Algemene voorwaarden

Platform Terms of Use | Modefabriek B.V.


Version: 1.0

Date: 27th of July 2020


These platform terms of use (hereinafter: “Terms of Use”) set out the terms and conditions that apply to every use made of the Modefabriek online platform (hereinafter: “the Platform”) made available by Modefabriek B.V. (hereinafter: “Modefabriek”), as well as related services and the website provided by Modefabriek. Modefabriek is located at Gedempt Hamerkanaal 29 (1021 KL) in Amsterdam, The Netherlands and registered with the Dutch Chamber of Commerce with registration number 34149809.


The Platform is created for verified fashion industry professionals (hereinafter: “B2B Users”) and people with an interest in fashion (hereinafter: “Consumer Users”). Certain parts of the Platform are only accessible to B2B Users.


By creating an account for the Platform, you agree to be fully bound by these Terms of Use. Please read these Terms of Use carefully before you use the Platform. If you do not agree to be bound by these Terms of Use, please do not use our Platform.


1.  DEFINITIONS

Capitalized terms used in these Terms of Use have the meaning set out in this article, in both singular and plural.

1.1.  Account: User's personal account with which access to (parts of) the Platform can be

obtained.

1.2. Agreement: the agreement between Modefabriek and User on the basis of which Modefabriek will give User access to (parts of) the Platform and of which these Terms of Use (including any appendixes) form an inseparable part.

1.3. B2B Marketplace: the marketplace functionality of the Platform, which is only accessible to B2B Users and can be used for business purposes such as brand promotion, professional networking, connecting, ordering and sales.

1.4. Content: all websites, software, (web) applications, corporate identities, logos, leaflets, brochures, leaflets, lettering, advertisements, marketing and/or communication plans, concepts, images, texts, sketches, documentation, reports and (other) creations of the mind, as well as preparatory material thereof and the data carriers on which the materials are located.

1.5. Intellectual Property: rights (of intellectual property) including but not limited to copyrights, database rights, domain names, trade name rights, trademark rights, design rights, neighboring rights, patent rights, as well as rights to know-how.

1.6.  User: each natural or legal person who has entered into an Agreement with Modefabriek, including B2B Users and Consumer Users.

1.7. Website: the website of Modefabriek through which Users can access the Platform, accessible via the domain www.modefabriek.nl and each sub-domain belonging to it.


2.   AGREEMENT AND TERMS OF USE: APPLICABILITY

2.1. These Terms of Use act as an Agreement between Modefabriek and User. The provisions in the Terms of Use differentiate between User, Consumer User and B2B User. Some of the provisions are relevant for all users of the Platform and are therefore directed towards Users. Other provisions are only relevant for certain types of users and are therefore directed towards either Consumer Users or B2B Users.

2.2. If any provision in these Terms of Use prove to be null and void, or otherwise unenforceable, this shall not affect the applicability of the Terms of Use as a whole. In such cases, Modefabriek will adopt one or more new provisions that implement the intention of the original Terms of Use as much as possible.


3.  REGISTRATION AND ACCOUNT

3.1. Most functionalities and parts of the Platform are only accessible after registration. Certain functionalities and parts of the Platform are only accessible to B2B Users.

3.2. To be able to use the Platform User must register online for a subscription and create an Account. Consumer Users can subscribe free of charge. B2B Users pay a subscription fee.

3.3.  After registration, the Account usually becomes active within two working days, but it is possible that Modefabriek first performs a manual check to verify the authenticity of the registration. If the User has registered for a B2B User Account, Modefabriek will always perform a manual check in order to verify if the User is a qualified fashion professional. Modefabriek may deny User’s B2B User Account registration if Modefabriek considers or expects that User does not qualify for the B2B Account.

3.4.  User represents and warrants the accuracy and completeness of all information supplied by it

or on its behalf to Modefabriek.

3.5.  Accounts are strictly personal and may not be shared with others. User must secure access to its Account by using the username and a strong password. In particular, User must keep the password strictly confidential. Modefabriek may assume that all actions undertaken from the Account after logging in with User’s username and password are authorized and supervised by User. User is therefore solely liable for these actions.

3.6. Modefabriek does not mediate in making contact between users, but only offers users the opportunity to contact each other. Modefabriek does, however, monitor the proper and legal use of the Platform and User’s compliance with these Terms of Use.


4.  LICENSE AND USE OF THE PLATFORM

4.1. Modefabriek hereby grants to User a limited license to use the functionalities made available to User through the Platform. This license is non-exclusive and non-transferable. No rights are granted other than as expressly set forth in these Terms of Use.

4.2. User is not permitted to use the Platform for any purpose that violates Dutch or other applicable law and regulations. Furthermore, it is not allowed to interfere with, damage or otherwise disrupt the Platform (including any parts thereof).

4.3.  In addition, on or through the Platform it is forbidden to:

a. publish or store any Materials that are pornographic or erotic;

b.  publish or store any Materials that are in violation of copyright or hyperlinks to such information;

c.  assist others in violating third-party rights, for example by linking to hacking tools or tutorials for committing computer crime that are clearly written to carry out criminal acts (and not to defend against them);

d. violate the privacy of a third party, for example by distributing their personal data without permission or clear need, or the repeated harassment of third parties with unsolicited communications;

e. involve unreasonable or disproportionate use of the infrastructure of Modefabriek’s or third parties’ computer systems;

f.  constitute unauthorized or unsolicited advertising, junk, spam, bulk e-mail, scam and/or phishing;

g. involve manual or automated software, devices, or other processes to “crawl”, “spider”

or “scrape” any content of the Platform;

h.  impersonate anyone else, for example, by logging into someone else's account;

i.  use indecent language within the offered chat functionality or other contact forms; swearing, stalking, threatening, flooding (repeating the same text) is not allowed;

j.  offer any form of prostitution, or ask for any other form of compensation in money or kind for any service.

4.4. In addition, User is required to:

a. fill out the personal profile with truthful information only;

b. follow all instructions of Modefabriek operators without delay.

4.5. If Modefabriek discovers that User violates any of the rules of usage above, or receives a complaint alleging the same, then Modefabriek may intervene to end the violation. This may include (temporarily) blocking User’s Account. If the breach continues, or if after reactivation of the Account another breach is detected, Modefabriek may decide to permanently deleteUser’s Account and terminate the Agreement. Modefabriek shall not be liable for any damage User may lead as a result of these actions.

4.6. If in the opinion of Modefabriek the continued functioning of the computer systems or network of Modefabriek or third parties is actually (or under threat of) being damaged or jeopardized, for example through excessive transmission of data, leaks of personal data or virus activity, Modefabriek may take all steps it deems reasonably necessary to end or avert such damage or jeopardy. Modefabriek is in particular entitled to change or delete User’s contributions and uploaded Materials at its own discretion and without becoming liable for any damages whatsoever.

4.7. Modefabriek is at all times entitled to file a criminal complaint for any offenses committed through or using the Platform. Modefabriek is also entitled to give User’s name, address, IP address and other identifying data to a third party who complains that User is infringing his rights, provided that the accuracy of the complaint is sufficiently plausible, there is no other way to obtain this personal data and the third party has a clear interest in obtaining the data.

4.8. Modefabriek may recoup from User all damages it suffers as a result of User’s violation of these Terms of Use. User agrees to indemnify and hold harmless Modefabriek from all third- party claims arising out of User’s violation of these Terms of Use.


5.   ADDITIONAL FEATURES FOR B2B USERS

5.1. B2B Users have access to special B2B features of the Platform, in addition to the features Consumer Users have, such as the B2B Marketplace. These features may depend on the type subscription chosen by B2B User. The variation of subscriptions and their prizes are specified on the Website.

5.2. Some B2B subscriptions can be used to display a certain number of Materials, such as job advertisements and brand banners on the Platform or the Website. Additional conditions for displaying such Materials may be specified on the Website.

5.3. B2B User understands that other users can see the Materials that are uploaded on the Platform. Modefabriek is not responsible if other users copy or share any Materials uploaded by B2B User.


6.   AVAILABILITY AND MAINTENANCE

6.1.  User accepts that the Platform only contains the functionality and other characteristics made available to User at the moment of delivery ("as is"), including all visible and invisible errors and defects. Modefabriek does not guarantee that the Platform will be free from disruptions or defects at all times. Modefabriek will make reasonable efforts to realize the uninterrupted availability of its systems, networks and the Platform, but offers no guarantees in this respect.

6.2. Modefabriek has the right to change the (functionality of the) Platform at any time. Feedback and suggestions are welcome, but Modefabriek makes the final decision on which changes it will or will not implement.

6.3. Modefabriek actively maintains the Platform. Maintenance can take place at any time, even if this may negatively impact the availability of the Platform. Maintenance is announced in advance whenever possible. However, Modefabriek is in no case liable to compensate any damage arising from non-availability.

6.4.  As the Platform is provided online, User is responsible for acquiring its own appropriate internet access and suitable anti-virus protection.

6.5.  Modefabriek has the right to use third parties for the performance of the Agreement..


7.  PAYMENT OF FEES AND SUBSCRIPTIONS FOR B2B USERS

7.1. B2B User’s license to use the Platform is subject to payment of the applicable subscription fee(s), as specified on the Website. The fee may depend on the duration and type of subscription B2B User has chosen. All fees and prizes are in euros and excl. VAT.

7.2. Fees for each 6-month term of the Agreement must be paid in advance. Payments of the fees can be made via the payment methods and instructions offered on the Website.

7.3. It is possible that Modefabriek has awarded B2B User a specific payment term. If in this case B2B User does not meet its payment obligation(s) on time, Modefabriek will inform B2B User of this, allowing B2B User a new period of fourteen (14) days to still meet these payment obligation(s). If payment is not made within this 14-day period, B2B User will owe the statutory interest on the outstanding amount and Modefabriek will be entitled to charge the extrajudicial collection costs incurred by Modefabriek in accordance with the statutory rules on collection.

7.4. Modefabriek reserves the right to change its fees for the subscription once per calendar year, in January, with a maximum increase of 25%, of which B2B User will receive notice at least fourteen days (14) in advance. If Modefabriek increases its fees more often or with more than 25% and B2B User does not agree with the increase, B2B User may terminate the Agreement, before the increasement takes effect.


8.   INTELLECTUAL PROPERTY RIGHTS

8.1. The Platform, its look-and-feel, the accompanying software as well as all Materials published by Modefabriek is the Intellectual Property of Modefabriek and/or its licensors. None of these items may be copied or used without prior written permission of Modefabriek, except and to the extent permitted by mandatory law or when expressly specified in these Terms of Use.

8.2. The Platform includes and shows Material uploaded by other users. None of these Materials may be copied or used without prior written permission of the owner of the Material.

8.3.  Modefabriek and/or its licensors have the right to implement technical measures to protect the Platform against unlawful use and/or against use in a manner or for purposes other than as agreed and/or intended. User will not remove these technical measures or have them removed or circumvent them or have them circumvented.

8.4. Data and Materials stored by User or processed while using the Platform is and remains User’s property. Modefabriek receives an unlimited license for use of the data and Materials for providing the Platform and any additional and prospective services and to use this data for statistical purposes. Modefabriek has the right to share these statistical data (anonymous data) with third parties.

8.5.  User represents and warrants that any data and Materials stored, uploaded or processed by User while using the Platform do not violate or infringe any rights (including Intellectual Property rights) of any third party and are not libelous, defamatory or otherwise illegal. User shall defend and indemnify Modefabriek from and against all claims, actions, proceedings, losses, damages, expenses and costs (including without limitation court costs and reasonable attorney fees) arising out of or in connection with the foregoing representations and warranties.

8.6.  After termination of the Agreement, for whatsoever reason, Modefabriek has the right to destroy the data and Materials referred to in the previous paragraphs.

8.7.  If User sends Modefabriek information, e.g. feedback about an error or a suggestion for improvement, User also gives Modefabriek an unlimited and perpetual right to use this information for (improvement of) the Platform and the service.


9.  PRIVACY

9.1. By using the Platform, Modefabriek obtains certain data provided by User. This could be personal data. Modefabriek respects privacy and personal data.

9.2. During the processing of personal data Modefabriek adheres to the requirements of applicable data protection legislation, such as the General Data Protection Regulation (hereinafter “GDPR”).

9.3.  More information regarding the processing of personal data can be found in the privacy and cookie statement available at the Website.


10.  LIABILITY

10.1.  The liability limitations referred to in these Terms of Use shall not apply to Agreements with Consumer Users or in cases of willful misconduct or deliberate recklessness on the part of Modefabriek, or for any other liability that may not otherwise be lawfully excluded or limited.

10.2.  Notwithstanding the first paragraph of this article, the total liability of Modefabriek shall be limited to the amount User paid for use of the Platform in the six (6) months before the damaging incident took place. However, Modefabriek’s total liability for direct damage, for any reason whatsoever, will in no event exceed EUR 1.200,- per six months.

10.3. In no event shall Modefabriek be liable for indirect damages, consequential damages, lost profits, missed savings or damages through business interruption, loss of (business) data, or any other pecuniary loss in connection with any claim, damage or other proceeding arising under the Agreement.

10.4. Unless performance by Modefabriek is permanently impossible, Modefabriek shall only be liable due to an attributable failure in the performance of the Agreement if User properly issues a written notice of default to it without undue delay, granting Modefabriek a reasonable term to rectify the breach, and Modefabriek culpably fails to fulfil its obligations also after this term haspassed. The notice of default must describe the breach as comprehensively and in as much detail as possible in order to give Modefabriek the opportunity to respond adequately.

10.5.  Any right to compensation is always conditional upon the damage being notified in writing to Modefabriek by User as soon as possible after it arises. Any claim against Modefabriek by B2B Users for compensation will be time-barred twelve (12) months after the claim arises.

10.6.  Modefabriek shall have no liability to User under these Terms of Use if it is prevented from or delayed in performing its obligations under these Terms of Use, or from carrying on its business, by acts, events, omissions or accidents beyond its reasonable control (force majeure), including, without limitation, cybercrime, (distributed) denial of service attacks, failure of a utility service or transport or telecommunications network, war, riot, fire, flood, storm or unforeseeable default of suppliers.

10.7. In the event of force majeure, Modefabriek shall be entitled to suspend its obligations under the Agreement, without this giving rise to any obligation to pay User any compensation.

10.8.  If the force majeure situation persists for more than three (3) months, the Parties shall be entitled to dissolve the Agreement in writing, without this giving rise to any obligation on the part of Modefabriek to pay compensation


11. CONFIDENTIALITY

11.1.  With respect to the information disclosed by and between the parties while using the Platform, the parties shall accept the duty to observe strict secrecy when the information is marked as confidential or when the receiving party knows or should reasonably suspect that the information was intended to be confidential and/or may not be disclosed to the public (such as Materials uploaded by other users in the B2B Marketplace).

11.2.  Modefabriek shall not examine non-public data stored and/or distributed by User while using the Platform, unless this is necessary for proper service provision of the Platform or in the event Modefabriek is obliged to do so in pursuance of a statutory duty or required by court order.


12.  TERM AND TERMINATION OF THE AGREEMENT

12.1.  The Agreement comes into effect the moment User has completed the registration and the registration has been approved by Modefabriek.

12.2.  The Agreement with Consumer User runs for an indefinite period of time. The Consumer User

may terminate the Agreement at any time.

12.3.  The Agreement with B2B Users runs for the initial term, which depends on the choice of subscription and may be, for example, six months or one year, as stated in the subscription details on the Website. After this initial term the subscription will be automatically renewed for the same period of time. B2B User may terminate the Agreement or cancel the subscription at the end of each term, subject to a notice period of one (1) month, after which the Account will be deleted.

12.4. If the B2B User has entered into the Agreement with a free trial subscription, the subscription shall end automatically. Modefabriek will have the right to contact the B2B User with a commercial offer after the Agreement has ended.

12.5.  Notice of termination in accordance with the previous paragraphs must be given expressly, for example by giving notice of termination in writing to Modefabriek’s customer service or by using the termination option within in the Account.

12.6.  After termination of the Agreement, Users Account will be permanently deleted. It is User’s own responsibility to export or save any (personal) data and information stored in its Account.

12.7.  Modefabriek is at all times entitled to block User's access to the Platform (temporarily) and/or to dissolve or terminate the Agreement if User acts in breach of the Agreement.


13.  CHANGES TO TERMS

13.1.  Modefabriek may change or add additional terms and conditions to these Terms of Use at any time.

13.2.  Modefabriek shall announce through the Platform changes or additions at least thirty days before they become effective.

13.3.  If Consumer User does not want to accept a change or addition, Consumer User may cease any further use of the Platform and terminate the Agreement. Use of the Platform after the date of effect shall constitute acceptance of the changed or added-to terms and conditions.

13.4. Changes to the Terms of Use based on legislation or regulations and changes of minor importance may take place at any time and do not have to be announced in advance. Nor do such amendments entitle the User to terminate the Agreement.


14.  MISCELLANEOUS PROVISIONS

14.1. The rights Consumer User has under these Terms of Use are in addition to and do not affect the statutory rights and remedies Consumer User has under applicable consumer protection law. In the event of conflict between these Terms of Use and applicable consumer protection law, the statutory rights under applicable consumer protection law shall prevail.

14.2.  Unless rules of mandatory law dictate otherwise, all disputes that may arise pursuant to or in connection with these Terms of Use and use of the Platform are governed by the laws of the Netherlands and will be submitted to the competent Dutch court in the district where Modefabriek has its registered place of business.

14.3.  ‘Written/in writing’ in these Terms of Use also refers to e-mail communication, provided the identity of the sender and the integrity of the contents is adequately established.

14.4. Modefabriek is entitled to transfer its rights and obligations under these Terms of Use to a third party who acquires the Platform or the relevant business operations from it, in which case the Consumer User may dissolve or terminate the Agreement immediately. B2B User is not entitled to transfer, assign and/or sublicense its rights and obligations under these Terms of Use to a third party without the prior written consent of Modefabriek, or to dissolve or terminate the Agreement if Modefabriek transfers its rights and obligations to a third party.


15. CONTACT DETAILS

15.1.  For questions, complaints or comments User can contact Modefabriek by sending an e-mail to askmeanything@modefabriek.nl. Modefabriek will handle messages as soon as possible and will send a substantive reply within 14 days calculated from the date of receipt. If Modefabriek is unable to send a substantive reply within the aforementioned period, Modefabriek will inform User within aforementioned period with an indication on when a reply may be expected.

15.2.  If Consumer User is dissatisfied with the way in which Modefabriek handled a complaint, Consumer User may also submit this complaint to a designated arbitration board. This can be done at the European ODR platform set up for this purpose, which can be reached via https://ec.europa.eu/consumers/odr/.


Appendix 1. Processing of personal data

This Appendix 1 to the Terms of Use of Modefabriek applies to the processing of personal data by Modefabriek for or on behalf of B2B User and provides safeguards and guarantees to B2B User as required under the General Data Protection Regulation (hereinafter: “GDPR”). In the remainder of this document, Modefabriek is referred to as “Processor” and B2B User, as “Controller”, as these terms correspond with their respective roles under the GDPR.


Article 1. Purposes of processing

1.1. Processor hereby agrees under the terms of this Appendix 1 to process personal data on behalf of the Controller. Processing shall be done solely for the purpose of the Agreement, in particular for facilitating orders and payments for products or services of Controller, storing data in the 'cloud' for the benefit of Controller, and associated online services, managing financial administration and bookkeeping of Controller, offering and maintaining the online Customer Relationship Management service of Processor for Controller, providing Public Relations and marketing activities for Controller, the transmission of newsletters for Controller, and all purposes compatible therewith or as determined jointly.

1.2. The personal data to be processed by Processor for the purposes as set out in the previous clause and the categories of data subjects involved are set out in Appendix 2. Processor shall not process the personal data for any other purpose unless with Controller's consent. Controller shall inform Processor of any processing purposes to the extent not already mentioned in this Appendix 1.

1.3. All personal data processed on behalf of Controller shall remain the property of Controller and/or the data subjects in question.


Article 2. Processor obligations

2.1. Regarding the processing operations referred to in the previous clause, Processor shall comply with all applicable legislation, including at least all data processing legislation such as the GDPR.

2.2. Upon first request Processor shall inform Controller about any measures taken to comply with its obligations under this Appendix 1.

2.3. All obligations for Processor under this Appendix 1 shall apply equally to any persons processing personal data under the supervision of Processor, including but not limited to employees in the broadest sense of the term.

2.4. Processor shall inform Controller without delay if in its opinion an instruction of Controller would violate the legislation referred to in the first clause of this article.

2.5. Processor shall provide reasonable assistance to Controller in the context of any data protection impact assessments to be made by Controller.

2.6. Processor shall, in accordance with Article 30 GDPR, keep a register of all categories of processing activities which it carries out on behalf of the Controller under this Appendix 1. At Controller's request, Processor shall provide Controller access to this register.


Article 3. Transfer of personal data

3.1. Processor may process the personal data in any country within the European Union.

3.2. In addition Processor may transfer the personal data to a country outside the European Union, provided that country ensures an adequate level of protection of personal data and complies with other obligations imposed on it under this Appendix 1 and the GDPR, including the availability of appropriate safeguards and enforceable data subject rights and effective legal remedies for data subjects.

3.3. Processor shall report to Controller of the countries involved. Processor shall ensure that, considering the circumstances that apply to the transfer of personal data or any category of transfers, the country or countries outside the European Union have an adequate level of protection.

3.4. In particular Processor shall take into account the duration of the processing, the country of origin and the country of destination, the general and sector-based rules of law in the country of destination and the professional rules and security measures which are complied with in that country.


Article 4. Allocation of responsibilities

4.1. The authorised processing operations shall be performed by employees of Processor within an

automated environment.

4.2. Processor is solely responsible for the processing of personal data under this Appendix 1 in accordance with the instructions of Controller and under the explicit supervision of Controller. For any other processing of personal data, including but not limited to any collection of personal data by Controller, processing for purposes not reported to Processor, processing by third parties and/or for other purposes, the Processor does not accept any responsibility.

4.3. Controller represents and warrants that the content, usage and instructions to process the personal data as meant in this Appendix 1 are lawful and do not violate any right of any third party.


Article 5. Involvement of sub-processors

5.1. Processor shall only involve those third parties in the processing that were listed in the Appendix 2 or with the prior written permission of Controller, which permission may be made conditional.

5.2. In any event, Processor shall ensure that any third parties are bound to at least the same obligations as agreed between Controller and Processor.

5.3. Processor shall ensure that these third parties shall comply with the obligations under this Appendix 1 and is liable for any damages caused by violations by these third parties as if it committed the violation itself.


Article 6. Security

6.1. Processor shall use reasonable efforts to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk for the processing operations involved, against loss or unlawful processing (in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed).

6.2. Processor does not warrant that the security is effective under all circumstances. If any security measure explicitly agreed in this Appendix 1 is missing, then Processor shall use best efforts to ensure a level of security appropriate to the risk taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of


varying likelihood and severity for the rights and freedoms of natural persons.

6.3. Controller shall only provide personal data to Processor for processing if it has ensured that the required security measures have been taken. Controller is responsible for the parties' compliance with these security measures.


Article 7. Notification and communication of data breaches

7.1. Controller is responsible at all times for notification of any security breaches and/or personal data breaches (which are understood as: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed as described in Article 4 (12) of the GDPR) to the competent supervisory authority, and for communication of the same to data subjects. In order to enable Controller to comply with this legal requirement, Processor shall notify Controller without undue delay an actual or threatened security or personal data breach.

7.2. A notification under the previous clause shall be made at all times.

7.3. The notification shall include at least the fact that a breach has occurred. In addition, th notification shall:

  • describe the nature of the personal data breach including, where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned;
  • describe the likely consequences of the personal data breach;
  • include the name and contact details of the Data Protection Officer (if appointed) or a contact person regarding privacy subjects;
  • describe the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.

7.4. Processor shall document all data breaches in accordance with Article 33(5) GDPR, including the facts relating to the personal data breaches, the consequences thereof and the measures taken to correct the respective breach. At Controller's request, Processor shall provide access hereto.


Article 8. Processing requests from data subjects

8.1. In the event a data subject makes a request to exercise his or her legal rights under the GDPR (Articles 15-22) to Processor, the parties shall jointly consult on how to handle the request. Controller shall however retain final responsibility on the request.


Article 9. Confidentiality obligations

9.1. All personal data that Processor receives from Controller and/or collects itself is subject to strict obligations of confidentiality towards third parties. Processor shall not use this information for any goals other than for which it was obtained, not even if the information has been converted into a form that is no longer related to an identified or identifiable natural person.

9.2. The confidentiality obligation shall not apply to the extent Controller has granted explicit permission to provide the information to third parties, the provision to third parties is reasonably necessary considering the nature of the assignment to Controller or the provision is legally required.


Article 10. Audit

10.1. Controller has the right to have audits performed on Processor by an independent third party bound by confidentiality obligations to verify compliance with this Appendix 1, and all issues reasonably connected thereto.

10.2. This audit may be performed once every quarter.

10.3. Processor shall give its full cooperation to the audit and shall make available employees and all reasonably relevant information, including supporting data such as system logs.

10.4. The audit findings shall be assessed by the parties in joint consultation and may or may not be implemented by either party or jointly.

10.5. The costs of the audit shall be borne by Processor.


Article 11. Term and termination

11.1. Upon termination of the Agreement, regardless of reason or manner, Processor shall - at the choice of Controller - return in original format or destroy all personal data available to it.

11.2. This Data Processing Agreement may be changed in the same manner as the Terms of Use.


Appendix 2. Stipulation of personal data and data subjects


Data subjects and personal data of different purposes

Processor shall process the below personal data of the categories data subjects from different purposes under the supervision of Controller, as specified in article 1 of Appendix 1:


Cloud storage of data

Customers

  • Messages
  • Job offer
  • Job application


Suppliers

  • Messages
  • Job offer
  • Job application


Account holders

  • Messages
  • Job offer
  • Job application


Prospective employees

  • Names and addresses
  • Telephone numbers
  • Email addresses
  • Visitor behaviour
  • IP addresses
  • (Portrait)photos
  • Resumes
  • Dates of birth

 

Send newsletters

Customers

  • Email addresses
  • Visitor behaviour
  • IP addresses


Suppliers

  • Email addresses
  • Visitor behaviour
  • IP addresses


Account holders

  • Email addresses
  • Visitor behaviour
  • IP addresses

 

Handling orders and payments for products or services of Controller

Customers

  • Names and addresses
  • Telephone numbers
  • Email addresses
  • Financial data


Suppliers

  • Names and addresses
  • Telephone numbers
  • Email addresses
  • Financial data


Account holders

  • Names and addresses
  • Telephone numbers
  • Email addresses
  • Financial data

 

Customer Relationship Management

Customers

  • Names and addresses
  • Telephone numbers
  • Email addresses
  • Visitor behaviour
  • IP addresses
  • Social media accounts
  • Dates of birth
  • Financial data


Suppliers

  • Names and addresses
  • Telephone numbers
  • Email addresses
  • Visitor behaviour
  • IP addresses
  • Social media accounts
  • Dates of birth
  • Financial data


Account holders

  • Names and addresses
  • Telephone numbers
  • Email addresses
  • Visitor behaviour
  • IP addresses
  • Social media accounts
  • Dates of birth
  • Financial data


Website visitors

  • Visitor behaviour
  • IP addresses


Leads and potential customers

  • Visitor behaviour
  • IP addresses

 

Accounting (financial administration)

Customers

  • Names and addresses
  • Telephone numbers
  • Email addresses
  • Financial data


Suppliers

  • Names and addresses
  • Telephone numbers
  • Email addresses
  • Financial data


Account holders

  • Names and addresses
  • Telephone numbers
  • Email addresses
  • Financial data

 

PR or Marketin

Customers

  • Names and addresses
  • Telephone numbers
  • Email addresses
  • Visitor behaviour
  • IP addresses
  • Social media accounts
  • Financial data


Suppliers

  • Names and addresses
  • Telephone numbers
  • Email addresses
  • Visitor behaviour
  • IP addresses
  • Social media accounts
  • Financial data


Account holders

  • Names and addresses
  • Telephone numbers
  • Email addresses
  • Visitor behaviour
  • IP addresses
  • Social media accounts
  • Financial data


Website visitors

  • Visitor behaviour
  • IP addresses


Leads and potential customers

  • Visitor behaviour
  • IP addresses

 

Controller represents and warrants that the description of personal data and categories of data subjects in this Appendix 2 is complete and accurate, and shall indemnify and hold harmless Process for all faults and claims that may arise from a violation of this representation and warranty.