3. Nothing herein is intended to prejudice Supplier's statutory data processing rights.
4. Customer acknowledges that Supplier may collect information (including personal data) about Customer and End Users ("Data Subjects"): (a) during the negotiation, conclusion and modification of the agreements it concludes with Data Subjects or with parties whom the Data Subjects represent (the information collected may include the data provided in such agreements, or for the purposes of negotiating, concluding or amending same); (b) when a Data Subject fills in forms via the Service, opens a User Account, subscribes to, or unsubscribes from, a Service Plan, creates or modifies a user profile, or enters or modifies other information associated with their User Account (the information thus provided); (c) when a Data Subject visits Supplier's website (the Data Subject's IP address, geographical location, session information, browsing behaviour, certain software and hardware attributes); (d) when a Data Subject downloads, installs, updates or uninstalls the Software, or accesses or uses the Service (the location, manner, means and duration of such activity as well as other information the Data Subject may provide); and (e) when otherwise knowingly made available to Supplier (the information the Data Subject provides). When visiting Supplier's website, "cookies" may be stored within the visitor's device.
5. Customer agrees and warrants to Supplier that End Users agree:
(a) to Supplier's processing of Customer Details and such other information as referenced in section 4 (collectively, "Data") for the purposes of (i) providing the Service, (ii) improving or otherwise modifying the Service and notifying Customer and other relevant Data Subjects thereof, (iii) customising the content and/or layout of Supplier's website or the Service for the particular visitor or user, (iv) replying to the Data Subjects' communications and contacting them, (v) performing Supplier's obligations towards the Data Subject, (vi) exercising and enforcing Supplier's rights, (vii) user statistics and other Service-related analyses;
(b) that Data may be processed in the country of their domicile as well as outside it, including in any member state of the Organisation for Economic Co-operation and Development (OECD) and any country participating in the European Economic Area (EEA);
(c) that Supplier will not disclose Customer Details to any third party besides the members of its corporate group, except when, to the extent, and to persons (i) expressly allowed by the Data Subject concerned, (ii) required by law, or (iii) necessary in order to perform Supplier's obligations under the Agreement, or its statutory obligations, or to exercise its legal rights, or defend against claims or other process.
6. Supplier represents that it has implemented and will continue to employ commercially reasonable measures to ensure that Customer Details are processed securely and in compliance with the applicable law.
7. Supplier has no obligation to monitor or access its customers' accounts, but may do so in cases where such action is reasonably justified (e.g., in order to prevent illegal or harmful activity, provide customer support, or perform its legal duties).
8. Supplier is neither the controller nor the processor (neither "chief", "responsible", "authorised", nor any other processor) of User Data and has no obligation whatsoever in connection with such data or the processing thereof. User Data is processed by registered Customers and any issue concerning such data or its processing should be taken up with the Customer in charge of the relevant workspace or other part of the User Environment.
9. Upon Customer's request, Supplier will grant Customer access to, or, at Supplier's option, provide Customer with a statement of, all Personal Data that Supplier maintains about Customer, unless such information is otherwise reasonably available to Customer or Supplier is legally prohibited from disclosing such records. If any such Personal Data prove to be incorrect or misleading, Customer is entitled to have same corrected, or, where Customer is able and authorised to modify such data, correct same on their own initiative. Registered Customers can access and correct certain of their Customer Details through the Service by visiting their personal profile page. For the avoidance of doubt, Customer acknowledges that this section only applies to "Personal Data that Supplier maintains about Customer", and that Supplier does not "maintain" any User Data (see section 8).
10. In all cases where Supplier is allowed to disclose Customer Details to third parties, it will, as far as possible, take reasonable measures to ensure that the person to whom disclosure is made grants the respective Data Subject rights that are substantially similar to those set forth herein with respect to the processing of such Customer Details (including the right to be informed about the data maintained on the Data Subject and the right to correct or have corrected incorrect or misleading information).
11. If a Data Subject participates in Supplier's mailing or similar programme, Supplier may use their Customer Details to send them information about products, services, promotions and events that Supplier believes may be of interest to them. Any subscription to any such programme may be cancelled at will.
12. Supplier may send registered Customers certain communications relating to the Service, such as (e.g.) service announcements and administrative messages, without offering such Customers the opportunity to opt out of receiving them.
Last revised: November 20, 2017