Deel Legal Hub

This Data Processing Addendum and its applicable DPA Appendixes (“DPA” or “Addendum”) forms part of the agreement between Customer and Deel Group, a Delaware corporation with its principal offices at 425 1st St., San Francisco, CA 94105, and any of its Affiliates (each a “Deel Group Member” and collectively, “Deel Group”), and the user of the Deel Group Services, as defined in this DPA, and its Affiliates (“Customer”), unless Customer has entered into a superseding written subscription agreement or agreements with Deel Group, in which case, it forms a part of such written agreement or agreements (in either case, the “Agreement”).

Deel Group and Customer shall be individually referred to as a “Party” and collectively as the “Parties”. Upon acceptance of this DPA on the Deel Platform or upon first using the Deel Group Services, the Customer agrees to be bound by its terms.

The Addendum applies to the Processing of Personal Data as described in Appendix 1, by Customer and Deel Group (“individually, the “Party” and collectively, the “Parties”) subject to the Data Protection Laws in order to provide the Services.

As part of their contractual relations, the Parties shall undertake to comply with the applicable Data Protection Laws with respect to the processing of Personal Data covered under this DPA.

1. Definitions

Affiliates means any entity which is: (a) directly or indirectly controlled by or is under common control with Deel Inc., (b) operates with Deel Group under a separate written agreement in cases where a partner provides Deel Services in collaboration with Deel Group, or (c) incorporated by the Customer on the Deel Platform as a Customer Affiliate, upon approval by Deel Group following the necessary checks.

Deel Services means any services provided by Deel Group under the Agreement, that are used by Customer

Deel Platform means the software-as-a-service solution available on our website (app.deel.com) or through our application or through our application (Deel: Global HR & Payroll), subject to the applicable terms of use, through which Deel Services are provided.

Consultant means a specialized service provider engaged by Deel Group as an independent contractor or employee at Customer’s request as further defined in the Agreement.

Authorized Personnel means personnel certified by Deel Group that are acting under the direct authority of Deel Group, to perform the services pursuant to the Agreement

Data Protection Laws means all data protection laws and regulations applicable to a party's processing of a Customer’s Personal Data under the Agreement, including, where applicable, EU/UK Data Protection Laws, Non-EU Data Protection Laws, and any other applicable data protection laws.

EU/UK Data Protection Laws means: (i) Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data (General Data Protection Regulation) (the "EU GDPR"); (ii) the EU GDPR as saved into United Kingdom law by virtue of section 3 of the United Kingdom's European Union (Withdrawal) Act 2018 (the "UK GDPR"); (iii) the EU e-Privacy Directive (Directive 2002/58/EC); and (iv) any and all applicable national data protection laws made under, pursuant to or that apply in conjunction with any of (i), (ii) or (iii); in each case as may be amended or superseded from time to time.

Non-EU Data Protection Laws means any other applicable laws to the processing of Customer’s Personal Data, including without limitation the applicable data protection laws described in Appendix 5 (Jurisdiction Specific Terms).

Restricted Transfer means: (i) where the EU GDPR applies, a transfer of personal data from the European Economic Area or Switzerland to a country outside of the European Economic Area or Switzerland which is not subject to an adequacy determination by the European Commission, (ii) where the UK GDPR applies, a transfer of personal data from the United Kingdom to any other country which is not based on an adequacy decision pursuant to Section 17A of the United Kingdom Data Protection Act 2018 and (iii) where any other applicable laws apply, a transfer of Personal Data from one jurisdiction to another, where the receiving jurisdiction does not provide an adequate level of data protection as determined by applicable data protection laws.

Standard Contractual Clauses means any type of standard contractual clauses approved by competent authorities, such as where the EU GDPR applies, the contractual clauses annexed to the European Commission's Implementing Decision 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council (“EU SCCs”). The Standard Contractual Clauses shall be incorporated by reference and form an integral part of this DPA.

UK Addendum means the addendum to the Standard Contractual Clauses issued by the UK Information Commissioner under Section 119A(1) of the UK Data Protection Act 2018 (version B1.0, in force March 21, 2022). The UK Addendum shall be incorporated by reference and form an integral part of this DPA.

Capitalized terms used in this Addendum shall have the same meaning given to them under the EU/UK GDPR unless a different meaning is given under Data Protection Laws as set out in Appendix 5 (Jurisdiction Specific Terms).

2. Duration of the Assignment/Notice of Termination

1. The duration of the assignment (term of the DPA) is coextensive with the term of the Agreement.

2. The termination of this Addendum therefore depends on the provisions concerning the duration and the termination of the Agreement. Termination of the Agreement shall also have the effect of terminating this DPA.

3. Furthermore, the premature termination of this Addendum upon written notice to the other Party shall be permissible in the event of such other Party’s serious breach of statutory or contractual data protection provisions under the Data Protection Laws, insofar as the contracting Party in question cannot reasonably be expected to continue this DPA.

4. The parties acknowledge that the termination of the DPA at any time and for any reason does not exempt them from their obligations under the Data Protection Laws relating to the collection, processing and use of Personal Data.

3. Relationship of the Parties

1. Deel Group will process the Personal Data as Controller for the purposes to the extent relevant to the Services in order to (a) manage the relationship with Customer; (b) carry out Deel Group’s core business operations, such as accounting and filing taxes; (c) detect, prevent, or investigate security incidents, fraud, and other abuse or misuse of the Services; (d) perform identity verification; (e) comply with Deel Group’s legal or regulatory obligations; and (f) as otherwise permitted under Data Protection Laws and in accordance with this Addendum, the Agreement, and the Deel Group Privacy Policy.

2. The roles of Deel with respect to the Services under data protection laws are defined in Appendix 1 of the DPA. Specifically, where Deel acts as a Controller, the Customer operates as a separate data Controller, each with its own independent responsibilities under applicable data protection laws and the Parties are not joint Controllers. Deel Group will process the Personal Data in accordance as Controller as set forth in clause 4. Where Deel assumes the role of a Processor, the Customer will act as the Controller, determining the purpose and means of the processing.

3. Customer shall be solely responsible for any personal data processing that will take place for the purpose of managing the daily activities with the Consultant during the provision of the Deel Services. For the avoidance of doubt, Deel Group is neither a Controller or a Processor to processing carried out by the Consultant acting under the direct authority of the Customer in accordance with the Work Order.

4. Customer acknowledges that in the provision of Deel Group Integrations (as listed in Appendix 1), Deel Group acts as a Processor and may, on receipt of instructions from Customer, transfer Personal Data to and otherwise interact with third parties. Customer agrees that if and to the extent such transfers occur, Customer is responsible for entering into separate contractual arrangements with such third parties requiring them to comply with obligations in accordance with the Applicable Data Protection Laws. For the avoidance of doubt, Dee Integrations are optional add-ons to the services listed in Appendix 1. Such third parties are not subprocessors of Deel Group in the context of this Addendum and Deel Group is not a party to the arrangements between the Customer and the third party.

4. Controller to Controller Clauses

(a) The following provisions apply exclusively to the Services for which the Parties are separate Controllers pursuant to Appendix 1

In respect of the Personal Data processed by the Parties acting as a Controller under this Addendum:

Each Party will:

(a) ensure that the Authorized Personnel are bound by appropriate confidentiality obligations;

(b) comply promptly with any lawful request from the other Party requesting access to, copies of, or the amendment, transfer, or deletion of the Personal Data to the extent the same is necessary to allow either Party to fulfill its obligations under the Data Protection Laws;

(c) notify the other Party without undue delay if it receives any complaint (whether from a data subject, competent supervisory authority, or otherwise) relating to the processing of Personal Data or to either Party’s compliance with Data Protection Laws under this Addendum, and provide the other Party with reasonable cooperation, information and assistance in relation to any such complaint, notice or communication;

(d) notify the other Party immediately if it becomes aware of a breach of this clause, in which case the Party in breach shall take any and all steps to remedy such breach;

(e) provide reasonable assistance in fulfulling the other Party’s obligations under the Data Protection Laws;

(f) Both parties may engage with Third Parties in connection with the Services and agree to comply with the applicable requirements under Data Protection Laws in relation to Third Parties. Both parties shall be liable for the acts and omissions of their respective Third Parties to the same extent such parties would be liable under the terms of this DPA, except as otherwise set forth in the Agreement.

(g) comply promptly with any lawful request from Customer requesting access to, copies of, or the amendment, transfer or deletion of the Personal Data to the extent the same is necessary to allow Customer to fulfill its own obligations under the Data Protection Laws, including Customer’s obligations arising in respect of a request from a data subject;

(h) notify Customer promptly if it receives any complaint, notice or communication (whether from a data subject, competent supervisory authority or otherwise) relating to the processing, the Personal Data or to either party’s compliance with the Data Protection Laws as it relates to this Addendum, and provide Customer with reasonable co-operation, information and other assistance in relation to any such complaint, notice or communication;

(i) ensure in each case that, prior to the processing of any Personal Data by any Sub-Processor, the Processor and the Sub-Processor agree to contract on the terms set out in this Data Protection Addendum (“Relevant Terms”). The Processor shall procure the performance of the Relevant Terms by the Sub-Processor and shall be directly liable to the Customer for any breach by the Sub-Processor of any of the Relevant Terms;

(j) only transfer the Personal Data outside of the European Economic Area if it has fulfilled each of the following conditions: (i) it has in place any of the specifically approved safeguards for data transfers (as recognized under the Data Protection Laws) in relation to the transfer; (ii) data subjects continue to have enforceable rights and effective legal remedies following the transfer; (iii) it provides an adequate level of protection to any Personal Data that is transferred (including by way of a European Commission finding of adequacy); and (iv) it complies with reasonable instructions with respect to the transfer;

(k) inform Customer without undue delay within forty-eight (48) hours after having become aware of a breach if any Personal Data processed under this Addendum is lost or destroyed or becomes damaged, corrupted, or unusable or is otherwise subject to unauthorized or unlawful processing including unauthorized or unlawful access or disclosure (“Personal Data Breach”);

(l) promptly provide Customer with full cooperation and assistance in respect of the Personal Data Breach and all information in the Processor's possession concerning the Personal Data Breach, including the following:

(i) the possible cause and consequences of the Personal Data Breach;

(ii) the categories of Personal Data and the approximate number of data subjects involved; and

(iii) the measures taken by the Processor to mitigate any damage;

(m) inform Customer promptly if it receives a request from a data subject exercising their data subject rights and provide Customer with reasonable cooperation and assistance in relation to such request;

(n) not disclose the Personal Data to any third party other than at the request of Customer or as otherwise required under the Agreement;

(o) provide reasonable assistance to the Customer in complying with its obligations under Data Protection Laws with respect to security, breach notifications, data protection impact assessments, and consultations with supervisory authorities or regulators;

(p) provide Customer with all information that is necessary to enable Customer to monitor the Processor's compliance with the Data Protection Laws and its obligations under this Addendum at any time during regular business hours. Deel Group may satisfy Customer’s right of audit under the Data Protection Laws in relation to Personal Data, by providing an audit report not older than eighteen (18) months, prepared by an independent external auditor demonstrating that Deel Group’s technical and organizational measures are sufficient and in accordance with an accepted industry audit standard. Deel Group reserves the right to refuse audit requests from an entity that is a competitor of Deel Group.; and

(q) delete or return that Personal Data to Customer at the end of the duration of the processing, and at that time delete or destroy existing copies. If return or destruction is impracticable or prohibited by law, rule, or regulation, Deel Group shall take measures to block such Personal Data from any further processing (except to the extent necessary for processing required by law, rule, or regulation) and shall continue to appropriately protect the Personal Data remaining in its possession, custody, or control.

(r) Customer acknowledges and agrees that Deel Group may (i) engage its Affiliates and Sub-Processors listed in Appendix 4 to this Addendum to access and process Personal Data in connection with the Services and (ii) from time to time engage additional third parties for the purpose of providing the Services, including without limitation the processing of Personal Data. By way of this Addendum, Customer provides general written authorization to Deel Group to engage Sub-Processors as necessary to perform the Services.

(s) A list of Deel Group’s current Sub-Processors (the “List”) is available to Customer, on the Deel platform. Such a List may be updated by Deel Group from time to time. Deel Group provides a mechanism to subscribe to notifications of new Sub-Processors and Customer agrees to subscribe to such notifications where available. For instructions on how to subscribe to the notification mechanism, please follow the steps in Appendix 4. Deel Group will endeavor to give written notice (30) days prior to any change, but in any event will give written notice no less than fifteen (15) days prior to any such change.The Customer may object to such an engagement by informing Deel Group within fifteen (15) days of receipt of the aforementioned notice by Deel Group, provided such objection is in writing and based on reasonable grounds relating to data protection. Customer acknowledges that certain Sub-Processors are essential to providing the Services and that objecting to the use of a Sub-Processor may prevent Deel Group from offering the Services to Customer.

(t) If Customer reasonably objects to an engagement in accordance with clause 5, and Deel Group cannot provide a commercially reasonable alternative within a reasonable period of time, Customer may discontinue the use of the affected Service by providing written notice to Deel Group. Discontinuation shall not relieve Customer of any fees owed to Deel Group under the Agreement.

(u) If Customer does not object to the engagement of a Sub-Processor in accordance with clause 5 within fifteen (15) days of notice by Deel Group, that Sub-Processor will be deemed an approved Sub-Processor for the purposes of this Addendum.

(v) Deel Group will enter into a written agreement with the Sub-Processor imposing on the Sub-Processor data protection obligations comparable to those imposed on Deel Group under this Addendum with respect to the protection of Personal Data. In case a Sub-Processor fails to fulfill its data protection obligations under such written agreement with Deel Group, Deel Group will remain liable to Customer for the performance of the Sub-Processor’s obligations under such agreement.

5. Controller to Processor Clauses

(b) The following provisions apply exclusively to the Services for which Deel Group is a Processor pursuant to Appendix 1

In respect of the Personal Data processed by Deel Group as a Processor acting on behalf of Customer under this Addendum, the Processor will:

(c) process the Personal Data only on Customer’s written instructions, unless required by law to process it differently (in which case it shall, if permitted by such law, promptly notify Customer of that requirement before processing);

(d) process the Personal Data only to the extent, and in such a manner, as is necessary for the purposes of carrying out its obligations under the Agreement;

(e) ensure that Authorized Personnel are bound by appropriate confidentiality obligations and have undergone privacy and security training;

(f) keep a record of the processing it carries out, and ensure the same is accurate;

(g) comply promptly with any lawful request from Customer requesting access to, copies of, or the amendment, transfer or deletion of the Personal Data to the extent the same is necessary to allow Customer to fulfill its own obligations under the Data Protection Laws, including Customer’s obligations arising in respect of a request from a data subject;

(h) notify Customer promptly if it receives any complaint, notice or communication (whether from a data subject, competent supervisory authority or otherwise) relating to the processing, the Personal Data or to either party’s compliance with the Data Protection Laws as it relates to this Addendum, and provide Customer with reasonable co-operation, information and other assistance in relation to any such complaint, notice or communication;

(i) ensure in each case that, prior to the processing of any Personal Data by any Sub-Processor, the Processor and the Sub-Processor agree to contract on the terms set out in this Data Protection Addendum (“Relevant Terms”). The Processor shall procure the performance of the Relevant Terms by the Sub-Processor and shall be directly liable to the Customer for any breach by the Sub-Processor of any of the Relevant Terms;

(j) only transfer the Personal Data outside of the European Economic Area if it has fulfilled each of the following conditions: (i) it has in place any of the specifically approved safeguards for data transfers (as recognized under the Data Protection Laws) in relation to the transfer; (ii) data subjects continue to have enforceable rights and effective legal remedies following the transfer; (iii) it provides an adequate level of protection to any Personal Data that is transferred (including by way of a European Commission finding of adequacy); and (iv) it complies with reasonable instructions with respect to the transfer;

(k) inform Customer without undue delay within forty-eight (48) hours after having become aware of a breach if any Personal Data processed under this Addendum is lost or destroyed or becomes damaged, corrupted, or unusable or is otherwise subject to unauthorized or unlawful processing including unauthorized or unlawful access or disclosure (“Personal Data Breach”);

(l) promptly provide Customer with full cooperation and assistance in respect of the Personal Data Breach and all information in the Processor's possession concerning the Personal Data Breach, including the following:

i) the possible cause and consequences of the Personal Data Breach;

ii) the categories of Personal Data and the approximate number of data subjects involved; and

iii) the measures taken by the Processor to mitigate any damage;

(m) inform Customer promptly if it receives a request from a data subject exercising their data subject rights and provide Customer with reasonable cooperation and assistance in relation to such request;

(n) not disclose the Personal Data to any third party other than at the request of Customer or as otherwise required under the Agreement;

(o) provide reasonable assistance to the Customer in complying with its obligations under Data Protection Laws with respect to security, breach notifications, data protection impact assessments, and consultations with supervisory authorities or regulators;

(p) provide Customer with all information that is necessary to enable Customer to monitor the Processor's compliance with the Data Protection Laws and its obligations under this Addendum at any time during regular business hours. Deel Group may satisfy Customer’s right of audit under the Data Protection Laws in relation to Personal Data, by providing an audit report not older than eighteen (18) months, prepared by an independent external auditor demonstrating that Deel Group’s technical and organizational measures are sufficient and in accordance with an accepted industry audit standard. Deel Group reserves the right to refuse audit requests from an entity that is a competitor of Deel Group.; and

(q) delete or return that Personal Data to Customer at the end of the duration of the processing, and at that time delete or destroy existing copies. If return or destruction is impracticable or prohibited by law, rule, or regulation, Deel Group shall take measures to block such Personal Data from any further processing (except to the extent necessary for processing required by law, rule, or regulation) and shall continue to appropriately protect the Personal Data remaining in its possession, custody, or control.

(r) Customer acknowledges and agrees that Deel Group may (i) engage its Affiliates and Sub-Processors listed in Appendix 4 to this Addendum to access and process Personal Data in connection with the Services and (ii) from time to time engage additional third parties for the purpose of providing the Services, including without limitation the processing of Personal Data. By way of this Addendum, Customer provides general written authorization to Deel Group to engage Sub-Processors as necessary to perform the Services.

(s) A list of Deel Group’s current Sub-Processors (the “List”) is available to Customer, on the Deel platform. Such a List may be updated by Deel Group from time to time. Deel Group provides a mechanism to subscribe to notifications of new Sub-Processors and Customer agrees to subscribe to such notifications where available. For instructions on how to subscribe to the notification mechanism, please follow the steps in Appendix 4. Deel Group will endeavor to give written notice (30) days prior to any change, but in any event will give written notice no less than fifteen (15) days prior to any such change.The Customer may object to such an engagement by informing Deel Group within fifteen (15) days of receipt of the aforementioned notice by Deel Group, provided such objection is in writing and based on reasonable grounds relating to data protection. Customer acknowledges that certain Sub-Processors are essential to providing the Services and that objecting to the use of a Sub-Processor may prevent Deel Group from offering the Services to Customer.

(t) If Customer reasonably objects to an engagement in accordance with clause 5, and Deel Group cannot provide a commercially reasonable alternative within a reasonable period of time, Customer may discontinue the use of the affected Service by providing written notice to Deel Group. Discontinuation shall not relieve Customer of any fees owed to Deel Group under the Agreement.

(u) If Customer does not object to the engagement of a Sub-Processor in accordance with clause 5 within fifteen (15) days of notice by Deel Group, that Sub-Processor will be deemed an approved Sub-Processor for the purposes of this Addendum.

(v) Deel Group will enter into a written agreement with the Sub-Processor imposing on the Sub-Processor data protection obligations comparable to those imposed on Deel Group under this Addendum with respect to the protection of Personal Data. In case a Sub-Processor fails to fulfill its data protection obligations under such written agreement with Deel Group, Deel Group will remain liable to Customer for the performance of the Sub-Processor’s obligations under such agreement.

6. Technical and Organizational Measures

1. Deel Group shall take suitable technical and organizational measures appropriate to the risk to ensure for protection of the security, confidentiality and integrity of the Personal Data it Processes under this DPA. Deel Group guarantees that it has carried out the technical and organizational measures specified in Appendix 2 to this DPA.

2. The technical and organizational measures are subject to the current state of technology and technical progress. In this regard, Deel Group is permitted to implement adequate alternative measures, provided that these measures may not provide a lower level of security to Customer data than the stipulated measures in Appendix 2 to this DPA.

7. Cross-Border Data Transfer

1. The parties agree that when the transfer of Personal Data is a Restricted Transfer it shall be subject to the appropriate Standard Contractual Clauses or the UK Addendum.
a. In relation to Personal Data that is protected by the EU GDPR and Restricted Transfers outside the EU, the Standard Contractual Clauses shall be incorporated into this Addendum by reference and the information required to complete the Standard Contractual Clauses is as follows:
i. Module One (Controller to Controller) will apply where both Customer and Deel Group are Controllers of the Personal Data under this DPA; Module Two (Controller to Processor) will apply where Customer is a Controller and Deel Group is a Processor of the Personal Data under this DPA.
ii. In Clause 7, the optional docking clause will apply.
iii. In Clause 9, Option 2 applies to the use of subprocessors.
iv. In Clause 11, the optional language will not apply.
v. Clause 13(a) Option 1 applies (supervisory authority with responsibility for ensuring compliance by the data exporter shall act as competent supervisory authority) as indicated in Appendix 3.
vi. In Clause 17, Option 1 will apply, and the EU SCCs will be governed by the law of The Republic of Ireland.
vii. In Clause 18(b), disputes shall be resolved before the courts of The Republic of Ireland.
viii. Annex I of the EU SCCs shall be deemed completed with the information set out in Appendix 3 to this DPA.
ix. Annex II of the EU SCCs shall be deemed completed with the information set out in Appendix 3 to this DPA.
b. In relation to Personal Data that is protected by the UK GDPR and Restricted Transfers out of the UK, the UK Addendum shall be incorporated into this Addendum by reference and the information required to complete the UK Addendum is as follows:
i. Part 1 of the UK Addendum is completed as follows:
- In Table 1, as set forth in Appendix 3.A “List of parties”.
- In Table 2, the second option is selected, and the “Approved EU SCCs” are the Standard Contractual Clauses referred to in Section 11.1 (a) of this section.
- In Table 3, Annexes 1 (A and B) of the “Approved EU SCCs” are Appendix 3 (A and B) to this DPA, and Annex II of the “Approved EU SCCs” is Appendix 3 to this DPA.
- In Table 4, both the “Importer” and the “Exporter” can terminate the UK Addendum.
ii. Part 2 of the UK Addendum is completed with the Mandatory Clauses of the Approved Addendum, being the template Addendum B.1.0 issued by the ICO and laid before Parliament in accordance with s119A of the Data Protection Act 2018 on 2 February 2022, as it is revised under Section 18 of those Mandatory Clauses.
c. In relation to Personal Data that is protected by the Swiss DPA, the EU SCCs will apply completed as follows:
i. References to "Regulation (EU) 2016/679" shall be interpreted as references to the Swiss DPA.
ii. References to specific Articles of "Regulation (EU) 2016/679" shall be replaced with the equivalent article or section of the Swiss DPA.
iii. References to "EU", "Union" and "Member State law" shall be replaced with "Switzerland".
iv. Clause 13(a) and Part C of Annex II shall be deleted.
v. References to the "competent supervisory authority" and "competent courts" shall be replaced with "the Swiss Federal Data Protection and Information Commissioner" and "relevant courts in Switzerland".
vi. Clause 17 shall be replaced to state "The Clauses are governed by the laws of Switzerland".
vii. Clause 18 shall be replaced to state "Any dispute arising from these Clauses shall be resolved by the applicable courts of Switzerland. The Parties agree to submit themselves to the jurisdiction of such courts".

2. In the event that any provision of this Addendum contradicts, directly or indirectly, the Standard Contractual Clauses or the UK Addendum, the Standard Contractual Clauses and the UK Addendum shall prevail. Where PIPL applies, the parties agree that the PIPL SCCs ("个人信息出境标准合同") shall prevail over any other data protection agreement.

3. If the Standard Contractual Clauses or the UK Addendum are deemed invalid by a governmental entity with jurisdiction over transferred personal data (e.g., the EU Court of Justice or the UK Government) or if such governmental entity imposes additional rules and/or restrictions regarding such Transferred Personal Data, the parties agree to work in good faith to find an alternative and/or modified approach with respect to such Transferred Personal Data which is in compliance with applicable laws.

8. Final Provisions

1. If individual provisions of this Addendum should be or become ineffective, this shall not affect its remaining provisions. The Parties undertake to replace the ineffective provisions with a legally valid provision that comes closest to the purpose of the ineffective provisions.

2. In the event of contradictions between this Addendum and any other agreements between the Parties, especially the Agreement, the provisions of this Addendum shall take precedence.