.min.js" id="waypoints-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/cache/autoptimize/js/autoptimize_single_845779ea879c70773af95b2f6fc394d2.js" id="magnific-popup-js"></script> <script type="text/javascript" id="divi-custom-script-js-extra">var et_custom = {"ajaxurl":"https:\/\/www.dynamicyield.com\/wp-admin\/admin-ajax.php","images_uri":"https:\/\/www.dynamicyield.com\/wp-content\/themes\/Divi\/images","et_load_nonce":"6133b77f5f","subscription_failed":"Please, check the fields below to make sure you entered the correct information.","fill":"Fill","field":"field","invalid":"Invalid email","captcha":"Captcha"};</script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/cache/autoptimize/js/autoptimize_single_43b4a88b2828bc5c023dc913689e8da5.js?ver=20.4" id="divi-custom-script-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/themes/Divi/custom/bootstrap/js/bootstrap.min.js" id="bootstrap-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/themes/Divi/custom/slick/slick.min.js" id="slick-js"></script> <script type="text/javascript"  data-ot-ignore src="https://www.dynamicyield.com/wp-content/cache/autoptimize/js/autoptimize_single_12efd5a7d441d8b7f817fc6fc685dca9.js?ver=21.85" id="customscript-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/cache/autoptimize/js/autoptimize_single_33fa37a5effe9361e40b8525e36e3eaf.js" id="typed-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/cache/autoptimize/js/autoptimize_single_eb8981568f49ac148e96af3241eb95c7.js?ver=21.85" id="form_validation-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/cache/autoptimize/js/autoptimize_single_be33bce741fd746dee1a6cf31c0b5bde.js" id="retina_js-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/cache/autoptimize/js/autoptimize_single_9a50928b26148d1c35a95957e5ef2b9d.js?ver=21.85" id="mkto-scripts-js"></script> <script type="module" src="https://www.dynamicyield.com/wp-content/themes/Divi/js/cid-validation.js?ver=21.85" id="cid-validation"></script><script type="text/javascript" src="https://www.dynamicyield.com/wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.4" id="wp-featherlight-js"></script> <script type="text/javascript" id="dc_conversion_api-js-extra">var ajax_obj = {"nonce":"3cd30fb921","ajax_url":"https:\/\/www.dynamicyield.com\/wp-admin\/admin-ajax.php","ajax_action":"conversion_api_call"};</script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/cache/autoptimize/js/autoptimize_single_34a6a3100a2ecbc7706af2d4c798f856.js?ver=935c7f8ce03960b02800bc8ae3231df8" id="dc_conversion_api-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.9.9" id="elementor-frontend-modules-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.10.0" id="elementor-sticky-js"></script> <script type="text/javascript" id="elementor-pro-frontend-js-before">var ElementorProFrontendConfig = {"ajaxurl":"https:\/\/www.dynamicyield.com\/wp-admin\/admin-ajax.php","nonce":"63cee7b2eb","i18n":{"toc_no_headings_found":"No headings were found on this page."},"shareButtonsNetworks":{"facebook":{"title":"Facebook","has_counter":true},"twitter":{"title":"Twitter"},"google":{"title":"Google+","has_counter":true},"linkedin":{"title":"LinkedIn","has_counter":true},"pinterest":{"title":"Pinterest","has_counter":true},"reddit":{"title":"Reddit","has_counter":true},"vk":{"title":"VK","has_counter":true},"odnoklassniki":{"title":"OK","has_counter":true},"tumblr":{"title":"Tumblr"},"delicious":{"title":"Delicious"},"digg":{"title":"Digg"},"skype":{"title":"Skype"},"stumbleupon":{"title":"StumbleUpon","has_counter":true},"mix":{"title":"Mix"},"telegram":{"title":"Telegram"},"pocket":{"title":"Pocket","has_counter":true},"xing":{"title":"XING","has_counter":true},"whatsapp":{"title":"WhatsApp"},"email":{"title":"Email"},"print":{"title":"Print"}},
"facebook_sdk":{"lang":"en_US","app_id":""},"lottie":{"defaultAnimationUrl":"https:\/\/www.dynamicyield.com\/wp-content\/plugins\/elementor-pro\/modules\/lottie\/assets\/animations\/default.json"}};</script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.10.0" id="elementor-pro-frontend-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2" id="jquery-ui-core-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.6" id="elementor-dialog-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2" id="elementor-waypoints-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6" id="swiper-js"></script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=2.9.9" id="share-link-js"></script> <script type="text/javascript" id="elementor-frontend-js-before">var elementorFrontendConfig = {"environmentMode":{"edit":false,"wpPreview":false},"i18n":{"shareOnFacebook":"Share on Facebook","shareOnTwitter":"Share on Twitter","pinIt":"Pin it","downloadImage":"Download image"},"is_rtl":false,"breakpoints":{"xs":0,"sm":480,"md":768,"lg":1025,"xl":1440,"xxl":1600},"version":"2.9.9","urls":{"assets":"https:\/\/www.dynamicyield.com\/wp-content\/plugins\/elementor\/assets\/"},"settings":{"page":[],"general":{"elementor_lightbox_enable_counter":"yes","elementor_lightbox_enable_fullscreen":"yes","elementor_lightbox_enable_zoom":"yes","elementor_lightbox_enable_share":"yes","elementor_lightbox_title_src":"title","elementor_lightbox_description_src":"description"},"editorPreferences":[]},"post":{"id":197600,"title":"Mastercard%20%E2%80%93%20Customer%20Data%20Processing%20Agreement%20%E2%80%94%20Mastercard%20Dynamic%20Yield","excerpt":"","featuredImage":false}};</script> <script type="text/javascript" src="https://www.dynamicyield.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.9.9" id="elementor-frontend-js"></script> <script type="text/javascript" data-noptimize>var dy_search_params = new URLSearchParams(window.location.search);

        if(dy_search_params.has('utm_source')) {
            localStorage.setItem('utm_source', dy_search_params.get('utm_source'));
        }

        if(dy_search_params.has('utm_medium')) {
            localStorage.setItem('utm_medium', dy_search_params.get('utm_medium'));
        }

        if(dy_search_params.has('utm_content')) {
            localStorage.setItem('utm_content', dy_search_params.get('utm_content'));
        }

        if(dy_search_params.has('utm_campaign')) {
            localStorage.setItem('utm_campaign', dy_search_params.get('utm_campaign'));
        }

        if(dy_search_params.has('utm_term')) {
            localStorage.setItem('utm_term', dy_search_params.get('utm_term'));
        }

        if(dy_search_params.has('mkt_tok')) {
            localStorage.setItem('mkt_tok', dy_search_params.get('mkt_tok'));
        }

        // Also, fill in the data inside the Marketo form once its available
        if(typeof window.MktoForms2 === 'object') {

            MktoForms2.whenReady(function(_form) {

                var form = _form.getFormElem();
                console.log('MKTO FORM READY');

                // Append the mkt_tok param if it exists in the URL
                var ls_mkto_tok = localStorage.getItem('mkt_tok');

                if(ls_mkto_tok) {

                    _form.addHiddenFields({
                        mkt_tok: ls_mkto_tok
                    });

                    _form.vals({ mkt_tok: ls_mkto_tok });
                }

                // Fill in the UTM data from localStorage
                var dy_utms = {
                    'utm_source': 'txt_source__c',
                    'utm_medium': 'txt_medium__c',
                    'utm_content': 'txt_content__c',
                    'utm_campaign': 'txt_campaign_name__c',
                    'utm_term': 'txt_term__c',
                    'gclid': ['GCLID__c', 'GCLID_c__c']
                };

                for(var i = 0; i < Object.keys(dy_utms).length; i++) {

                    var ls_key   = Object.keys(dy_utms)[i],
                        ls_value = localStorage.getItem(ls_key),
                        form_key = dy_utms[ls_key],
                        form_field;

                    if(ls_value) {

                        if(ls_key === 'gclid') {
                            ls_value = JSON.parse(ls_value).value;
                        }

                        if(typeof(form_key) === 'string') {
                            form_field = form[0].querySelector('input[type="hidden"][name="' + form_key + '"]');

                            if(form_field) {
                                form_field.value = ls_value;
                            }

                        } else {

                            for(var j = 0; j < form_key.length; j++) {
                                form_field = form[0].querySelector('input[type="hidden"][name="' + form_key[j] + '"]');

                                if(form_field) {
                                    form_field.value = ls_value;
                                }
                            }
                        }
                    }
                }

                // IP Address
                fetch('https://www.cloudflare.com/cdn-cgi/trace').then(function(result) {

                    result.text().then(function(values) {

                        values.split("\n").map(function(item) {
                            var pair = item.split('=');

                            if(['ip'].includes(pair[0])) {
                                form[0].querySelector('input[type="hidden"][name="IP__c"]').value = pair[1];
                            }
                        });
                    });
                });

                // GA ID and Referrer
                var dy_utms_cookie = {};

                document.cookie.split(';').forEach(function(el) {
                    var splitCookie = el.split('=');
                    var key = splitCookie[0].trim();
                    var value = splitCookie[1];
                    dy_utms_cookie[key] = value;
                });

                if(dy_utms_cookie["_ga"]) {
                    form[0].querySelector('input[type="hidden"][name="Visitor_ID__c"]').value = dy_utms_cookie["_ga"].substring(6);
                }

                if(dy_utms_cookie["personalize_referrer_string"]) {
                    form[0].querySelector('input[type="hidden"][name="Referral__c"]').value = dy_utms_cookie["personalize_referrer_string"].substring(6);
                }

                // ZoomInfo
                if(localStorage.getItem('ZoomInfoData')) {
                    var zoominfo_data = JSON.parse(localStorage.getItem('ZoomInfoData'));

                    if(zoominfo_data) {
                        form[0].querySelector('input[type="hidden"][name="Alexa_Rank__c"]').value = zoominfo_data.alexaglobalrank;
                        form[0].querySelector('input[type="hidden"][name="Employees__c"]').value = zoominfo_data.employeesrange;
                        form[0].querySelector('input[type="hidden"][name="Company_Revenue_Range__c"]').value = zoominfo_data.estimatedannualrevenue;
                    }
                }

                // Also, dispatch a dataLayer event on success
                _form.onSuccess(function(values, follow_up_url) {
                    window.dataLayer = window.dataLayer || [];

                    if([3739, 4802, 5094, 5110, 4946, 5076, 5116, 5171, 5172, 5173].includes(_form.getId())) {

                        window.dataLayer.push({
                            'event': 'demo_request_complete',
                            'eventCallback': function() {

                                if(follow_up_url) {
                                    window.location.href = follow_up_url;
                                }
                            }
                        });

                        return false;

                    } else if([3876].includes(_form.getId())) {

                        window.dataLayer.push({
                            'event': 'newsletter_signup_complete',
                            'eventCallback': function() {

                                if(follow_up_url) {
                                    window.location.href = follow_up_url;
                                }
                            }
                        });

                        return false;
                    }
                });
            });
        }</script> <script>if(typeof(jQuery) !== 'undefined') {
                $ = jQuery.noConflict();
            }
			function getUrlParameter(sParam) {
    var sPageURL = decodeURIComponent(window.location.search.substring(1)),
        sURLVariables = sPageURL.split('&'),
        sParameterName,
        i;

    for (i = 0; i < sURLVariables.length; i++) {
        sParameterName = sURLVariables[i].split('=');

        if (sParameterName[0] === sParam) {
            return sParameterName[1] === undefined ? true : sParameterName[1];
        }
    }
}
$(window).load(function(){
    var videoID = getUrlParameter('video');
    if(videoID !== undefined){
        if($('#wistia-' + videoID + '-1').length){
    	    var videoName = $('#wistia-' + videoID + '-1').parents('.tab-pane');
    	    videoName = videoName[0].id
        } 
       if($('a[href="#' + videoName +'"]').length){
            $('a[href="#' + videoName +'"]').each(function(){
            $(this).click();
            });
        }
        
        addScript('https://fast.wistia.com/embed/medias/'+ videoID +'.jsonp');
        addScript('https://fast.wistia.com/assets/external/E-v1.js');
        $('body').append('<span class="wistia_embed wistia_async_'+videoID+' popover=true popoverContent=link dy-wistia-popup" style="display:inline"></span>');
    
         window._wq = window._wq || [];
        _wq.push({ id: videoID, onReady: function(video) {
            var video = Wistia.api(videoID);
            video.popover.show(); // open the popover
            video.play(); // play the video
            setTimeout(function(){video.unmute();}, 500);
        }});
    }
});</script> <style>#adBanner {
        background-color: transparent;
        height: 0;
        width: 1px;
    }</style><div id="wrapfabtest"><div id="adBanner"></div></div></body></html>
<!-- Dynamic page generated in 2.153 seconds. -->
<!-- Cached page generated by WP-Super-Cache on 2026-02-27 10:09:25 -->

<!-- super cache -->