Ezement Data Processing Agreement

Last updated: June 11, 2026

Introduction

This Data Processing Addendum ("DPA") is incorporated into and forms part of the Ezement Terms of Service between TRIBUS, LLC  dba Solid Earth ("Company" or "Processor") and You, the user of Ezement ("You") utilizing the Company's services. This DPA reflects the parties' agreement with respect to the Processing of Personal Data in accordance with the requirements of applicable Data Protection Laws.

1. Scope and Applicability

This DPA applies exclusively to the Processing of Personal Data related to real estate professionals and their business operations within the United States of America.

  • Geographic Restriction: Company's products and services are not authorized for use outside of the United States.
  • Target Audience: This DPA is designed for business-to-business (B2B) interactions. While the Company does not intentionally Process consumer data, this DPA is implemented to ensure compliance as legal definitions of "personal data" expand across various jurisdictions, including California.

2. Definitions

  • "Data Protection Laws" means all United States laws and regulations applicable to the Processing of Personal Data under the Agreement, including, where applicable, the California Consumer Privacy Act (CCPA) as amended.
  • "Personal Data" means any information relating to an identified or identifiable natural person that is Processed by the Company on behalf of You. In the context of the Services, this primarily includes agent rosters, listing agent contact information, and professional profile data.
  • "Processing" means any operation performed on Personal Data, such as collection, recording, organization, storage, or deletion.

3. Roles and Responsibilities

The parties acknowledge and agree that with regard to the Processing of Personal Data, You have provided your Personal Data willingly to the Company and Company is the Processor.

3.1 Processor Obligations

Company shall:

  • Process Personal Data only on documented instructions from You, the company you work for, or the MLS / Realtor Association you are connected to, including with regard to transfers of Personal Data to a third country or an international organization.
  • Ensure that persons authorized to Process the Personal Data have committed themselves to confidentiality.
  • Implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

3.2 You Obligations

You shall ensure that its instructions for the Processing of Personal Data comply with Data Protection Laws. You is responsible for the accuracy, quality, and legality of Personal Data and the means by which it was acquired.

4. Security Measures

Processor shall maintain robust administrative, physical, and technical safeguards to protect the security, confidentiality, and integrity of Personal Data.

Security Category

Measure Description

Access Control

Restricted access based on the principle of least privilege.

Data Integrity

Regular backups and encrypted storage protocols.

Monitoring

Periodic review of service levels to ensure they meet industry standards.

Incident Response

Documented procedures for detecting and addressing security breaches.

5. Sub-processing

You grants a general written authorization to Company to engage other processors ("Sub-processors") for the performance of the Services. Company shall remain fully liable to You for the performance of that Sub-processor’s obligations.

6. Data Subject Rights

Processor shall, insofar as is possible, assist You by appropriate technical and organizational measures for the fulfillment of You’s obligation to respond to requests for exercising the Data Subject's rights (e.g., requests for access or deletion).

7. Data Usage

Notwithstanding anything to the contrary in the Agreement, Company reserves the right to use any data derived from the Services to:

  • Improve and enhance the Services.
  • Train algorithms and machine learning models.
  • Develop new products and features.

8. Breach Notification

Company shall notify You inside of Ezement, without undue delay after becoming aware of a Personal Data breach. Such notification shall include, to the extent known, the nature of the breach and the measures being taken to mitigate its effects.  A breach 

9. Term and Termination

This DPA shall remain in effect as long as Company carries out Personal Data Processing operations on behalf of You. Your continued usage of Ezement shall constitute your acceptance and approval of this DPA. Upon termination of the Services to You, Company reserves the right to use all data previously added by you or the organizations that you work with.