Skip to main content

Overview

Have questions about Kajabi’s Data Protection Addendum (DPA)? This article covers frequently asked questions to help you understand the changes.

FAQs

Why has Kajabi updated the Data Protection Addendum (DPA)?

We revised our Terms of Service Agreement and Data Protection Addendum (DPA) to include the Standard Contractual Clauses (SCCs) as published by the European Commission on June 4th, 2021.

How does this change impact me?

The updates to the DPA are only applicable if you use Kajabi to process European Economic Area (EEA) data or data within the jurisdictions outlined in the agreement.

What do I need to do?

If you are subject to our DPA, no additional action is required. The DPA automatically becomes part of your agreement with us effective September 27th, 2021.

When is the DPA effective?

The DPA was automatically effective on September 27th, 2021 for all Heroes who have agreed to our Terms of Service Agreement. All contracts made after September 27th, 2021 must use the SCCs. Pre-existing contracts automatically transitioned to the SCCs starting December 22nd, 2022, where applicable.

Will there be any other changes to the DPA?

We have made changes to the DPA for the benefit of our global Heroes. We work to consistently stay abreast of all domestic and global regulations relating to data protection and make updates as deemed necessary.

What changes do the EU’s SCCs contain?

The European Commission updated the SCCs to address additional structures of processing activities that exist in today’s world, including the GDPR and the Schrems II decision. These requirements apply additional transparency and notification controls. The SCCs are modular, enabling them to be tailored to the specific type of transfer. The clauses have been expanded to include controller-to-controller, controller-to-processor, processor-to-processor, and processor-to-controller transfer, which align better to transfer paradigms in use globally today.

How are the SCCs applicable to me?

If you are using Kajabi to transfer personal data originating from the EEA, the UK, and/or Switzerland, then the SCCs are the valid transfer mechanism to make these transfers. If you have a global membership, these updates allow for better alignment to your responsibilities of compliance under GDPR and other data protection regulations globally.