MapUs Privacy Policy & Terms and Conditions
On this page, you can read our Privacy and Cookie Policy for mapus.io as well as the terms and conditions for being a trial user and subscriber of the MapUs software.
On this page, you can read our Privacy and Cookie Policy for mapus.io as well as the terms and conditions for being a trial user and subscriber of the MapUs software.
The Website is managed, published and data processed by:
Center for Digital Dannelse
Company no. (CVR): 39607581
Vesterbrogade 14A, 2nd. floor
1620 Copenhagen
digitaldannelse.org
dd@digitaldannelse.org
+45 71 74 38 76
Service description
MapUs is a SaaS platform used to map digital competence in organizations. By surveying users, analyzing the data and visualizing it in interactive reports, MapUs is intended to be a guiding tool to help it’s users understand and unlock their digital potential.
A 14-day free trial to MapUs gives the customer access to MapUs platform for 14 days. They’ll get access to the original MapUs framework, The Digital Competence Wheel with superuser access with admin access to group and reporting features. To gain access to survey builder features, they must purchase a subscription.
After the 14 days, the customer can either choose to purchase a subscription or yield their right of use.
Definitions
“Services”: The web-based Software-as-a-Service developed and sold by Supplier. The Services are offered to Customers who themselves or on behalf of one or more institutions, e.g. companies or schools, have signed up to a 14-day free trial for access to the Services
“End Users”: The Customer’s end user making use of the Services.
“Authorized User”: A physical person in- or outside Customer’s organization, that Customer has authorized.
“Confidential Information”: includes but is not limited to trade-secrets, know-how, and any other information that a reasonable person would deem confidential.
Agreement
This Agreement shall apply to all Customer’s use of the Services.
The Services are provided as a free trial and nothing in this Agreement will be interpreted or construed as a sale or purchase of software.
The Parties are independent contractors. This Agreement does not create a partnership, franchise, joint-venture or other relationship not explicitly stated in this Agreement.
Use right
Subject to the terms and conditions in this Agreement, Supplier hereby grants to Customer a non-exclusive, non-transferrable, non-assignable, time-limited and worldwide right to access and use the Services as intended by Supplier.
This use right is only applied to Authorized Users and End-Users enrolled in Customer’s trial, and only for purposes within Customers internal business operations, i.e. not for the benefit of any other person or entity.
Intended Use
Customer is solely responsible for ensuring that Customer’s Authorized Users and End Users only use the Services for the intended purpose, cf. the Service Description.
Restrictions on Use
Customer, Authorized Users and End Users may not reverse engineer, disassemble, decompile or in any way work around any technical limitations. Unless otherwise agreed, Customer may not rent, lease, lend, resell or in any way grant access to the Service to third parties except as expressly permitted in these terms and conditions.
Customer, Authorized Users and End Users may not modify or create any derivative product(s) or services based on the Service and may not combine or integrate the Services with any hardware, software or other technology not permitted by Supplier.
Legal Use
Customer is solely responsible for ensuring that Customer’s Authorized Users End Users use of the Services complies with the Agreement and all applicable legislation, including, but not limited to privacy, employment law, and union rules.
Intellectual Property
Supplier and Customer agree that Supplier owns all rights, including, title, trademarks, copyright, and interests including all intellectual property rights to the Service and documentation. Supplier reserves to itself all rights to the Service not expressly granted to Customer in this Agreement. Supplier claims no intellectual property rights over the data and material the Customer, Authorized User or the End Users enter into the Services.
Assignment
Customer may not directly, or indirectly assign all or any part of this Agreement or Customer’s rights or obligations under this Agreement to a third party without Supplier’s written consent. Supplier may assign this Agreement in connection with a merger or change of control of Supplier, or the sale of all or substantially all of Supplier’s assets provided that any such successor agrees to fulfil its obligations pursuant to this Agreement.
Trial Terms
This Agreement shall come into force upon Customer’s acquisition of the Services. Before the end of the Trial Term of 14 days, Customer will receive instruction by email on how to proceed if they wish to continue their use of the Service. The trial subscription will not automatically transfer to a paid subscription. Thus, if the Customer does not react to the instructions sent by email, it is considered that the Customer does not wish to proceed with their use of the Service, and the trial subscription will be terminated.
If the Customer chooses not to purchase a subscription, their access will be terminated by disabling the trial account that was provided by the Supplier. The Customer will thus be unable to log in and reach the generated data. However, any data that the Customer may have collected will not be deleted and can be retrieved upon request.
The offer only applies to new Customers who select the 14-Day Free Trial option when signing up to MapUs’s Services.
The Supplier reserves the right to change the features of the 14-Day Free Trial offer or remove the offer at any time.
Payment Terms
The Supplier does not require the Customer to submit payment details as part of the process for the 14-Day Free Trial. Payment details will only be obtained and required, should the Customer wish to proceed with their use of the Services by continuing with a paid Subscription.
Force Majeure
Neither Party shall be liable for any failure of or delay in the performance of this Agreement for the period that such failure or delay is due to causes beyond its reasonable control, including but not limited to acts of God, riots, war, terrorist act, epidemic, pandemic, quarantine, war, strikes or labour disputes, embargoes, government orders or any other Force Majeure event. No party is entitled to terminate this Agreement in such circumstances.
If a party asserts Force Majeure as an excuse for failure to perform the parties’ obligation, the non performing party must prove that the party took reasonable steps to minimize delay or damages caused by foreseeable events, that the party substantially fulfilled all non-excused obligations, and that the other party was timely notified of the likelihood or actual occurrence of a Force Majeure event.
Suspension
Any use of the Service, in breach of this Agreement, including unintended or illegal use, or Customer’s failure to meet any obligations in this Agreement, may result in Supplier suspending the Service. If Supplier suspends the Service, the Customer shall be notified immediately and given an opportunity to remedy such violation. If the Customer is unable to remedy the violation within 14 calendar days, Supplier is entitled to terminate the Agreement.
Liability
The Parties are not in any event liable for any direct, consequential or other indirect losses. Data losses are considered indirect losses.
The above restrictions apply only if the loss is not attributable to gross negligence or wilful conduct by the damaging party. The foregoing does not regulate the conditions concerning losses in connection to delay.
The total liability shall in no event exceed the total fees paid to Supplier under this Agreement during the past 12 months.
In the case that the Service is dependent on collecting information from the Customer or users in order to present suggested recommendations, the Supplier takes no responsibility for the Customer’s actions based on output from the Service. This includes, with no limitation, if such actions do not deliver correct or the expected results.
Confidentiality
Supplier and Customer are required not to disclose any Confidential Information that Supplier or Customer may have gained during the term of this Agreement.
Customer, Authorized Users and End Users are obligated to keep confidential any ‘magic’ links provided by Supplier. The Customer shall be liable for any misuse of such links, regardless if such misuse is caused by the Customer, Authorized Users, End Users or a third party having obtained possession of the Customer’s, Authorized Users’ or End-Users’ link.
Reference
Unless otherwise agreed between the Parties, Supplier reserves the right to use Customer name and logos and Trademarks as a reference, and or case story on Supplier’s webpage and marketing materials.
Data ownership
Customer shall retain ownership of all data submitted to the Services.
Data Protection (Data Processing Agreement)
This data processor agreement must be used, if the Supplier as part of its delivery of the services as mentioned in the Agreement shall process personal data on behalf of the Customer, cf. Article 6 of the Regulation (EU) 2016/679 of European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”). If the Supplier is to process sensitive personal data on behalf of the Customer pursuant to Article 9 of the GDPR, the parties enter into a separate data processor agreement.
Both parties shall meet the requirements of the GDPR and applicable data protection legislation. The Customer is responsible for ensuring that the processing of personal data takes place in compliance with the GDPR, including ensuring that the processing of personal data, which the Supplier is instructed to perform, has a legal basis. The Supplier shall process personal data only on documented instructions from the Customer. The documented instructions consist partly of the Agreement, so the Supplier can carry out such processing of the Customer’s personal data as is necessary to be able to provide the agreed services (the purpose of the processing), and partly of the subsequent separate documented instructions, which the Customer may provide to Supplier. If the Supplier is of the opinion that the Agreement or a separate instruction does not cover the Supplier’s processing of the Customer’s personal data, or that an instruction from the Customer will be in conflict with the GDPR or other applicable data protection legislation, Supplier must immediately notify the Customer thereof in writing.
Both parties shall, on an ongoing basis, implement appropriate technical and organizational measures that comply with the requirements of Article 32 of the GDPR in order to ensure the protection of the data subjects’ rights. The Supplier must, at the request of the Customer, assist the Customer pursuant to Article 32 of the GDPR by, among other things, provide the Customer with sufficient information so the Customer can demonstrate compliance with the requirements of applicable data protection legislation, including that the above-mentioned technical and organizational security measures have been taken.
The Supplier ensures that the persons authorized to process personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality and that this can be demonstrated to the Customer.
The Supplier shall meet the requirements specified in Article 28(2) and (4) GDPR in order to engage another processor (a sub-processor). The Supplier has the Customer’s general authorisation for the engagement of sub-processors. The Supplier shall inform the Customer in writing of any intended changes concerning the addition or replacement of sub-processors at least 60 days in advance, thereby giving the Customer the opportunity to object to such changes prior to the engagement of the concerned sub-processor(s). If the Supplier does not receive objections from the Customer within 30 days of receiving notification thereof, the Supplier is entitled to implement the change. The Supplier ensures that the sub-processor meets the requirements of Article 28 of the GDPR, and engage to enter into a sub-processor agreement with the sub-processor in question, which is subject to at least the same obligations as the Supplier has undertaken in this Agreement. Sub-processor agreement(s) and any subsequent changes thereto are sent – at the Customer’s request – in copy to the Customer. The Supplier shall be responsible that the sub-processor complies with the obligations to which the Supplier is subject pursuant to the clauses and the GDPR. Without the Customer’s prior written consent, the Supplier may not transfer the Customer’s personal data to countries outside the EU / EEA. When entering into the Agreement, the Supplier uses the following sub suppliers, which has been approved by the Customer:
Name |
Server location |
service |
legal basis for transfer |
DLX A/S |
Denmark |
Hosting |
N/A |
Mailgun Technologies |
USA |
E-mail provider |
Standard contractual clauses |
Taking into account the nature of the processing, Supplier shall assist the Customer by appropriate technical and organizational measures, insofar as this is possible, in the fulfilment of the Customer’s obligations to respond to requests for exercising the data subject’s rights laid down in Chapter III GDPR. The Supplier’s assistance will be invoiced according to time spent. The Supplier shall, furthermore, taking into account the nature of the processing and the information available to the Supplier, assist the Customer in ensuring compliance with the obligations under Article 32 – 36 of the GDPR. Supplier shall make available to the Customer all information necessary to demonstrate compliance with the obligations laid down in Article 28 and the clauses and allow for and contribute to audits, including inspections, conducted by the Customer or another auditor mandated by the Customer.
The Supplier shall comply with Article 33 of the GDPR and without undue delay notify the Customer after becoming aware that there has been a personal data breach. The notification to the Customer must take place no later than 24 hours after the Supplier has become aware of the breach. The notification shall contain at least the information referred to in Article 33 (3), litra a), b) and d) mentioned requirements for notification. These obligations apply regardless of whether the Supplier is responsible for the personal data breach. If Supplier or its sub-processors are not responsible for the breach, the Supplier’s assistance will be invoiced according to time spent.
If the Customer does not instruct Supplier otherwise, the Supplier is entitled and obliged to delete the Customer’s personal data no longer than 3 months after the Agreement has been finally terminated. However, the obligations regarding the processing of personal data remain in force as long as the Supplier processes the Customer’s personal data.
All matters relating to non-compliance, liability and compensation are regulated in the Agreement.
Both parties shall keep records of processing activities referred to in Article 30 of the GDPR. If there are changes in the categories of personal data or categories of data subjects that the Supplier processes for the Customer, the Customer must immediately notify the Supplier thereof:
categories of personal data |
categories of data subjects |
General personal data, including e-mail and name |
End Users |
Notices
All written notices between the Parties shall be delivered by e-mail.
Updates
Supplier reserves the right to upgrade, modify, replace, or reconfigure the Service at any time upon at least 14 calendar days’ notice, for changes that significantly may affect the use of the service. Any future release, update, or other addition to functionality of the service shall be subject to these terms.
Accessibility and Uptime
Supplier endeavours to ensure that the Service is available 24/7, however, Customer accepts that Supplier does not warrant that the Service will be uninterrupted or error-free. The Service is provided on an “as is” and “as available” basis, without any warranties to the fullest extent permitted by law.
The Customer can access the Service through the browser. With the exception of Internet Explorer, the Service supports all new versions of standard browsers on the large platforms. Internet Explorer 11 on Windows, Chrome and Firefox on Linux, and browsers that use older versions of WebKit, Blink or Gecko are not explicitly supported. However, the Service should also (in most cases) display and function correctly in these browsers.
Severability
Should any term or condition hereof be declared illegal or otherwise unenforceable, it shall be severed from the remainder of this Agreement without affecting the remaining sections.
Survivability
The sections on confidentiality, liability, payment, reference, and dispute shall survive any termination of this Agreement.
Acceptance and Termination
This Agreement is entered into by Customers electronic acceptance of these Agreement terms on Suppliers and is concluded upon Customers receipt of the confirmation e-mail from Supplier. The Agreement is valid until terminated by one of the parties in accordance with the applicable terms.
Dispute
Any dispute between Customer and Supplier must be settled under Danish law, with the exception of CISG, the District Court in Copenhagen as the agreed venue, with usual reference and appeal right
Service description
MapUs is a SaaS platform used to map digital competence in organizations. By surveying users, analyzing the data and visualizing it in interactive reports, MapUs is intended to be a guiding tool to help its users understand and unlock their digital potential.
A Subscription to MapUs gives the customer access to their own MapUs platform and a bundle of mappings to use yearly. Extra mappings can be purchased.
Additionally, the MapUs Subscriptions include a vast collection of features depending on what Subscription Plan the Customer prefers. There are three (3) fixed subscriptions:
MapUs also offers a highly customized Enterprises solution. This solution is intended for larger projects where the Customer needs more extensive customizations and development. MapUs can help the Customer with everything from development and practical setup, to implementation.
Furthermore, the Customer can purchase additional surveys, development, and consultancy hours in addition of a MapUs Subscription.
The MapUs subscription runs on a yearly basis. It follows that the subscription will be activated on the delivery date and will run on a yearly basis from said date.
Definitions
“Services”: The web-based Software-as-a-Service developed and sold by Supplier. The Services are offered to Customers who themselves or on behalf of one or more institutions, e.g. companies or schools, pay for access to the Services for a number of End Users.
“End Users”: The Customer’s end user making use of the Services.
“Authorized User”: A physical person in- or outside Customer’s organization, that Customer has authorized.
“Confidential Information”: includes but is not limited to trade-secrets, know-how, and any other information that a reasonable person would deem confidential.
“Personal Data”: Any data and information relating to an identified or identifiable living individual person as defined under Data Protection Laws.
Agreement
This Agreement shall apply to all Customer’s use of the Services.
The Services are provided as a subscription, not sold, by Supplier to Customer, and nothing in this Agreement will be interpreted or construed as a sale or purchase of software.
The Parties are independent contractors. This Agreement does not create a partnership, franchise, joint-venture or other relationship not explicitly stated in this Agreement.
Use right
Subject to the terms and conditions in this Agreement, Supplier hereby grants to Customer a non-exclusive, non-transferrable, non-assignable, revocable and worldwide right to access and use the Services as intended by Supplier.
This use right is only applied to Authorized Users and End-Users enrolled in Customers subscription plan, and only for purposes within Customers internal business operations, i.e. not for the benefit of any other person or entity.
Intended Use
Customer is solely responsible for ensuring that Customer’s Authorized Users and End Users only use the Services for the intended purpose, cf. the Service Description.
Restrictions on Use
Customer, Authorized Users and End Users may not reverse engineer, disassemble, decompile or in any way work around any technical limitations. Unless otherwise agreed, Customer may not rent, lease, lend, resell or in any way grant access to the Service to third parties except as expressly permitted in these terms and conditions.
Customer, Authorized Users and End Users may not modify or create any derivative product(s) or services based on the Service and may not combine or integrate the Services with any hardware, software or other technology not permitted by Supplier.
Reselling
A Reseller is defined as a Customer who redistributes the MapUs Service to Third Parties. A Reseller can either resell the Service with the Supplier’s brand or use Supplier’s Service to resell through Customer’s own brand.
Any possible discounts applied to Reseller solutions apply only when the Customer has made an explicit written Reseller Agreement with Supplier. If the Customer only uses the Service internally, any Reseller discounts do not apply either.
The Supplier’s brand name must always be visible when the Customer resells the Service, unless otherwise agreed. The Supplier’s brand name can be removed only by agreement with the Supplier, and against an annual monetary fee which will be added to the Customer’s annual subscription.
Legal Use
Customer is solely responsible for ensuring that Customer’s Authorized Users End Users use of the Services complies with the Agreement and all applicable legislation, including, but not limited to, privacy, employment law, and union rules.
Intellectual Property
Supplier and Customer agree that Supplier owns all rights, including, title, trademarks, copyright, and interests including all intellectual property rights to the Service and documentation. Supplier reserves to itself all rights to the Service not expressly granted to Customer in this Agreement. Supplier claims no intellectual property rights over the data and material the Customer, Authorized User or the End Users enter into the Services.
Assignment
Customer may not directly, or indirectly assign all or any part of this Agreement or Customer’s rights or obligations under this Agreement to a third party without Supplier’s written consent. Supplier may assign this Agreement in connection with a merger or change of control of Supplier, or the sale of all or substantially all of Supplier’s assets provided that any such successor agrees to fulfil its obligations pursuant to this Agreement.
Subscription Terms
This Agreement shall come into force upon Customer’s acquisition of the Services. At the end of the Subscription Term, the subscription will be automatically renewed for an additional period, unless the Customer notifies Supplier in writing at least one (1) month before the end of the Subscription Term. The renewal term period shall be equal to the duration of the initial Subscription Term.
If Customer terminates the Agreement without justification before the end of the end of a Subscription Term, Supplier is entitled to full compensation for the remuneration due for the residual Subscription Term. There is no termination fee.
Payment Terms
Customer will pay all amounts specified in the Agreement. All invoices are due for payment within 14 days.
Payment is charged in advance for the Subscription Term by the Customer’s preferred payment method. Customer authorizes Supplier to store the necessary payment details, and charge Customer until the Agreement is terminated.
The Customer promises that the registration information, payment details and any other information that the Customer submits to the Supplier is true, accurate and complete and the Customer agrees to keep it that way at all times.
If payment is declined or for any reason insufficient, Supplier reserves the right to suspend the Service, or provide the Service and charge interest on any overdue balances for the period from the date on which payment became due, until the date on which payment is made. The interest rate is equivalent to the rates stated in the Danish Interest Act (currently 8%).
The Supplier may change the price for the Service at a month’s notice. The price change will be effective from the beginning of the next subscription period. The Customer’s continued use of the Services constitute the Customer’s acceptance of the price change. If the Customer does not agree with the price changes, the Customer has the right to reject the change by cancelling the subscription into a minimum of 30 days’ notice as from the date on which the price change comes into force.
Force Majeure
Neither Party shall be liable for any failure of or delay in the performance of this Agreement for the period that such failure or delay is due to causes beyond its reasonable control, including but not limited to acts of God, riots, war, terrorist act, epidemic, pandemic, quarantine, war, strikes or labour disputes, embargoes, government orders or any other Force Majeure event. No party is entitled to terminate this Agreement in such circumstances.
If a party asserts Force Majeure as an excuse for failure to perform the parties’ obligation, the non performing party must prove that the party took reasonable steps to minimize delay or damages caused by foreseeable events, that the party substantially fulfilled all non-excused obligations, and that the other party was timely notified of the likelihood or actual occurrence of a Force Majeure event.
Suspension
Any use of the Service, in breach of this Agreement, including unintended or illegal use, or Customer’s failure to meet any obligations in this Agreement, may result in Supplier suspending the Service. If Supplier suspends the Service, the Customer shall be notified immediately and given an opportunity to remedy such violation. If the Customer is unable to remedy the violation within 14 calendar days, Supplier is entitled to terminate the Agreement.
Liability
The Parties are not in any event liable for any direct, consequential or other indirect losses. Data losses are considered indirect losses.
The above restrictions apply only if the loss is not attributable to gross negligence or willful conduct by the damaging party. The foregoing does not regulate the conditions concerning losses in connection to delay.
The total liability shall in no event exceed the total fees paid to Supplier under this Agreement during the past 12 months.
In the case that the Service is dependent on collecting information from the Customer or users in order to present suggested recommendations, the Supplier takes no responsibility for the Customer’s actions based on output from the Service. This includes, with no limitation, if such actions do not deliver correct or the expected results.
Confidentiality
Supplier and Customer are required not to disclose any Confidential Information that Supplier or Customer may have gained during the term of this Agreement.
Customer, Authorized Users and End Users are obligated to keep confidential any ‘magic’ links provided by Supplier. The Customer shall be liable for any misuse of such links, regardless if such misuse is caused by the Customer, Authorized Users, End Users or a third party having obtained possession of the Customer’s, Authorized Users’ or End-Users’ link.
The Customer must promptly notify the Supplier about any possible misuse of the Customer’s accounts, authentication or any security incident related to the Services.
Customer’s collection of data
Unless otherwise explicitly agreed in writing, the Customer is prohibited from collecting sensitive Personal Data from the End Users with the Services. Sensitive Personal Data includes, but is not limited to:
The Customer is only allowed to collect non-sensitive Personal Data from End Users, which may include, but is not limited to, name, age, demographic details, gender, education, industry, job type.
If the Customer collects, or wishes to collect, sensitive Personal Data using the Services, they must seek consent from both End users and Supplier prior to collecting such information.
In the event that the Customer is granted permission to collect sensitive Personal Data, an additional security fee will be applied to the annual subscription to account for heightened security measures and increased responsibility associated with such data. The specific amount of the security fee will be communicated by the Supplier to the Customer.
Reference
Unless otherwise agreed between the Parties, Supplier reserves the right to use Customer name and logos and Trademarks as a reference, and or case story on Supplier’s webpage and marketing materials.
Processing of Personal Data
With regard to the processing of Personal Data, the Supplier only stores and handles the data the Customer reports in the transaction relation. Furthermore, the Supplier stores the Personal Data in accordance with the legislation to data protection. The Supplier is not controller of the Personal Data generated by the Customer’s use of the Service. The Customer is the controller and therefore retains ownership of all data submitted to the Services. Thus, the Customer also determines the purpose and means of the process of Personal Data. The Customer can appoint the Supplier as processor to process a certain amount of Personal Data on behalf of the Customer. In such case, the details of the Supplier’s process of data must be composed in a separate data processor agreement.
Data Protection (Data Processing Agreement)
This data processor agreement must be used, if the Supplier as part of its delivery of the services as mentioned in the Agreement shall process personal data on behalf of the Customer, cf. Article 6 of the Regulation (EU) 2016/679 of European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”). If the Supplier is to process sensitive personal data on behalf of the Customer pursuant to Article 9 of the GDPR, the parties enter into a separate data processor agreement.
Both parties shall meet the requirements of the GDPR and applicable data protection legislation. The Customer is responsible for ensuring that the processing of personal data takes place in compliance with the GDPR, including ensuring that the processing of personal data, which the Supplier is instructed to perform, has a legal basis. The Supplier shall process personal data only on documented instructions from the Customer. The documented instructions consist partly of the Agreement, so the Supplier can carry out such processing of the Customer’s personal data as is necessary to be able to provide the agreed services (the purpose of the processing), and partly of the subsequent separate documented instructions, which the Customer may provide to Supplier. If the Supplier is of the opinion that the Agreement or a separate instruction does not cover the Supplier’s processing of the Customer’s personal data, or that an instruction from the Customer will be in conflict with the GDPR or other applicable data protection legislation, Supplier must immediately notify the Customer thereof in writing.
Both parties shall, on an ongoing basis, implement appropriate technical and organizational measures that comply with the requirements of Article 32 of the GDPR in order to ensure the protection of the data subjects’ rights. The Supplier must, at the request of the Customer, assist the Customer pursuant to Article 32 of the GDPR by, among other things, provide the Customer with sufficient information so the Customer can demonstrate compliance with the requirements of applicable data protection legislation, including that the above-mentioned technical and organizational security measures have been taken.
The Supplier ensures that the persons authorized to process personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality and that this can be demonstrated to the Customer.
The Supplier shall meet the requirements specified in Article 28(2) and (4) GDPR in order to engage another processor (a sub-processor). The Supplier has the Customer’s general authorisation for the engagement of sub-processors. The Supplier shall inform the Customer in writing of any intended changes concerning the addition or replacement of sub-processors at least 60 days in advance, thereby giving the Customer the opportunity to object to such changes prior to the engagement of the concerned sub-processor(s). If the Supplier does not receive objections from the Customer within 30 days of receiving notification thereof, the Supplier is entitled to implement the change. The Supplier ensures that the sub-processor meets the requirements of Article 28 of the GDPR, and engage to enter into a sub-processor agreement with the sub-processor in question, which is subject to at least the same obligations as the Supplier has undertaken in this Agreement. Sub-processor agreement(s) and any subsequent changes thereto are sent – at the Customer’s request – in copy to the Customer. The Supplier shall be responsible that the sub-processor complies with the obligations to which the Supplier is subject pursuant to the clauses and the GDPR. Without the Customer’s prior written consent, the Supplier may not transfer the Customer’s personal data to countries outside the EU / EEA. When entering into the Agreement, the Supplier uses the following sub suppliers, which has been approved by the Customer:
Name |
Server location |
service |
legal basis for transfer |
DLX A/S |
Denmark |
Hosting |
N/A |
Mailgun Technologies |
USA |
E-mail provider |
Standard contractual clauses |
Taking into account the nature of the processing, Supplier shall assist the Customer by appropriate technical and organizational measures, insofar as this is possible, in the fulfilment of the Customer’s obligations to respond to requests for exercising the data subject’s rights laid down in Chapter III GDPR. The Supplier’s assistance will be invoiced according to time spent. The Supplier shall, furthermore, taking into account the nature of the processing and the information available to the Supplier, assist the Customer in ensuring compliance with the obligations under Article 32 – 36 of the GDPR. Supplier shall make available to the Customer all information necessary to demonstrate compliance with the obligations laid down in Article 28 and the clauses and allow for and contribute to audits, including inspections, conducted by the Customer or another auditor mandated by the Customer.
The Supplier shall comply with Article 33 of the GDPR and without undue delay notify the Customer after becoming aware that there has been a personal data breach. The notification to the Customer must take place no later than 24 hours after the Supplier has become aware of the breach. The notification shall contain at least the information referred to in Article 33 (3), litra a), b) and d) mentioned requirements for notification. These obligations apply regardless of whether the Supplier is responsible for the personal data breach. If Supplier or its sub-processors are not responsible for the breach, the Supplier’s assistance will be invoiced according to time spent.
If the Customer does not instruct Supplier otherwise, the Supplier is entitled and obliged to delete the Customer’s personal data no longer than 3 months after the Agreement has been finally terminated. However, the obligations regarding the processing of personal data remain in force as long as the Supplier processes the Customer’s personal data.
All matters relating to non-compliance, liability and compensation are regulated in the Agreement.
Both parties shall keep records of processing activities referred to in Article 30 of the GDPR. If there are changes in the categories of personal data or categories of data subjects that the Supplier processes for the Customer, the Customer must immediately notify the Supplier thereof:
categories of personal data |
categories of data subjects |
General personal data, including e-mail and name |
End Users |
Notices
All written notices between the Parties shall be delivered by e-mail.
Improvements or updates made to the Services
The Supplier may revise the Services from time to time to better reflect improvements or updates made to the Services. Supplier reserves the right to upgrade, modify, replace, or reconfigure the Service at any time upon at least 14 calendar days’ notice, for changes that significantly may affect the use of the Service. The Supplier reserves the right to change or disconnect parts of the Service from time to other based on an estimate. Any future release, update, or other addition to functionality of the Service shall be subject to these terms.
Accessibility and Uptime
Supplier endeavours to ensure that the Service is available 24/7, however, Customer accepts that Supplier does not warrant that the Service will be uninterrupted or error-free. The Service is provided on an “as is” and “as available” basis, without any warranties to the fullest extent permitted by law.
The Customer can access the Service through the browser. With the exception of Internet Explorer, the Service supports all new versions of standard browsers on the large platforms. Internet Explorer 11 on Windows, Chrome and Firefox on Linux, and browsers that use older versions of WebKit, Blink or Gecko are not explicitly supported. However, the Service should also (in most cases) display and function correctly in these browsers.
Change of Terms
The Supplier may revise these Terms from time to time to better reflect:
If an update affects the Customer’s legal rights as a user of the Services, the Supplier will notify the Customer prior to the update’s effective date by sending an email to the email address associated with the MapUs account or via an in-product notification. These will be effective no less than thirty (30) days from when the Supplier notifies the Customer.
Supplier does not generally make changes to the Terms and Conditions on request of the Customer, unless explicitly agreed between Supplier and Customer. In this case, the Supplier reserves the right to charge fees for additional consultancy and external legal assistance.
Severability
Should any term or condition hereof be declared illegal or otherwise unenforceable, it shall be severed from the remainder of this Agreement without affecting the remaining sections.
Survivability
The sections on confidentiality, liability, payment, reference, and dispute shall survive any termination of this Agreement.
Acceptance and Termination
This Agreement is entered into by Customers electronic acceptance of these Agreement terms on Suppliers and is concluded upon Customers receipt of the confirmation e-mail from Supplier. The Agreement is valid until terminated by one of the parties in accordance with the applicable terms.
Termination for cause In the event of a breach of this Agreement by either Party, the non-defaulting Party may give written notice of such default. If such notice is given, and the default is not cured within 30 business days following receipt of the notice, then this Agreement shall automatically terminate.
Dispute
Any dispute between Customer and Supplier must be settled under Danish law, with the exception of CISG, the District Court in Copenhagen as the agreed venue, with usual reference and appeal rights.