Employee Scheduling
Integrations
Blog
Testimonials
NLTerms & conditions per 23 November 2022
We are L1nda B.V. (L1NDA). (L1NDA).
L1NDA provides a Software-as-a-Service (SaaS) solution that enables customers of L1NDA to schedule employees and perform workforce management (the Software). SaaS means that L1NDA offers the Software through an online environment in which customers work. In addition, L1NDA provides training, hosting, maintenance services, and other support services (the Support Services. The Software and Supporting Services are collectively referred to as our Services.
For more information, L1NDA refers to its Website: l1nda.com
L1NDA offers its Services under the condition that the Customer accepts these SaaS terms of use, including the applicable appendices (the Terms and Conditions).
In these Terms and Conditions, L1NDA and the Customer may be referred to individually as a “party” and collectively as “parties”
1 DEFINITIONS
In these Terms and Conditions, the following terms have the meanings assigned to them in this article:
a. Account: online personal environment of the Customer that is required for the use of Services and which the Customer can access via the Website by entering a username and password.
b. Subscription: the user subscription for the Software and further specified Support Services, as purchased by the Customer and further specified on the Subscription Page.
c. Subscription Page: overview page in the Account with specifications of the Services purchased by the Customer, the Subscription Fees, and any conditions agreed upon by parties.
d. Registration Form: the form completed via the Website by a potential Customer and which, once submitted electronically to L1NDA, allows the Customer to create an Account.
e. Subscription Fee: the amount owed by the Customer to L1NDA for the Services on the basis of the Subscription, as stated on the Subscription Page.
f. Authorized Users: the Customer or the employees, representatives, and third parties authorized by the Customer to use the Services.
g. Services: the Software and the Support Services.
h. Documentation: the documents that L1NDA makes available online via the Website or otherwise to the Customer and contain a description and/or instructions for use of the Services.
i. Effective Date: the start date of the Agreement between L1NDA and the Customer as stated on the Subscription page.
j. Customer: the natural or legal person acting in a commercial or professional capacity who is registered in the trade register of the Chamber of Commerce and who enters into an Agreement with L1NDA, or to whom L1NDA makes an offer.
k. Customer Data: the data entered by Customer, the Authorized Users, or L1NDA on behalf of Customer in connection with the Software, to use the Services or promote Customer’s use of the Services.
l. L1NDA: L1NDA B.V., a private company with limited liability, established in (1016 DK) Amsterdam and with offices at Westermarkt 2, 1016 DK in Amsterdam, registered in the Trade Register under number 57861765.
m. Supporting Services: the training, hosting, maintenance and mediation services, and other support from L1NDA with regard to the Services (including making the Documentation available), as described on the Subscription Page.
n. Agreement: the agreement regarding the provision of Services by L1NDA to the Customer, consisting of the Subscription and these Terms and Conditions (including appendices) together and any amendment or addition thereto.
o. Force Majeure: circumstances that are not attributable to the Customer or L1NDA, including (i) circumstances beyond the control of L1NDA or any of its suppliers, (ii) government measures, (iii) power failures, (iv) disruptions in the internet, data network or telecommunication facilities, (v) (cyber) crime, (cyber)vandalism, war or terrorism, and/or (vi) general transport problems.
p. Software: the software supplied by L1NDA, with which the Customer can perform various activities related to the scheduling and management of personnel.
1.2 Other definitions, identifiable by the use of a capital letter, may be defined in the text of the Terms and Conditions themselves.
2 RATES AND PAYMENT
2.1 L1NDA applies the Subscription Fees as agreed between L1NDA and the Customer, as stated on the Subscription page. The Subscription Fees are based on the agreed Services and (if applicable) service levels. Rates are exclusive of VAT and other government levies, which are at the expense of the Customer.
2.2 All costs incurred by the Customer in connection with the conclusion of the Agreement are borne by the Customer.
2.3 Invoicing takes place on a monthly basis with a payment term of fourteen (14) days after the date of the invoice, unless agreed otherwise. L1NDA may deny the Customer access to the Software and Services if payment has not been made within thirty (30) days after the start of the payment term.
2.4 If the Customer wishes to pay by credit card or direct debit, the Customer will authorize L1NDA to do so.
2.5 The Customer shall provide valid, current, and complete payment information and other valid, current, and complete invoice information to L1NDA before or on the Effective Date.
2.6 L1NDA reserves the right to revise and adjust the prices for the Services from time to time, for example when new functionalities or features are added to the Services. L1NDA will notify the Customer of any price change at least thirty (30) days prior to the price change, including the date on which such price change will become effective. If the Customer does not agree to the price change, the Customer has the option to terminate the Agreement within (30) days of the notification and with effect from the date on which the new prices for the Services would take effect.
3 CUSTOMER OBLIGATIONS AND WARRANTIES
3.1 The Customer is obliged to:
a) provide all necessary cooperation to L1NDA in connection with the Agreement and provide all necessary information requested by L1NDA;
b) comply with all applicable laws and regulations regarding its activities under the Agreement;
c) timely and efficiently fulfill all other responsibilities of the Customer as stated in the Agreement. In the event of any delay in cooperation by the Customer as agreed, L1NDA may adjust any agreed time schedule or delivery schedule as reasonably necessary;
d) ensure that the Authorized Users use the Services in accordance with the terms of the Agreement, particularly but not limited to Article 4 of these Terms and Conditions;
e)obtain and maintain all necessary licenses, consents, and approvals required for the Customer, its employees, and representatives to fulfill their obligations under the Agreement;
f) ensure that its network and systems on which the Software operates comply with the relevant specifications as determined by L1NDA from time to time; and
g) prevent unauthorized use of the Account by implementing adequate security measures.
3.2 Regarding the Authorized Users, the Customer warrants that:
a) the Software is not used by more than the agreed number of Authorized Users specified in the Subscription, unless additional agreements are made with L1NDA;
b) the use of Services by Authorized Users does not violate the Terms and Conditions and applicable laws and regulations.
c) each Authorized User will use a secure password for the use of the Services, and that each Authorized User will keep this password confidential;
d) The Customer is fully responsible for maintaining the security and confidentiality of usernames and passwords in accordance with L1NDA’s password policy. The Customer is obliged to inform L1NDA immediately if the Customer suspects any misuse of the Subscription.
4 USE OF THE SERVICES
4.1 Subject to compliance with the Agreement, L1NDA grants the Customer a limited, non-exclusive, non-sublicensable, non-transferable, and revocable license to access and use the Services during the term of the Agreement solely for its own internal business purposes from the Customer. The Customer may only provide access to the Services to Authorized Users.
4.2 The Customer warrants the legality, reliability, integrity, correctness, and quality of the Customer Data processed through the Services.
4.3 The Customer and the Authorized Users are not permitted to:
a) (attempt to) sell, sublicense, distribute, or merge access to (the content of) the Services into or with other software;
b) allow third parties to access non-public or secure parts of the Services;
c) send viruses, junk mail, spam, unsolicited offers, or advertisements of any kind;
d) violate any security or authentication measures;
e) use automated software systems to extract data from the Software (“(screen) scraping”);
f) attempt to reverse engineer, decompile, disassemble, or otherwise discover the source code, object code, or underlying structure, ideas, know-how, or algorithms related to the Software, documentation, or data relating thereto;
g) use the Services in any way – or create content with them – that infringes the rights of third parties, such as Intellectual Property Rights and privacy rights;
h) create derivative works of any kind;
i) use the Services for unlawful or illegal purposes;
j) create or attempt to create competing versions of the Services or any software with features similar to the Software; and/or
k) directly or indirectly attempt to:
• copy or republish (parts of) the Services;
• cause damage to or misuse the Services in any other way.
4.4 If the Customer or an Authorized User acts in violation of any of the provisions of this article, L1NDA is entitled to immediately deny the Customer access to the Services and terminate the Agreement without further notice or prior notice, without prejudice to L1NDA’s right to claim damages.
4.5 The Customer must notify L1NDA if it becomes aware of any unauthorized use or access to the Services.
4.6 L1NDA is entitled to detect and monitor unauthorized use (in violation of the Agreement) by the Customer or an Authorized User in the Software. Upon request, the Customer will immediately cooperate with an investigation to be carried out by or on behalf of L1NDA regarding compliance with the agreed usage restrictions.
5 INTEGRATIONS WITH THIRD PARTIES
5.1 L1NDA can offer external products and services from third parties to the Customer and integrate them into the Software(Integrations), such as payroll services. The Customer enters into an agreement with the relevant service provider in respect of the Integration(s) at its own risk and expense and L1NDA is not a party to such agreement.
5.2 If L1NDA makes Integrations available to the Customer or grants access to them, the (license or sales) conditions of the relevant third parties in the relationship between the third parties and the Customer (Third-Party Agreements) apply to those products or services.
5.3 The Customer shall indemnify and hold L1NDA harmless against any claim made against L1NDA with regard to the Customer’s (non-)compliance with Third-Party Agreements. In addition, the Customer shall indemnify and hold L1NDA harmless against any claim resulting from unauthorized use by the Customer or Authorized Users of the Services. For the purposes of these Terms and Conditions, any act or omission of Authorized Users shall be imputed to the Customer as having been committed by the Customer itself.
6 SERVICE LEVEL AND MAINTENANCE
6.1 The Software is provided ‘as is’ and ‘as available’, without any warranties from L1NDA regarding the availability of the Software or guarantee that the Software is free of errors or will operate without interruption. L1NDA will inform the Customer of circumstances that may influence the agreed service level or the availability of the Software.
6.2 L1NDA will make commercially reasonable efforts to make the Software available as much as possible, except in cases where:
a) planned maintenance work is being carried out, whereby L1NDA will carry out this work outside office hours as much as possible; and
b) unscheduled maintenance work is being carried out, whereby L1NDA will make reasonable efforts to inform the Customer in advance if possible
6.3 Any agreements about service levels are only agreed in writing between the parties (in a service level agreement). The Customer will always promptly inform L1NDA about all circumstances that may affect or have an impact on the service level and its availability
6.4 If agreements have been made regarding a service level, the availability of the relevant Services is always measured in such a way that unavailability as a result of preventive, corrective, or adaptive maintenance work or other forms of service that L1NDA has notified the Customer of in advance, as well as Force Majeure, will be disregarded for the measurement of service levels.
7 CONFIDENTIALITY
7.1 L1NDA and the Customer will keep confidential all confidential information they exchange in the context of the Agreement and negotiations with third parties. Information is considered confidential if this follows from the nature of the information or if the information is explicitly designated as confidential by L1NDA and/or the Customer (Confidential Information).
7.2 Confidential Information includes, but is not limited to:
a) the content of the Agreement;
b) information regarding the Services;
c) Customer Data of the Customer;
d) all financial, commercial and operational information that L1NDA makes available to the Customer.
7.3 Confidential Information does not include information that: :
a) is or becomes public knowledge other than through the act or omission of the receiving party;
b) was in the lawful possession of the other party prior to disclosure;
c) was lawfully disclosed to the receiving party by a third party who was not subject to any disclosure restriction;
d) has been independently developed by the receiving party, which independent development can be demonstrated by written evidence; or
e) is required to be disclosed by operation of law, by order of any competent court or regulatory authority, or administrative body.
7.4 L1NDA and the Customer will not use or disclose the Confidential Information for any other purpose than necessary for the performance of the Agreement. The Customer shall ensure that only Authorized Users have access to Confidential Information to the extent necessary for their duties and that Authorized Users are contractually bound by confidentiality.
7.5 L1NDA and the Customer shall not be liable for damages or indemnification if they are legally obligated to disclose the Confidential Information and comply with such legal obligation. If a party is legally obligated to disclose any Confidential Information, that party shall not disclose more Confidential Information than necessary to comply with the relevant legal obligation.
7.6 This article shall remain in effect after the termination of the Agreement.
8 INTELLECTUAL PROPERTY
8.1 Intellectual Property Rights are all existing and future, registered and unregistered, intellectual property rights worldwide, including but not limited to: copyrights, patent rights, database rights, trademark rights, design rights, neighboring rights, trade name rights, trade secrets, rights to know-how, licenses, domain names, property rights, and processes.
8.2 L1NDA (or its licensor or supplier, as applicable) is the exclusive owner of all Intellectual Property Rights in and related to the Software (including underlying source and object code) and the (Supporting) Services developed and/or used for the performance of the Agreement. L1NDA is also the exclusive owner of all Intellectual Property Rights in and related to other information and services offered by L1NDA, including, but not limited to: the Website, Documentation, and other files. The Customer obtains the rights of use granted in these Terms and Conditions.
8.3 The Customer may use L1NDA’s trademark, logo and name to promote the Services, provided this does not create confusion about its status as L1NDA’s Customer. L1NDA has the right to give reasonable instructions, which may change from time to time, regarding the proper use of the trademark, logo and name, which the Customer must strictly follow in accordance with the applicable policy at that time. L1NDA is entitled to use the Customer’s trademark, logo or name in external communication.
8.4 The Customer warrants that no third-party rights oppose the provision to L1NDA of equipment, software, material intended for websites, data files, and/or other materials, designs, and/or other works for the purpose of use, maintenance, editing, installation, or integration. The Customer indemnifies L1NDA against any claim by a third party based on the assertion that such provision, use, maintenance, editing, installation, or integration infringes on any rights of that third party.
9 PRIVACY AND DATA PROTECTION
9.1 L1NDA provides its Services in accordance with the relevant privacy legislation, such as the General Data Protection Regulation (GDPR) and national implementations thereof (collectively, the Privacy Legislation).
9.2 In providing the Services, L1NDA processes personal data on behalf of the Customer, which the Customer and/or Authorized Users may upload in the Software. With respect to this personal data, the Customer acts as the Controller and L1NDA acts as the Data Processor within the meaning of the GDPR. The Data Processing Agreement applies to these processing activities, which is attached to these Terms and Conditions as Appendix 1.
9.3 The Customer authorizes L1NDA to use all information obtained through its Services in an anonymized manner for statistical and benchmarking purposes.
10 LIABILITY AND INDEMNIFICATION
10.1 L1NDA is under no circumstances liable for:
a) damage that arises because L1NDA has relied on incorrect or incomplete information provided by the Customer in the performance of the Agreement;
b) any damage caused by the use of the Services by the Customer or Authorized Users;
c) any damage caused by the use of an Integration within the Services;
d) any damage caused by a modification of the Services by anyone other than L1NDA;
e) damages resulting from hacking, sabotage, or other unauthorized access or use of the Software or user accounts due to the negligence of the Customer or Authorized Users;
f) damages in connection with L1NDA’s failure to perform its obligations under these Terms and Conditions if such failure is due to Force Majeure;
g) consequential damage, lost profit, lost savings, reduced goodwill, damage due to business interruption, damage as a result of claims from customers of the Customer, damage related to the use of third-party goods, materials or software prescribed by the Customer to the supplier is excluded;
h) damage related to the destruction or loss of data or documents;
i) any damage or alteration to the Customer’s or Authorized User’s property resulting from the installation or use of the Software; and/or
j) damage caused by improper and unlawful use of the Services by the Customer or Authorized User, for example not following the instructions for use of L1NDA or acting in violation of the Agreement.
10.2 If L1NDA is nevertheless liable for any reason, then the liability is in any event limited to EUR 500 or the total amount of Subscription Fees paid during the twelve (12) months prior to the date on which the claim arose (if such amount exceeds EUR 500).
10.3 If the Customer acts in violation of one of its obligations under the Agreement, the Customer is liable to L1NDA for compensation for the damage suffered or to be suffered by L1NDA.
10.4 Only if the Customer has taken all necessary measures to limit the damage and/or prevent other damage, can the Customer claim compensation under the Agreement. This right lapses if the Customer has not informed L1NDA within 6 months after discovering the damage and has not sent all relevant information in this regard.
10.5 Nothing in these Terms and Conditions shall exclude or limit L1NDA’s liability which cannot be excluded or limited under applicable law. The exclusions and limitations referred to in this Article 10 lapse if and insofar as the damage is the result of intent or willful recklessness on the part of L1NDA.
10.6 To the extent permitted by law, the Customer shall indemnify and hold L1NDA harmless from and against all liabilities, damages, losses and costs (including settlement costs and reasonable attorneys fees) arising from claims by third parties that suffer or are alleged to suffer damage as a result of the performance of the Agreement or the use of the Services by the Customer, unless the cause is attributable to L1NDA or is at the risk of L1NDA. The Customer also indemnifies L1NDA against all third-party claims related to (the content of) the data that the Customer collects, distributes or processes by means of the Software, including all personal data collected and processed within the meaning of the GDPR.
10.7 Regarding claims as described in Article 10.6, L1NDA will:
(a) promptly notify the Customer of any such claim;
(b) at the Customer’s expense, provide reasonable assistance to the Customer in the defense and settlement of any such claim; and
(c) give the Customer full authority to defend or settle the claim.
11 FORCE MAJEURE
11.1 L1NDA is not obligated to fulfill the obligations of the Agreement in the event of Force Majeure, provided that the Customer has been informed of this Force Majeure and its expected duration. In the event of Force Majeure, L1NDA shall not be liable for any damages suffered by the Customer. If a situation of Force Majeure lasts longer than 30 days, the Customer and L1NDA are entitled to terminate the Agreement in accordance with these Terms and Conditions (Article 12).
12 DURATION AND TERMINATION
12.1 The Agreement enters into force on the Effective Date and is entered into for an indefinite period.
12.2 L1NDA will make the purchased Services available within a reasonable period of time after the Effective Date.
12.3 Either party may terminate the Agreement with a notice period of one (1) month, whereby the Agreement continues until the last day of the month in which the notice period expires.
12.4 L1NDA can offer the Customer a free trial period, during which the Customer can try out (part of) the Services (the Trial Period). The duration of the Trial Period and the Services included therein may vary from time to time. These Terms and Conditions apply in full to the Trial Period and L1NDA is entitled to impose additional terms and conditions on the Customer for use of the Services in the Trial Period. During the Trial Period, the Customer and L1NDA can immediately cancel the Services free of charge. Upon cancellation during the Trial Period, Customer will no longer have access to Customer Data created during the Trial Period.
12.5 Either party may terminate the Agreement with immediate effect, without being liable for any damages resulting from the termination, if the other party:
a) has been dissolved or liquidated, or is in the process of being dissolved or liquidated;
b) has been granted a moratorium on payment or has been declared bankrupt;
c) is placed under guardianship or deceases; or
d) is otherwise unable to freely dispose of its assets.
12.6 After termination of the Agreement:
a) the Subscription terminates and L1NDA is entitled, upon written notice to the Customer, to close and delete the Account at any time;
b) Both parties will return the equipment, Documentation and other items (including copies thereof) to each other or, if instructed to do so by L1NDA, destroy them;
c) the Customer shall immediately pay all outstanding invoices; and
d) the Customer remains responsible for the storage and retention of information and personal data processed by the Customer via the Software and Services during the term of the Agreement, in accordance with the (statutory) retention periods applicable to the Customer.
13 AMENDMENT OF TERMS AND CONDITIONS
13.1 L1NDA has the right to unilaterally change these Terms and Conditions. L1NDA will inform the Customer in writing thirty (30) days before the changes take effect. If the Customer continues to use the Services without further notice after this period and after the amendment of the Terms and Conditions, the Customer shall be deemed to have accepted the amended Terms and Conditions.
13.2 If the Customer does not agree to any changes in the Terms and Conditions as referred to in paragraph 1, the Customer has the option to terminate the Agreement within thirty (30) days after the notification, with effect from the date on which the amended Terms and Conditions would become effective.
14 OTHER PROVISIONS
14.1 If L1NDA does not enforce (any parts of) the Agreement, this cannot be regarded as consent or waiver of the right to enforce it at a later date or against another Customer.
14.2 The rights granted under the Agreement are only granted to the Customer and are not deemed to be granted to any subsidiary or holding company of the Customer. The Customer cannot assign and/or transfer its rights and obligations under the Agreement to a third party, unless L1NDA has given its prior written consent.
14.3 L1NDA may outsource, assign, and/or transfer all its rights and obligations (or parts thereof) under the Agreement to a third party, for example, in the event of a merger, acquisition, or sale of assets, pursuant to the law or otherwise.
14.4 The invalidity or unenforceability of any provision of these Terms and Conditions shall not affect the validity or enforceability of any other provision of the Terms and Conditions. The invalid provision is deemed to be replaced by a valid and enforceable provision that most closely reflects the objectives of the parties.
14.5 These Terms and Conditions, including any appendices and the Registration Form, constitute the entire Agreement between the Parties and supersede any prior agreements on this subject.
14.6 Any notice to be given by L1NDA to the Customer under the Agreement will be sent to the Customer’s e-mail address as specified by the Customer on the Registration Form. Notices from Customer to L1NDA must be made in writing using the contact details provided in these Terms and Conditions.
15 APPLICABLE LAW AND COMPETENT COURT
15.1 The Agreement and the Services are governed by and construed in accordance with Dutch law.
15.2 Any disputes arising from or related to the Agreement and/or the Services will be submitted exclusively to the competent court in Amsterdam.
This is a translation of “SaaS voorwaarden L1NDA”. It is provided as a service by L1NDA bv. In case of differences between the Dutch and English text, the “SaaS voorwaarden L1NDA” takes precedence.
L1NDA B.V.
Westermarkt 2
1016 DK Amsterdam
E: info@l1nda.com
T: 020 752 6690
Chamber of Commerce: 57861765
Appendix 1 Data Processing Agreement
1 GDPR ALLOCATION OF RESPONSIBILITIES
1.1 The Customer, as Controller, determines the purpose and means for the processing of Personal Data within the environment of the Software and associated services. The Customer will provide all Personal Data necessary to execute this Data Processing Agreement.
1.2 L1NDA is Data Processorwithin the meaning of the GDPR of the Personal Data it processes on behalf of the Customer. This Data Processing Agreement does not relate to Personal Data for which L1NDA itself acts as a controller.
2 DEFINITIONS
2.1 In this document, the following definitions are capitalized. Other terms that start with a capital letter have the meaning that the GDPR assigns to them or as described in the Terms and Conditions.
A. GDPR | The General Data Protection Regulation (EU Regulation 2016/679) and all related and applicable national implementing legislation.
B. Non-Adequate Country | A country that is not considered to provide an adequate level of protection for Personal Data within the meaning of Article 45 of the GDPR.
C. Personal Data | Any information relating to an identified or identifiable natural person that is processed by Data Processor on behalf of Controller under the Agreement.
D. Data Breach | An incident related to Personal Data as described in Article 4 (12) of the GDPR.
E. Sub-Processor | Any third party engaged by Data Processor to carry out (part of) the Processing of Personal Data for Controller.
3 DESCRIPTION OF THE SERVICES
3.1 The specifications of the processing of Personal Data, including the categories of Personal Data and Data Subjects, are included in Table 1.
3.2 The duration of this Data Processing Agreement is equal to that of the Agreement. Irrespective of the duration of this Data Processing Agreement, Data Processor is obliged to comply with the provisions herein as long as Personal Data is processed by Data Processor on behalf of Controller.
4 INSTRUCTIONS
4.1 Data Processor will only process the Personal Data (i) on behalf of Controller, (ii) in accordance with its written instructions, and (iii) for the purposes authorized under the Agreement, this Data Processing Agreement, or other instructions from Controller. Data Processor will hereby comply with the GDPR.
4.2 Data Processor will only further process the Personal Data if this is required under applicable EU legislation or legislation of an EU Member State. In that case, Data Processor will inform Controller of this prior to the processing, unless that law prohibits such information on compelling grounds of public interest.
4.3 Data Processor will immediately inform Controller if Data Processor is of the opinion that an instruction from Controller is in conflict with the GDPR, or if Data Processor can no longer comply with this Data Processing Agreement or the GDPR.
5 SECURITY AND CONFIDENTIALITY
5.1 Data Processor will take the technical and organizational measures to prevent accidental or unlawful destruction, loss, alteration, or authorized disclosure of or access to Personal Data as included in Table 2. Controller agrees that these measures, taking into account the nature, scope, context, and processing purposes of the processing of Personal Data by Data Processor, provide appropriate security within the meaning of Article 32 GDPR.
5.2 Data Processor will treat the Personal Data as confidential. Data Processor will ensure that access to the Personal Data is limited to those employees who require access for the performance of the processing carried out by Data Processor carries under the obligations in this Data Processing Agreement and the Agreement.
6 SUB-PROCESSORS
6.1 Data Processor may engage Sub-Processors in the processing of Personal Data. These Sub-Processors will only process the Personal Data according to the written instructions of Data Processor and not for their own purposes. Processor ensures that each Sub-Processor is contractually bound by the same data protection obligations as in this Data Processing Agreement. The Sub-Processors engaged, for which Controller hereby grants general written consent, are listed in Table 3.
6.2 Data Processor will inform Controller in advance of any intended change or addition of Sub-Processors, offering Controller the opportunity to object to such changes within a reasonable period of time.
6.3 Data Processor remains fully liable to Controller for compliance with the Data Processing Agreement by each Sub-Processor.
7 SUPPORT TO CONTROLLER
7.1 Data Processor will respond promptly and adequately to reasonable requests from Controller for cooperation and assistance in the event that Data Subjects wish to exercise their right of access, rectification, erasure, restriction, or data portability.
7.2 Data Processor will cooperate with and provide assistance to Controller if Controller reasonably requests it in relation to its obligations regarding data protection impact assessments and prior consultation under the GDPR.
8 DATA BREACHES
8.1 Data Processor will inform Controller without undue delay when it becomes aware of a Data Breach that affects the processing of the Personal Data, by contacting Controller via the e-mail address known to Data Processor.
8.2 If Controller becomes aware of a Data Breach that relates to the Services of Data Processor, it will inform Data Processor without unreasonable delay by contacting via the e-mail address known to Data Processor.
8.3 In the event of a Data Breach, Data Processor will immediately take appropriate remedial measures. Additionally, Data Processor will immediately provide all information and assistance that Controller reasonably requests with regard to the Data Breach.
9 RETURN AND DESTRUCTION OF PERSONAL DATA
9.1 Upon termination of the Agreement, Data Processor will retain the Personal Data for a period of up to 90 days as standard, allowing Controller to move the Personal Data to another location. When this period has expired, Data Processor will immediately and permanently delete the Personal Data and all copies thereof, unless applicable law prescribes otherwise.
10 AUDITS EN CONTROLES
10.1 Data Processor will make all information available to Controller that is necessary to demonstrate compliance with its obligations under this Data Processing Agreement.
10.2 Data Processor will cooperate with independent external audits and inspections at the request of Controller to demonstrate compliance with this Data Processing Agreement.
10.3 Audits and inspections as described in this Article 10 will take place no more than once a year and will be announced at least 30 working days in advance. Parties will jointly determine the scope of the audit. The costs for the audit shall be borne by the party requesting the audit.
11 INTERNATIONAL TRANSFER
11.1 Data Processor will only transfer Personal Data to countries and/or parties that offer an adequate level of protection in accordance with European standards. The transfer of data outside the EU will take place as much as possible in accordance with the relevant legislation (Chapter 5 of the GDPR). The written permission for engaging Sub-Processors as described in Article 6 of this Data Processing Agreement also applies to any Sub-Processors outside the EU.
12 LIABILITY
12.1 With regard to the processing of Personal Data under this Data Processing Agreement, Data Processor is only liable for damage caused by (1) non-compliance with the legal obligations in the GDPR that directly apply to Processors, or (2) non-compliance with the agreements as laid down in this Data Processing Agreement. Data Processor is not liable for damage that has arisen from following instructions from the Controller that are unlawful or in violation of the GDPR.
12.2 If Data Processor is liable under Article 12.1, the total liability is limited to the total amount of Subscription Fees paid during the twelve (12) months prior to the date on which the claim arose.
13 OTHER
13.1 In the event of any conflict between any provision of this Data Processing Agreement and the Agreement, the provision of this Data Processing Agreement shall prevail.
13.2 This Data Processing Agreement represents the entire agreement of the Parties regarding its subject matter. This Data Processing Agreement supersedes any prior agreements or arrangements between the Parties regarding this subject matter, whether written or verbal, including correspondence. These Processing Conditions can only be amended by a written agreement signed by both Parties.
TABLE 1: Specifications processing Personal Data
| Categories Data Subjects | The persons to whom the Personal Data may relate are: – Employees of Controller |
| Categories Personal Data | The Personal Data that can be processed by Data Processor are: – Name, address, and place of residence – Contact details (e-mail address and telephone number) – Date of birth – Gender – Citizen service number (BSN) – Profession/position – Derived financial data (income category, bank details) |
| Nature of the processing | The nature of the processing of Personal Data includes: – Collecting – Storing – Structuring – Transferring and making available – Combining – Deleting |
TABLE 2: Security measures
Data Processor will in any case take the following security measures. The security measures are supplemented or amended if necessary:
| General security measures | – Encryption of digital files with Personal Data. – Security of network connections via Secure Socket Layer (SSL) technology. |
| Measures to ensure that only authorized personnel have access to the Personal Data | – Authorization: only authorized personnel have access to the Personal Data. Data Processor strives to use Multi-Factor Authentication as much as possible. – Logging: in accordance with the ISO 27001 guideline. |
| Measures to protect the Personal Data against loss or alteration and against unauthorized or unlawful processing, access, or disclosure | Security systems for storage: – Encrypted storage (“encryption at rest”). – Firewall, direct access only for: o Production application servers. |
| Measures for detecting vulnerabilities and incident management | – Written security & privacy incident protocol. – Regular internal security tests. |
TABLE 3: Sub-Processors
| Name Sub 13.4 Processor | Description 13.5 | Location of the processing | Guarantees for Non-Adequate Countries |
| Amazon Web 13.8 Services (AWS), Inc. | Hosting services 13.9 | Stockholm (Sweden), Frankfurt (Germany)) | N/A |
| Atlassian Inc. | Support platform for engineering | EU | N/A |
This is a translation of “Bijlage 1 – verwerkersovereenkomst”. It is provided as a service by L1NDA bv. In case of differences between the Dutch and English text, the “Bijlage 1 – verwerkersovereenkomst” takes precedence.
