In this agreement, the following definitions relate to applicable legal provisions:
“(GDPR)” General Data Protection Regulation, REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27th of April 2016
“ Personal data ” , “ data subject ” , “ controller ” and “ processor ” shall have the same meanings as are assigned to those terms in the GDPR.
Also, in this agreement:
“ Agreement ” has the meaning set forth in the preamble.
“ Campaign ” means any communication sent by e-mail through the use of the Platform to any data subject in the Database.
“ Confidential Information ” means information in any form or medium (whether oral, written, electronic or other) disclosed to the other Party, and means any information that each Party to this Agreement considers confidential or proprietary, including, but not limited to, know-how, trade secrets, technology, records, intellectual property, legal, commercial or tax information, information pertaining to business operations and models, strategies, customers, pricing and marketing, performance, market research and analysis, software and databases, and the terms and existence of this Agreement.
“ Data User ” has the meaning set forth in the preamble; and means the Party which, as a data controller, determines that the Database shall be used, by the Data Processor, for the purposes of direct marketing campaigns, and determines which data contained in the Database shall be processed for that purpose. It shall be a joint controller together with the Data Owner, for these purposes set forth in this Agreement.
“ Data Processor ” has the meaning set forth in the preamble; and means the Party which, as a data processor, processes data contained in the Database on behalf and as instructed by the Data User, and for the Data User’s purposes only, through the technical means it has available on the Platform. It also processes the data within the instructions and limitations set by the Data Owner in a written agreement.
“ Data Protection Authority ” means the relevant national data protection authority competent for the enforcement of the data protection laws related to this Agreement.
“ Data Owner ” means the third-party which owns the Database disclosed to and used by the Data Processor through a written agreement, and which, as a data controller, determines that the Database shall be used for the purposes of direct marketing, which data contained in the Database shall be processed, which third-parties shall have access to the data and for how long the data shall be processed. It shall be a joint controller, for the purposes set forth in this Agreement, together with the Data User.
“ Database ” means the collection of any kind of information, in any forms or structure, which includes personal data, namely e-mail addresses of individual data subjects, and which is owned by third-parties to this Agreement, the Data Owners. It is a set of data that the Data Processor shall process on instructions given both by the Data Owners and the Data User.
“ Effective Date ” has the meaning set forth in the preamble.
“ Intellectual Property Rights ” means any and all registered and unregistered rights granted, applied for or otherwise now or hereafter in existence under or related to any patent, copyright, trademark, trade secret, database protection, sui generis right or other intellectual property rights laws, and all similar or equivalent rights or forms of protection, in any part of the world.
“ Link ” means a hyperlink, which is a reference to data (usually a website selected by the Data User) that the user or viewer of an e-mail can directly follow by clicking, and can be any element or content of the e-mail, such as, but not limited to, text, images or video.
“ Platform ” means the online web application, developed, owned and maintained by the Data Processor, which the Data User can access and use for the purposes of this Agreement. It is accessible through the following URL: https://asx.audienceserv.com/.
“Seeds” has the meaning set forth in the Monitoring Clause.
“ Services ” means all the services that the Data Processor is required to provide hereunder, related to the provision of access and use of the Platform for the purposes of sending direct e-mail marketing campaigns to the data subjects of the Database, which include all the features in the Platform.
“ Targets ” means the set of data subjects, whose data is contained in Databases, which is selected in the Platform, through a selection and combination of possible available criteria, by an active action of the Data User.
“ Unique Click ” means any number of clicks on any Link inside a Campaign e-mail, by a single recipient, made within one hour counted from the first click, which means that if several clicks happen in one single e-mail within one hour since the first click occurred, only one unique click will be considered.
“ Billable Unique Clicks ” means that Unique Clicks will only be billable if they occur within 30 days of the date each Campaign e-mail was sent.
“ User Account ” means the account registered within the Platform by the Data User in which the latter may enter, namely, identification, contact and billing details.
Any Party, third-party, or person referred to in this Agreement shall include its employees, officers and representatives.
1.1. The present Agreement enables the Data User to perform
e-mail marketing campaigns through the access and use of
the Data Processor’s Platform.
1.2. The Platform allows the Data User to select Targets and to create, manage and send customized Campaigns to those Targets.
2.1. PLATFORM ACCESS AND USE
The Data Processor shall provide the Data User with:
a) Private access to the Platform, upon prior registration of a User Account by the Data User;
b) The ability to send customizable e-mail marketing campaigns to the data subjects in the Database through the Platform.
2.2. E-MAIL CAMPAIGNS
2.2.1. The Data User can configure a Campaign to be sent,
with the options and criteria available in the
Platform. Namely it may be specified the desired
overall budget and the bid value per click to invest
in each Campaign.
2.2.2. Due to the nature of e-mail marketing, the Data User accepts that the selected overall budget shall be merely informative and that it shall not limit, in any case and under any circumstance, the amount due under the Schedule A (Payment).
2.2.3. The Data User accepts that all Campaigns sent using the Platform shall include, in each e-mail, a header and footer with legal, not commercial, information regarding the respective Data Owner.
3.1. USER ACCOUNT
3.1.1. As a prerequisite for the Data User to use the Platform, a User Account registration is necessary, through the procedures stated on the Platform’s website.
3.1.2. The Data User shall be responsible for keeping the login access information to the User Account, such as username and password, safe and confidential, not disclosing it to any third-party, providing that information to its employees, officers and representatives on a need-to-know basis, and avoiding its unauthorized access and use.
3.2.1. The Data User shall pay the Data Processor, in compensation for the Campaigns sent by e-mail through the Platform by the Data Processor, in accordance with the terms set forth in Schedule A (Payment and Invoicing).
3.2.2. The interest rate or other penalties applicable when the Customer is late on payments are defined in the Schedule A (Payment and Invoicing).
3.3. POLICIES AND TERMS OF SERVICE
3.3.1. When using the Platform and sending e-mail Campaigns to the data subjects of the Database, the Data User shall comply with the Schedule B (Acceptable Use Policy) attached hereto, as well as with any policies and terms available in the Platform.
3.3.2. The terms set forth herein specifically override any terms stating otherwise within the policies and terms available in the Platform.
3.3.3. Where this Agreement is silent the policies and terms in the Platform shall apply.
3.3.4. Notwithstanding the foregoing, the Data User must opt-in to the policies and terms presented in the Platform before use, stating it acknowledges its application.
4.1.1. The term of this Agreement commences as of the Effective Date and, unless terminated pursuant to any of the Agreement's express provisions, will continue in effect indefinitely.
4.1.2. The termination of this Agreement shall not prejudice the due payment for all Unique Clicks generated in the 30 days following the date of termination, which shall be invoiced by the Data Processor to the Data User in the terms of the Schedule A (Payment and Invoicing).
4.2. INACTIVE USER ACCOUNT
This Agreement terminates automatically after the Data User ceases to make use of the Platform for at least one year, without prejudice of other contractual, legal or tax obligations that, by its nature, should survive termination, such as any pending or due payment.
4.3. MUTUAL TERMINATION
Both Parties may mutually agree to terminate this Agreement, without the need to specify a motive, in a written and signed agreement, without prejudice of other contractual, legal or tax obligations that, by its nature, should survive termination, such as any pending or due payment.
4.4. UNILATERAL TERMINATION
Notwithstanding the foregoing, each Party may unilaterally terminate this Agreement, effective on written previous notice of 15 days to the other Party, without prejudice of other contractual, legal or tax obligations that, by its nature, should survive termination, such as any pending or due payment.
4.5.1. Either Party may terminate this Agreement, effective on written notice to the other Party, if the latter breaches this Agreement, without prejudice of the provisions set forth regarding the limitation and exclusion of liability and regarding force majeure, and such breach:
i) is incapable of cure, namely for its seriousness or repeatability;
ii) results of circumstances that makes it impossible or that seriously harms the purpose of this agreement;
iii) being capable of cure, remains uncured for 8 days after the non-breaching Party provides the breaching Party with written notice of such breach.
4.5.2. The written notice shall
be given within 8 of days after the Party with the respective right becomes aware of the breach.
4.5.3. Before terminating the Agreement based on breach, the Party shall notify the breaching Party, and the breaching Party has 30 days to justify the breach before full termination.
4.5.4. The Party with the right to terminate the Agreement must be able to prove the incapability of cure.
5.1. DATA PROTECTION COMPLIANCE
5.1.1 Both Parties shall comply with the laws and regulations applicable to the personal data processing activities, relevant to the purposes of the processing, to the Parties’ contractual roles and to the factual circumstances of the processing.
5.1.2 ASX-Audience Serv is aware of the implementation of the new General Data Protection Regulation (GDPR), REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27th of April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. In view of these changes, it wishes to work with clients who comply with the Regulation.
5.1.3 The Data User warrants that it is aware of the changes that the GDPR has implemented and that it acts in accordance with the legal requirements.
5.1.4 If the Data User is not fully compliant with the legislative amendment, it declares to ensure that it will follow all procedures so that on the date stipulated for the application of the new law, 25th of May of 2018, the Publisher will be compliant.
5.1.5 The Data User declares that it will formally inform ASX-Audience Serv of any non compliance, and that it will adopt all the legal requirements to solve the issue.
5.2. INFORMATION PROVISION TO THE DATA SUBJECT
Upon sending each Campaign, the Data Processor shall provide the data subjects with at least the following information:
a) The identity of the Data Owner and of its representative, if any;
b) The identity of the Data User and of its representative, if any;
c) That the reason for receiving direct marketing campaigns is based on their previously given consent to that effect (“ opt-in ” ) to the Data Owner for a specific Database;
d) The existence of the right to object to being targeted with direct marketing campaigns (“ opt-out ” ) from the Data User, and how to exercise that right.
5.3. DATA SUBJECT’S RIGHT TO OBJECT (OPT-OUT)
Upon sending each Campaign, the Data Processor shall provide the data subjects with an easy procedure for their exercise of the right to object to being send direct marketing campaigns, usually by making available, in each e-mail communication sent, an hyperlink that allows the data subject to opt-out (typically referred to as “ unsubscribe ” in the e-mails sent), directly through the Data Owner’s website.
5.4. LAWFULNESS AND PURPOSE LIMITATION
5.4.1. The Data User may use the Database solely for the purposes of sending direct marketing campaigns, and shall abstain from using the Database for any other purpose.
5.4.2. The Data User shall only send Campaigns which are within the scope of the consent of the data subjects in the Database.
6.1. The Data User agrees to the Data Processor’s disclosure to
the Data Owner of the identity of the Data User, and of
the contents of any e-mail marketing campaign sent
through the Platform to the Data Owner’s Database.
6.2. For the purposes of assessing compliance with data protection laws, and other legal requirements, of monitoring compliance with the terms of this Agreement, and to monitor abuse regarding the Schedule B (Acceptable Use Policy), the Data Owner may include, or may have included, in the Database addresses or contacts which it controls (“Seeds”), and the Data Processor may use any method for the analysis of fraud-related traffic count or clicks.
7.1. DATA PROCESSOR WARRANTIES
7.1.1. The Data Processor warrants the Data User, on behalf of the Data Owner, that the Database complies with the applicable laws and regulations applicable to the purposes of this Agreement, namely regarding the information provision obligations upon data collection and obtaining the relevant consent (“opt-in”) for third-party direct marketing.
7.1.2. The Data Processor warrants the Data User, on behalf of the Data Owner, that the Data Owner has performed the relevant notices and obtained the necessary authorizations from the competent Data Protection Authority.
7.1.3. The Data Processor shall not warrant the deliverability of any e-mail sent using the Platform.
7.2. DATA USER WARRANTIES
7.2.1. Regarding the use of the Platform and regarding any kind of communication sent by the Data User through the Platform, The Data User warrants the Data Processor that it shall comply with the Schedule B (Acceptable Use Policy) attached hereto.
7.2.2. The Data User warrants that it complies with all the relevant applicable laws and regulations, as well as with any legal requirement, related to privacy and data protection.
7.2.3. The Data User warrants the Data Processor that it shall comply with the applicable notification requirements to the Data Processor regarding the exercise by the data subject of any data protection rights, such as the right of access and the right to object.
8.1. DATA PROCESSOR LIABILITY
8.1.1. The Data Processor excludes its liability and, as such, the Data User shall hold the Data Processor harmless, related to the Platform, such as, but not limited to:
a) The unavailability of the Platform, for reasons of maintenance and support, updating or correcting errors, or for any other reason;
b) The incomplete, invalid or erroneous functioning of the Platform, or any other malfunction of the Platform or of any service or feature provided therein.
8.1.2. The Data Processor excludes any liability and, as such, the Data User shall hold the Data Processor harmless for:
a) Any issue arising of or related to the content of the Database or the data quality thereof, such as , but not limited to, invalid or erroneous data;
b) Any breach of data protection legal requirements which are of the responsibility of the Data User, as a data controller, within the purposes of this Agreement, such as any provision related to the data protection principles of the GDPR.
c) Any data breach, such as unauthorized use or disclosure, related to, or as a consequence of, the specific use of the Database or the Platform for the purposes described in this Agreement.
8.1.3. Because of the nature of the e-mail marketing and of the functioning of the internet, networks, servers and routers, the Data Processor excludes all liability for all delays of delivery, as well as for all non-deliveries, of any e-mail or Campaign sent through the Platform.
8.1.4. The Data Processor excludes its liability for its acts and omissions as well as for the acts of its employees, officers, representatives and subcontractors, other than the ones specifically provided herein, when the facts are a consequence of simple negligence.
8.1.5. The Data Processor excludes any liability related to the acts of the recipients of the Campaigns regarding the e-mailed Campaign contents and Links provided by the Data User, namely for connecting to unavailable or invalid websites.
8.2. DATA USER LIABILITY
8.2.1. The Data User shall be liable for the compliance of the data protection laws and requirements applicable to the direct marketing campaigns sent through the Platform.
8.2.2. The Data User shall be liable for the information provision stated in the Information Provision to the Data Subject Clause and the Schedule B (Acceptable Use Policy), and the Data User shall hold the Data Processor harmless for any damage or breach, legal or contractual, resulting from the non-provision of such information.
8.2.3. The Data User shall be liable for the content of the e-mails sent through the Platform, regarding any legal requirement or applicable law.
8.2.4. The Data User shall be liable to the data subjects and the Data Protection Authority, for the content of the e-mails sent through the Platform, in particular, for sending communications which are:
a) Outside the scope of the consent given by the data subjects;
b) Outside the purpose for which the data was collected.
8.2.5. The Data User shall be liable for breach of notification responsibilities to the Data Processor, namely regarding the exercise, related to the Database and to the communications sent through the Platform, by any data subject, of the rights of rectification, erasure, blocking, and the right to object, and, as such, liable for any fines or indemnities related to that breach.
8.2.6. The Data User shall be fully liable to the Data Processor for the breach of the Schedule B (Acceptable Use Policy), as well as for the infringement of any other policy or terms available in the Platform.
8.2.7. The Data User shall be liable for the infringement of the provisions on compensation, such as for breach of payment terms or for delays, as well as for any damages resulting from such breaches or delays.
8.2.8. If the Data Processor is required by any court, or any legal or administrative authority, such as the relevant Data Protection Authority, to pay fines or indemnities related to the Data User’s non-compliance mentioned in the previous clauses, the Data Processor shall have the right to obtain full redress from the Data User.
8.2.9. The Data User is fully liable to the Data Processor for the access and use, either authorized or not, of the Platform; the use of the Platform with the Data User’s User Account shall be deemed as an act or omission of the Data User, regardless of its authorized access or use.
8.2.10. The Data User shall be liable for any damage arising or related to delays in payment to the Data Processor.
8.2.11. The Data User is fully liable to the Data Processor, or any other third-party, for the acts of its employees, officers, representatives and subcontractors.
9.1. Where the Data User wishes to prevent a specific
Campaign to be sent to certain e-mail addresses the Data
User shall previously inform the Data Processor thereof.
9.2. For the aforementioned purpose, the Data User shall use the Platform to upload an electronic file containing a list of e-mail addresses to be suppressed from the list possible recipients of each specific Campaign (" Suppression List ").
9.3. The Suppression List file can be uploaded by the Data User using MD5 cryptographic hash function at the time of creation of each Campaign within the Platform.
9.4. The Data Processor shall not make use of the Suppression List provided by the Data User, in whole or in part, directly or indirectly, for purposes other than the ones specified herein.
9.5. The Data Processor ensures the Data User to have implemented the appropriate technical and organizational security measures to prevent the unauthorized access, disclosure or loss of data.
9.6. The Data User warrants and represents the Data Processor to hold the necessary ownership rights to the contents of the Suppression List, or to have the appropriate license, grant, representation or authorization required for the purposes set forth herein, and the Data User shall provide the Data Processor, on request of the latter and within 5 working days, with the necessary evidence thereof.
10.1. The provisions within this Agreement or the execution of
thereof shall not constitute, in any case or under any
circumstance, an authorization, transfer, transmission,
assignment or disclosure, of any kind, of Intellectual
Property Rights or any other proprietary rights to the
Database or the Platform.
10.2. The Data Owner is, and will remain, the sole and exclusive owner of all the rights, title and interest in and to the Database, including all Intellectual Property Rights therein.
10.3. The Data Processor is, and will remain, the sole and exclusive owner of all the rights, title and interest in and to the Platform, including all Intellectual Property Rights therein.
10.4. The Data Processor shall be the sole and exclusive owner of all the data and information generated or collected on or by the Platform through its access and usage.
11.1. In connection with this Agreement both Parties will, or
may, gain access to Confidential Information of the other
Party, and both Parties shall:
a) not access or use Confidential Information other than as strictly necessary to perform its obligations under and in accordance with this Agreement;
b) not to use any Confidential Information, directly or indirectly, in any manner to the detriment of either Party or to obtain any competitive benefit with respect to either Party; and
c) maintain all Confidential Information in strict confidence and not disclose or permit access to Confidential Information other than to its employees, officers, representatives and subcontractors, who shall:
a. have access to Confidential Information on a need-to-know basis;
b. be informed of the confidential nature of such information; and
c. be bound by written confidentiality and restricted use obligations at least as protective of the Confidential Information.
11.2. Both Parties shall ensure their employees, officers, representatives and subcontractors comply with the confidentiality obligations.
11.3. Each Party shall be liable for the noncompliance of the confidentiality obligations by each of its employees, officers, representatives and subcontractors.
The Data User concedes the Data Processor the right to reference and refer to its work for, and relationship with, the Data User for marketing and promotional purposes.
13.1. The features of the Platform, its functioning and
expressed within the Platform. The Data Processor
reserves the right to change the aforementioned at any
time, in the terms set forth in such terms and policies.
13.2. Upon any modification to those terms and policies, the Data Processor shall notify by e-mail the Data User of such changes.
13.3. The Data User shall have a period of 30 days to terminate this Agreement if it does not agree with such changes, without prejudice of the obligations under this Agreement that may survive termination. The silence of the Data User shall be deemed as acceptance of those changes.
13.4. Any modification to the clauses of this Agreement must be set in a writing signed by both Parties, describing the changes to be made, the effects of the changes, the Parties’ acceptance, as well as any other relevant information.
Except as otherwise expressly set forth in this Agreement, all written notices, requests, consents, claims, demands, waivers and other communications under this Agreement have binding legal effect only if in writing, through registered mail, and addressed to a Party to the addresses stated in the preamble, or other address communicated to the other Party. If not stated as a ‘written notice’ for any given clause, then the notice or notification is effective and binding through e-mail.
15.1. SEVERABILITY If any provisions of the present Agreement are held by a court of competent jurisdiction to be invalid under any applicable rule of law, regulation or statute, they are to that extent to be deemed omitted and the remaining provisions of this Agreement shall remain in full force and effect.
15.2. APPLICABLE LAW
15.2.1. The law applicable to this Agreement, to both Parties and their obligations, and to any conflict that may arise between the Parties, shall be the Portuguese Law, expressly excluding the applicability of any law of other country, without prejudice of the following clause.
15.2.2. The Data Processor, as an information society service provider established in Germany, is fully subjected to the German Law related to the provision of services, even if the services concerned are provided in other European Union country.
15.2.3. Since the Data User is the data controller, based on the terms of this Agreement and on the Data User’s factual influence regarding the purposes and means of processing of the personal data within the Database, regarding data protection laws and violations thereof by the Data User, the applicable national law may be the one of the establishment of the Data User, the [DATA USER’S NATIONALITY] law.
15.2.4. Namely, the applicable data protection law General Data Protection Regulation (GDPR), REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27th of April 2016
15.3. LAWYER FEES AND COURT COSTS
In the event that any action, suit, or other legal or administrative proceeding is instituted or commenced by either party hereto against the other party arising out of, or related to, this Agreement, the prevailing party shall be entitled to recover its actual attorneys' fees and court costs from the non-prevailing party.
Notwithstanding the foregoing, any legal suit, action or proceeding arising out of, or related to, this Agreement shall be instituted exclusively in the Portuguese courts in the jurisdiction of the city of Porto, with express exclusion of any other, without prejudice of the possibility of prior amicable settlement.
1. The Data User shall compensate the Data Processor for the
total amount of Billable Unique Clicks generated each
month using the Platform.
2. The Data Processor shall invoice the Data User the amount due by the Data User for the total Unique Clicks generated in the previous month.
3. The Data User shall pay the Data Processor within 30 days of the due date of the invoice sent by the latter.
4. It shall be applicable to any delay of due payments by the Data User the German commercial interest rate in force at the time of the delay.
5. The Data User shall pay the Data Processor by wire transfer to the Data Processor’s bank account indicated in the invoice.
6. All invoices sent to the Data User by the Data Processor shall reference due payments in Euros (€) and all payments due by the Data User shall be made in that same currency, unless otherwise expressly permitted by the Data Processor.
7. All the monetary values presented in the Platform do not include VAT tax.
1. The processing of personal data in the Database shall not
be outside the scope of the purposes set forth in this
Agreement, and the Data User shall comply with the
acceptable use terms set forth in this Schedule.
2. The use of the Database for the purposes described in the Agreement shall abide and comply, in any case and under any circumstance, with the applicable national and international laws and regulations, and it shall not infringe any right of the Parties, of the data subjects or of any third-party.
3. Any direct marketing e-mail sent by the Data User shall/should contain, in a clear and easy to understand manner:
a. The identification of the Data User, as an advertiser;
b. The indication of the advertising nature of the e-mail;
c. What and which are the promotional offerings, such as discounts, prizes and gifts, the competitions and other promotional games, as well as any conditions applicable to these.
4. Any direct marketing e-mail sent by the Data User must not connect, link or refer the user, recipient of such e-mail, to websites that do not comply with this Policy.
5. Any direct marketing e-mail sent by the Data User must not contain anything that may cause harm or damage to the data subject, to his property or his rights.
6. The Database shall not be used namely when it violates or infringes laws, regulations or rights, such as those related to, without limitation, data protection, unfair commercial practices, advertising, competition, consumer protection, intellectual property, criminal, constitutional and fundamental rights.
7. It is strictly forbidden to the User to send any Campaign or communications to the data subjects in the Database, through any medium, and in any format, which contain, promote, associates with, mentions, links or connects to any illegal, improper or not permitted information, data or content by this Agreement.
8. Following the mentioned in the previous number, it shall be considered illegal, improper or not permitted information, data or content, namely, but without limitation, when the communication or Campaign contains, promotes, associates with, mentions, links or connects to:
a. Defamation or libel;
b. Privacy and data protection violation;
c. Infringement of Intellectual Property Rights;
d. Discrimination, of any singular or collective person, of any kind, namely due to race, political or philosophical orientation, ethnic, religion, gender, sexual orientation, or any crime based on these;
e. Unsolicited communications;
f. Illegal substances or related paraphernalia;
g. Illegal gambling;
h. Pornography or child pornography, or related to any kind of violation of sexual self-determination rights;
i. Violence or threat to harm, physical or psychological;
j. Obscene language;
k. Illegal in the country of the Data User or of the data subject.
9. Notwithstanding the foregoing, the Data Processor on his own discretion or on behalf of and as instructed by the Data Owner, shall have the right to reject or cancel any Campaign or communication of the Data User, or any other third-party, at any time, without need to specify a motive.