Terms and conditions

§1 INTRODUCTORY PROVISIONS

  1. These Terms and Conditions define the rules for using the Groomoteka Service.

  2. The Service Provider makes the Terms and Conditions available free of charge before concluding the Agreement in a manner that enables Users to obtain, reproduce and record their content by printing or saving on a medium at any time. These Terms and Conditions are continuously available on the website www.groomoteka.pl.

  3. Failure to accept the Terms and Conditions prevents the creation of an Account.

    The technical condition for using the Groomoteka application is to have a Device with access to the Internet.

§2 DEFINITIONS

Regulations – means these regulations for using the Groomoteka Service.

Service Provider – means a company under the name of Kodelika spółka z ograniczoną odpowiedzialnością with its registered office in Gołdap, ul. Jaworowa 1, under KRS number: 0000798304, NIP: 8471623905, REGON: 384113169.

ServiceGroomoteka web application owned by the Service Provider. The Service is used to improve the work of the grooming salon and to manage the customer and animal database.

Service Recipient – ​​a legal person, an organizational unit without legal personality, as well as a natural person conducting business activity, using the services provided by the Service Provider.

Account – a set of resources in which data entered by the User or Service Recipient and information about their activities within the Service are collected and processed, which the Service Recipient manages independently.

Service – provision by the Service Provider of an Account on the Groomoteka service to the Customer.

Personal Data – personal data within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC, and in particular the data of the Service Recipient’s customers, entrusted to the Service Provider by the Service Recipient.

Employee – a natural person who has access to the Customer Account and the number of authorizations specified by the Customer.

Subscription Period / Subscription – the time during which the Service Recipient has access to the Service.

Subscription Fee – the amount of the obligation to the Service Provider for access to the Service. Details regarding the Subscription Fee are included in the price list available on the website www.groomoteka.pl.

§3 AGREEMENT

  1. The Agreement is concluded for an indefinite period
  2. The Service Recipient has the right to terminate the Agreement at any time with a notice period of 1 (one) month, effective on the last day of the calendar month. The notice of termination must be submitted in writing to the Service Provider’s address or e-mail address [email protected]. Notice of termination submitted via e-mail is considered effective after confirmation of receipt of the e-mail. In order to be effective, the notice of termination should enable the Service Provider to identify the Service Recipient. Termination of the Agreement does not exclude the Service Recipient’s obligations under the Agreement, including the payment of Subscription Fees.
  3. The Service Provider may terminate the Agreement with immediate effect in the following cases:
    1. delay in payment of Subscription Fees of at least 30 days,
    2. other material breach by the Service Recipient of the provisions of the agreement, the Regulations, promotion regulations or packages,
    3. if it is found that the Service Recipient provides their services in a manner inconsistent with the law, in particular in a situation where such services are illegal or are provided without the permits, notifications or registrations required by law,
    4. when the declared or actual subject of the Service Recipient’s services may lead to the Service Provider violating the law or harm the Service Provider’s reputation.
  4. In the event of termination of the Agreement by the Service Recipient, the Agreement shall be terminated on the last day of the billing period, provided that the Service Recipient has submitted the notice of termination no later than 5 days before the end of the billing period.

§4 RIGHTS AND OBLIGATIONS OF THE SERVICE RECIPIENT

  1. The Service Recipient is obliged to:
    1. comply with applicable legal regulations and the provisions of these Regulations;
    2. not violate the rights or personal rights of third parties;
    3. not make the login and password to the Client’s or Employee’s account in the Groomoteka System available to third parties in any way.
    4. not duplicate any elements of the Groomoteka System;
    5. use the Groomoteka System solely for the purposes of the grooming business;
    6. not undertake, for a period of one year from obtaining access to the Groomoteka System, any activity competitive to the Service Provider based on software operating on principles similar to the System;
    7. remedy any damage incurred by the Service Provider resulting from the breach of the Client’s obligations.
    8. the client may not use tools or take actions that violate the security and stability of the service,
  2. The Client is solely responsible for the content of the data entered by them, and in the event of damage incurred by the Service Provider in connection with the content of the data entered by the Client, they are obliged to repair it.
  3. Creating an Account on the Website by the Service Recipient is tantamount to:
    1. acknowledging and accepting the provisions of the Regulations, the Personal Data Processing Agreement and the regulations of selected packages or promotions;
    2. declaring that the data provided in the Account creation form is current and true;
    3. authorizing the Service Provider to process the Service Recipient’s personal data saved on the Service Recipient’s Account in order to provide Services within the Website and for diagnostic and statistical purposes.
  4. All data and information are provided by the Service Recipient voluntarily.
  5. The Service Recipient undertakes that:
    1. by entering data into the Application, Account or Profile, they will be authorized to do so and their actions will not violate the rights of third parties;
    2. all information and data provided by them in the Application will be true.
  6. Creating a joint Account for multiple Service Recipients is prohibited.
    In addition, the Service Recipient undertakes to:
  7. enable the Service Provider to
    1. verify the content placed on the Website and Accounts in terms of their authenticity and compliance with the Regulations, in particular by providing a current telephone number and providing additional explanations
    2. not to use any content owned by the Service Provider for purposes other than the proper use of the Website;
    3. not to place on the Website, Account or content (information, photos, etc.) that violates the law, content of a pornographic nature, contrary to good customs or violates the rights of third parties (including personal rights), the principles of fair competition or the provisions of the Regulations;
    4. not to copy, modify, distribute or reproduce all or part of the Website;
    5. not to advertise products whose advertising is prohibited or subject to restrictions in accordance with applicable law, and not to advertise products whose trade is prohibited in accordance with applicable regulations – in particular, advertising of alcohol, tobacco products, medicinal products, narcotic drugs, etc. is prohibited on the Website;
    6. immediately inform the Service Provider of any unlawful use of his Account by third parties;
    7. immediately inform the Service Provider if third parties pursue their claims in connection with the infringement of the law by the Service Recipient using the Service.

§5 RIGHTS AND OBLIGATIONS OF THE SERVICE PROVIDER

  1. The Service Provider is obliged to make reasonable efforts to ensure that the Service Recipient who has access to the System has uninterrupted use of the System. The Service Provider is responsible for its own actions and omissions to the extent defined in these regulations.
  2. The Service Provider is obliged to safely store the data entrusted to it in the System and keep it confidential. The Service Provider will make every effort to ensure that the transmission of data via the Internet as part of using the System is safe, i.e. that the information sent is sent with the confidentiality, completeness and integrity of the data sent.
  3. The Service Provider reserves the right to temporarily block the Customer’s access to the System during the Subscription Period, until the matter is clarified, if it has a reasonable doubt that the Customer used the System in violation of the provisions of the Regulations, and in particular in the absence of the Subscription Fee.
  4. The Service Provider may permanently deprive the Customer of the right to use the Service if the Customer:
    1. provided during Registration on the Service data that is untrue, inaccurate or outdated, misleading or infringes the rights of third parties;
    2. has violated personal rights through the Service;
    3. has committed other behaviors that the Service Provider considers reprehensible, inconsistent with applicable legal regulations or general principles of using the Internet, contrary to the purposes of creating the Service or detrimental to the good name of the Service Provider.
  5. A person who has been deprived of the right to use the Service may not re-purchase access to the System without the prior consent of the Service Provider.
  6. The Service Provider is entitled to a temporary interruption in the operation of the Service and the Services provided by it for technical reasons. The Service Provider will exercise the utmost diligence to ensure that technical interruptions last as short as possible.In the event of an interruption in access to the System lasting more than one day, the Customer has the right to extend the validity of the Subscription Period during which the technical interruption occurred, by as many days as the technical interruption lasted. Extension of the Subscription Period is the only compensation to which the Customer is entitled for lack of access to the Service.
  7. The Service Provider shall not be liable to Customers for failure to perform or improper performance of Services for reasons not attributable to it, including for reasons attributable to third parties (including telecommunications network operators), or caused by force majeure, as well as for circumstances referred to in art. 12-14 of the Act of 18 July 2002 on the provision of services by electronic means (Journal of Laws 2017, item 1219, as amended), problems or technical difficulties on the part of the Service Recipient related to the operation of computer or telecommunications equipment that hinder or prevent the use of the Service or the services offered through it, authenticity, reliability, damages incurred by Service Recipients in connection with blocking or deleting an Account from the Service.
  8. The Service Provider has the right to temporarily discontinue the provision of Services in the event of a failure, inspection or modernization of the Service Provider’s IT system. In the event of a complete shutdown of the Service, an appropriate message will be published on the website www.groomoteka.pl.
  9. In the event of termination of the Agreement by the Service Provider, the Service Recipient’s Account and all related data and information will be permanently blocked. In the event of termination of the Agreement by the Service Provider and permanent blocking of the Account, the Service Recipient shall not be entitled to any claims against the Service Provider in connection therewith. At the request of the Service Recipient, the Service Provider shall provide the Service Recipient with data and information stored by the Service Recipient on the Service within 3 months of termination of the Agreement. After this period, this data will be deleted. Regardless of other provisions of the Agreement, any liability of the Service Provider towards the Client for the provision of the Service access service and other services covered by these Regulations is limited to the Client’s actual damages and may not exceed an amount equal to the fees paid by the Client to the Service Provider for using access to the Service in the last 12 months preceding the event causing the damage.

§6 FEES

  1. For using the Services of the Service, the Service Recipient is obliged to pay the Service Provider Subscription Fees in the amount specified in the Agreement or other applicable documents (e.g. regulations or price lists of promotions or packages). Payment of the Fees will be made to the Service Provider’s bank account indicated on the VAT invoice issued by the Service Provider or by automatic collection of Fees from a payment card.

  2. The Service Recipient declares that by accepting the Regulations, they allow the use of electronic invoices issued by the Service Provider in accordance with applicable legal regulations, including sending them in electronic form to the Service Recipient’s e-mail address indicated in the Agreement. The Service Provider undertakes to send invoices electronically in PDF format in a manner that ensures the authenticity of the origin, integrity of the content and legibility of the invoices issued from the moment of issue until the expiry of the limitation period for the tax liability, in accordance with the requirements specified in art. 106m of the Act on Goods and Services Tax of 11 March 2004 during the period of validity of the permit referred to above. Duplicates and corrections of invoices for electronic invoices will be issued and sent electronically (e-mail) in PDF format. Electronic invoices are deemed to have been delivered when they are entered into the means of electronic communication in such a way that the Service Recipient can become familiar with its content, i.e. each time the Service Provider receives an automatic confirmation of delivery of the message. The Service Provider undertakes not to block the function of sending automatic confirmations of delivery of the message. In the event of the Service Recipient withdrawing the permission referred to above, the Service Provider loses the right to use electronic invoices the next business day after the day on which it received the Service Recipient’s notification of the withdrawal of the permission. In the event of the withdrawal of the permission referred to above, the Service Provider will send invoices by traditional mail to the Service Recipient’s address for a fee of PLN 50 net per month.

  3. Failure to pay the Subscription Fee or part thereof within 7 days of the Service Provider issuing the invoice will result in the suspension of the Services within the Service and the blocking of the Service Recipient’s Account. Resumption of services and unblocking of the account will take place within 12 hours on the next business day (Monday-Friday, 9:00-17:00, excluding public holidays) after sending proof of payment of the entire amount due along with statutory interest by e-mail.

  4. In the event that the Subscription Fee cannot be charged from the payment card, unblocking occurs when the Service User tops up the funds on the card and renews the payment. Alternatively, the Service User may contact the Service Provider and ask for the Subscription Fee to be charged again. The account will be unblocked immediately after the Subscription Fee has been paid.

§7 COMPLAINTS

  1. The User may file complaints regarding the Services provided within the Service, and in particular their non-performance or improper performance.

  2. Complaints may be filed electronically to the following e-mail address: [email protected]. The electronic form of filing a complaint is considered effective after confirmation of its receipt by the Service Provider.

  3. The complaint should contain data consistent with the information provided in the Service about the Service Recipient (in particular: company name / name and surname, address, e-mail address), and a description of the event that caused the complaint.

  4. Complaints will be considered within 30 days of their receipt. In complicated cases or when the complaint cannot be considered within the above period for reasons beyond the control of the Service Provider, the Service Provider reserves the right to extend the deadline for the complaint to be considered.

  5. The Service Provider reserves the right to request the complainant to provide information or explanations in a situation where the complaint requires it. The explanations or information should be provided by the Service Recipient within 7 days. In the event of failure to meet this deadline, the Service Provider is entitled to leave the complaint unprocessed.

  6. The Service Provider’s decision regarding the complaint will be sent to the email address provided in the Service Recipient’s Account.

§8 PERSONAL DATA

  1. The Service Provider processes the Personal Data provided to it by the Service Recipient, to the extent necessary for the organization and functioning of the Service, to which the Service Recipient, by accepting these Terms and Conditions, expresses his consent.

  2. Personal data may be made available to public authorities authorized to access data under applicable law.

  3. The Service Recipient declares that he is the exclusive administrator of the Personal Data collected and processed by the Client using the Groomoteka System and processes it in accordance with applicable law.

  4. The Client agrees to sub-entrust the processing of the personal data set to the Service Provider in order to perform the service. The Service Provider’s employees will have access to the sub-entrusted personal data.

§9 TECHNICAL REQUIREMENTS

  1. In order to use the Service, it is necessary to have devices that allow access to the Internet, e-mail and a web browser. Using the Service on a mobile device requires having a functional mobile device. The Service Recipient, on their own and at their own risk, should ensure that the technical requirements of the mobile device are met, its configuration, software is up to date and that the Internet is accessible.

  2. Requirements that must be met by mobile devices: Android operating system no older than 4.00 or iOS (Apple) operating system no older than 8.0.

  3. Requirements that must be met by computers (laptops, PCs): the ability to run the Chrome web browser, in the latest available version, and access to the Internet.

  4. Groomoteka uses cookies, which enable the collection of information related to the use of the Service. Cookies are text files that are saved on the hard drive of computers of people visiting the Service, in order to save information and data regarding the use of the Service. Failure to enable cookies may cause irregularities or difficulties in the functioning of the Service.

§10 FINAL PROVISIONS

  1. The Regulations enter into force on 5 October 2020.

  2. The Service Provider reserves the right to unilaterally change the provisions of the Regulations. In such a case, the Service Recipient has the right to terminate the Agreement immediately, provided that an appropriate declaration is submitted within 7 days of informing the Service Recipient of the changes made.

  3. All changes to these Regulations enter into force upon their publication on the Service Provider’s website.

  4. Any disputes arising from the application of the provisions of these Regulations will be considered by the court with jurisdiction over the registered office of the Service Provider.

  5. For the avoidance of doubt, the Service Provider and the Service Recipient unanimously declare that all amounts referred to in the Regulations are net amounts, to which VAT will be added, if so required by applicable law.

  6. The Service Provider reserves the right to change the Regulations. The new wording of the Regulations shall be effective from the date of its publication on the website www.groomoteka.pl.

  7. The Service Provider has the right to send to the Service Recipient’s e-mail address indicated on their Account any reminders, demands for payment or notifications regarding the Service Recipient’s arrears with Fees to the Service Provider.

  8. If any provision of the Regulations proves to be invalid or ineffective, this will not in any case result in the invalidity of the Regulations. In such a situation, the Service Provider and the Service Recipient will make every effort to replace the provision considered invalid or ineffective with a valid and effective provision, as close as possible to the original intention of the Service Provider and the Service Recipient.

  9. The Parties undertake to keep the terms of this Agreement confidential. The obligation to maintain confidentiality does not apply in the event of the obligation to disclose the provisions of the Agreement at the request of law enforcement agencies, judicial authorities or tax authorities, as well as in the event that the obligation to inform about the Agreement results from applicable legal regulations.

Appendix No. 1 to the Groomoteka Service Regulations

Agreement on further entrustment of personal data processing

concluded in Gołdap on ………………… between:

Kodelika Sp. z.o.o. with its registered office in Gołdap (19-500) at ul. Jaworowa 1, NIP 8471623905, REGON 384113169, represented by the President of the company: Radosław Sakowicz, and Member of the management board: Michał Wazgird,

hereinafter referred to as the Processor, and

…………………………………………………………………………………………………………………… .

represented by:

………………………………………………………..

hereinafter referred to as the Entrusting Party

of the following content:

Preamble

  1. considering that the Parties are bound by the agreement no.: ……………………. of ………………………. (hereinafter referred to as the Separate Agreement) in connection with which the Entrusting Party entrusts the Processor with the processing of personal data, within the scope and for the purpose specified in this agreement;

  2. the controller of personal data covered by the Agreement (hereinafter referred to as the Controller) are the entities referred to in §2 section 4;

  3. from 25 May 2018, the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) hereinafter referred to as the GDPR, which comprehensively regulates the protection of personal data of natural persons, shall apply;

  4. on 25 May 2018, the Act of 10 May 2018 on the protection of personal data (the Act) entered into force;

    The Entrusting Party and the Processor are hereinafter jointly referred to as the Parties, and each of them individually as the Party.

    Taking the above into account, the Parties, in order to regulate the principles of personal data processing in accordance with applicable legal regulations, conclude an agreement of the following content (hereinafter the Agreement):

§ 1 Entrustment of personal data processing

  1. The Entrusting Party, acting under Article 28, paragraph 3 of the GDPR, entrusts the Processor with further processing of personal data – within the scope and purpose specified in § 2 of the Agreement and under the terms and conditions specified in the Agreement.

  2. The Entrusting Party declares that it has the authorization to process personal data referred to in this Agreement and to further entrust the processing of personal data within the scope specified in the Agreement.

  3. The Processor guarantees the implementation of appropriate technical and organizational measures ensuring the processing of data in accordance with the requirements of the GDPR, the Act and other regulations governing the protection of personal data and in a manner that protects the rights of data subjects. In the event of the need to amend or supplement the Agreement in connection with the validity of the GDPR, the Act or other generally applicable provisions governing the protection of personal data, the Parties undertake to make the necessary amendments or supplements to the Agreement.

  4. The Parties undertake to cooperate with each other in the implementation of the Agreement as well as to cooperate with the supervisory authority in connection with the performance of its tasks. The Parties are obliged to ensure cooperation with the supervisory authority also through their representatives.

  5. At the request of the Entrusting Party, the Entrusting Party will indicate to the Processor the appropriate Personal Data Controller.

§ 2 Purpose and scope of data processing

  1. The processing of entrusted personal data by the Processor will be carried out solely for the purpose of implementing the Separate Agreement and solely to the extent necessary for the implementation of the Separate Agreement.
  2. The scope of entrusted personal data includes the following categories of personal data:
    1. name and surname,
    2. address of residence,
    3. e-mail address,
    4. telephone number,
    5. date of birth,
    6. history of visits
    7. list of animals
  3. The scope of processing activities of entrusted personal data includes the following operations: recording, storing, developing, sharing, deleting, making changes to personal data.
  4. The processing of entrusted personal data will concern the following categories of persons in particular:
    1. Persons using the services of the Entrusting Party.
    2. Employees of the Entrusting Party.

§ 3 Further entrustment of personal data for processing

  1. The Entrusting Party agrees to further entrust the processing of personal data (sub-entrustment of personal data processing) to third parties by the Processor solely for the purpose of implementing the Separate Agreement.
  2. The Processor is authorized to further entrust the processing of personal data to third parties only if the following conditions are met:
    1. only in the scope of personal data, the entrustment of which is necessary for the implementation of the Separate Agreement;
    2. the third party meets all the requirements specified in the Agreement and the legal provisions regarding the protection of personal data;
    3. the agreement with the third party will include provisions guaranteeing the protection of personal data on conditions no worse than those specified in the Agreement and the possibility of exercising the rights resulting from the Agreement and generally applicable legal provisions by the Entrusting Party and the Administrator.
  3. The Processor is obliged to exercise special care when selecting entities to which it sub-entrusts the processing of personal data.
  4. The Processor is liable for the actions or omissions of third parties to whom it sub-entrusts the processing of personal data as for its own actions.

§ 4 Obligations of the Processor

  1. The Processor undertakes to ensure the security of processing of personal data to which it has obtained access in connection with the performance of the Separate Agreement in accordance with the generally applicable provisions on the protection of personal data and applicable good practices in this area.
  2. The Processor undertakes in particular to:
    1. process the entrusted personal data only on the basis of the Agreement;
    2. process the entrusted personal data in accordance with the GDPR, Polish regulations adopted to enable the application of the GDPR, other applicable legal provisions and this Agreement;
    3. implement appropriate technical and organizational measures in accordance with the level of risks related to the processed personal data, in accordance with Article 32 of the GDPR;
    4. ensure control over the correctness of data processing;
    5. ensure that persons authorized to process the entrusted personal data maintain confidentiality even after the termination of the Agreement;
    6. observe the conditions for sub-entrusting the processing of personal data to a third party specified in the Agreement;
    7. cooperate with the Administrator and the Entrusting Party to the full extent in order to enable the performance of the Entrusting Party’s obligations specified in the law on the protection of personal data (in particular Articles 32-36 of the GDPR);
    8. cooperation with the Administrator and the Entrusting Party in fulfilling the obligation to respond to the requests of the data subject, in accordance with the GDPR;
    9. cooperation with the Administrator and the Entrusting Party to the full extent, in particular in the scope of access to the information and documentation of the Processor concerning the entrusted personal data,
    10. storing personal data only for as long as specified by the Entrusting Party or the Administrator and, without undue delay, updating, correcting, changing, anonymizing, limiting the processing or deleting the indicated personal data in accordance with the guidelines of the Administrator or the Entrusting Party (if such action could result in the impossibility of further processing activities, the Processor will inform the Administrator and the Entrusting Party before taking it and then will comply with the instructions of the Administrator or the Entrusting Party).
    11. processing the entrusted personal data only within the EEA,
    12. maintaining a register of categories of processing activities.
  3. The Processor undertakes to immediately, no later than within 12 hours from the moment of notifying the event, notify the Administrator and the Entrusting Party of:
    1. any cases of breach or suspected breach of security of personal data entrusted for processing, in particular its scale, nature, remedial actions taken, the identity of data subjects affected by the breach and the risk that the breach may cause for data subjects, together with all necessary documentation;
    2. any activities with its own participation in matters concerning the protection of personal data entrusted for processing under the Agreement conducted in particular before public administration bodies, courts or supervisory bodies, in particular any proceedings, any administrative decision or ruling regarding data processing addressed to the Processor, any checks and inspections regarding the processing of personal data by the Processor, unless the prohibition of notification results from the provisions of law;
    3. any legally authorized request to provide personal data processed under the Agreement to the competent public administration body, unless the prohibition of notification results from the provisions of law;
    4. any request received from a person whose personal data are processed under the Agreement.

§ 5 Persons processing personal data

  1. The Processor ensures that only duly authorized persons who are its employees or collaborators, performing tasks related to the performance of the Separate Agreement, are allowed to process the entrusted personal data on the Processor’s side, are obliged to maintain confidentiality (also after the termination of employment or cooperation) and have a personal, current authorization to process personal data and appropriate knowledge in the field of personal data protection.

  2. The Processor maintains a full register of employees and collaborators authorized to process personal data in connection with the performance of the Separate Agreement and will provide access to this register at any request of the Entrusting Party. In the event of any granting, withdrawal, or changes in the scope of authorization, the Processor will notify the Entrusting Party of this fact no later than within 2 business days of such change.

§ 6 Control over personal data processing

  1. The Entrusting Party and the Administrator, in accordance with the GDPR, have the right to audit the processing of personal data entrusted by the Entrusting Party.

  2. Notification of the intention to conduct an audit should be provided at least 3 calendar days before the start of the audit, and in the event that the Entrusting Party or the Administrator receives information about a gross breach of obligations by the Processor, the Entrusting Party will allow the Entrusting Party to conduct an unannounced audit.

  3. As part of the audit, the Processor cooperates with the Entrusting Party or the Administrator and allows access to its premises, employees and collaborators and devices, to the extent justified by the performance of audit activities, provides all information and makes available all documents regarding the processing of personal data entrusted under the Agreement necessary to demonstrate the lawful processing of such data.

  4. The audit ends with a report signed by the representatives of the parties. The Processor may submit objections to the report within 2 business days of its receipt.

  5. The Processor is obliged to immediately remove any identified deficiencies.

§ 7 Responsibility of the Processor

  1. The Processor shall be liable for failure to comply with the provisions of the GDPR and other provisions on the protection of personal data and for failure to perform or improper performance of the Agreement, in particular for providing or using personal data contrary to the Agreement.

  2. In the event of a breach of the provisions of the GDPR, the Act or the Agreement for reasons attributable to the Processor, as a result of which the Entrusting Party is obliged to pay compensation or is punished with a financial penalty, the Processor is obliged to reimburse the Entrusting Party for the financial losses incurred in this respect. The above does not exclude the right to claim compensation on general terms.

  3. In the event that any person whose personal data has been entrusted for processing in connection with this Agreement makes any claims against the Entrusting Party related to the performance of the Agreement, the Entrusting Party shall notify the Processor of the claims, who undertakes to take all actions aimed at resolving the dispute and satisfying the claim, including bearing all costs related thereto. In particular, the Processor will join the ongoing proceedings as a defendant, and if this is not possible, it will file an intervening party on the defendant’s side and cover all costs in this respect and damages related to the third party’s claim. The above does not exclude the right to claim damages on general terms.

§ 8 Obligations of the Entrusting Party

  1. The Entrusting Party ensures that it is authorized to process the personal data that it entrusts to the Processor for processing and to entrust this data for processing.

  2. The Entrusting Party ensures that the Entrusting Party processes the personal data entrusted by it to the Processor in accordance with the law, reliably and in a transparent manner for the data subjects and in a manner consistent with the legally justified purposes for which the personal data is processed.

  3. The Entrusting Party ensures that the personal data entrusted for processing under the Agreement is processed in a manner that ensures their appropriate security, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, using appropriate technical or organizational measures (“integrity and confidentiality”).

  4. At the request of the Processor, the Entrusting Party will provide all documentation necessary for the personal data processing processes under the Agreement.

§ 9 Confidentiality

  1. The Processor undertakes not to disclose to third parties any information obtained from the Entrusting Party in connection with the performance of this Agreement, without the written consent of the Entrusting Party, unless the obligation to disclose the information results from applicable regulations.

§ 10 Term of the Agreement, Termination of the Agreement

  1. The Agreement is concluded for a fixed term, i.e. for the time the Processor performs the obligations under the Separate Agreement.
  2. The Entrusting Party has the right to terminate this Agreement with immediate effect if the Processor:
    1. has used personal data in a manner inconsistent with this Agreement,
    2. has not ceased processing personal data in a manner that violates the provisions on the protection of personal data or the Agreement,
    3. has not notified of a breach of personal data security.

§ 11 Termination of the Agreement

  1. The Processor is obliged from the date of expiration, termination or termination of the Separate Agreement to cease processing the entrusted personal data.

§ 12 Final provisions

  1. In the event of a conflict between the provisions of the Separate Agreement, the provisions of the Agreement shall prevail.

  2. In matters not regulated by this Agreement, the applicable provisions of law shall apply, in particular those concerning the protection of personal data, including the GDPR, the Act and the Civil Code.

  3. The court with jurisdiction to resolve disputes arising in connection with this Agreement shall be the court with jurisdiction over the seat of the Processor.