General terms and conditions
Last update January 2022
APPMIRAL BVBA, a company organised and existing under the laws of Belgium, having its registered office at 2800 Mechelen, Stationsstraat 100, registered with the Crossroads Bank of Enterprises under company number 0835.673.410 (hereinafter referred to as “APPMIRAL”), is a software firm specialized in the design, development and operation of software applications in the live event, festival and sport event business.
The client may be any natural person or legal entity which enters into a contractual relationship of whichever nature with APPMIRAL in connection with his or its trading, business, artisanal or professional activity (hereinafter referred to as the “Client”).
1.1 The conclusion of an agreement with APPMIRAL shall entail the full and unconditional acceptance of these Terms and Conditions.
2. Agreement & scope
2.1 The proposals of APPMIRAL shall be without obligation and shall not bind it as such. Offers shall be valid for a period of 30 (thirty) days following the date on which the offer was sent to the Client.
2.2 Orders from a Client not confirmed in writing by APPMIRAL shall not be binding for APPMIRAL.
2.3 An Agreement shall be concluded by and between APPMIRAL and the Client by the signing of an offer, in the form of a PROPOSAL, as Attachment 1 to these Terms and Conditions, incorporating these Terms and Conditions.
2.4 All proposals of APPMIRAL shall consist of a choice between one of the different software packages offered by APPMIRAL listed on the website www.appmiral.com. Changes to standard software packages are possible but will imply a revision of the price.
2.5 The Terms and Conditions contain the general contractual framework for the Services that may be provided by APPMIRAL to the Client with regard to the Product, consisting of:
- A right to use the Product (the “Product License”);
- A right to receive Services in relation to the Product.
2.6 Each Proposal mentions the specific terms agreed upon with regard to the relevant subject and applies in addition to these Terms and Conditions. In the event of a conflict or a conflict of interpretation between these Terms and Conditions and a Proposal, the terms and conditions of the latter will apply.
3. Set Up of the Product
3.1 APPMIRAL shall provide the set up and implementation of the Product to the Client, consisting of the design, development and delivery of the Product to the Client and submitting the Product to the store(s) (the “Set Up Services”).
3.2 APPMIRAL shall use all reasonable endeavours to ensure that the Set Up Services are provided in accordance with the timetable set out in the Proposal.
3.3 The Client acknowledges that a delay in the Client performing its obligations under these Terms and Conditions may result in a delay in the performance of the Set Up Services and APPMIRAL will not be liable to the Client in respect of any failure to meet the Set Up Services timetable to the extent that failure arises out of a delay in the Client performing its obligations.
4. Product license
4.1 Grant of license
APPMIRAL grants to the Client a non-exclusive and non-transferable right to use the Product during the Term, in accordance with these Terms and Conditions and for the Client’s own internal purposes and business operations exclusively.
4.2 Client restrictions
The Client may not:
- copy, translate, modify, adapt, decompile, disassemble, reverse engineer the Product in whole or in part, except as and to the extent specifically authorized by applicable law;
- create derivative works on the basis of the Product, modify the design of the databases that underlie the Product or perform Updates using update queries not supplied by APPMIRAL;
- transfer the Product as a whole or in parts to the IT-environment of third parties without the consent in writing of APPMIRAL;
- at any time deposit as security, assign, sub-license, sublease, sub-host, sell or give away control of any portion of the Product, without APPMIRAL’s written consent.
4.3 Title and Ownership
Nothing in these Terms and Conditions will create the transfer of title or (intellectual) property rights to the Product and related objects by APPMIRAL to the Client.
4.4 Protection & modifications
APPMIRAL is authorized to take technical measures to protect the Product against unauthorized use and/or copying.
APPMIRAL is authorized to replace or modify the source code of the Product in order to adjust it to the evolution of the Product
5.1 APPMIRAL and the Client may agree that APPMIRAL shall design, develop and implement a Customisation or Customisations in accordance with a specification and project plan agreed in writing by the parties in an additional SOW, at a revised price, based on the rate card in listed in Attachment 6.
5.2 All Intellectual Property Rights in the Customisations shall, as between the parties, be the exclusive property of APPMIRAL (unless the parties agree otherwise in writing).
5.3. The Client acknowledges and agrees that APPMIRAL is the only party who is allowed to design, develop and implement Customisations to the Platform.
6. Support Services
6.1 APPMIRAL shall provide the Support Services to the Client during the Term.
6.2 APPMIRAL shall provide the Support Services in accordance with the standards of skill and care on a best effort basis.
6.3 APPMIRAL shall provide the Support Services in accordance with Attachment 2.
6.4 APPMIRAL may suspend the provision of the Support Services if any amount due to be paid by the Client to APPMIRAL under the Terms and Conditions is overdue, and APPMIRAL has given to the Client at least 30 days’ written notice, following the amount becoming overdue, of its intention to suspend the Support Services on this basis.
7. Maintenance Services
7.1 APPMIRAL shall provide the Maintenance Services to the Client during the Term, at its sole discretion.
7.2 APPMIRAL shall provide the Maintenance Services with reasonable skill and care in accordance with Attachment 3.
7.3 APPMIRAL may suspend the provision of the Maintenance Services if any amount due to be paid by the Client to the APPMIRAL under the Terms and Conditions is overdue, and APPMIRAL has given to the Client at least 30 days’ written notice, following the amount becoming overdue, of its intention to suspend the Maintenance Services on this basis.
8.1 APPMIRAL shall maintain the availability of the Product to a sufficient level during the Term.
APPMIRAL shall provide the Services in relation to the availability of the Product with reasonable skill and care, in accordance with Attachment 4.
APPMIRAL may suspend the provision of the Services in this respect if any amount due to be paid by the Client to APPMIRAL under the Terms and Conditions is overdue, and APPMIRAL has given to the Client at least 30 days’ written notice, following the amount becoming overdue, of its intention to suspend the Services concerning the availability of the Product on this basis.
9. Client obligations
9.1 In order to respect the provision of Services under these Terms and Conditions, the Client will:
- make sure that the System Requirements (both software and hardware requirements) are met;
- provide the design assets and data required in a timely manner in order for APPMIRAL to provide the Services to the Client under the Terms and Conditions;
- grant its co-operation to the Set Up Services by providing all useful and requested information and timely approvals to APPMIRAL;
- provide reasonable assistance to APPMIRAL in diagnosing defects or any security issues relating to the Product;
- not request, permit or authorize anyone other than APPMIRAL to provide any Services in respect of the Product without the written authorization of/or as suggested by the latter.
9.2 If any data or other input required from the Client for the Set Up Services or for the provision of Support Services is not available to APPMIRAL or not available in good time or if the Client does not fulfil its obligations in any other way, APPMIRAL will be entitled to suspend the execution of Services under these Terms and Conditions and/or charge extra expenses in accordance with the then current rates of APPMIRAL as listed in Attachment 6, without prejudice to the possible means of termination in accordance with Clause 14.
10. Excluded matters
10.1 APPMIRAL will have no obligation to provide Services for:
- a Product that has been modified, repaired altered or merged with unauthorized software by the Client or third parties;
- use of the Product not in line with the reasonable instructions of APPMIRAL;
- use of the Product for a purpose for which it was not designed.
10.2 Any service which is provided by APPMIRAL as a result of any of the foregoing will be considered as additional Services out of scope and charged in accordance with the then current rates of APPMIRAL as listed in Attachment 6 or subject to the signing of an additional Proposal or SOW.
11.1 The Annual Fees for the Product license and Services provided under these Terms and Conditions are listed in the Proposal.
11.2 The cost for the development of new functionalities, development services in relation to integration with new Client systems will be charged separately to the Client in accordance with an additional SOW.
12. Payment terms & taxes
12.1 The Client agrees to pay all invoices issued by APPMIRAL under the Terms and Conditions upon approval of the relevant Proposal and/or SOW’s.
Except if explicitly agreed otherwise in the Proposal, APPMIRAL’s invoices must be paid by the Client within eight (8) calendar days, starting on the invoice date and to the account number as mentioned on the relevant invoice.
12.2 In case of any overdue payment, the relating invoice will, without prior notice of default, bear interest at the rate of 8% per month, as well as a contractual indemnity set at 10% of the total amount invoiced, with a minimum of € 300.
In addition, in case of any overdue payment:
- all other claims against the Client that are not yet due, will become due without prior notice;
- APPMIRAL can refuse to deliver any Services until the amount owed has been paid in full, including any interest and contractual indemnity due thereon;
- APPMIRAL can pursue any other remedies available under applicable law.
12.3 Unless explicitly agreed otherwise, all amounts are net of taxes. All taxes which are or may be levied in the future by a government authority in respect of the Services provided by APPMIRAL under these Terms and Conditions, will be borne by the Client.
13. Limited warranty
13.1 APPMIRAL warrants that the Product conforms in all material respects to the specifications as listed in the Proposal and/or SOW.
13.2 APPMIRAL provides no other warranty, whether express or implied, in relation to the Product, except for the mandatory legally provided warranties. In particular, APPMIRAL provides no warranties of any kind in relation to:
- the merchantability and/or fitness of the Product for a particular purpose;
- the compatibility of the Product with the software and/or the hardware of third parties;
- the expectation of the Client that the Product will satisfy or may be customized to satisfy all or any of Client’s specific requirements, except if explicitly agreed otherwise in writing;
- the uninterrupted or error-free use of the Product by the Client, regardless of whether such warranty would otherwise be imposed by contract, statute, course of dealing, custom and usage, or otherwise.
13.3 If APPMIRAL supplies or assists in supplying to the Client any hardware or non-APPMIRAL software during or after the Setup Services, the Client acknowledges that any warranty is provided solely by the relevant third party vendor, and not by APPMIRAL in whatever way. Hence, the Client will address any warranty or other claim directly to the relevant third party.
14. Term and Termination
14.1 The Agreement will commence on the Signature Date and will remain in force and effect for an initial period stipulated in the Proposal (the “Term”).
Subsequently the Term will be tacitly renewed for the same periods as the initial period, unless the Agreement is terminated by one of the Parties upon written notice to the other Party at the latest forty five (45) days before the end of the then current period.
14.2 Despite the above, the parties will be entitled, without prejudice to their other rights or remedies, to terminate the Agreement at any time and with immediate effect by notice by registered letter to the other party if (“Termination for cause”):
- said party is in breach of any of its obligations under the Agreement and either that breach is incapable of remedy or the concerning party has failed to remedy that breach within thirty (30) days after receiving written notice requiring it to do so; or
- a court order is made for the winding up of said party;
- an effective resolution is passed for the winding up of said party (other than for the purposes of amalgamation or reconstruction);
- said party has a receiver, manager, administrative receiver or administrator appointed in respect of it; or
- said party is unable to pay its debts as they fall due or its assets are worth less than its liabilities on a balance sheet basis.
Such immediate termination of the Agreement will automatically cause the immediate termination of the Proposal and any additional Proposals between the parties.
14.3 Upon early termination of the Agreement a) by APPMIRAL due to the Client’s breach or b) by the Client in breach of the Agreement, APPMIRAL may require the payment of damages proportionate to the remaining Fees, without prejudice to any other indemnity exceeding this amount.
14.4 Upon expiry or termination of the Agreement:
- the Client’s right to receive and use the Product and/or Services under the Agreement will cease automatically;
- each party will immediately return to the other all property and materials belonging to that party, including all Confidential Information;
- all amounts due from the Client to APPMIRAL hereunder will be paid immediately.
14.5 Any termination of the Agreement will not affect any accrued rights or liabilities of either party, nor will it affect the coming into force or the continuance in force of any provision of these Terms and Conditions which are expressly, or by implication, intended to come into force or continue in force on or after termination.
15. Relationship between the parties
15.1 The relationship between the parties is that of independent contractors. Nothing in these Terms and Conditions will constitute, create or give effect to a joint venture, employer/employee relationship, partnership or other co-operative entity between the parties.
16. Limitation of liability
16.1 APPMIRAL will not be liable to the Client or any other party for any indirect or consequential economic losses or damages, including, but not limited to, loss of profits, loss of revenue, loss of data or loss of goodwill, howsoever arising out of or in connection with the performance of Services under these Terms and Conditions.
16.2 To the full extent permitted by applicable law, APPMIRAL’s total liability for direct damages to the Client in respect of these Terms and Conditions will not exceed the amount of the Fees paid by the Client for the last six (6) months, but never exceeding a total amount of EUR 25.000 (twenty five thousand Euros).
17. Intellectual Property Rights
17.1 All Intellectual Property Rights in either party’s materials, information or data provided by that party to the other party under these Terms and Conditions will be and remain vested in that party. The other party will have no rights in respect thereof save for any rights granted to it by that party under these Terms and Conditions.
17.2 All Intellectual Property Rights in the Product, the APPMIRAL trademark and all signs and logos used in the Product will be and remain vested in APPMIRAL at all times. The Client will have no rights in respect thereof save for any rights granted to it by APPMIRAL under these Terms and Conditions.
17.3 All Intellectual Property Rights created in the delivery of Services will, as between the Parties, be the exclusive property of APPMIRAL.
17.4 The Client acknowledges that APPMIRAL may make the result of any Services available to any of its other clients or any other third party.
17.5 APPMIRAL allows rebranding of the Product depending on the pricing tier selected, as stipulated in the SOW.
18. Indemnity for breach of third party rights
18.1 Without prejudice to Clause 16, APPMIRAL will indemnify the Client against any direct damages which may be awarded against it by an enforceable court decision, as a result of the Product being held to infringe an Intellectual Property Right of a third party, but only if:
- the Client notifies APPMIRAL promptly by e-mail, immediately confirmed by registered mail, upon learning that a claim might be asserted;
- APPMIRAL has sole control over the defense of the claim and of any negotiations for its settlement or compromise;
- the Client takes no action that is contrary to APPMIRAL’s interests.
18.2 If a claim, as described in this clause, may be or has been asserted, the Client will permit APPMIRAL, at the latters option and expense, to:
- procure the right to continue using the Product;
- replace or modify the Product to eliminate the infringement while providing functionally equivalent performance; or
- return the Product and refund to the Client a pro rata share of Fees that the Client has actually paid for the period that the Product is/was not usable.
18.3 APPMIRAL will have no indemnity obligation whatsoever to the Client under this clause if the Intellectual Property Rights infringement claim results from:
- a correction or modification of the Product not provided by APPMIRAL;
- the failure to promptly respond to suggested Updates or Upgrades which would resolve the infringement;
- the use of the Product by the Client in a manner not consistent with these Terms and Conditions or the reasonable instructions of APPMIRAL; or
- the combination of the Product with other software not agreed upon by APPMIRAL.
19.1 The parties acknowledge that they may become privy to Confidential Information which is disclosed by the other party.
19.2 The Receiving Party will keep all Confidential Information confidential. The Receiving Party will not disclose Confidential Information to any other person, and will not use Confidential Information for any purposes other than for the purposes of the Agreement. The Receiving Party will safeguard the Confidential Information to the same extent that it safeguards its own confidential and proprietary information and in any event with not less than a reasonable degree of protection.
19.3 The Receiving Party agrees to disclose Confidential Information only on a “need-to-know” basis to employees and independent contractors.
19.4 The Receiving Party agrees that before any of its subcontractors and/or agents may be given access to Confidential Information, each such subcontractor and/or agent will agree to be bound by a confidentiality undertaking comparable to these Terms and Conditions. Notwithstanding the return of any Confidential Information, the Receiving Party and its subcontractors and/or agents will continue to hold in confidence all Confidential Information, which obligation will survive any termination of the Agreement.
19.5 In the event the Receiving Party is requested or required to disclose, by court order or regulatory decision, any of the other party’s Confidential Information, the Receiving Party will provide the other party with prompt written notice so that the Disclosing Party may seek a protective order or other appropriate remedy and/or waive compliance with the provisions of these Terms and Conditions. The Receiving Party will furnish only that portion of the Confidential Information which is legally required.
19.6 Within ten (10) Business Days upon (i) the termination of the Agreement or (ii) the Disclosing Party’s reasonable earlier request at any time, the Receiving Party will destroy or return to the Disclosing Party (at its option) any and all of Disclosing Party’s Confidential Information, and will purge all copies and traces of the same from any storage location and/or media.
19.7 Confidential Information will not include any information that the Receiving Party can establish:
- prior to receipt from the Disclosing Party, was in the possession of or rightfully known by the Receiving Party without an obligation to maintain its confidentiality;
- at the time of use or disclosure by the Disclosing Party was generally known to the public without violation of these Terms and Conditions and not as a result of any action or inaction of the Receiving Party;
- is disclosed to the Receiving Party by a third party not in violation of any obligation of confidentiality; or
- is independently developed by the Receiving Party without the participation of employees or other individuals who have had access to Confidential Information of the Disclosing Party.
19.8 Any infringement by the Receiving Party of its confidentiality obligations will entitle the Disclosing Party to claim payment of a EUR 25,000.00 (Twenty Five Thousand Euros) lump sum, without prejudice to the Disclosing Party’s right to claim higher damages if the Disclosing Party can prove the existence of such higher damages.
20. Data Protection
20.1 Each party shall, at all times, comply with its respective obligations under the General Data Protection Regulation 2016/679, as amended, and any further implementation or replacement of that law (“Data Protection Legislation”). The word “Process” and the expression “Personal Data”, when used in this clause shall have the meaning assigned thereto in the Data Protection Legislation.
20.2 APPMIRAL shall process Personal Data provided to it pursuant to these Terms and Conditions and the Data Processing Addendum (Attachment 5) in accordance with the Data Protection Legislation.
21. Subcontracting and assignment
21.1 APPMIRAL will be entitled to use the services of subcontractors for the performance of any Services under these Terms and Conditions. In such case, APPMIRAL will remain liable towards the Client for the performance of these services.
21.2 Neither party will be entitled to assign any right or obligation under these Terms and Conditions without the prior written consent of the other party, which will not be unreasonably withheld or delayed.
22. Force majeure
22.1 If the performance of the Agreement by either party, or of any obligation thereunder (with the exception of payment obligations), is prevented, restricted or interfered with by reason of war, revolution, civil commotion, riot, fire, flood, disaster, acts of public enemies, blockade or embargo, strikes, any law, order, proclamation, regulation, ordinance, demand or requirement having a legal effect of any government or any judicial authority or representative of any such government, or any other act whatsoever, which is beyond the reasonable control of the party affected, such party will, upon giving prior written notice to the other party, be excused from such performance to the extent of such prevention, restriction, or interference, provided that the party so affected will use its best efforts to avoid or remove such causes of non-performances, and will continue performance thereunder with the utmost dispatch whenever such causes are removed; provided, however, that the non-excused party may terminate the Agreement if such non-performance continues uncured for thirty (30) calendar days.
23.1 Compliance with laws and regulations
Both parties will, for their own accounts, comply with the laws and regulations of the public authorities relating to these Terms and Conditions and pay all fees or other expenses in this respect.
The failure of either party at any time to insist upon strict performance of any of the provisions under these Terms and Conditions will not be deemed a waiver of its right at any time thereafter to insist upon strict performance.
All notices, demands or consents required or permitted under these Terms and Conditions will be in writing. Notice will be sent to the parties at the addresses set forth on the SOW, or at such other address as will be given by either party to the other in writing.
Section headings used herein are for reference only and will not be used to construe the provisions of these Terms and Conditions. The plural will be deemed to include the singular, and the singular will be deemed to include the plural.
23.5 English language
All communications by APPMIRAL under these Terms and Conditions, will be in English.
23.6 Applicable law and jurisdiction
The Agreement and these Terms and Conditions will be governed by and construed under the laws of Belgium. Each party submits to the exclusive jurisdiction of the competent courts of Antwerp for the purposes of any dispute arising hereunder.
24. Definitions and interpretation
For the purposes of these Terms and Conditions, the following terms will have the meanings specified or referred to in this clause:
“Agreement” will mean the framework agreement between the parties consisting of the Proposal, these Terms and Conditions and the Attachments.
“Attachment” will mean any attachment to these Terms and Conditions, forming an integral part thereof.
“Bugs” will mean any mistake, problem, or malfunction which causes an incorrect or inadequate functioning of the Product without such Incident being caused by third party interference or dependencies.
- “Major Bug” will mean a Bug which has a substantial impact on Client’s use of the Product, as listed in the APPMIRAL Service Level Agreement as incidents of severity High and Urgent;
- “Minor Bug” will mean a Bug which does not have any substantial impact on Client’s use of the Product, as listed in the APPMIRAL BASIC Support Services Agreement as incidents of severity Low and Medium.
“Business Day” will mean Monday through Friday, excluding public holidays in Belgium.
“Business Hours” will mean 9:00 a.m. – 5:00 p.m. on a Business Day in the Brussels timezone.
“Client” will mean the Party receiving the right to use the Product and Services of APPMIRAL as defined in the Proposal.
“Confidential Information” will mean any and all information that is disclosed (orally, in writing, by electronic delivery, or otherwise) by one party (“Disclosing Party”) to the other party (“Receiving Party”) prior to or during the term of the Agreement (or to which the Receiving Party otherwise gains access as a result of the Agreement) relating to the business of the Disclosing Party, including without limitation business plans and models, financial information, market research, Client and supplier information, proprietary software and methods, and information concerning proprietary inventions and technologies. The Product, Documentation and these Terms and Conditions, including the amount of fees to be paid hereunder, are agreed to be Confidential Information of APPMIRAL.
“Documentation” will mean any (a) publications relating to the use of the Product, such as reference manuals, user guides, systems administrator and technical guides; or any (b) written materials prepared by APPMIRAL describing the infrastructure setup, platform, software requirements or any technical specifications relating to the functionality of the Product, installation specifications, and other technical requirements specified for the operation of the Product, as made available by APPMIRAL to the Client.
“End users” will mean the people who actually have access to and use the Product. This may include, but is not limited to, the Client’s employees, (sub)contractors and other members of the Client’s workforce.
“Fees” will mean all fees – annual or one-off, related to the Services provided by APPMIRAL as agreed upon in the Proposal.
“Incident” , “error” or “defect” will mean that the operation of the Product deviates from the (expected) standard as provided for in the Proposal and any related Documentation.
“Intellectual Property Rights” will mean all patent rights, trademarks, designs and models, copyrights, softwarerights, rights in databases, proprietary rights in know-how, including trade secrets and other confidential information, and any other form of legally protectable intellectual or industrial property rights under any jurisdiction whatsoever.
“Payment Milestone” will mean a specific moment or event as defined in the Proposal, triggering the payment date of certain Fees.
“Product” will mean the APPMIRAL core product, which is a software application, with regard to festivals and more specifically one of the different packages offered by APPMIRAL, namely (i) improve, (ii) extend or (iii) augment, as listed in the Proposal.
“Product License” will mean a right to use the Product.
“Services” will mean any services that APPMIRAL provides to the Client under these Terms and Conditions.
- “Set Up Services” will mean, amongst others, set up, implementation and integration supplied by APPMIRAL to the Client with regard to the Product.
- “Maintenance services” will mean any services related to the maintenance of the Product.
- “Support Services” will mean any services related to the support of the Product.
“Signature Date” will mean the moment the Proposal is signed.
“Sign off” will mean the moment in which the Product, as it was deployed to production is accepted by the Client.
“Proposal” will mean an offer that includes all commercial aspects, also incorporating these Terms and Conditions, that may be signed between APPMIRAL and the Client.
“System Requirements” will mean, the minimum hardware and software requirements, including devices, operating system versions and general End User equipment requirements to run the Product, as listed in the Proposal and the Documentation, or notified otherwise by APPMIRAL to the Client.
“Term” will mean the initial period stipulated in the SOW.
“Terms and Conditions” will mean the general Terms and Conditions of APPMIRAL as set out herein and applying to all Proposals of APPMIRAL.
“Update” will mean a release of the Product which corrects faults and Bugs or otherwise amends the Product, but which does not constitute an Upgrade.
“Upgrade” will mean a new version of the Product, usually consisting of several bundled improvements, adjustments and reviews.
The titles and headings included in these Terms and Conditions are for convenience only and do not express in any way the intended understanding of the parties. They will not be taken into account in the interpretation of these Terms and Conditions.
The Attachments to the Terms and Conditions form an integral part thereof and any reference to the Terms and Conditions includes the Attachments and vice versa.
Attachment 1: Proposal
- Initial Period
- System Requirements
- Rebranding (level)
- Payment Milestones
- Specific conditions
Attachment 2: APPMIRAL support
1.1 APPMIRAL shall provide the Support Services to the Client during the Term on a best effort basis.
1.2 APPMIRAL shall provide the Support Services in accordance with the standards of skill and care reasonably expected from a leading service provider in APPMIRAL’s industry.
1.3 APPMIRAL may suspend the provision of the Support Services if any undisputed amount due to be paid by the Client to APPMIRAL under this Agreement is overdue, and APPMIRAL has given to the Client at least 30 days’ written notice, following the amount becoming overdue, of its intention to suspend the Support Services on this basis.
2. Provision of Support Services
2.1 The Support Services shall be provided remotely, save to the extent that the Parties agree otherwise in writing.
2.2 The Support Services shall be provided during Business Hours, on Business Days.
3. Limitations on Support Services
3.1 APPMIRAL shall have no obligation to provide Support Services in respect of any Incident caused by:
(a) the improper use of the Product by the Client; or
(b) any alteration to the Product made without the prior consent of APPMIRAL.
Attachment 3: APPMIRAL Maintenance Services
1.1 This Attachment 3 sets out the service applicable to the Maintenance Services.
2.1 APPMIRAL shall apply Updates to the Product as follows:
(a) third party security Updates shall be applied to the Product following release by the relevant third party, providing that APPMIRAL may -acting reasonably – decide not to apply any particular third party security Update;
(b) APPMIRAL’s security Updates shall be applied to the Product following the identification of the relevant security risk and the completion of the testing of the relevant Update; and
(c) other Updates shall be applied to the Product in accordance with any timetable notified by APPMIRAL to the Client.
3.1 APPMIRAL shall produce Upgrades at its sole discretion.
Attachment 4: Availability
1. Introduction to availability SLA
1.1 This Attachment 4 sets out APPMIRAL’s availability commitments relating to the Product.
1.2 In this Attachment 4, “uptime” means the percentage of time during a given period when the Product is available at the gateway between public internet and the network of the hosting services provider for the Product.
2.1 APPMIRAL shall use reasonable endeavours to ensure that the uptime for the Product is at least 99,5 % during each calendar month
3.1 Downtime caused directly or indirectly by any of the following shall not be considered when calculating whether APPMIRAL has met the uptime guarantee given in Clause 2.1 of this Attachment 4:
(a) a Force Majeure Event;
(b) a fault or failure of the internet or any public telecommunications network;
(c) a fault or failure of the Client’s computer systems or networks;
(d) any breach by the Client of these Terms and Conditions; or
(e) maintenance carried out in accordance with these Terms and Conditions; or
(f) outages or planned maintenance caused by third party (hosting) providers.
Attachment 5: Data Processing Addendum
This GDPR Data Processing Addendum (“DPA”) forms part of the Terms and Conditions of B.V.B.A. APPMIRAL, having its registered office at Stationsstraat 100, 2800 Mechelen, Belgium, registered in the Belgian Crossroad for Enterprises with number 0835.673.410 (hereinafter “APPMIRAL”) entered into by and between the Client and APPMIRAL (the “APPMIRAL Agreement”).
The purpose of this DPA is to reflect the parties’ agreement with regard to the processing of personal data in accordance with the requirements of Data Protection Laws as defined below.
In the course of providing services to the Client, APPMIRAL (the “Processor”) may process personal data on behalf of the Client (the “Controller”).
In this DPA, the following terms shall have the meanings set out below:
means (a) those Sub-processors set out in Annex 3 and (b) any additional Sub-processors consented to in writing by Controller in accordance with the Sub-processing section.
means any Data Processor (including any third party) appointed by APPMIRAL to process Controller Personal Data on behalf of the Controller.
“Process/Processing”, “Data Controller”, “Data Processor”, “Data Subject”,”Personal Data”,
“Special Categories of Personal Data”
and any further definition not included under this Agreement or the APPMIRAL Agreement shall have the same meaning as in EU General Data Protection Regulation 2016/679 of the European Parliament and of the Council (“GDPR”).
“Data Protection Laws”
means EU General Data Protection Regulation 2016/679 of the European Parliament and of the Council (“GDPR”) as well as any local data protection laws.
means the removal or destruction of Personal Data such that It cannot be recovered or reconstructed.
means the European Economic Area.
means any country outside EU/EEA, except where that country is the subject of a valid adequacy decision by the European Commission on the protection of Personal Data in Third Countries.
“Controller Personal Data”
means the data described in Annex 1 and any other Personal Data processed by APPMIRAL on behalf of the Controller pursuant to or in connection with the APPMIRAL Agreement.
“Personal Data Breach”
means a breach leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Controller Personal Data transmitted, stored or otherwise processed.
means the services supplied by APPMIRAL to the Controller pursuant to the agreement(s) in place between the parties.
means the products supplied by APPMIRAL to the Controller pursuant to the APPMIRAL Agreement .
“Standard Contractual Clauses”
means the standard contractual clauses for the transfer of personal data to Processors established in Third countries, as approved by the European Commission Decision 2010/87/EU, or any set of clauses approved by the European Commission which amends, replaces or supersedes these.
In the course of providing the Services and/or Deliverables to the Controller pursuant to the APPMIRAL Agreement, APPMIRAL may process Controller Personal Data on behalf of the Controller as per the terms of this DPA. APPMIRAL agrees to comply with the following provisions with respect to any Controller Personal Data.
To the extent required by applicable Data Protection Laws, APPMIRAL shall obtain and maintain all necessary licenses, authorizations and permits necessary to process Personal Data including the Controller Personal Data mentioned in Annex 1.
APPMIRAL shall maintain all the technical and organizational measures to comply with the requirements set forth in the DPA and its Annexes.
Processing of Controller Personal Data
APPMIRAL shall only process Controller Personal Data for the purposes of the APPMIRAL Agreement. APPMIRAL shall not process, transfer, modify, amend or alter the Controller Personal Data or disclose or permit the disclosure of the Controller Personal Data to any third party other than in accordance with Controller’s documented instructions, unless said processing is required by EU or Member State law to which APPMIRAL is subject.
APPMIRAL shall take all reasonable steps to ensure the reliability of any employee, agent or contractor who may have access to the Controller Personal Data, ensuring in each case that access is limited to those individuals who require access to the relevant Controller Personal Data.
APPMIRAL shall ensure that all individuals which have a duty to process Controller Personal Data:
- are informed of the confidential nature of the Controller Personal Data and are aware of APPMIRAL’ obligations under this Agreement and the APPMIRAL Agreement in relation to the Controller Personal Data;
- have undertaken appropriate training in relation to the Data Protection Laws;
- are subject to confidentiality undertakings or professional or statutory obligations of confidentiality; and
- are subject to user authentication and logon processes when accessing the Controller Personal Data in accordance with this Agreement, the APPMIRAL Agreement and the applicable Data Protection Laws
Personal Data Security
Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, APPMIRAL shall take all reasonable measures to implement appropriate technical and organizational measures (Annex 2) to ensure a level of Controller Personal Data security appropriate to the risk, including but not limited to:
pseudonymization and encryption;
the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
the ability to restore the availability and access to Controller Personal Data in a timely manner in the event of a physical or technical incident; and
a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the Processing.
In assessing the appropriate level of security, APPMIRAL shall take into account the risks that are presented by Processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Controller Personal Data transmitted, stored or otherwise processed.
The Controller acknowledges and expressly agrees that APPMIRAL may use third party Sub-processors for the provision of the Services as described in the APPMIRAL Agreement .
Any such Sub-processors that provide services for the Controller and thereto Process Personal Data will be permitted to Process Personal Data only to deliver the Services and will be prohibited from Processing such Personal Data for any other purpose.
APPMIRAL remains fully responsible for any such Sub-processor’s compliance with APPMIRAL’s contractual obligations, including the present Agreement. APPMIRAL will, prior to the entrusting of services to such Sub-processor, carry out any relevant due diligence on such Sub-processor to assess whether it is capable of providing the level of protection for the Personal Data as is required by this DPA, and provide evidence of such due diligence to the Controller where requested by the Controller or a regulator.
APPMIRAL will enter into written agreements with any such Sub-processor which contain obligations no less protective than those contained in this Agreement, including the obligations imposed by the Standard Contractual Clauses of the European Commission, as applicable.
APPMIRAL will make available to the Controller the current list of Sub-processors for the Services identified in Annex 3 to this Agreement. Such Sub-processors list will include the identities of those Sub-processors and their country of location. APPMIRAL will provide the Controller with a notification of a new Sub-processor before authorizing any new Sub-processor(s) to Process Personal Data in connection with the provision of the Services.
If the Controller objects to the use of a new Sub-processor that will be processing the Controller’s Personal Data, then the Controller will notify APPMIRAL in writing within twenty-one (21) calendar days after receipt of APPMIRAL’ written request to that effect. In such case, APPMIRAL will use reasonable efforts to change the affected Services or to recommend a commercially reasonable change to the Controller’s use of the affected Services to avoid the Processing of Personal Data by the Sub-processor concerned. If APPMIRAL is unable to make available or propose such change within sixty (60) calendar days, the Controller may terminate the relevant part of the contractual relationship between the Parties regarding those Services which cannot be provided by APPMIRAL without the use of the Sub-processor concerned. To that end, the Controller will provide written notice of termination that includes the reasonable motivation for non-approval
Data Subject Rights
Taking into account the nature of the Processing, APPMIRAL shall assist the Controller by implementing appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Controller’s obligation to respond to requests for exercising Data Subject rights as laid down in the Data Protection Laws.
APPMIRAL shall promptly notify the Controller if it receives a request from a Data Subject and/or competent authority under any applicable Data Protection Laws with respect to Controller Personal Data.
APPMIRAL shall cooperate as requested by the Controller to enable the Controller to comply with any exercise of rights by a Data Subject under any Data Protection Laws with respect to Controller Personal Data and comply with any assessment, enquiry, notice or investigation under any Data Protection Laws with respect to Controller Personal Data or this Agreement, which shall include:
- The provision of data requested by the Controller within a reasonable timescale specified by the Controller in each case, including details and copies of the complaint, communication or request and any Controller Personal Data it holds in relation to a Data Subject;
- Where applicable, providing such assistance as is reasonably requested by the Controller to enable the Controller to comply with the relevant request within the timescales prescribed by the Data Protection Laws;
- Implementing additional technical and organisational measures as may be reasonably required by the Controller to allow the Controller to respond effectively to relevant complaints, communications or requests.
It is however explicitly agreed between the Parties that any costs incurred by APPMIRAL for the services delivered in relation to the aforementioned assistance will be charged to the Controller at the then current hourly rate of APPMIRAL.
Personal Data Breach
APPMIRAL shall notify the Controller without undue delay and, in any case, within fourty-eight (48) hours upon becoming aware of or reasonably suspecting a Personal Data Breach. APPMIRAL will provide the Controller with sufficient information to allow the Controller to meet any obligations to report a Personal Data Breach under the Data Protection Laws.
Such notification shall:
- Describe the nature of the Personal Data Breach, the categories and numbers of Data Subjects concerned, and the categories and numbers of Personal Data records concerned;
- Communicate the name and contact details of APPMIRAL’ Privacy Officer or other relevant contact from whom more information may be obtained;
- Describe the estimated risk and the likely consequences of the Personal Data Breach; and
- Describe the measures taken or proposed to be taken to address the Personal Data Breach.
APPMIRAL shall without undue delay further investigate the Personal Data Breach and shall keep Controller informed of the progress of the investigation and take all reasonable steps to further minimize the impact. Both Parties agree to fully cooperate with such investigation.
In the event of a Personal Data Breach, APPMIRAL shall not inform any third party without first obtaining the Controller’s prior written consent, unless notification is required by EU or Member State law to which APPMIRAL is subject, in which case APPMIRAL shall, to the extent permitted by such law, inform the Controller of that legal requirement, provide a copy of the proposed notification and consider any comments made by the Controller before notifying the Personal Data Breach.
APPMIRAL’s obligation to report or respond to a Personal Data Breach is not and will not be construed as an acknowledgement by APPMIRAL of any fault or liability with respect to the Personal Data Breach.
Any costs incurred by APPMIRAL for the services delivered in relation to the fore mentioned assistance related to Personal Data Breaches caused by the Controller, will be charged to the Controller at the then current hourly rate of APPMIRAL.
Data Protection Impact Assessment and Prior Consultation
APPMIRAL shall provide reasonable assistance to the Controller with any data protection impact assessments which are required under Article 35 of GDPR and with any prior consultations to any supervisory authority of the Controller which are required under Article 36 of GDPR, in each case solely in relation to Processing of Controller Personal Data by APPMIRAL on behalf of the Controller and considering the nature of the processing and information available to APPMIRAL.
Any costs incurred by APPMIRAL for the services delivered in relation to the fore mentioned assistance will be charged to the Controller at the then current hourly rate of APPMIRAL.
Erasure or return of Controller Personal Data
APPMIRAL shall promptly and, in any event, within 90 (ninety) calendar days of the earlier of: (i) cessation of Processing of Controller Personal Data by APPMIRAL; or (ii) termination of the APPMIRAL Agreement, either:
- Return a complete copy of all Controller Personal Data to the Controller by secure file transfer and securely erase all other copies of Controller Personal Data Processed by APPMIRAL or any Authorised Sub-processor; or
- Securely wipe all copies of Controller Personal Data Processed by APPMIRAL or any Authorised Sub-processor, and in each case, provide a written certification to the Controller that it has complied fully with the requirements of section Erasure or Return of Controller Personal Data.
APPMIRAL may retain Controller Personal Data to the extent required by Union or Member State law, and only to the extent and for such period as required by Union or Member State law, and always provided that APPMIRAL shall ensure the confidentiality of all such Controller Personal Data and shall ensure that such Controller Personal Data is only Processed as necessary for the purpose(s) specified in the Union or Member State law requiring its storage and for no other purpose
Upon reasonable written notice in advance, APPMIRAL shall make available to the Controller all information necessary to demonstrate compliance with this Agreement and allow for, and contribute to audits, including inspections by the Controller or another auditor mandated by the Controller of any premises where the Processing of Controller Personal Data takes place.
APPMIRAL shall permit the Controller or another auditor mandated by the Controller to inspect, audit and copy any relevant records, processes and systems in order that the Controller may satisfy itself that the provisions of this Agreement are being complied with.
APPMIRAL shall immediately inform the Controller if, in its opinion, an instruction pursuant to this section infringes the Data Protection Laws.
International Transfers of Controller Personal Data
APPMIRAL shall not process Controller Personal Data nor permit any Authorised Sub-processor to process the Controller Personal Data in a Third Country, unless authorized in writing by Controller in advance, via an amendment to this Agreement.
When requested by Controller, APPMIRAL shall promptly enter into (or procure that any relevant Sub-processor of APPMIRAL enters into) an agreement with Controller including Standard Contractual Clauses and/or such variation as Data Protection Laws might require, in respect of any Processing of Controller Personal Data in a Third Country, which terms shall take precedence over those in this Agreement.
Controller shall comply with all applicable laws and regulations, including the Data Protection Laws.
Controller remains responsible for the lawfulness of the Processing of Controller Personal Data including, where required, obtaining the consent of Data Subjects to the Processing of his or her Personal Data.
Controller remains fully responsible for Personal Data Breaches caused by Controller’s actions or negligence.
With regard to the protection of the Data Subject’s rights pursuant to the applicable Data Protection Laws, Controller shall facilitate the exercise of Data Subject rights and shall ensure that adequate information is provided to Data Subjects about the Processing hereunder in a concise, transparent, intelligible and easily accessible form, using clear and plain language.
Controller shall take reasonable steps to keep Personal Data up to date to ensure the data are not inaccurate or incomplete with regard to the purposes for which they are collected.
With regard to components that Controller provides or controls, including but not limited to workstations connecting to the APPMIRAL IT-environment, data transfer mechanisms used and credentials issued to Controller personnel, Controller shall implement and maintain the required technical and organizational measures for data protection and will be solely liable for any damages caused by errors of the Controller in this respect.
Either party’s liability shall be limited, per contract year, to an amount of 25.000 EUR for direct damages.
Neither party shall be liable for any indirect or consequential damages, such as (but not limited to) loss of revenue, loss of profit, loss of opportunity, loss of goodwill and third-party claims.
No limitation of liability shall apply in case of fraud, wilful intent, death and physical injury resulting from a party’s negligence.
Subject to this section, the parties agree that this DPA and the Standard Contractual Clauses shall terminate automatically upon termination of the APPMIRAL Agreement.
This DPA shall be governed by the governing law of the APPMIRAL Agreement for so long as that governing law is the law of a Member State of the European Union.
With regard to the subject matter of this DPA, in the event of inconsistencies between the provisions of this DPA and any other agreements between the Parties, including but not limited to the APPMIRAL Agreement, the provisions of this DPA shall prevail with regard to the parties’ data protection obligations for Personal Data of a Data Subject from a Member State of the European Union.
Should any provision of this DPA be invalid or unenforceable, then the remainder of this DPA shall remain valid and in force. The invalid or unenforceable provision shall be either (i) amended as necessary to ensure its validity and enforceability, while preserving the parties’ intentions as closely as possible or, if this is not possible, (ii) construed in a manner as if the invalid or unenforceable part had never been contained therein.
ANNEX 1: DETAILS OF PROCESSING OF CONTROLLER PERSONAL DATA
This Annex 1 includes certain details of the Processing of Controller Personal Data as required by Article 28(3) GDPR.
- Data Subjects
- Categories of Personal Data
APPMIRAL may Process (a subset of) the following categories of Personal Data:
- Contact information (email, phone, …)
- Timetable preferences and favouriting behaviour
- Ticketing data & insights (if integrated)
- Location information (is the visitor currently present in a known site of the event – based on GeoFencing technology)
Purposes of Processing of Personal Data
Personal Data will be Processed for the purpose of:
- Execution of the Services under the APPMIRAL Agreement and/or any other agreement in place between the parties.
- Duration of the Processing of Controller Personal Data
Personal data will be Processed for the duration of any agreement in place between the parties.
ANNEX 2: TECHNICAL AND ORGANISATIONAL MEASURES
Organizational Security Controls
Organizational security controls shall include the following principles at a minimum.
APPMIRAL and APPMIRAL personnel shall Process Controller’ Personal Data, and access and use any networks, systems and/or computers managed by Controller, only on a need-to-know basis and only to the extent necessary to perform the Services under the DPA, the APPMIRAL Agreement and/or any agreement in place between the Parties.
Prior to providing access to any Controller’ Personal Data to any APPMIRAL personnel, APPMIRAL shall take reasonable steps to ensure continuing compliance of the level of security specified under this DPA by such APPMIRAL personnel. APPMIRAL personnel with access to Personal Data are subject to confidentiality obligations, and these are formally integrated into employment contracts.
APPMIRAL shall maintain information security policies and procedures consistent with the provisions of this DPA.
Ownership for Security and Data Protection: APPMIRAL has appointed one or more individuals responsible for coordinating and monitoring the security rules and procedures as well as data protection compliance.
Risk Management: APPMIRAL executes periodical risk assessments based on a formal risk management methodology.
APPMIRAL shall take reasonable measures to terminate physical and logical access to Controller’ Personal Data by APPMIRAL personnel no later than the date of separation or transfer to a role no longer requiring access to Controller’ Personal Data.
APPMIRAL maintains a selection process by which it evaluates the security, privacy and confidentiality practices of a Sub-processor in regard to data handling.
Technical Security Controls
Technical security controls on APPMIRAL information systems (any APPMIRAL systems and/or computers used to Process Controller’ Personal Data pursuant to the DPA) shall include the following principles at a minimum.
APPMIRAL shall use appropriately strong passwords consistent with technology industry practices, including minimum password length, lockout, expiration period and changing of default passwords.
APPMIRAL shall implement and maintain controls to detect and prevent unauthorized access, intrusions and computer viruses.
APPMIRAL shall maintain documented change management procedures that provide a consistent approach for controlling, implementing and documenting changes (including emergency changes) for APPMIRAL information systems.
Unless otherwise expressly agreed in the APPMIRAL Agreement, development and testing environments shall be physically and/or logically separated from production environments.
APPMIRAL shall maintain reasonable back-up and disaster recovery processes and procedures.
Workstations shall not be left authenticated when unattended and shall be password or PIN protected when not in use.
Personal Data on portable devices are encrypted.
APPMIRAL has procedures for securely disposing of media and printed materials that contain Personal Data.
APPMIRAL standardly encrypts, or provides the mechanisms to Controller to encrypt, Personal Data that is transmitted over public networks.
Event Logging: APPMIRAL logs access and use of its information systems containing Personal Data, registering the access ID, time and relevant activity.
Physical Security Controls
Physical security controls shall include the following principles at a minimum on all APPMIRAL facilities where Controller’ Personal Data may be Processed.
Physically secure perimeters and external entry points shall be suitably protected against unauthorized access. Access to all locations shall be limited to APPMIRAL Personnel and authorized visitors only. Reception areas shall be manned or have other means to control physical access.
Visitors shall be required to sign a visitor register.
ANNEX 3: AUTHORISED SUB-PROCESSORS
List of Approved Sub-processors as at the DPA effective date.
- Google LLC // 1600 Amphitheatre Parkway Mountain View, CA 94043 United States
– Performance Monitoring, Analytics
– Location: Worldwide Services
- Amazon Web Services EMEA SARL // 38 Avenue John F. Kennedy , L-1855 Luxembourg
– Server Infrastructure, Data Storage, Push Notification Services
– Location servers: European Region > EU-West-1 (Dublin, Ireland)
- Spotify USA Inc // 4 World Trade Center, 140 Greenwich Street, 62nd floor, NY 10007, New York
– Music Services
> optionally activated by the user on his own device
Location: Worldwide Services
- Crowd Connected Ltd. // Surrey Technology Center, Guildford, HU2 7YG, United Kingdom
– Location Intelligence
> optionally activated by the user on his own device
Location: European Region
- CM.com // Konijnenberg 30, 4825 BD Breda, The Netherlands
– Customer Data Platform (if integrated)
– Ticketing Data (if integrated)
Location: European Region
ANNEX 4: RATECARD
All Appmiral services will be charged at 800 EUR/day unless agreed by written notice.