Kubera Legal

Terms of Service (White-Label)

Last updated: March 16, 2021

Please read these terms and conditions carefully before using the White-Label Kubera Service.

The following set out the Terms and Conditions for Kubera Apps Inc. (Supplier), a company incorporated and registered in Delaware, United States whose registered office is at 251 Little Falls Drive, Wilmington, New Castle County, DE 19808.

These Terms and Conditions apply in whole to all users (Customer, Authorised Users and End-User, collectively known as the Consumer) of the Kubera White-Label Service. In using this Service, the Customer, has agreed to take and pay for the Supplier’s product (Service) subject to these Terms.

Introduction

The Supplier has developed the Service that allows users to track their assets, investments, debts and their net worth over time. The Customer would offer this application to their clients (End-User) as part of their services. The Customer would get access to the information entered by the clients and optionally can also manage the information collaboratively.

The Service is provided on a subscription basis wherein the Customer is able to not only access all of the service functions of the software but to brand it in the Customer’s markings with attribution to the Supplier. Hosting updates and potential upgrades will be available to Customers who are under a current subscription in compliance with these Terms. Information regarding Subscription Terms can be found here.

Third Party Providers

Some Customers may provide access to other third-party applications or providers in conjunction with use of the Supplier’s Service. The Supplier does not endorse any third-party website nor the content of any of third-party website made available via the Customer’s access to services.

The Supplier makes no representation or commitment and shall have no liability or obligation whatsoever in relation to the content or use of, or correspondence with, any such third-party website, or any transactions completed, and any contract entered into by the Customer or any End-User (as the case may be), with any such third party.

Supplier’s obligations

The Supplier undertakes that the Service will be maintained substantially in accordance with these Terms and with reasonable skill and care.

If the Service does not function in a manner that is fit for purpose, Supplier will, at its expense, use all reasonable commercial endeavours to correct any such deficiency.

Such correction constitutes the Customer's sole and exclusive remedy for any breach of these Terms. Notwithstanding the foregoing, the Supplier:

a) does not warrant that:

the Customer's use of the Service will be uninterrupted or error-free;
the Services, or the information obtained by the Customer or any End-User through the Service will meet the Customer's or any End-User's requirements; and
the Service will be free from Vulnerabilities.

b) is not responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of data over communications networks and facilities, including the internet, and the Customer acknowledges that the Service may be subject to limitations, delays and other problems inherent in the use of such communications facilities.

The Supplier warrants that it has and will maintain all necessary licences, consents, and permissions necessary for the performance of its obligations under these Terms.

As outlined in the Mark Guidelines.

the Customer shall disclose the Supplier’s identity during the course of providing the Service to End-Users; and
the Supplier's Marks shall appear on those parts of the Service that are accessible to End-Users.

The Supplier shall, during the Customer’s Subscription Term:

provide the Service and make available the relevant information to the Customer on and subject to these Terms; and
enable End-Users to connect to the Service where the Customer has provided login access and to use in accordance with these Terms.

The Suppliers warrants that it will provide the Service in accordance with the Service Level Agreement.

Notwithstanding any provision in these Terms, the Customer acknowledges and agrees that it, and not the End User, is responsible for communicating all technical support issues directly to the Supplier.

From time to time the Supplier may:

modify the Service by issuing updates; and
make new features, functionality, applications or tools available in respect of the Services, whose use may be subject to the Customer’s acceptance of further Terms.

The Supplier shall give the Customer prompt written notice of any major modifications to the Service, including any such new feature, functionality, applications or tools. For clarity, any modification to the Subscription Terms can be found here.

Customer’s obligations and Consumer Content

The Customer shall:

a) provide the supplier with:

all necessary co-operation in relation to these terms; and
all necessary access to such information as may be required by the Supplier

in order to provide the Services, including any Content uploaded by the Customer, Authorised User or End-User (Consumer Content), security access and information and configuration services;

b) without affecting its other obligations under these Terms, comply with all applicable laws and regulations, including any of those relating to the export of data and software, with respect to its activities under these Terms;

c) ensure that the Authorised Users and End-Users use the Service in accordance with these Terms and shall be responsible for any breach of these Terms caused or contributed to by any acts or omissions on the part of any Authorised User or End-User;

d) ensure that its network and systems comply with the relevant specifications provided by the Supplier from time to time;

e) be solely responsible for procuring, maintaining and securing its network connections and telecommunications links from its systems to the Supplier's data centres, and all problems, conditions, delays, delivery failures and all other loss or damage arising from or relating to the Customer's or any End-User's network connections or telecommunications links or caused by the internet;

f) be solely responsible for complying with any legal or regulatory obligations of the Customer’s business and within the Customer’s jurisdiction.

g) as between the parties, be responsible for responding to all third-party requests concerning the use of the Service by the Customer or any End-User.

The Customer shall own all Intellectual Property Rights in and to all of the Consumer Content and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of the Consumer Content.

The Customer acknowledges and agrees that:

the Supplier may include the Customer’s name or the Customer’s Marks in a list of the Supplier’s customers in any medium or in any link from the Service to the Customer’s website; and
the Supplier may refer to the Customer, orally or in writing, as a customer of the Service for promotional, marketing and financial reporting purposes.

The Customer shall pay all fees due for their subscription in accordance with these Terms.

The Customer will be provided an Invoice on a monthly basis for the full amount owing, including the Subscription fee. Payment information will be detailed on each invoice and all sums due must be paid within 30 days of the issue date of the Invoice.

If the Supplier has not received payment within 30 days after the due date, and without prejudice to any other rights and remedies of the Supplier:

the Supplier may, without liability to the Customer, disable the Customer Account and password and the Customer's access, and all End-User Accounts and passwords and End-Users' access, to all or part of the Service and the Supplier shall be under no obligation to provide any or all of the Service while the invoice(s) concerned remain unpaid; and
interest shall accrue on a daily basis on such due amounts at an annual rate equal to 3% over the then current prime lending rate in the United States, commencing on the due date and continuing until fully paid, whether before or after judgment.

The Supplier shall be entitled to increase the subscription fees and any such increase will be reflected in the Subscription Terms here.

Intellectual Property Rights

The Customer acknowledges and agrees that the Supplier own all Intellectual Property Rights in the Service (whether integrated into an Application or not), the Integrated Application Elements, the Software and the Supplier's Marks. Except as expressly stated in these Terms, these Terms do not grant the Customer any rights to, or in, any Intellectual Property Rights or any other rights or in respect of the Services, or the Supplier's Marks.

The Supplier confirms that it has all the rights in relation to the Services and the Supplier's Marks that are necessary to grant all the rights it purports to grant under, and in accordance with, these Terms.

Confidentiality and compliance with policies

Each party may be given access to Confidential Information from the other party in order to perform its obligations under these Terms. A party's Confidential Information shall not be deemed to include information that:

is or becomes publicly known other than through any act or omission of the receiving party;
was in the other party’s lawful possession before the disclosure;
is lawfully disclosed to the receiving party by a third party without restriction on disclosure;
is independently developed by the receiving party, which independent development can be shown by written evidence; or
is required to be disclosed by law, by any court of competent jurisdiction or by any regulatory or administrative body.

Each party shall hold the other's Confidential Information in confidence and, unless required by law, not make the other's Confidential Information available to any third party, or use the other's Confidential Information for any purpose other than the implementation of these Terms.

Each party shall take all reasonable steps to ensure that the other's Confidential Information to which it has access is not disclosed or distributed by its employees or agents (and also, in the case of the Customer only, by the End-Users) in breach of the terms of these Terms.

The Supplier shall not be responsible for any loss, destruction, alteration or disclosure of Confidential Information caused by any third party, except any third party subcontracted by the Supplier to perform maintenance and back-up of Consumer Content and the Service.

The parties acknowledge that:

the Supplier’s Confidential Information includes details of the Service, and the results of any performance tests of the Service; and
the Customer’s Confidential Information includes the Consumer Content and details of the use of the Service as part of the business or marketing strategy (other than any Integrated Applications of Services by the Customer).

The above provisions of this clause shall survive termination of these Terms, however arising.

No party shall make, or permit any person to make, any public announcement concerning these Terms without the prior written consent of the other parties (such consent not to be unreasonably withheld or delayed), except as required by law, any governmental or regulatory authority (including any relevant securities exchange), any court or other authority of competent jurisdiction.

Data Protection

Here's the information regarding our data protection practices.

Indemnity

The Customer shall defend, indemnify and hold harmless the Supplier against claims, actions, proceedings, losses, damages, expenses and costs (including court costs and reasonable legal fees) arising out of or in connection with:

the Customer or End User created Content;
the Customer’s Marks; or
the Customer’s or any End-User’s use of the Service.

The obligations of the Customer and the Supplier under clause 8.1 and clause 8.2 respectively are conditional on:

the indemnifying party being given prompt notice of any relevant claim;
the indemnified party providing reasonable co-operation to the indemnifying party in the defence and settlement of such claim, at the indemnifying party expense; and
the indemnifying party being given sole authority to defend or settle such claim.

Except as specifically provided otherwise, the enforcement and protection of a party's Intellectual Property Rights shall be in the sole discretion and control of that party and any and all recoveries resulting from such enforcement or protection actions shall be retained by that party.

In the defence or settlement of any claim, the Supplier may procure the right for the Customer to continue using the Services, replace or modify the Service so that they become non-infringing or, if such remedies are not reasonably available, terminate these Terms on two Business Days' notice to the Customer without any additional liability or obligation to pay liquidated damages or other additional costs to the Customer.

In no event shall the Supplier, its employees, agents and subcontractors be liable to the Customer to the extent that the alleged infringement is based on:

a modification of the Service by anyone other than the Supplier;
the use of the Service by the Customer or any End-User in combination with any Consumer Content or any Service;
the use of the Service by the Customer or any End-User in a manner contrary to the instructions given to the Customer by the Supplier; or
the use of the Service by the Customer or any End-User after notice to the Customer of the alleged or actual infringement from the Supplier or any appropriate authority.

The foregoing states the Customer's sole and exclusive rights and remedies, and the Supplier's (including the Supplier's employees', agents' and subcontractors') entire obligations and liability, for infringement of any patent, copyright, trade mark, database right or right of confidentiality.

Limitation of liability

The entire financial liability of the Supplier (including any liability for the acts or omissions of its employees, agents and sub-contractors) to the Customer, its Authorised Users or any End-User:

arising under or in connection with these Terms;
in respect of any use made by the Customer, its Authorised Users or any End-User of the Service or any part of them; and
in respect of any representation, statement or tortious act or omission (including negligence) arising under or in connection with these Terms.

Except as expressly and specifically provided in these Terms:

the Customer assumes sole responsibility for results obtained from the use of the Services by the Customer or any End-User, and for conclusions drawn from such use. The Supplier shall have no liability for any damage caused by errors or omissions in any information, instructions or scripts provided to the Supplier by the Customer or any End-User in connection with the Services, or any actions taken by the Supplier at the Customer's direction;
all warranties, representations, conditions and all other terms of any kind whatsoever implied by statute or common law are, to the fullest extent permitted by applicable law, excluded from these Terms;
the Service provided to the Customer and the End-Users on an "as is" basis.

Nothing in these Terms excludes the liability of the Supplier:

for death or personal injury caused by the Supplier's negligence; or
for fraud or fraudulent misrepresentation.

Subject to restrictions outlined in these Terms:

the Supplier shall not be liable whether in tort (including for negligence or breach of statutory duty), contract, misrepresentation, restitution or otherwise for any loss of profits, loss of business, depletion of goodwill and/or similar losses or loss or corruption of data or information, or pure economic loss, or for any special, indirect or consequential loss, costs, damages, charges or expenses however arising under these Terms; and
the Supplier's total aggregate liability in contract (including in respect of the indemnity outlined above), tort (including negligence or breach of statutory duty), misrepresentation, restitution or otherwise, arising in connection with the performance or contemplated performance of these Terms shall be limited to the total Subscription Fees paid for the User Subscriptions during the 12 months immediately preceding the date on which the claim arose.

Termination

These Terms shall, unless otherwise stated below, continue , unless:

Either Party gives 30-Days written notice of intent to terminate ; or
otherwise terminated in accordance with the provisions of these Terms.

Without affecting any other right or remedy available to it, the Supplier may Terminate a Subscription with immediate effect by giving written notice to the other party if:

the Customer fails to pay any amount due under these Terms on the due date for payment and remains in default not less than 10 business days after being notified in writing to make such payment;
either party commits a material breach of these Terms and (if such breach is remediable) fails to remedy that breach within a period of 10 business days after being notified in writing to do so;

On Termination for any reason:

all licences granted under these Terms shall immediately terminate;
the Supplier may destroy or otherwise dispose of any of the Consumer Content in its possession unless the Supplier receives, no later than ten days after the effective date of the Termination of these Terms, a written request for the delivery to the Customer of the then most recent back-up of the Consumer Content. The Supplier shall use reasonable commercial endeavours to deliver the back-up to the Customer within 30 days of its receipt of such a written request, provided that the Customer has, at that time, paid all fees and charges outstanding at and resulting from Termination (whether or not due at the date of termination). The Customer shall pay all reasonable expenses incurred by the Supplier in returning or disposing of Consumer Content;
any rights, remedies, obligations or liabilities of the parties that have accrued up to the date of termination, including the right to claim damages in respect of any breach of these Terms which existed at or before the date of termination shall not be affected or prejudiced;
any provision of these Terms that expressly or by implication is intended to come into or continue in force on or after termination [or expiry] of these Terms, including clause 7 (data protection), clause 6 (Confidentiality), clause 8 (Indemnity) and clause 10 (Term and termination), shall remain in full force and effect; and
any outstanding balance becomes immediately due and payable.

Force majeure

The Supplier shall have no liability to the Customer under these Terms if it is prevented from or delayed in performing its obligations under these Terms, or from carrying on its business, by acts, events, omissions or accidents beyond its reasonable control, including strikes, lock-outs or other industrial disputes (whether involving the workforce of the Supplier or any other party), failure of a utility service or transport or telecommunications network, act of God, war, riot, civil commotion, malicious damage, compliance with any law or governmental order, rule, regulation or direction, accident, breakdown of plant or machinery, fire, flood, storm or default of suppliers or subcontractors, provided that the Customer is notified of such an event and its expected duration.‍

Conflict

If there is an inconsistency between any of the provisions in the main body of these Terms and any ancillary or supporting sections , the provisions in the main body of these Terms shall prevail.

Variation

The Supplier may alter these Terms at any time. Any such changes will become binding on Customer’s 30 days after the changes have been implemented. Customers are therefore advised to check these Terms from time to time. ‍

Waiver

No failure or delay by a party to exercise any right or remedy provided under these Terms or by law shall constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict the further exercise of that or any other right or remedy. No single or partial exercise of such right or remedy shall prevent or restrict the further exercise of that or any other right or remedy.‍

Severance

If any provision (or part of a provision) of these Terms is found by any court or administrative body of competent jurisdiction to be invalid, unenforceable or illegal, the other provisions shall remain in force.

If any invalid, unenforceable or illegal provision would be valid, enforceable or legal if some part of it were deleted, the provision shall apply with whatever modification is necessary to give effect to the commercial intention of the parties.‍

Assignment ‍

The Customer shall not, without the prior written consent of the Supplier, assign, transfer, charge, subcontract or deal in any other manner with all or any of its rights or obligations under these Terms.

The Supplier may at any time assign, transfer, charge, subcontract or deal in any other manner with all or any of its rights or obligations under these Terms.‍

No partnership or agency

Nothing in these Terms are intended to or shall operate to create a partnership between the parties, or authorize either party to act as agent for the other, and neither party shall have the authority to act in the name or on behalf of or otherwise to bind the other in any way (including the making of any representation or warranty, the assumption of any obligation or liability and the exercise of any right or power).

Governing law

These Terms and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with the law of the state of Delaware.

Jurisdiction

Each party irrevocably agrees that the courts of Delaware shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with these Terms or their subject matter or formation (including non-contractual disputes or claims).

Subscriptions

Subject to the Customer purchasing the Subscriptions the Supplier hereby grants to the Customer a non-exclusive, non-transferable right during the Term of these Terms:

to permit the Customer, its employees and agents (Authorised Users) to use the Service in accordance with the terms of these Terms;
to use the Service for the purposes set out in this agreement.

In relation to the Authorised Users, the Customer undertakes that:

it will not allow any previously Authorised User continued access once that user’s authority has been withdrawn nor will they allow any Authorised User to reassign their user access rights in regards to the software to another user.
each Authorised User shall keep a secure password for his use of the Service, that such password shall be changed in accordance with current best practices and that each Authorised User shall keep his password confidential;
it shall disable any Authorised User's access to the Service promptly upon termination or suspension of such Authorised User's employment or Service contract with the Customer;
it shall maintain a written, up-to-date list of current Authorised Users and provide such list to the Supplier within five Business Days of the Supplier's written request at any time or times*;

If the Customer becomes aware that an Authorised User has improperly accessed the Service or Consumer Content in breach of the acceptable use policy or the customer’s regulatory obligations, the Customer shall:

immediately suspend the relevant authorised user;
remove the relevant Consumer Content where required; and
notify supplier of any substantial breach in accordance with any laws, regulations or other requirements by professional certifying bodies.

Whenever the Supplier reasonably suspects that there has been a breach of these Terms by the Customer, the supplier, at its sole discretion may temporarily suspend access to the software pending an investigation and resolution of the suspected breach. If the issue is not resolved within a reasonable time period or to the satisfaction of the supplier this agreement may be terminated.

A breach may include

any unauthorised third party access to the Service; or
any use of the Service by the Customer, any Authorised User or any End User that is in breach of these Terms and has the potential to materially impact the Service by any other customer of the Supplier or any of that customer's users; or
any Vulnerability or Virus introduced into the Platform or the Service by (or facilitated through) the Customer, or any Authorised User or End User.

The Customer shall not:

except as may be allowed by any applicable law which is incapable of exclusion by agreement between the parties:

a) except to the extent expressly permitted under this agreement, attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Service (as applicable) in any form or media or by any means; or

b) attempt to reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Service;\access all or any part of the Service in order to build a product or service which competes with the Service;
‍
access all or any part of the Service in order to build a product or service which competes with the Service;
license, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make the Service available to any third party except the Authorised Users, provided that the provision of the Service to Authorised Users is permitted to the extent necessary to enable them to use the relevant Service;
attempt to obtain, or assist third parties in obtaining, access to the Service; or
introduce, or permit the introduction of, any Virus or Vulnerability into the Service.

The Customer shall:

use all reasonable endeavours to prevent any unauthorised access to, or use of, the Service and, in the event of any such unauthorised access or use, promptly notify the Supplier; and
comply with any further obligations set out in the Documentation that govern use of the Service.

The rights provided under this clause are granted to the Customer only, and shall not be considered granted to any subsidiary or holding company of the Customer.

Mark Guidelines

All uses by the Customer of the Supplier's Marks shall be in accordance with such quality control standards as the Supplier may promulgate from time to time. The Customer shall refrain from all uses of the Supplier's Marks to which the Supplier objects.

The Customer shall not, without the Supplier's prior written consent in each instance, use any Supplier's Mark in advertising, publicity, marketing or other promotional materials or activities.

The Customer shall submit to the Supplier in advance for its approval:

any marketing materials, and
a mock-up of any web pages,

which refer to the Supplier, any Supplier's Mark, the Application.

Any licence that may be granted by the Supplier to the Customer to use any of the Supplier's Marks shall be a non-exclusive, non-transferable, non-assignable, royalty-free licence to use such Marks solely for the purposes of exercising the Customer's rights and performing its obligations under these Terms.

All promotional literature and other materials prepared by the Customer in connection with its promotional obligations under these Terms shall bear appropriate copyright and trade mark notices as prescribed by the Supplier.

The Customer shall not use, register or attempt to register in any jurisdiction, or otherwise appropriate or adopt, any name, mark or logo that is confusingly similar to any Supplier's Mark or will dilute the distinctive nature of the Supplier's Marks.

At no time during the Subscription Term or thereafter shall the Customer attack, challenge or file any application with respect to any Supplier's Mark.

Service Level Agreement

The Supplier shall use commercially reasonable endeavors to make the Application available 24 hours a day, seven days a week, except for scheduled maintenance performed outside Normal Business Hours, provided that the Supplier has used reasonable endeavors to give the Customer at least 6 Normal Business Hours' notice in advance.

Supplier's business hours

The Supplier's business hours are Monday to Friday, 9am to 5pm Pacific Time.

Levels of priority

Business critical – i.e. unable to access the application
The Supplier will aim to respond to and resolve all Business Critical issues within 2 hours of receipt. If the Supplier cannot resolve the issue within 2 hours, the Supplier will provide an estimated time as to when the issue will be fixed.

Other support requests relating to the Application
The Supplier will aim to respond to all other support requesting relating to the Application within 1 business day. The Supplier will provide an estimated time as to when the issue/support request will be resolved.

Other support requests involving an issues with a 3rd party service provider
The Supplier will aim to respond to all other support requests involving issues with a 3rd party service provided within 1 business day. Unfortunately, the Supplier will not be able to provide an estimated time as to when the issue/support request will be resolved.

Responses/responsibilities:

The Customer is responsible for providing all necessary information and access required to allow the Supplier to investigate and resolve any issues.

The Customer is responsible for reporting all technical support issues to the Supplier using the following email address: hello@kubera.com. The End User shall report all technical support issues to the Customer who shall then report the issue to the Supplier.

The Supplier will strive to respond to all issues with the time frames given above. All issues will be resolved in as timely a manner as practicable given the complexity and urgency of the issue.

Maintenance

The Supplier shall use all reasonable endeavours to make the Application available 24 hours a day, 7 days a week, except where maintenance has been scheduled. Where possible, all scheduled maintenance shall be performed outside of Normal Business Hours and the Supplier shall give the Customer at least Six Business hours notice of such maintenance.

The Supplier shall aim to complete all unscheduled maintenance within 2 hours. If any such maintenance should not complete within 2 hours, the Supplier shall contact the Customer to provide an estimated end time.

Exceptions and limitation

Issues related to the Application itself or other services provide by the Supplier are covered under this Service Level Agreement.

Please note that some of the issues with the Application that we investigate may not be caused by the Supplier’s system and may be due to a fault with a third party supplier. In such case the Supplier does not take any responsibly but will work with the third party supplier, where practicable, to get the Application back up and running to full capacity as soon as possible.

Data Protection

Californian Data Protection Clause

For the purposes of the California Consumer Privacy Act 2020 (“CCPA”) the Consumer (“Customer and Authorised User”) is both the data provider and the data controller, and the Supplier is the data processor.

The Customer acting as the data controller is responsible for overall compliance with the CCPA.

The Supplier, acting as the data processor, will provide services in compliance with the CCPA and at the specific instructions relating to the Rights of the C, provide the C with details in accordance to their Rights defined under the CCPA sections 1-4, as long as the instructions given are not contrary to their obligations or exceptions as the data processor under CCPA.

For the avoidance of doubt, the Supplier’s obligations under the CCPA as a data processor include but are not limited to the terms contains within these Terms and Conditions as well as:

Honoring requests that individuals make with respect to access and deletion.
Provide the data subjects with information the Supplier holds and what information is shared.
Honoring requests to opt out of the sale of personal data.
Not discriminating against individuals for exercising their rights under CCPA.

Consumer Rights Under CCPA are as followed:

The right to know about the personal information a business collects about them and how it is used and shared;
The right to delete personal information collected from them (with some exceptions);
The right to opt-out of the sale of their personal information; and
The right to non-discrimination for exercising their CCPA rights.

The Supplier as the data processor claims no rights, title or interest in any of the data (personal or otherwise) the Supplier holds on the Customers. The Customer as the data controller shall have sole responsibility for the legality, reliability, integrity and accuracy of the data provided to and retained by the Supplier.

For the avoidance of doubt, the Customer’s obligations under the CCPA as a data controller include but are not limited to the terms contains within these Terms and Conditions as well as implementing appropriate technical and organisational measures to ensure and to be able to demonstrate that processing is being performed in accordance with the CCPA.

The Business accepts responsibility of the security of the system controlling and processing the information provided by the C. Including but not limited to the security of both the system as well as the data provided by the Consumer.

EU Data Protection Clause (GDPR)

For the purposes of the General Data Protection Act (“GDPR”) the Customer is the data controller and the Supplier is the data processor.

The data controller is responsible for overall compliance with the GDPR.

The Supplier, acting as the data processor, will provide services in compliance with the GDPR and at the specific instructions of the Customer, acting as data controller, as long as the instructions given are not contrary to their obligations as the data processor under the GDPR.

For the avoidance of doubt, the Supplier’s obligations under the GDPR as a data processor include but are not limited to the terms contained within these Terms and Conditions as well as:

Limiting processing to the subject matter and duration, nature and purpose as outline by the Customer.
Reporting any loss, damage or theft of any Customer data to the Customer immediately upon detection.
Cooperating with the Customer in any investigation relating to any loss, damage or theft of the Customer’s data.
To obtain written consent from the Customer before contracting ay sub-processors.
Not transfer data outside of the European Economic Area (“EEA”) without sufficient safeguards in place (for example Standard Contractual Clauses).
Provide all documentation to the Customer as necessary to demonstrate compliance with the GDPR and allow audit of the Supplier system where requests and where reasonable notice is given.
Taking appropriate measures to the controller respond to requests from individuals to exercise their rights.

The Supplier as the data processor claims no rights, title or interest in any of the data (personal or otherwise) the Customer stores on the Supplier’s system. The Customer as the data controller shall have the sole responsibility for the legality, reliability, integrity and accuracy of the data provided to and retained by the Customer.

For the avoidance of doubt, the Customer’s obligations under the GDPR as a data controller include but are not limited to the terms contained within these Terms and Conditions as well implementing appropriate technical and organisational measures to ensure and to be able to demonstrate that processing is being performed in accordance with the GDPR.

The Supplier accepts responsibility of the security of the system as far as the data processor can be held responsible. However, overall responsibility of the security of the system and the data that is secured within it lies with the data controller.

UK Data Protection clause (Data Protection Act 2018)

For the purposes of the Data Protection Act 2018 (“DPA’18”) the Customer is the data controller and the Supplier is the data processor.

The data controller is responsible for overall compliance with the DPA’18.

The Supplier, acting as the data processor, will provide services in compliance with the DPA’18 and at the specific instructions of the Customer, acting as data controller, so long as the instructions given are not contrary to their obligations as the data processor under the DPA’18.

For the avoidance of doubt, the Supplier’s obligations under the DPA’18 as a data processor include but are not limited to the terms contained within these Terms and Conditions as well as:

Limiting processing to the subject matter and duration, nature and purpose as outline by the Customer.
Reporting any loss, damage or theft of any Customer data to the Customer immediately upon detection.
Cooperating with the Customer in any investigation relating to any loss, damage or theft of the Customer’s data.
To obtain written consent from the Customer before contracting any sub-processors.
Not to transfer data outside of the European Economic Area (“EEA”) without sufficient safeguards in place (for example Standard Contractual Clauses (“SCC’s”)).
Provide all documentation to the Customer as necessary to demonstrate compliance with the DPA’18 and allow audit of the Supplier system where requests and where reasonable notice is given.
Taking appropriate measures to help the controller respond to requests from individuals to exercise their rights.

The Supplier as the data processor claims no rights, title or interest in any of the data (personal or otherwise) the Customer stores on Supplier’s system. The Customer as the data controller shall have sole responsibility for the legality, reliability, integrity and accuracy of the data provided to and retained by the Customer.

For the avoidance of doubt, the Customer’s obligations under the DPA’18 as a data controller include but are not limited to the terms contained within these Terms and Conditions as well as implementing appropriate technical and organizational measures to ensure and to be able to demonstrate that processing is being performed in accordance with the DPA’18.

The Supplier accepts responsibility of the security of the system as far as a data processor can be held responsible. However, overall responsibility of the security of the system and the data that is secured within it lies with the data controller. ‍

Australian Data Protection Clause

Under the Australian Privacy Act 1988, all APP entities must comply with the 13 Australian Privacy Principles. For the purposes of this Act both the Supplier (data processor) and the Customer (data controller) are defined as APP entities.

The APP Entity is responsible for overall compliance with the APP.

The APP Entity, acting as the data processor, will provide services in compliance with the Act; under the specific instructions of the data controller so long as the instructions given by the Individual are not contrary to their obligations as the data processor under the Act.

For the avoidance of doubt, the APP’s obligations under the Act as a data processor include but are not limited to the terms contains within these Terms and Conditions as well as complying with the following Australian Privacy Principles:

Open and transparent management of personal information
Anonymity and pseudonymity
Collection of solicited personal information
Dealing with unsolicited personal information
Notification of the collection of personal information
Use or disclosure of personal information
Direct marketing
Cross-border disclosure of personal information
Adoption, use or disclosure of government related identifiers
Quality of personal information
Security of personal information
Access to personal information
Correction of personal information

The APP Entity as the data processor claims no rights, title or interest in any of the data (personal or otherwise) the Customer stores on an APP Entity’s system. The APP Entity as the data controller shall have sole responsibility for the legality, reliability, integrity and accuracy of the data provided by an Individual and retained by the organisation or agency.

For the avoidance of doubt, an APP Entity’s obligations under the APP as a data controller include but are not limited to the terms contains within these Terms and Conditions as well as implementing appropriate technical and organisational measures to ensure and to be able to demonstrate that processing is being performed in accordance with the APP.

APP Entities accept responsibility of the security of the system and the security of the stored data as far as a data processor and data processor can be held responsible.

Go to top