
Last Updated on July 5, 2026
Last Updated on July 5, 2026
Welcome to Marketeq Digital Inc. (hereinafter referred to as "Marketeq," "we," "us," or "our"). This Vendor Data Handling Policy (the "Policy") describes the standards and expectations that Marketeq applies to the vendors, suppliers, service providers, and processors that handle data on its behalf. Because Marketeq entrusts certain data to third parties in the course of its operations, we require that such parties protect that data to standards consistent with our own. This Policy supplements our Privacy Policy, Data Encryption and Security Policy, and GDPR Compliance and Data Protection Statement. If you have any questions about this Policy, you may contact us at legal@marketeqdigital.com.
The purpose of this Policy is to establish the requirements applicable to vendors that process data on behalf of Marketeq. This Policy applies to all vendors, suppliers, and processors that access, store, transmit, or otherwise handle data provided by or on behalf of Marketeq. It is intended to ensure that data remains protected throughout the vendor relationship and that vendors handle data in accordance with our standards and applicable law. This Policy forms part of our broader approach to data governance and third-party risk management. It applies regardless of the location or size of the vendor.
Before engaging a vendor that will handle data on our behalf, Marketeq conducts appropriate due diligence to assess the vendor's ability to protect that data. This assessment may consider the vendor's security measures, data protection practices, reputation, and compliance with applicable law. We seek to engage vendors that can demonstrate a commitment to protecting data to standards consistent with our own. The scope and depth of our due diligence are proportionate to the sensitivity of the data and the nature of the services. We may decline to engage a vendor that does not meet our data protection expectations.
Marketeq enters into agreements with vendors that handle data on its behalf, and such agreements include provisions designed to protect that data. Where a vendor acts as a processor of personal data, the agreement will require the vendor to process the data only on our documented instructions, to implement appropriate security measures, and to assist us in fulfilling our obligations. Agreements also address matters such as confidentiality, the use of sub-processors, data breach notification, and the return or deletion of data upon termination. These contractual requirements are intended to ensure that vendors are bound by obligations consistent with our standards. We do not permit vendors to use data provided by us for their own unrelated purposes.
Marketeq expects vendors that handle its data to maintain appropriate technical and organizational security measures. These measures should be commensurate with the sensitivity of the data and the risks associated with its processing, and may include encryption, access controls, and secure disposal practices. Vendors are expected to protect data against unauthorized access, disclosure, alteration, and loss. Where a vendor's security practices fall short of our expectations, we may require remediation or may terminate the engagement. Our security expectations for vendors are consistent with the measures we apply to our own systems.
Where a vendor engages sub-processors to assist in handling data on our behalf, we expect the vendor to impose data protection obligations on those sub-processors that are consistent with the vendor's obligations to us. Vendors are expected to remain responsible for the acts and omissions of their sub-processors. We may require vendors to obtain our prior authorization before engaging a new sub-processor and to inform us of changes to their sub-processors. This helps ensure that data remains protected throughout the chain of processing. We assess the use of sub-processors as part of our vendor management activities.
Marketeq monitors its vendors' compliance with applicable data protection requirements throughout the vendor relationship. Depending on the nature of the engagement, this may include periodic reviews, requests for information, or the right to audit the vendor's relevant practices. Vendors are expected to cooperate with such monitoring and to promptly address any deficiencies identified. Where appropriate, we may rely on independent certifications or third-party assessments as part of our monitoring. Our monitoring activities are designed to provide ongoing assurance that data remains adequately protected.
Vendors that handle data on behalf of Marketeq are expected to notify us promptly upon becoming aware of any security incident or data breach affecting our data. Such notification should include sufficient information to enable us to assess the incident and to fulfill any applicable notification obligations. Vendors are expected to cooperate with us in investigating and responding to incidents and in mitigating their effects. Prompt and transparent incident notification is a key expectation of our vendor relationships. We treat a vendor's failure to notify us of an incident as a serious matter.
Upon the termination or expiry of a vendor engagement, or upon our request, we expect vendors to return or securely delete the data they hold on our behalf, in accordance with our instructions and applicable law. Vendors are expected to certify the deletion of data where we require it. Any retention of data by a vendor beyond the term of the engagement should occur only where required by law and subject to continued protection. These requirements are intended to ensure that data does not persist with vendors beyond the point at which it is needed. We treat the secure return and deletion of data as an essential element of ending a vendor relationship.
Marketeq reserves the right to modify or update this Vendor Data Handling Policy at any time to reflect changes in our practices or legal requirements. Any changes will become effective upon posting the revised Policy or otherwise communicating them to affected vendors. We encourage vendors to review this Policy periodically. Where changes are material, we will endeavor to provide additional notice through appropriate means.
If you have any questions, concerns, or requests regarding this Vendor Data Handling Policy, please contact us at legal@marketeqdigital.com. We are committed to working with our vendors to protect the data entrusted to us and to addressing inquiries promptly and professionally.