MapUs Privacy Policy & Terms and Conditions

On this page, you can read our Privacy and Cookie Policy for mapus.io as well as the terms and conditions for being a trial user and subscriber of the MapUs software.

  1. Welcome
    1. When you visit https://mapus.io (hereinafter “Website”, “Site”) personal data is collected about you. This Privacy and Cookie Policy is meant to help you understand what personal data we collect, why we collect it, and how we delete it.

  2. Data controller
    1. Center for Digital Dannelse (hereinafter “us”, “our”, “us”) is responsible for the processing of your personal data and ensuring that it complies with the rules of the General Data Protection Regulation (GDPR).
      Center for Digital Dannelse
      Vesterbrogade 14A, 2. sal
      1620 Copenhagen
      Denmark
      digitaldannelse.org
      dd@digitaldannelse.org
      +45 71 74 38 76

  3. Personal data
    1. Personal data is information that can identify you, personally. For example: your name, email, address, telephone number, etc. When you use our Website we collect and process the personal data, you provide to us. This occurs, for instance, if you sign up for a newsletter or fill out a contact form.
    2. To the extent that you enter information such as name, address, workplace, phone number and email, we process this personal data. You can enter this type of information while using the contact forms.

  4. Security
    1. We have taken technical and organizational measures to prevent your data from being accidentally or illegally deleted, published, lost, impaired, disclosed without authorization, abused or otherwise processed in violation of the law.

  5. Purpose
    1. When personal data such as name, email, workplace or other information you enter is collected via our contact forms, the purpose is to qualify an answer to your inquiry. The legal basis on which we process your personal data is our legitimate interest. 
    2. If you sign up for a free trial via our forms, the personal data you submit is what enables us to create a trial account for you. 
    3. When you are asked to submit your email in our forms, it will only be used for other purposes, if the purpose is clearly stated. Examples include, but are not limited to, subscribing to a newsletter, asking for feedback on our Service, or receiving an email as part of an exercise/test.
    4. The specified purpose constitute our legal basis for processing personal data. Primarily based on our legitimate interest, which does not conflict with your data protection rights. You consent is, and works as, the legal basis for processing your data. 
      You can also read our Policy on Data Ethics here.

  6. Period of storage
    1. We only store your data for the purposes described in this Privacy and Cookie Policy and for the time allowed by law. When we no longer need to use your personal data for the identified purposes and there is no need for us to keep it to comply with our legal or regulatory obligations, we will either remove it from our systems or anonymize it so that you cannot be identified.

  7. Disclosure of information
    1. Besides otherwise described in this Privacy and Cookie Policy, we may disclose personal data that we collect or that you provide to trusted third-party providers (data processors). We only use data processors that can give your personal data adequate level of data protection. We do not share personal data with third-part providers unless you have given permission to do so. 
    2. We only use data processors within the EU or in countries which can provide the adequate protection of your information. We have DPAs with all our data processors. 
    3. Our data processors are: ActiveCampaign (US-based CRM system that hosts our forms and send out newsletters) and DLX (Danish-based server hosting company hosting this website).
       
  8. Cookies
    1. Our Website uses cookies. A cookie is a small text file that can be used by Websites to make user’s experience more efficient. Cookies allow the Website to recognize your computer, gather information about which pages and features are visited with your browser and make sure the Website is technically functional. Cookies are the only way to make the site function as intended. Cookies are used by virtually all websites.
    2. The law states that we can store cookie on your device if they are strictly necessary for the operation of our Site. For all other types of cookies we need your permission. 
      You can at any time change or withdraw your consent from the Cookie Declaration on our Website.
    3. The Site uses both first-party cookies (which are created by the visited website) and third-part cookies (which are created by a server, placed outside our Site’s domain).
    4. The different types of cookies that might be used on the Site:
      • Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies
      • Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that your are in
      • Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously
      • Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers
    5. Cookies we use:
      • PHPSESSID: These cookies are generated by applications based on the PHP language. This is a general purpose identifier used to maintain user session variables. Expires after 10 hours.
      • Prism_611059676: This cookie is necessary for the site to work. Expires after 1 month.
      • YSC: This cookie is set by YouTube to track views of embedded videos. Expires after ended session
      • VISITOR_INFO1_LIVE: This cookie is set by YouTube to keep track of user preferences for YouTube videos embedded in sites. It can also determine whether the website visitor is using the new or old version of the YouTube interface. Expires after 6 months. 
      • ac_enable_tracking: This cookie is set by Active Campaign to confirm that tracking has been enabled for the website. Tracking is used to create reports on our web traffic. Expires after 1 month.
      •  Cookie_notice_accepted: The Website stores your accept of cookies via a cookie. Expire after 1 year

  9. Insights and complaint
    1. You are entitled to know what personal information we are processing about you. You may also object to the use of information at any time. You may also revoke your consent to processing information about you. If the information processed about you is incorrect, you are entitled to alter or delete this. 
    2. Inquiry by email:
      Your inquiry may be made to our email support@mapus.io. Please write “complaint” or “question regarding data processing” in the subject field of your inquiry, in order to reach our DPO.
    3. Inquiry by telephone: 
      You can call us directly at +45 71 74 38 76 within our opening hours between 9:00 am and 3:00 pm CET.
    4. When we receive your inquiry, our DPO will  process it as soon as possible. We strive to answer all inquiries as soon as possible, and within 3 business days. We highly value all feedback and work targeted towards solving any concerns relating to data processing and data protection within the company.
    5. If you would like to complain about our processing of your personal information, you also have the opportunity to lodge a complaint with your national Data Protection Authority (DPA).

  10. Publisher and data processor

    The Website is managed, published and data processed by: 

    Center for Digital Dannelse 
    Company no. (CVR): 39607581
    Vesterbrogade 14A, 2nd. floor
    1620 Copenhagen 
    digitaldannelse.org
    dd@digitaldannelse.org
    +45 71 74 38 76 

Service description

MapUs is a SaaS platform used to map digital competence in organizations. By surveying users, analyzing the data and visualizing it in interactive reports, MapUs is intended to be a guiding tool to help it’s users understand and unlock their digital potential. 

A 14-day free trial to MapUs gives the customer access to  MapUs platform for 14 days. They’ll get access to the original MapUs framework, The Digital Competence Wheel with superuser access with admin access to group and reporting features. To gain access to survey builder features, they must purchase a subscription. 

After the 14 days, the customer can either choose to purchase a subscription or yield their right of use. 

Definitions 

“Services”: The web-based Software-as-a-Service developed and sold by Supplier. The Services are offered to Customers who themselves or on behalf of one or more institutions, e.g. companies or schools, have signed up to a 14-day free trial for access to the Services

“End Users”: The Customer’s end user making use of the Services.   

“Authorized User”: A physical person in- or outside Customer’s organization, that Customer has authorized. 

“Confidential Information”: includes but is not limited to trade-secrets, know-how, and any other information that a reasonable person would deem confidential.

Agreement 

This Agreement shall apply to all Customer’s use of the Services. 

The Services are provided as a free trial and nothing in this Agreement will be interpreted or construed as a sale or purchase of software.

The Parties are independent contractors. This Agreement does not create a partnership, franchise, joint-venture or other relationship not explicitly stated in this Agreement.

Use right 

Subject to the terms and conditions in this Agreement, Supplier hereby grants to Customer a non-exclusive, non-transferrable, non-assignable, time-limited and worldwide right to access and use the Services as intended by Supplier.

This use right is only applied to Authorized Users and End-Users enrolled in Customer’s trial, and only for purposes within Customers internal business operations, i.e. not for the benefit of any other person or entity.

Intended Use 

Customer is solely responsible for ensuring that Customer’s Authorized Users and End Users only use the Services for the intended purpose, cf. the Service Description. 

Restrictions on Use 

Customer, Authorized Users and End Users may not reverse engineer, disassemble, decompile or in any way work around any technical limitations. Unless otherwise agreed, Customer may not rent, lease, lend, resell or in any way grant access to the Service to third parties except as expressly permitted in these terms and conditions. 

Customer, Authorized Users and End Users may not modify or create any derivative product(s) or services based on the Service and may not combine or integrate the Services with any hardware, software or other technology not permitted by Supplier.

Legal Use 

Customer is solely responsible for ensuring that Customer’s  Authorized Users End Users use of the Services complies with the Agreement and all applicable legislation, including, but not limited to privacy, employment law, and union rules. 

Intellectual Property 

Supplier and Customer agree that Supplier owns all rights, including, title, trademarks, copyright, and interests including all intellectual property rights to the Service and documentation. Supplier reserves to itself all rights to the Service not expressly granted to Customer in this Agreement. Supplier claims no intellectual property rights over the data and material the Customer, Authorized User or the  End Users enter into the Services.

Assignment 

Customer may not directly, or indirectly assign all or any part of this Agreement or Customer’s rights or obligations under this Agreement to a third party without Supplier’s written consent. Supplier may assign this Agreement in connection with a merger or change of control of Supplier, or the sale of all or substantially all of Supplier’s assets provided that any such successor agrees to fulfil its obligations pursuant to this Agreement.

Trial Terms 

This Agreement shall come into force upon Customer’s acquisition of the Services. Before the end of the Trial Term of 14 days, Customer will receive instruction by email on how to proceed if they wish to continue their use of the Service. The trial subscription will not automatically transfer to a paid subscription. Thus, if the Customer does not react to the instructions sent by email, it is considered that the Customer does not wish to proceed with their use of the Service, and the trial subscription will be terminated.

If the Customer chooses not to purchase a subscription, their access will be terminated by disabling the trial account that was provided by the Supplier. The Customer will thus be unable to log in and reach the generated data. However, any data that the Customer may have collected will not be deleted and can be retrieved upon request. 

The offer only applies to new Customers who select the 14-Day Free Trial option when signing up to MapUs’s Services. 

The Supplier reserves the right to change the features of the 14-Day Free Trial offer or remove the offer at any time. 

Payment Terms 

The Supplier does not require the Customer to submit payment details as part of the process for the 14-Day Free Trial. Payment details will only be obtained and required, should the Customer wish to proceed with their use of the Services by continuing with a paid Subscription. 

Force Majeure

Neither Party shall be liable for any failure of or delay in the performance of this Agreement for the period that such failure or delay is due to causes beyond its reasonable control, including but not limited to acts of God, riots, war, terrorist act, epidemic, pandemic, quarantine, war, strikes or labour disputes, embargoes, government orders or any other Force Majeure event. No party is entitled to terminate this Agreement in such circumstances. 

If a party asserts Force Majeure as an excuse for failure to perform the parties’ obligation, the non performing party must prove that the party took reasonable steps to minimize delay or damages caused by foreseeable events, that the party substantially fulfilled all non-excused obligations, and that the other party was timely notified of the likelihood or actual occurrence of a Force Majeure event. 

Suspension 

Any use of the Service, in breach of this Agreement, including unintended or illegal use, or Customer’s failure to meet any obligations in this Agreement, may result in Supplier suspending the Service. If Supplier suspends the Service, the Customer shall be notified immediately and given an opportunity to remedy such violation. If the Customer is unable to remedy the violation within 14 calendar days, Supplier is entitled to terminate the Agreement.

Liability 

The Parties are not in any event liable for any direct, consequential or other indirect losses. Data losses are considered indirect losses. 

The above restrictions apply only if the loss is not attributable to gross negligence or wilful conduct by the damaging party. The foregoing does not regulate the conditions concerning losses in connection to delay. 

The total liability shall in no event exceed the total fees paid to Supplier under this Agreement during the past 12 months. 

In the case that the Service is dependent on collecting information from the Customer or users in order to present suggested recommendations, the Supplier takes no responsibility for the Customer’s actions based on output from the Service. This includes, with no limitation, if such actions do not deliver correct or the expected results.  

Confidentiality 

Supplier and Customer are required not to disclose any Confidential Information that Supplier or Customer may have gained during the term of this Agreement.

Customer, Authorized Users and End Users are obligated to keep confidential any ‘magic’ links provided by Supplier. The Customer shall be liable for any misuse of such links, regardless if such misuse is caused by the Customer, Authorized Users, End Users or a third party having obtained possession of the Customer’s, Authorized Users’ or End-Users’ link. 

Reference 

Unless otherwise agreed between the Parties, Supplier reserves the right to use Customer name and logos and Trademarks as a reference, and or case story on Supplier’s webpage and marketing materials.

Data ownership 

Customer shall retain ownership of all data submitted to the Services.

Data Protection (Data Processing Agreement)

This data processor agreement must be used, if the Supplier as part of its delivery of the services as mentioned in the Agreement shall process personal data on behalf of the Customer, cf. Article 6 of the Regulation (EU) 2016/679 of European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”). If the Supplier is to process sensitive personal data on behalf of the Customer pursuant to Article 9 of the GDPR, the parties enter into a separate data processor agreement. 

Both parties shall meet the requirements of the GDPR and applicable data protection legislation. The Customer is responsible for ensuring that the processing of personal data takes place in compliance with the GDPR, including ensuring that the processing of personal data, which the Supplier is instructed to perform, has a legal basis. The Supplier shall process personal data only on documented instructions from the Customer. The documented instructions consist partly of the Agreement, so the Supplier can carry out such processing of the Customer’s personal data as is necessary to be able to provide the agreed services (the purpose of the processing), and partly of the subsequent separate documented instructions, which the Customer may provide to Supplier. If the Supplier is of the opinion that the Agreement or a separate instruction does not cover the Supplier’s processing of the Customer’s personal data, or that an instruction from the Customer will be in conflict with the GDPR or other applicable data protection legislation, Supplier must immediately notify the Customer thereof in writing. 

Both parties shall, on an ongoing basis, implement appropriate technical and organizational measures that comply with the requirements of Article 32 of the GDPR in order to ensure the protection of the data subjects’ rights. The Supplier must, at the request of the Customer, assist the Customer pursuant to Article 32 of the GDPR by, among other things, provide the Customer with sufficient information so the Customer can demonstrate compliance with the requirements of applicable data protection legislation, including that the above-mentioned technical and organizational security measures have been taken.

The Supplier ensures that the persons authorized to process personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality and that this can be demonstrated to the Customer. 

The Supplier shall meet the requirements specified in Article 28(2) and (4) GDPR in order to engage another processor (a sub-processor). The Supplier has the Customer’s general authorisation for the engagement of sub-processors. The Supplier shall inform the Customer in writing of any intended changes concerning the addition or replacement of sub-processors at least 60 days in advance, thereby giving the Customer the opportunity to object to such changes prior to the engagement of the concerned sub-processor(s). If the Supplier does not receive objections from the Customer within 30 days of receiving notification thereof, the Supplier is entitled to implement the change. The Supplier ensures that the sub-processor meets the requirements of Article 28 of the GDPR, and engage to enter into a sub-processor agreement with the sub-processor in question, which is subject to at least the same obligations as the Supplier has undertaken in this Agreement. Sub-processor agreement(s) and any subsequent changes thereto are sent – at the Customer’s request – in copy to the Customer. The Supplier shall be responsible that the sub-processor complies with the obligations to which the Supplier is subject pursuant to the clauses and the GDPR. Without the Customer’s prior written consent, the Supplier may not transfer the Customer’s personal data to countries outside the EU / EEA. When entering into the Agreement, the Supplier uses the following sub suppliers, which has been approved by the Customer:

Name

Server location

service

legal basis for transfer

DLX A/S

Denmark

Hosting

N/A

Mailgun Technologies

USA

E-mail provider

Standard contractual clauses

  

Taking into account the nature of the processing, Supplier shall assist the Customer by appropriate technical and organizational measures, insofar as this is possible, in the fulfilment of the Customer’s obligations to respond to requests for exercising the data subject’s rights laid down in Chapter III GDPR. The Supplier’s assistance will be invoiced according to time spent. The Supplier shall, furthermore, taking into account the nature of the processing and the information available to the Supplier, assist the Customer in ensuring compliance with the obligations under Article 32 – 36 of the GDPR. Supplier shall make available to the Customer all information necessary to demonstrate compliance with the obligations laid down in Article 28 and the clauses and allow for and contribute to audits, including inspections, conducted by the Customer or another auditor mandated by the Customer.

The Supplier shall comply with Article 33 of the GDPR and without undue delay notify the Customer after becoming aware that there has been a personal data breach. The notification to the Customer must take place no later than 24 hours after the Supplier has become aware of the breach. The notification shall contain at least the information referred to in Article 33 (3), litra a), b) and d) mentioned requirements for notification. These obligations apply regardless of whether the Supplier is responsible for the personal data breach. If Supplier or its sub-processors are not responsible for the breach, the Supplier’s assistance will be invoiced according to time spent. 

If the Customer does not instruct Supplier otherwise, the Supplier is entitled and obliged to delete the Customer’s personal data no longer than 3 months after the Agreement has been finally terminated. However, the obligations regarding the processing of personal data remain in force as long as the Supplier processes the Customer’s personal data. 

All matters relating to non-compliance, liability and compensation are regulated in the Agreement. 

Both parties shall keep records of processing activities referred to in Article 30 of the GDPR. If there are changes in the categories of personal data or categories of data subjects that the Supplier processes for the Customer, the Customer must immediately notify the Supplier thereof: 

categories of personal data

categories of data subjects

General personal data, including e-mail and name

End Users

Notices 

All written notices between the Parties shall be delivered by e-mail. 

Updates 

Supplier reserves the right to upgrade, modify, replace, or reconfigure the Service at any time upon at least 14 calendar days’ notice, for changes that significantly may affect the use of the service. Any future release, update, or other addition to functionality of the service shall be subject to these terms. 

Accessibility and Uptime 

Supplier endeavours to ensure that the Service is available 24/7, however, Customer accepts that Supplier does not warrant that the Service will be uninterrupted or error-free. The Service is provided on an “as is” and “as available” basis, without any warranties to the fullest extent permitted by law.

The Customer can access the Service through the browser. With the exception of Internet Explorer, the Service supports all new versions of standard browsers on the large platforms. Internet Explorer 11 on Windows, Chrome and Firefox on Linux, and browsers that use older versions of WebKit, Blink or Gecko are not explicitly supported. However, the Service should also (in most cases) display and function correctly in these browsers.

Severability 

Should any term or condition hereof be declared illegal or otherwise unenforceable, it shall be severed from the remainder of this Agreement without affecting the remaining sections.

Survivability 

The sections on confidentiality, liability, payment, reference, and dispute shall survive any termination of this Agreement.

Acceptance and Termination 

This Agreement is entered into by Customers electronic acceptance of these Agreement terms on Suppliers and is concluded upon Customers receipt of the confirmation e-mail from Supplier. The Agreement is valid until terminated by one of the parties in accordance with the applicable terms. 

Dispute 

Any dispute between Customer and Supplier must be settled under Danish law, with the exception of CISG, the District Court in Copenhagen as the agreed venue, with usual reference and appeal right

Service description

MapUs is a SaaS platform used to map digital competence in organizations. By surveying users, analyzing the data and visualizing it in interactive reports, MapUs is intended to be a guiding tool to help its users understand and unlock their digital potential. 

A Subscription to MapUs gives the customer access to their own MapUs platform and a bundle of mappings to use yearly. Extra mappings can be purchased.

Additionally, the MapUs Subscriptions include a vast collection of features depending on what Subscription Plan the Customer prefers. There are three (3) fixed subscriptions:

  1. MapUs Basic Subscription
  2. MapUs Customized Subscription
  3. MapUs Personalized Subscription

MapUs also offers a highly customized Enterprises solution. This solution is intended for larger projects where the Customer needs more extensive customizations and development. MapUs can help the Customer with everything from development and practical setup, to implementation.

Furthermore, the Customer can purchase additional surveys, development, and consultancy hours in addition of a MapUs Subscription.

The MapUs subscription runs on a yearly basis. It follows that the subscription will be activated on the delivery date and will run on a yearly basis from said date.

Definitions 

“Services”: The web-based Software-as-a-Service developed and sold by Supplier. The Services are offered to Customers who themselves or on behalf of one or more institutions, e.g. companies or schools, pay for access to the Services for a number of End Users.

“End Users”: The Customer’s end user making use of the Services.   

“Authorized User”: A physical person in- or outside Customer’s organization, that Customer has authorized. 

“Confidential Information”: includes but is not limited to trade-secrets, know-how, and any other information that a reasonable person would deem confidential.

“Personal Data”: Any data and information relating to an identified or identifiable living individual person as defined under Data Protection Laws. 

Agreement 

This Agreement shall apply to all Customer’s use of the Services. 

The Services are provided as a subscription, not sold, by Supplier to Customer, and nothing in this Agreement will be interpreted or construed as a sale or purchase of software.

The Parties are independent contractors. This Agreement does not create a partnership, franchise, joint-venture or other relationship not explicitly stated in this Agreement.

Use right 

Subject to the terms and conditions in this Agreement, Supplier hereby grants to Customer a non-exclusive, non-transferrable, non-assignable, revocable and worldwide right to access and use the Services as intended by Supplier.

This use right is only applied to Authorized Users and End-Users enrolled in Customers subscription plan, and only for purposes within Customers internal business operations, i.e. not for the benefit of any other person or entity.

Intended Use 

Customer is solely responsible for ensuring that Customer’s Authorized Users and End Users only use the Services for the intended purpose, cf. the Service Description. 

Restrictions on Use 

Customer, Authorized Users and End Users may not reverse engineer, disassemble, decompile or in any way work around any technical limitations. Unless otherwise agreed, Customer may not rent, lease, lend, resell or in any way grant access to the Service to third parties except as expressly permitted in these terms and conditions. 

Customer, Authorized Users and End Users may not modify or create any derivative product(s) or services based on the Service and may not combine or integrate the Services with any hardware, software or other technology not permitted by Supplier.

Reselling 

A Reseller is defined as a Customer who redistributes the MapUs Service to Third Parties. A Reseller can either resell the Service with the Supplier’s brand or use Supplier’s Service to resell through Customer’s own brand. 

Any possible discounts applied to Reseller solutions apply only when the Customer has made an explicit written Reseller Agreement with Supplier. If the Customer only uses the Service internally, any Reseller discounts do not apply either. 

The Supplier’s brand name must always be visible when the Customer resells the Service, unless otherwise agreed. The Supplier’s brand name can be removed only by agreement with the Supplier, and against an annual monetary fee which will be added to the Customer’s annual subscription.

Legal Use 

Customer is solely responsible for ensuring that Customer’s  Authorized Users End Users use of the Services complies with the Agreement and all applicable legislation, including, but not limited to, privacy, employment law, and union rules. 

Intellectual Property 

Supplier and Customer agree that Supplier owns all rights, including, title, trademarks, copyright, and interests including all intellectual property rights to the Service and documentation. Supplier reserves to itself all rights to the Service not expressly granted to Customer in this Agreement. Supplier claims no intellectual property rights over the data and material the Customer, Authorized User or the  End Users enter into the Services.

Assignment 

Customer may not directly, or indirectly assign all or any part of this Agreement or Customer’s rights or obligations under this Agreement to a third party without Supplier’s written consent. Supplier may assign this Agreement in connection with a merger or change of control of Supplier, or the sale of all or substantially all of Supplier’s assets provided that any such successor agrees to fulfil its obligations pursuant to this Agreement.

Subscription Terms 

This Agreement shall come into force upon Customer’s acquisition of the Services. At the end of the Subscription Term, the subscription will be automatically renewed for an additional period, unless the Customer notifies Supplier in writing at least one (1) month before the end of the Subscription Term. The renewal term period shall be equal to the duration of the initial Subscription Term.

If Customer terminates the Agreement without justification before the end of the end of a Subscription Term, Supplier is entitled to full compensation for the remuneration due for the residual Subscription Term. There is no termination fee.

Payment Terms 

Customer will pay all amounts specified in the Agreement. All invoices are due for payment within 14 days.

Payment is charged in advance for the Subscription Term by the Customer’s preferred payment method. Customer authorizes Supplier to store the necessary payment details, and charge Customer until the Agreement is terminated. 

The Customer promises that the registration information, payment details and any other information that the Customer submits to the Supplier is true, accurate and complete and the Customer agrees to keep it that way at all times. 

If payment is declined or for any reason insufficient, Supplier reserves the right to suspend the Service, or provide the Service and charge interest on any overdue balances for the period from the date on which payment became due, until the date on which payment is made. The interest rate is equivalent to the rates stated in the Danish Interest Act (currently 8%).

The Supplier may change the price for the Service at a month’s notice. The price change will be effective from the beginning of the next subscription period. The Customer’s continued use of the Services constitute the Customer’s acceptance of the price change. If the Customer does not agree with the price changes, the Customer has the right to reject the change by cancelling the subscription into a minimum of 30 days’ notice as from the date on which the price change comes into force.

Force Majeure 

Neither Party shall be liable for any failure of or delay in the performance of this Agreement for the period that such failure or delay is due to causes beyond its reasonable control, including but not limited to acts of God, riots, war, terrorist act, epidemic, pandemic, quarantine, war, strikes or labour disputes, embargoes, government orders or any other Force Majeure event. No party is entitled to terminate this Agreement in such circumstances. 

If a party asserts Force Majeure as an excuse for failure to perform the parties’ obligation, the non performing party must prove that the party took reasonable steps to minimize delay or damages caused by foreseeable events, that the party substantially fulfilled all non-excused obligations, and that the other party was timely notified of the likelihood or actual occurrence of a Force Majeure event. 

Suspension 

Any use of the Service, in breach of this Agreement, including unintended or illegal use, or Customer’s failure to meet any obligations in this Agreement, may result in Supplier suspending the Service. If Supplier suspends the Service, the Customer shall be notified immediately and given an opportunity to remedy such violation. If the Customer is unable to remedy the violation within 14 calendar days, Supplier is entitled to terminate the Agreement.

Liability 

The Parties are not in any event liable for any direct, consequential or other indirect losses. Data losses are considered indirect losses. 

The above restrictions apply only if the loss is not attributable to gross negligence or willful conduct by the damaging party. The foregoing does not regulate the conditions concerning losses in connection to delay. 

The total liability shall in no event exceed the total fees paid to Supplier under this Agreement during the past 12 months. 

In the case that the Service is dependent on collecting information from the Customer or users in order to present suggested recommendations, the Supplier takes no responsibility for the Customer’s actions based on output from the Service. This includes, with no limitation, if such actions do not deliver correct or the expected results.  

Confidentiality 

Supplier and Customer are required not to disclose any Confidential Information that Supplier or Customer may have gained during the term of this Agreement.

Customer, Authorized Users and End Users are obligated to keep confidential any ‘magic’ links provided by Supplier. The Customer shall be liable for any misuse of such links, regardless if such misuse is caused by the Customer, Authorized Users, End Users or a third party having obtained possession of the Customer’s, Authorized Users’ or End-Users’ link. 

The Customer must promptly notify the Supplier about any possible misuse of the Customer’s accounts, authentication or any security incident related to the Services.

Customer’s collection of data

Unless otherwise explicitly agreed in writing, the Customer is prohibited from collecting sensitive Personal Data from the End Users with the Services. Sensitive Personal Data includes, but is not limited to:

  • data concerning racial or ethnic origin, political opinions, religious or philosophical beliefs;
  • genetic data, biometric data for unique identification;
  • health-related data;
  • trade-union affiliations;
  • data concerning a person’s sex life or sexual orientation 

 

The Customer is only allowed to collect non-sensitive Personal Data from End Users, which may include, but is not limited to, name, age, demographic details, gender, education, industry, job type. 

If the Customer collects, or wishes to collect, sensitive Personal Data using the Services, they must seek consent from both End users and Supplier prior to collecting such information. 

In the event that the Customer is granted permission to collect sensitive Personal Data, an additional security fee will be applied to the annual subscription to account for heightened security measures and increased responsibility associated with such data. The specific amount of the security fee will be communicated by the Supplier to the Customer.

Reference 

Unless otherwise agreed between the Parties, Supplier reserves the right to use Customer name and logos and Trademarks as a reference, and or case story on Supplier’s webpage and marketing materials.

Processing of Personal Data 

With regard to the processing of Personal Data, the Supplier only stores and handles the data the Customer reports in the transaction relation. Furthermore, the Supplier stores the Personal Data in accordance with the legislation to data protection. The Supplier is not controller of the Personal Data generated by the Customer’s use of the Service. The Customer is the controller and therefore retains ownership of all data submitted to the Services. Thus, the Customer also determines the purpose and means of the process of Personal Data. The Customer can appoint the Supplier as processor to process a certain amount of Personal Data on behalf of the Customer. In such case, the details of the Supplier’s process of data must be composed in a separate data processor agreement. 

Data Protection (Data Processing Agreement)

This data processor agreement must be used, if the Supplier as part of its delivery of the services as mentioned in the Agreement shall process personal data on behalf of the Customer, cf. Article 6 of the Regulation (EU) 2016/679 of European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”). If the Supplier is to process sensitive personal data on behalf of the Customer pursuant to Article 9 of the GDPR, the parties enter into a separate data processor agreement. 

Both parties shall meet the requirements of the GDPR and applicable data protection legislation. The Customer is responsible for ensuring that the processing of personal data takes place in compliance with the GDPR, including ensuring that the processing of personal data, which the Supplier is instructed to perform, has a legal basis. The Supplier shall process personal data only on documented instructions from the Customer. The documented instructions consist partly of the Agreement, so the Supplier can carry out such processing of the Customer’s personal data as is necessary to be able to provide the agreed services (the purpose of the processing), and partly of the subsequent separate documented instructions, which the Customer may provide to Supplier. If the Supplier is of the opinion that the Agreement or a separate instruction does not cover the Supplier’s processing of the Customer’s personal data, or that an instruction from the Customer will be in conflict with the GDPR or other applicable data protection legislation, Supplier must immediately notify the Customer thereof in writing. 

Both parties shall, on an ongoing basis, implement appropriate technical and organizational measures that comply with the requirements of Article 32 of the GDPR in order to ensure the protection of the data subjects’ rights. The Supplier must, at the request of the Customer, assist the Customer pursuant to Article 32 of the GDPR by, among other things, provide the Customer with sufficient information so the Customer can demonstrate compliance with the requirements of applicable data protection legislation, including that the above-mentioned technical and organizational security measures have been taken.

The Supplier ensures that the persons authorized to process personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality and that this can be demonstrated to the Customer. 

The Supplier shall meet the requirements specified in Article 28(2) and (4) GDPR in order to engage another processor (a sub-processor). The Supplier has the Customer’s general authorisation for the engagement of sub-processors. The Supplier shall inform the Customer in writing of any intended changes concerning the addition or replacement of sub-processors at least 60 days in advance, thereby giving the Customer the opportunity to object to such changes prior to the engagement of the concerned sub-processor(s). If the Supplier does not receive objections from the Customer within 30 days of receiving notification thereof, the Supplier is entitled to implement the change. The Supplier ensures that the sub-processor meets the requirements of Article 28 of the GDPR, and engage to enter into a sub-processor agreement with the sub-processor in question, which is subject to at least the same obligations as the Supplier has undertaken in this Agreement. Sub-processor agreement(s) and any subsequent changes thereto are sent – at the Customer’s request – in copy to the Customer. The Supplier shall be responsible that the sub-processor complies with the obligations to which the Supplier is subject pursuant to the clauses and the GDPR. Without the Customer’s prior written consent, the Supplier may not transfer the Customer’s personal data to countries outside the EU / EEA. When entering into the Agreement, the Supplier uses the following sub suppliers, which has been approved by the Customer:

Name

Server location

service

legal basis for transfer

DLX A/S

Denmark

Hosting

N/A

Mailgun Technologies

USA

E-mail provider

Standard contractual clauses

  

Taking into account the nature of the processing, Supplier shall assist the Customer by appropriate technical and organizational measures, insofar as this is possible, in the fulfilment of the Customer’s obligations to respond to requests for exercising the data subject’s rights laid down in Chapter III GDPR. The Supplier’s assistance will be invoiced according to time spent. The Supplier shall, furthermore, taking into account the nature of the processing and the information available to the Supplier, assist the Customer in ensuring compliance with the obligations under Article 32 – 36 of the GDPR. Supplier shall make available to the Customer all information necessary to demonstrate compliance with the obligations laid down in Article 28 and the clauses and allow for and contribute to audits, including inspections, conducted by the Customer or another auditor mandated by the Customer.

The Supplier shall comply with Article 33 of the GDPR and without undue delay notify the Customer after becoming aware that there has been a personal data breach. The notification to the Customer must take place no later than 24 hours after the Supplier has become aware of the breach. The notification shall contain at least the information referred to in Article 33 (3), litra a), b) and d) mentioned requirements for notification. These obligations apply regardless of whether the Supplier is responsible for the personal data breach. If Supplier or its sub-processors are not responsible for the breach, the Supplier’s assistance will be invoiced according to time spent. 

If the Customer does not instruct Supplier otherwise, the Supplier is entitled and obliged to delete the Customer’s personal data no longer than 3 months after the Agreement has been finally terminated. However, the obligations regarding the processing of personal data remain in force as long as the Supplier processes the Customer’s personal data. 

All matters relating to non-compliance, liability and compensation are regulated in the Agreement. 

Both parties shall keep records of processing activities referred to in Article 30 of the GDPR. If there are changes in the categories of personal data or categories of data subjects that the Supplier processes for the Customer, the Customer must immediately notify the Supplier thereof: 

categories of personal data

categories of data subjects

General personal data, including e-mail and name

End Users

Notices 

All written notices between the Parties shall be delivered by e-mail. 

Improvements or updates made to the Services

The Supplier may revise the Services from time to time to better reflect improvements or updates made to the Services. Supplier reserves the right to upgrade, modify, replace, or reconfigure the Service at any time upon at least 14 calendar days’ notice, for changes that significantly may affect the use of the Service. The Supplier reserves the right to change or disconnect parts of the Service from time to other based on an estimate. Any future release, update, or other addition to functionality of the Service shall be subject to these terms.

Accessibility and Uptime 

Supplier endeavours to ensure that the Service is available 24/7, however, Customer accepts that Supplier does not warrant that the Service will be uninterrupted or error-free. The Service is provided on an “as is” and “as available” basis, without any warranties to the fullest extent permitted by law.

The Customer can access the Service through the browser. With the exception of Internet Explorer, the Service supports all new versions of standard browsers on the large platforms. Internet Explorer 11 on Windows, Chrome and Firefox on Linux, and browsers that use older versions of WebKit, Blink or Gecko are not explicitly supported. However, the Service should also (in most cases) display and function correctly in these browsers.

Change of Terms

The Supplier may revise these Terms from time to time to better reflect: 

  1. changes by law, or 
  2. new regulatory requirements 


If an update affects the Customer’s legal rights as a user of the Services, the Supplier will notify the Customer prior to the update’s effective date by sending an email to the email address associated with the MapUs account or via an in-product notification. These will be effective no less than thirty (30) days from when the Supplier notifies the Customer.

Supplier does not generally make changes to the Terms and Conditions on request of the Customer, unless explicitly agreed between Supplier and Customer. In this case, the Supplier reserves the right to charge fees for additional consultancy and external legal assistance.

Severability 

Should any term or condition hereof be declared illegal or otherwise unenforceable, it shall be severed from the remainder of this Agreement without affecting the remaining sections.

Survivability 

The sections on confidentiality, liability, payment, reference, and dispute shall survive any termination of this Agreement.

Acceptance and Termination 

This Agreement is entered into by Customers electronic acceptance of these Agreement terms on Suppliers and is concluded upon Customers receipt of the confirmation e-mail from Supplier. The Agreement is valid until terminated by one of the parties in accordance with the applicable terms. 

Termination for cause In the event of a breach of this Agreement by either Party, the non-defaulting Party may give written notice of such default. If such notice is given, and the default is not cured within 30 business days following receipt of the notice, then this Agreement shall automatically terminate.  

Dispute 

Any dispute between Customer and Supplier must be settled under Danish law, with the exception of CISG, the District Court in Copenhagen as the agreed venue, with usual reference and appeal rights.