iFax Terms of Use

effective as of 1st September, 2023

iFax´s Terms of Use explains the terms and conditions under which Users are able to use the iFax Platform and other services provided by iFax. Please read carefully this Terms of Use document and keep a copy of it for your reference.

BY REGISTERING FOR IFAX SERVICES USERS AGREE TO BE LEGALLY BOUND BY THE TERMS AND CONDITIONS STATED IN THIS DOCUMENT. USERS ARE ADVISED TO READ THESE TERMS CAREFULLY BEFORE USING OUR SERVICES AS THESE TERMS REPRESENT A BINDING CONTRACT WITH AMPLIFY VENTURES LIMITED, Suite 22 137-139 Brent Street, London, Greater London, NW4 4DJ, United Kingdom d/b/a iFax .IF YOU DO NOT AGREE WITH (OR CANNOT COMPLY WITH) THE TERMS AND CONDITIONS SET FORTH BELOW, DO NOT USE OR ACCESS OUR SERVICES.

  1. DEFINITIONS

    1. ‘Terms’ refers to the latest version of these Terms of Service document.

    2. ‘Site/Platform/App’ refers to the ‘iFax’ website or mobile phone applications available at www.ifaxapp.com

    3. ‘User/You’ refers to any person, downloading, visiting, using or in any other way interacting with the Platform/Site/App or its respectful Materials regardless of the activities taken.

    4. ‘We/Us’ refers to ‘Amplify Ventures Limited’, ‘iFax’, the App or the Site and their affiliates.

    5. ‘Privacy Policy’ refers to the Privacy Policy document governing the rules of collecting, using and storing information provided by the User. This document is available on the Site.

    6. ‘Outside sources’ refers to any application, website, natural or legal entity other than ‘Amplify Ventures Limited’, ‘iFax’, the App or the Site and their affiliates.

    7. ‘Materials’ refers to all images, text, audio and video data or any other information located on the App and the Site. Materials also refer to images, text, audio and video data or any other information located on any other place provided that there is information that said material originated from the App or the Site.

    8. ‘Services’ refers to all services offered through the usage of the Platform, the App or the Site including but not limited to sending and receiving faxes and obtaining fax phone numbers.

  2. GENERAL PROVISIONS

    1. These Terms govern the use of the App, the Site, the Platform and Materials. Insofar where Amplify Ventures Limited, registered in England and Wales (No. 10869185), Suite 22 137-139 Brent Street, London, England, NW44DJ, (“iFax”) is requested to process personally identifiable information about EU data subject on your behalf, such processing is regulated by our Data Processing Agreement ("DPA") attached herein as Addendum 1. DPA is executed together with these Terms and represents an integral part of the Terms.

    2. Terms apply to all Users regardless of the capacity, way, purpose or instruments used in accessing the App, the Site or Materials.

    3. By accessing the App or the Site you confirm that you have read, understood and agreed to be bound by these Terms, Privacy Policy, applicable laws, and other applicable internet policies. If you do not agree with any part or all of the Terms, you are forbidden to use the App, the Site and the Platform.

    4. If you do not comply with the Terms we reserve the right to cancel or terminate your access to the App, the Site, or any part thereof, or your user account. We can, in our sole discretion, suspend or terminate access to all or parts of the App and the Site and Services to any User, without prior notice or need to deliberate on reasons for such measure. We reserve the right to deny Services to anyone at any time.

    5. The Terms together with Privacy Policy represent a legally binding agreement between you and us.

  3. CONSENT

    1. By accessing the Site you confirm that you are at least 13 years of age, or at least of the age of legal consent in your jurisdiction. If you are younger than 13 you are able to access our Services provided that you have a guardian present. We may request proper and satisfactory proof of evidence to verify your age, identity, and capacity of your guardian.

    2. By using our Services, or by providing your information for other purposes, you confirm that you (i) have full legal capacity to enter into a binding relation, (ii) that you will provide true, accurate, and complete information where requested, and information which is otherwise compatible with these Terms, (iii) that you have available funds necessary for the requested Service, (iv) that you will not use Services contrary to these Terms or applicable laws.

    3. By allowing us access to your e-mail address, you agree that we may contact you using such contact information, for any matters relating to the Services (Service e-mails). These e-mails do not constitute “unsolicited commercial e-mail advertisements,” and you are not able to opt-out of receiving them. You may opt-in or subscribe to receive e-mails about content, promotions, special offers and or other topics of interest related to the iFax and our affiliates (Promotional emails). You may choose to stop receiving these promotional e-mails at any time by following the instructions contained in promotional e-mails.

  4. CHANGING OUR TERMS

    1. We reserve the right to update and change the Terms periodically without notifying the Users. The current version of the Terms is available on the Site indicating the effective date. Users are encouraged to periodically review Terms in order to stay informed on any changes.

    2. Users are bound by any changes to the Terms regardless of their knowledge about them, provided that changes were published and available for review.

  5. LICENSE, OWNERSHIP AND RULE OF CONDUCT

    1. Subject to your compliance with these Terms, we grant you a limited, non-exclusive, non-transferable, non-sublicensable license to download and use the App and to use the Site. Except as expressly permitted in these Terms, you may not: copy, modify or create derivative works based on the App and the Site; distribute, transfer, sublicense, lease, lend or rent the App or the Site to any third party; reverse engineer, decompile or disassemble the App or the Site; or make the functionality of the App or the Site available to multiple users through any means.

    2. All content on the App and the Site, including but not limited to text, images, video, information, applications, software, music, sound and other files are the property of iFax. Materials on the App and the Site are available for fair use to Users. Usage of the Materials is governed by appropriate laws of the state of California, USA. The Site is Copyright © 2018 iFaxapp.com, all rights reserved. The User must reference the Site, its respectful owners, and authors of the Materials where available if they are using Materials for non-commercial use. The user must obtain our written permission for usage of Materials for commercial purposes.

    3. Users are forbidden to misuse Services. A misuse constitutes any usage, access or interference with the App or the Site or Service contrary to Terms, Privacy Policy and applicable laws and regulations. We may suspend or stop providing a User with the Service should we find or suspect that Services are being misused. If any part of our Services is in violation of any laws in your country of residence, you agree not to use or access such Services.

    4. Any unauthorized use of the Service is expressly prohibited. You agree to abide by all applicable local, state, national and international laws and regulations and are solely responsible for all acts or omissions that occur under Your account or password, including the content of your transmissions through the Service. By way of example, and not as a limitation, you agree not to:

      1. Use the Service in connection with chain letters, junk email, pyramid schemes, illegal or unethical testimonials, cross soliciting, money games, spamming or any duplicative or unsolicited faxes (commercial or otherwise), including, without limitation, unsolicited faxes as set forth under the Privacy and Electronic Communications Regulations (PECR);

      2. Harvest or otherwise collect information about others, including email addresses or fax numbers, without their consent;

      3. Create a false identity or forged email, or otherwise attempt to mislead others as to the identity of the sender or the origin of the message;

      4. Transmit through the Service unlawful, harassing, libelous, abusive, threatening, harmful, vulgar, obscene or otherwise objectionable material of any kind or nature;

      5. Transmit any material that may infringe the intellectual property rights or other rights of third parties, including trademark, copyright or right of publicity;

      6. Libel, defame or slander any person, or infringe upon any person's privacy rights;

      7. Transmit any material that contains viruses, Trojan horses, worms, time bombs, cancel bots, or any other harmful or deleterious programs;

      8. Violate any local law regarding the transmission of technical data or software exported from your country through the Service;

      9. Interfere with or disrupt networks connected to the Service or violate the regulations, policies or procedures of such networks;

      10. Attempt to gain unauthorized access to the Service, other accounts, computer systems or networks connected to the Service, through password mining or any other means;

      11. Interfere with another Subscriber’s use and enjoyment of the Service or another entity's use and enjoyment of similar services;

      12. Engage in any other activity that we believe could subject it to criminal liability or civil penalty or judgment;

      13. Transmit unsolicited fax advertisements through the Service in violation of the Privacy and Electronic Communications Regulations (PECR). Faxing unsolicited fax advertisements is illegal under the PECR as well as in the European Union and other countries, states, and provinces. Distribution of unsolicited fax advertisements through the Service is prohibited and doing so will result in termination of your account; or

      14. Use the Service to fax-blast, or otherwise attempt to broadcast a single unsolicited document to many fax numbers at once, whether in violation or compliance with the PECR.

    5. We may at any time, at our sole discretion, revoke, replace or reassign any telephone number provided to the User.

    6. Due to the fact that iFax is only a facilitator of communication services, we may not guarantee or warrant that the content transmitted through the Services will not involve unsolicited commercial communication. You may occasionally receive unsolicited content. We will use our best effort to keep any unsolicited material from third parties to a bare minimum. By using our services you expressly agree and understand that you may receive unsolicited content.

    7. You agree that you will not harvest, collect, steal or otherwise keep a record of the phone numbers owned by the Platform, including temporary phone numbers assigned to you through the Service. You agree that you will not send faxes, either by broadcast or otherwise, including without limitation unsolicited fax advertisements in violation of federal law, to any number(s) owned by the Platform and that you have harvested, collected, stolen or otherwise kept in violation of this Agreement. YOU UNDERSTAND THAT WE ARE THE HOLDERS OF ALL TELEPHONE NUMBERS PROVIDED AS PART OF THE SERVICE AND, THEREFORE, WE HAVE CERTAIN RIGHTS WITH RESPECT TO THE NUMBERS. IN THE EVENT YOU VIOLATE THIS PROVISION, WE WILL PURSUE ALL LEGAL AND EQUITABLE REMEDIES, INCLUDING CIVIL AND CRIMINAL DAMAGES AND PENALTIES, DAMAGES FOR LOSS OF BUSINESS AND/OR USE, AND INJUNCTIVE RELIEF.

  6. REGISTRATION, SERVICES, AND BILLING

    1. REGISTRATION

      1. Some of the functionality of the Platform is only available to registered Users or users with an active subscription. If you choose to register on the Platform you are required to provide true, accurate, current and complete information about yourself as prompted by registration forms on the Platform. You agree to update your information should there be any changes, in order to keep registered information true, accurate, current and complete. If you provide information contrary to aforementioned conditions, we may deny you access to the Platform, the App, the Site, parts of it or our Services. We are not responsible for any failure in

        providing the Services which results from information that is not true, accurate, current, and complete. You are entirely responsible for maintaining the confidentiality of your password and account. Furthermore, you are entirely responsible for any and all activities that occur under your account. You are entirely responsible for all usage and activity on your account, including use of the account by a third party authorized by you to use your account.

      2. You agree to notify us immediately of any unauthorized use of your account or any other breach of security. Although we provide some encryption to protect certain personal information which is transmitted, you understand that your faxes may be intercepted and used, and that all the risk associated therewith is solely yours. You agree that we are the neutral host of the Service and have no responsibility or liability in relation to the faxes that you send or receive as part of your use of the Service. You shall remain solely responsible for the content of your faxes.

    2. SERVICES

      1. Full list of our services and pricing is available through the App and on the Site. Some service packages can be customisable. For custom plans and prices please contact us for more information. We reserve the right to change and update our prices and Service plans periodically at any time and without notification. All changes become effective from the day of publishing.

      2. By subscribing on our Platform you are able to use Services as described by the selected subscription plan.

      3. We may offer in some locations and at specific times as special promotion a 7 day free trial period for our Services. Upon expiry of the free trial period, if offered, we will automatically charge the appropriate service fee for the selected subscription package.

      4. After the expiry of trial period, use of Services is offered through a subscription based model. Full list of prices for subscription service is available in the App and on the Site.

      5. If you subscribe to our Services, subscription automatically renews unless auto-renew is turned off at least 24-hours before the end of the current period. Your account will be charged for renewal within 24-hours prior to the end of the current period, and identify the cost of the renewal. Subscriptions may be managed by the user and auto-renewal may be turned off by going to the user's Account Settings after purchase. No refund o f the current subscription is allowed during active subscription period.

    3. FAX STORAGE

      1. While your iFax account is active, sent and received fax messages will be stored and displayed in your account. You acknowledge that we may change our practices and limitations concerning storage of fax messages, including, without limitation, the maximum storage space that will be allotted on the servers on your behalf, at any time, as provided for herein. You further agree that this feature is provided as a convenience only for Subscribers and that we have no liability or responsibility whatsoever for the storage, deletion of, or failure to store any fax messages and/or other communications maintained and/or transmitted by the Service.

      2. All information stored on our servers is encrypted and guarded in accordance with our Privacy Policy. In case you lose the control of your account (for example you lose your device) you can remotely delete all faxes stored in the App and on the servers by contacting our customer support.

    4. DeveloperAPI

      1. We may offer you an API integration solution for accessing iFax services. API access is subject to license and acceptable use policy specified in these Terms. If API access is provided in your service package we will provide you with the documentation necessary for API integration and implementation as well as with limited setup support. You understand and agree that you will not use API services in a way which may cause excessive or unexpected burden on our servers. If you are not sure about the number or frequency of API calls which may be processed please contact our support team.

    5. BILLING

      1. You are able to pay for our services directly through the App, the Site and the Platform. Depending on the device you are using we may accept payments through different payment methods such as Google Wallet, iTunes, or PayPal.

      2. We may, at our own discretion, limit the number of available Services or refuse to provide the Service without the need to deliberate on the reasons for such action. We may especially refuse to accept your order if:

        1. The billing information you provided is incorrect, or invalid, or we are otherwise unable to process the payment,

        2. We suspect that order is fraudulent. We reserve the right to refuse any order which we, in our sole discretion, find to have been placed as a result of fraudulent activity,

        3. Your order is placed pursuant to previous credit card dispute.

      3. By subscribing for paid Services you authorize us or our payment provider to charge the amount of the Service fee, together with the applicable taxes including VAT, to your billing method provided without any further consent or instruction required. If there are any changes in the provided payment method you understand and agree to inform us on the changes and update the payment method. If we are not able to charge the payment method provided we reserve the right to collect due payments through other means or to terminate your account immediately.

    6. REFUND, CANCELATION AND WITHDRAWAL POLICY

      1. To the furthest extent under the law all payments for the iFax services are final and non-refundable. Subscription is paid in advance of each subscription period. No refund will be provided for discontinuation of the use of the Service prior to the expiry of the active subscription period.

      2. Except as otherwise provided for in the law or in this Agreement you may cancel your active subscription for any reason either by requesting cancelation from within the app or by contacting our customer support directly at support@ifaxapp.com. Cancelation of your subscription during the free trial period must be made at least 24 hours before the end of the trial and will take effect immediately after processing the cancelation request. After the free trial period has ended you may still cancel your subscription at any time in accordance with this Agreement, and such termination will take effect at the expiry of your current subscription period.

      3. At our sole discretion, we may decide that there are compelling reasons for awarding a refund. This may be in the event that the services were not available to you for a significant

        amount of time or that the services did not perform as advertised due to the cause that we could have reasonably avoided. If you are not satisfied with the Services received you may contact our customer support team with the process described earlier and request a refund. Refund is provided at our sole and exclusive discretion after assessing the reasons for refund. Refunds may be provided as a service credit.

      4. You understand and agree that the only withdrawal option is provided with the free trial period. Continuation of use of the Services upon expiry of the free trial period will constitute your acceptance of the Services and waiver of any withdrawal right.

    7. NUMBER PORTING

      1. We comply with the applicable communications regulation and allow Users to port their numbers to and from other service providers at any time and without charge. In the event that you decide to cancel your service with iFax and desire to port your number to a new provider, you will be required to contact them and request that they initiate the port. Upon written request from the recipient service provider and when the appropriate procedural conditions are met, we will transfer the number to the new service provider. For more information on how you can request number porting please contact us at support@ifaxapp.com

      2. If at any time during your use of our Services, iFax ceases it’s services, you will be given appropriate notice and the option to port your number to another service provider. If you do not port your number within the time stipulated, your number will be unable to be ported.

    8. FAX DURATION

      1. Pages whose duration is up to one minute are charged as one page. Pages whose duration is longer than one minute are charged by duration in six second increments at one-tenth of the per-page cost.

  7. CONFIDENTIAL INFORMATION

    1. Through use of the Service, You may have access to certain information that is confidential and proprietary (''Confidential Information''). You agree to protect all Confidential Information by using a reasonable degree of care to prevent the unauthorized use, dissemination, or publication of the Confidential Information.

    2. You agree that a breach of the confidentiality provisions of this Agreement will breach the security of the Service and thus would cause irreparable harm to the Platform for which no adequate remedy at law exists. You therefore agree that in addition to any other remedies available, we shall be entitled to injunctive relief to enforce the terms of this Agreement.

  8. THIRD - PARTY CONTENT

    1. We may provide Users with content belonging to the Outside Sources or links leading to the Outside Sources. We are not responsible for the content provided by the Outside Sources. Outside sources are not under our control, and they may have different terms of use and policies. The Site is not responsible for the availability and content of the Outside Sources.

  9. PRIVACY

    1. Please review our Privacy Policy to learn more about how we collect and use information about you via the Service.

  10. GOVERNING LAWS

    1. This Agreement shall be governed by and construed under English law, without regard to its conflict of law provisions, as applied to agreements entered into and to be performed in England by the England residents. You also agree and hereby submit to the non-exclusive

      jurisdiction of the courts of England and Wales, for the resolution of any conflict arising out of or in connection with these Terms, the Site, or the Service.

  11. INDEMNITY

    1. You will indemnify and hold harmless iFax, and its employees, from and against any claims, disputes, demands, liabilities, damages, losses, and costs and expenses, including, without limitation, reasonable legal and accounting fees arising out of or in any way connected with your access to or use of the Site and its Services, content which you provide, or your violation of these Terms.

  12. STATUTE OF LIMITATIONS

    1. You agree that regardless of any statute or law to the contrary, any claim or cause of action arising of or related to use of the App, the Site, Services or the Terms must be filed within one

      (1) year after such claim or cause of action arose or be forever barred.

  13. DISCLAIMER

    1. WARRANTY DISCLAIMER AND LIMITATION OF LIABILITY: TO THE FULLEST EXTENT PROVIDED BY LAW, THE APP, THE SITE AND SERVICES ARE PROVIDED "AS IS," WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF ACCURACY, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND/OR NON-INFRINGEMENT. NONE OF THE PARTIES INVOLVED IN CREATING, PRODUCING, AND/OR DELIVERING THE SERVICES, THE APP AND THE SITE ARE LIABLE FOR ANY DIRECT, INCIDENTAL, CONSEQUENTIAL, INDIRECT, OR PUNITIVE DAMAGES, OR ANY OTHER LOSSES, COSTS, OR EXPENSES OF ANY KIND WHICH MAY ARISE, DIRECTLY OR INDIRECTLY, THROUGH ACCESS TO, USE OF, OR BROWSING THE SITE OR THROUGH YOUR DOWNLOADING OF MATERIALS FROM THE SITE, INCLUDING BUT NOT LIMITED TO ANYTHING CAUSED BY BUGS, VIRUSES, OR ANY COMPUTER SYSTEM, HARDWARE, SOFTWARE, OR PROGRAM MALFUNCTIONS, OR ANY OTHER ERRORS, FAILURES, OR DELAYS. IN NO EVENT WILL IFAX OR ANY OF OUR AFFILIATES OR SERVICE PROVIDERS BE LIABLE FOR ANY LOST PROFITS, COST OF PROCUREMENT OF SUBSTITUTE PRODUCTS, OR ANY INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OF OR OF THE INABILITY TO USE ANY MATERIALS ON THE WEBSITE.

  14. FINAL PROVISIONS

    1. If any part of these Terms is found to be invalid, illegal or unenforceable in any respect, it will not affect the validity or enforceability of the remainder of the Terms.

  15. CONTACT

    1. If you have any questions, suggestions, or comments, you can address them to support@ifaxapp.com

Addendum1
Data Processing Agreement

Effective as of 05thof March 2020

  1. Preamble

    1. iFax Data Processing Agreement represents an addendum to the Terms of Service Agreement https://www.ifaxapp.com/terms. Under the European Union General Data Protection Regulation (GDPR), Amplify Ventures Limited, United Kingdom d/b/a iFax has a position of a ‘Processor’ and iFax’s users have a position of a ‘Controller’ regarding the personal data collected through the use of iFax services.

    2. Data Processing Agreement represents an integral part of the Terms of Service Agreement.

  2. Definitions

    1. The following definitions explain some of the terminology and abbreviations used throughout this addendum to the Terms and Conditions Agreement:

      DPA’ refers to this Data Processing Agreement. ‘Terms’ refers to the Terms of Service Agreement.

      Processor’ refers to Amplify Ventures Limited, United Kingdom d/b/a iFax. ‘Controller’ refers to the registered user of the iFax services.

      Processing’ refers to any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

      Data’ refers to information provided by Controller to the Processor, or collected by the Processor on behalf of the Controller, relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

      Data Subject’ refers to an identified or identifiable natural person to whom Data

      Data Breach’ refers to a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Data transmitted, stored or otherwise processed

  3. Processing

    1. Processor undertakes to process all Data in accordance with GDPR and other applicable laws, statutes and regulations.

    2. Processor may process the Data only in accordance with the Controller’s documented instructions. Instructions referred to herein are incorporated in the Terms of Service document. If the Controller wants to change the instructions for processing, they need to terminate the Terms of Service agreement and seek conclusion of the new one. The Processor may refuse to continue further processing of the Data if the Controller seeks to change the written instruction for processing.

    3. During the term of this DPA Controller shall remain the owner of the Data transferred to the Processor as well as the Data collected by the Processor on behalf of the Controller. Nothing in this DPA shall be understood to transfer the ownership of the Data to the Processor or any other Third-Party.

    4. Controller warrants that the Data is obtained in accordance with the applicable laws, statutes and regulations and that Processing which Controller requests does not violate any applicable law, statute or regulation.

    5. Data that the Processor shall process includes such Data which is requested by the Controller on a case by case basis and which is necessary to identify the Data subject and/or their authorization or capacity to represent a legal entity or other individual. Processor shall not process special categories of Data as defined in article 9. of the GDPR.

    6. Data may be processed within the duration of this DPA.

  4. Personnel

    1. The Processor shall ensure that all employees, contractors, and other persons operating under the authority of the Processor are bound by a strict confidentiality agreement prior to providing them with access to the Data.

    2. The Processor shall take steps to ensure that any person acting under the authority of the Processor who has access to the Data does not process them except on instructions from the Controller.

  5. Security

    1. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity

      for the rights and freedoms of Data Subjects, the Processor shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate:

      • the pseudonymization and encryption of the Data;

      • the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;

      • the ability to restore the availability and access to the Data in a timely manner in the event of a physical or technical incident;

      • a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.

    2. In assessing the appropriate level of security account shall be taken in particular of the risks that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to the Data transmitted, stored or otherwise processed.

  6. Sub-Processor

    1. The Controller hereby provides a general authorization to the Processor to engage sub processors as necessary for the provision of Services described in the Terms of Service document. The full list of sub processors is available upon request.

    2. Where the Processor engages another processor for carrying out specific processing activities on behalf of the Controller, the same Data protection obligations as set out in this DPA shall be imposed on that other processor by way of a contract or other legal act, providing sufficient guarantees to implement appropriate technical and organizational measures in such a manner that the processing will meet the requirements of the applicable laws, statutes and regulations. Where that other processor fails to fulfil its Data protection obligations, the Processor shall remain fully liable to the Controller for the performance of that other processor’s obligations.

  7. Data Subject rights

    1. Taking into account the nature of the processing, the Processor shall assist the Controller by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of the Controller’s obligations, as reasonably understood by the Controller, to respond to requests to exercise Data Subject rights under the GDPR.

    2. The Processor shall:

      • promptly notify the Controller if Processor or Sub-Processor receive a request from a Data Subject under GDPR or other applicable law, statute or regulation in respect of the Data; and

      • ensure that the Processor or Sub-Processor do not respond to that request except on the documented instructions of the Controller or as required by applicable laws to which the Processor or Sub-Processor is subject, in which case the Processor shall to the extent permitted by applicable laws inform the Controller of that legal requirement before the Processor or Sub-Processor respond to the request.

  8. Data Breach

    1. The Processor shall notify the Controller without undue delay after becoming aware of a Data Breach affecting the Data, providing the Controller with sufficient information to allow the Controller to meet any obligations to report or inform authorized authorities and Data Subjects where necessary of the Data Breach.

    2. The Processor shall co-operate with the Controller and take such reasonable commercial steps as are directed by the Controller to assist in the investigation, mitigation and remediation of each such Data Breach.

  9. Data Protection Impact Assessment and Prior Consultation

    1. The Processor shall provide reasonable assistance to the Controller with any Data protection impact assessments, and prior consultations with competent data privacy authorities, which the Controller reasonably considers to be required the GDPR or equivalent provisions of any other applicable law, in each case solely in relation to processing of the Data by, and considering the nature of the processing and information available to, the Processor.

  10. Deletion or return of the Data

    1. Subject to sections 10.2 and 10.3 the Processor and each Sub-Processor if any shall promptly and in any event within thirty (30) days of the date of cessation of any services involving the processing of the Data (the "Cessation Date"), delete and procure the deletion of all copies of those Data.

    2. Subject to section 10.3, the Controller may in its absolute discretion by written notice to the Processor within thirty (30) days of the Cessation Date require Processor and each Sub-Processor if any to return a complete copy of all Data to the Controller by secure file transfer in such format as is reasonably notified by the Controller to the Processor; and

    3. The Processor may retain the Data to the extent required by applicable laws and only to the extent and for such period as required by applicable laws and always provided that the Processor ensures the confidentiality of all such Data and ensures that such Data is only processed as necessary for the purpose(s) specified in the applicable laws requiring its storage and for no other purpose.

    4. The Processor shall provide written certification to the Controller that the Processor fully complied with this section 10 upon written request of the Controller issued after the expiry of the deadline from section 10.1.

  11. Audit rights

    1. Subject to provisions of this article 11 the Processor shall make available to the Controller on request all information necessary to demonstrate compliance with this DPA, and shall allow for and contribute to audits, including inspections, by the Controller or an auditor mandated by the Controller in relation to the processing of the Data. All costs of the audit shall be borne by the Controller and must be scheduled at least one month in advance. The Controller may commence audit only if they have provided a bond or security deposit that will serve to compensate any loss or damages that may be caused by the audit such as ceasing of providing the services or employee work hours spent on the audit. The amount of bond or security deposit shall be agreed beforehand with the Processor but in no event shall be less than 10.000$ USD considering the proportion between the data processed on behalf of the Controller and the number of customers the Processor has.

    2. Information and audit rights of the Controller only arise under section 11.1 to the extent that the Terms do not otherwise give them information and audit rights meeting the relevant requirements of the GDPR.

  12. Final provisions

    1. Any matter that is not regulated by this DPA shall be governed by the Terms or any Statement of Work or Order concluded or exchanged between the parties to this DPA.

    2. If any part of this DPA is found to be invalid, illegal or unenforceable in any respect, it will not affect the validity or enforceability of the remainder of the Terms.

    3. Any failure to exercise or enforce any right or the provision of this DPA shall not constitute a waiver of such right or provision.

    4. The section titles in the DPA are for convenience only and have no legal or contractual effect.