TRAXMATE MASTER AGREEMENT
THIS TRAXMATE MASTER AGREEMENT (“AGREEMENT”) GOVERNS YOUR TRIAL USE, PURCHASE AND USE OF TRAXMATE’S OFFERING(S).
YOU ARE ENTERING INTO THIS AGREEMENT ON BEHALF OF YOUR COMPANY, EMPLOYER, OR OTHER LEGAL ENTITY (“CUSTOMER”), AND YOU REPRESENT AND WARRANT YOU HAVE THE AUTHORITY TO DO SO. IF YOU DO NOT HAVE THE AUTHORITY TO ENTER INTO THIS AGREEMENT, OR IF YOU DO NOT ACCEPT THE TERMS OF THIS AGREEMENT, YOU MUST NOT USE THE TRAXMATE OFFERING(S).
1. DEFINITIONS
1.1 TRAXMATE: means the local TRAXMATE entity with which Customer is entering into this Agreement and/or the order form.
1.2 Affiliates: a legal entity that Customer directly or indirectly majority owns or controls through a majority interest.
1.3 Authorized Users: means Customer’s legal entity, its employees and independent contractors and/or its Affiliates or as otherwise defined in the SaaS Listing, that access and use the TRAXMATE Offering, provided they agree to be bound by terms and conditions no less restrictive than those contained in the Agreement and solely to the extent that they are acting on behalf of Customer or its Affiliates.
1.4 Authorized Use Limitation: means the limitation on usage of SaaS measured by billing metric specified on the order form and/or, the SaaS Listing.
1.5 TRAXMATE Offerings: means the TRAXMATE Software as a Service (“SaaS”), software (“Software”), hardware (“Hardware”), consulting services (“Services”), and/or education (“Education”).
1.6 Customer Data: means all information submitted, entered, or otherwise provided by Customer with regard to any TRAXMATE Offering.
1.7 Documentation: means any published technical manuals including any updates thereto, relating to the use of the TRAXMATE Offering made generally available by TRAXMATE through the TRAXMATE website or, in the case of Services, pursuant to a Services agreement.
1.8 Deliverables: means all results of Services provided to Customer pursuant to an order form.
1.9 Force Majeure Event: means an event that arises out of causes beyond a party’s reasonable control, including, without limitation, war, civil commotion, act of God, strike or other stoppage (whether partial or total) of labor, any law, decree, regulation or order of any government or governmental body (including any court or tribunal) and/or delays or outages caused by an internet service provider or independent (not a party’s subcontractor) hosting facility.
1.10 SaaS Listing: means the operating parameters and availability standards for the specific SaaS offering as published or made available by TRAXMATE.
2. GRANT OF RIGHTS AND RESTRICTIONS
2.1 Right to Use the TRAXMATE Offering. TRAXMATE grants to Customer a non-exclusive, non-transferable right for Customer and its Authorized Users to access and use the TRAXMATE Offering in accordance with this Agreement, the order form, and the Documentation. Upon the start of the subscription term, TRAXMATE will send an e-mail to Customer’s technical contact identified on the order form providing information to connect and access the SaaS.
2.2 Trial Use. Subject to the terms and conditions offered to Customer for trial use and the terms of this Agreement, Customer may access and use the SaaS on a trial basis, for the period stated in the applicable order form.
ANY ACCESS AND USE FOR TRIAL PURPOSES IS PROVIDED “AS IS” AND TRAXMATE PROVIDES NO SERVICE LEVEL AVAILABILITIES (SLAs), WARRANTIES, OR INDEMNIFICATION FOR SUCH TRIALS. ANY CUSTOMER DATA ENTERED OR CONFIGURATIONS OF THE SAAS DURING THE TRIAL PERIOD WILL NOT BE STORED OR AVAILABLE AFTER THE TRIAL PERIOD.
2.3 Service Level Availability. If provided, the targeted availability levels and any related remedies for a SaaS offering are as stated in the applicable SaaS Listing. The following events shall be excluded from the calculation of Service Level Availability: (i) Force Majeure Event; (ii) outages due to Scheduled Downtime; (iii) outages based on Customer networks, outages based on Customer suppliers networks, domain name server issues, or use not in accordance with the Documentation; (iv) outages based on cellular networks; and (v) outages to remedy a security vulnerability or as required by law.
3. FEES, DURATION, AND PAYMENT
3.1 Fees. The fees payable by Customer to TRAXMATE are stated in the applicable order form. TRAXMATE reserves the right to invoice Customer for any use of the TRAXMATE Offering in excess of the Authorized Use Limitation. Customer agrees that the purchase of any SaaS is not contingent on TRAXMATE providing any future features or functionality.
3.2 Services and Education Fees. TRAXMATE will provide the Services or Education as agreed in an order form. TRAXMATE will invoice expenses that are approved by Customer in accordance with the TRAXMATE expense policy, which may be provided to Customer upon request. The Services are to implement the pre-existing features and functions of the SaaS and do not include any customization or development activities. Payment of SaaS fees is not contingent upon Customer receiving the Services or Education. Any fees pre-paid for Education must be used within one (1) year from the effective date of the applicable order form, or shall expire thereafter and not be subject to any refund or credit.
3.3 Payment. Unless otherwise stated, payment is due within thirty (30) days from receipt of TRAXMATE’s invoice. Receipt is deemed to have occurred three (3) business days from posting. Any late payments will accrue charges at the rate of 1% of the outstanding balance per month, or the amount prescribed by law, whichever is lower. All fees listed in the order form are exclusive of any taxes. Customer agrees to pay any applicable VAT, GST, sales tax and any other applicable taxes in addition to the fees when such payments are due, excluding taxes on TRAXMATE’s net income.
3.4 Partners. In the event Customer orders a TRAXMATE Offering through an authorized TRAXMATE partner or reseller, this Agreement, excluding this Section 3 and SLA credits, shall apply to Customer’s use of the TRAXMATE Offering.
4. OWNERSHIP AND CONFIDENTIALITY
TRAXMATE owns all rights, titles, and interests to the TRAXMATE Offerings, Deliverables, and feedback provided by Customer, TRAXMATE intellectual property, and any modifications or derivatives thereof (“TRAXMATE Intellectual Property”). Customer and TRAXMATE agree that any Confidential Information that is exchanged will only be used for purposes relating to this Agreement and that it will be protected in the same manner that Customer, or TRAXMATE, would protect its own information of a similar nature, but in no less than reasonable means. Customer and TRAXMATE agree that Confidential Information means Customer Data, both parties’ intellectual property, and any other information that a reasonable person would deem to be confidential. Except where prohibited by law, the following is not considered Confidential Information: (i) information which has been authorized in writing to use without restriction; (ii) information which is rightfully in a party’s possession or becomes known to a party through proper means; and (iii) information which is independently developed without use or reference to the Confidential Information of the other party.
5. CUSTOMER DATA / SECURITY
5.1 Customer Data. Customer exclusively owns all rights, title, and interest in and to all Customer Data. Customer Data will be stored and processed in the data center region specified in the SaaS Listing. TRAXMATE shall not access Customer’s user accounts or Customer Data stored within such user accounts (“SaaS Customer Data”), except in response to SaaS or technical issues. TRAXMATE will collect, modify, and analyze metadata and/or operations data that does not contain any Customer Data, such as log files and transaction counts. TRAXMATE is not responsible for unauthorized access, alteration, theft, or destruction of Customer Data arising from Customer’s own or its Authorized Users’ actions or omissions in contravention of the Documentation. Customer’s ability to recover any lost data resulting from misconduct on the part of the Customer or TRAXMATE is limited to restoration by TRAXMATE from the most recent backup.
5.2 Access Control and Privilege Management. We restrict administrative access to subscriber production systems to operational personnel. We require such personnel to have unique IDs and associated cryptographic keys. These keys are used to authenticate and identify each person’s activities on our systems, including access to Customer Data. Upon hire, our operational personnel are assigned unique keys. Upon termination, these keys are revoked. Access rights and levels are based on the job function and role of our personnel, using the concepts of least privilege and need-to-know to match access privileges to defined responsibilities.
5.3 Transfer of Customer Data. If Customer transfers any personal data to TRAXMATE in connection with the SaaS, and/or provides TRAXMATE access to any SaaS Customer Data, then Customer warrants that (i) it is duly authorized to provide personal data to TRAXMATE and it does so lawfully in compliance with relevant legislation, (ii) TRAXMATE and its Affiliates or its subcontractors, acting on behalf of TRAXMATE, may use such data strictly for the purposes of performing its obligations under this Agreement, and (iii) TRAXMATE may disclose such data to any TRAXMATE entity and its subcontractors for this purpose. TRAXMATE and its affiliates have committed to comply with relevant data protection/privacy legislation, and personal data will be transferred in accordance with TRAXMATE’s statement and terms set out at https://traxmate.io/privacy-policy. Customer agrees not to provide any health, payment card, or similarly sensitive personal information that imposes specific data security obligations for the processing of such data unless it is a supported feature in the Documentation of the applicable SaaS offering.
5.4 Security. TRAXMATE will maintain and administer a security policy with physical and technical safeguards designed to protect the security, integrity, and confidentiality of the Customer Data. Security audits, as specified in the SaaS Listing, are conducted periodically to certify that security controls are in place and are being carried out. A copy of TRAXMATE’s annual audit reports and certifications is available on request. In the event that TRAXMATE has determined that a security breach will or is likely to cause harm to the Customer or an Authorized User, TRAXMATE will provide Customer with notice of the security breach as promptly as practicable but in no event later than five (5) working days. After initial notification, TRAXMATE will keep Customer updated on a regular basis and provide a reasonably detailed incident report which may include the steps taken by TRAXMATE to investigate the security breach and potential measures to be taken by the Customer to minimize potential damages. The parties understand and agree that TRAXMATE may be prevented by law, regulation, or a third-party arrangement from providing such notice(s) and/or reports within the above time frames.
6. CUSTOMER RESPONSIBILITIES
Customer shall not: (i) make SaaS available to any third party not authorized or as otherwise contemplated by this Agreement; (ii) send or store code that can harm or result in damage to SaaS (including but not limited to malicious code and malware); (iii) willfully interfere with or disrupt the integrity of SaaS or the data contained therein; (iv) attempt to gain unauthorized access to the SaaS or its related systems or networks; (v) use SaaS to provide services to third parties except as expressly permitted by the Agreement; (vi) use SaaS in order to cause harm, such as overload or create multiple agents for the purpose of disrupting operations of a third party; (vii) remove or modify any program markings or any notice of TRAXMATE’s or its licensors’ proprietary rights; (viii) perform or disclose any benchmark or performance tests on the SaaS; (ix) perform or disclose any of the following security testing of the SaaS environments or associated infrastructure: network discovery, port and service identification, vulnerability scanning, password cracking, remote access testing, penetration testing or any other test or procedure not authorized in the Documentation; or (x) use of the TRAXMATE Offering(s) as instructed, including ensuring TRAXMATE hardware is properly working and have been properly charged before usage. A breach by Customer of its obligations under this section shall be considered a material breach of the Agreement.
Customer is responsible for supplying Traxmate with (i) indoor maps of all floors in a format to be agreed upon; (ii) details about the existing WiFi network, i.e. mac addresses (BSSIDs) used for each access point, SSIDs, the physical location of the access point (floor map or latitude, longitude, and floor), transmitter output power (if other than standard +20dBm); and, if applicable, details of existing Bluetooth beacons (could be TV sets), i.e. mac address, name, UUID, major, minor, output power, broadcast rate and the physical location of the beacon (floor map or latitude, longitude and floor). All this data is required for the setup of the indoor positioning system and supplying correct data is vital for the accuracy of the positioning. Customer is during the duration of the Agreement responsible for notifying Traxmate with details of any changes in WiFi and Bluetooth infrastructure and any changes in building structure (modified maps).
Customer owns and is responsible for the usage of purchased Traxmate Devices; personal alarm devices (PADs) and asset tracking devices. This responsibility includes (i) keeping the devices properly charged before usage; (ii) verifying connectivity with the network and SaaS before usage; and (iii) checking hardware and performing tests regularly.
7. TERM AND TERMINATION
7.1 Term. This agreement may be terminated by either party upon providing a written notice of at least three (3) months in advance. The termination notice shall clearly state the intended date of termination. Any termination notice shall be delivered to the respective addresses as outlined in this agreement or to such addresses as either party may specify in writing.
7.2 Material Breach In case of a material breach of this Agreement by either Party not remedied within thirty (30) days from the other Party’s notice thereof, or in case either Party should pass a resolution, or any court should make an order, that such Party should be wound up or if a trustee in bankruptcy, liquidator, receiver, or manager on behalf of a creditor should be appointed or if circumstances should arise which would entitle the court or a creditor to issue a winding-up order or which prevent a Party from generally paying their financial obligations as they come due, the other Party shall have the right to terminate this Agreement with immediate effect.
7.3 Effect of Termination. In the event of an uncured material breach by TRAXMATE, Customer will be entitled to a refund of any pre-paid unused fees calculated against the remainder of the subscription term as of the effective date of such termination. The termination of SaaS under one order form shall not impact the validity of another TRAXMATE Offering or order form. If the Agreement is terminated by TRAXMATE in accordance with Section 8.1, the due dates of all invoices to be issued will be accelerated so that such invoices become due and payable on the effective date of termination. All rights granted under the Agreement will immediately terminate and each party will return or destroy all Confidential Information of the other party in its possession.
7.4 Surviving Provisions. The following provisions will survive and remain in effect after termination of the Agreement: Grant of Rights and Restrictions; Ownership and Confidentiality; Fees, Duration, and Payment; Term and Termination; Warranty Disclaimer; Limitation of Liability; General Provisions; and Definitions.
8. WARRANTY
TRAXMATE warrants that (i) SaaS will materially conform to the Documentation during the subscription term and (ii) any Deliverable will conform to the Services Documentation for a period of thirty (30) days from the date of delivery. If it is established that TRAXMATE has breached either of the above warranties, TRAXMATE will, at its option, (a) use reasonable efforts to cure the defect ; (b) replace the SaaS or Deliverable with SaaS or a Deliverable that materially conforms to the specifications in the Documentation or Services Document (as applicable); (c) in the event TRAXMATE, cannot, after commercially practicable attempts to do so, achieve the remedies in (a) or (b), where the breach relates to SaaS, TRAXMATE may terminate the subscription to the SaaS and provide a refund of pre-paid, unused fees calculated against the remainder of the subscription term as of the effective date of such termination, or where the breach relates to Services, the Customer will return the Deliverables and TRAXMATE shall refund the fees paid for the Deliverable. Customer must report the alleged breach of warranty with reasonable specificity in writing within thirty (30) days of its occurrence to benefit from this warranty and the remedies stated herein.
The indoor positioning accuracy performance largely depends on the density and availability of WiFi and Bluetooth infrastructure combined with correct data being supplied. The actual positioning is being made on best effort based on the available positioning model and TRAXMATE does not warrant any accuracy performance.
Traxmate does not, itself, offer warranties on Hardware. TRAXMATE passes through to Customer any manufacturer warranties.
THE ABOVE WARRANTIES ARE TRAXMATE’S ONLY WARRANTIES AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDIES FOR BREACH OF SUCH WARRANTIES. TO THE EXTENT PERMITTED BY LAW, NO OTHER WARRANTIES OR CONDITIONS, WHETHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THIRD-PARTY WARRANTIES, THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE MADE BY TRAXMATE. TRAXMATE DOES NOT WARRANT THAT THE SAAS OFFERED WILL MEET CUSTOMER’S REQUIREMENTS OR THAT USE OF THE SAAS WILL BE UNINTERRUPTED OR ERROR-FREE.
9. INDEMNIFICATION
9.1 Indemnification by TRAXMATE. TRAXMATE will indemnify, defend, and/or at its option, settle any third-party claims that the TRAXMATE Offering as used per the Documentation infringes or misappropriates any third-party valid patent, copyright, or trademark or illegally misappropriates a third party’s trade secret within the jurisdictions in which Customer is authorized to use the TRAXMATE Offering. TRAXMATE may, at its option and expense: (i) procure for Customer the right to continue to use the applicable TRAXMATE Offering; (ii) repair, modify, or replace the TRAXMATE Offering so that it is no longer infringing; or (iii) terminate the Agreement for the applicable TRAXMATE Offering upon thirty (30) days’ notice and in respect of SaaS, refund any unused prepaid fees calculated against the remainder of the subscription term as of the effective date of such termination and in respect of the Services provide a pro-rata refund of the fees paid for the Services or Deliverable(s) that caused such infringement.
9.2 Indemnification by Customer. Except to the extent prohibited by law, Customer shall indemnify, defend, and/or at its option, settle any third-party claims against TRAXMATE that Customer Data or Customer’s use of the TRAXMATE Offering is in breach of this Agreement, infringes or misappropriates any third party Intellectual Property rights within the jurisdictions in which Customer is using the SaaS, or violates applicable law, rules, directives or regulation.
9.3 Indemnity Conditions. Each party’s indemnification rights require: (i) prompt notice of any claim against the party seeking to be indemnified; (ii) except to the extent prohibited by law, the indemnifying party’s sole control of the defense or settlement, provided that any settlement the indemnifying party enters into releases the other party of all liability; and (iii) the party seeking to be indemnified provides reasonable assistance in the defense or settlement of such claim.
THE FOREGOING PROVISIONS STATE THE ENTIRE LIABILITY AND OBLIGATIONS OF EITHER PARTY REGARDING CLAIMS OF INFRINGMENT, AND THE EXCLUSIVE REMEDY TO EITHER PARTY WITH RESPECT TO ANY ACTUAL OR ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF ANY INTELLECTUAL PROPERTY OR OTHER PROPRIETARY RIGHTS.
10. LIMITATION OF LIABILITY
EXCEPT FOR BREACHES OF THE GRANTS OF RIGHTS AND RESTRICTIONS AND THE OWNERSHIP SECTION BY CUSTOMER, CONFIDENTIALITY BY EITHER PARTY OR EITHER PARTY’S INDEMNIFICATION OBLIGATIONS, (I) IN NO EVENT SHALL EITHER PARTY BE LIABLE TO THE OTHER PARTY OR ANY OTHER PARTY, WHETHER IN CONTRACT OR TORT, OR OTHERWISE FOR ANY INCIDENTAL, INDIRECT, PUNITIVE, EXEMPLARY, SPECIAL, CONSEQUENTIAL OR UNFORESEEABLE LOSS, DAMAGE OR EXPENSE, LOSS OF PROFITS, LOSS OF BUSINESS, LOSS OF OPPORTUNITY, LOSS OR CORRUPTION OF DATA, HOWEVER ARISING, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGES BEING INCURRED, AND (II) EACH PARTY’S LIABILITY TO THE OTHER UNDER THE AGREEMENT, FOR DAMAGES, LOSSES, OR LIABILITY FOR ANY CAUSE WHATSOEVER AND REGARDLESS OF THE FORM OF ACTION WHETHER CONTRACTUAL OR NON-CONTRACTUAL, SHALL BE LIMITED TO A MAXIMUM OF THE FEES PAID AND OWED FOR SAAS PROVIDED TO CUSTOMER DURING THE TWELVE (12) MONTHS PRECEDING THE CLAIM OR WHERE THE CLAIM RELATES TO SERVICES ONLY THE FEES PAID AND OWED FOR THE SERVICES GIVING RISE TO THE CLAIM. THE ABOVE LIMITATIONS WILL NOT LIMIT CUSTOMER’S OBLIGATION TO PAY IN ANY WAY.
11. GENERAL PROVISIONS
11.1 Notices. All notices under the Agreement must be in writing, addressed to the parties on the order form, and sent by pre-paid first-class mail/post. Notices will be deemed received by the party to whom the notice is addressed two (2) working days from posting.
11.2 Assignment. The Agreement may not be assigned by Customer without the prior written consent of TRAXMATE, such consent is not to be unreasonably withheld.
11.3 Export Requirements. Customer acknowledges that the TRAXMATE Offering(s) are subject to control under U.S. law, including the Export Administration Regulations (15 CFR 730-774), and agrees to comply with all applicable import and export laws and regulations. Customer agrees that the TRAXMATE Offering will not be exported, re-exported, or transferred in violation of U.S. law or used for any purpose connected with chemical, biological, or nuclear weapons or missile applications, nor be transferred or resold if Customer has knowledge or reason to know that the TRAXMATE Offering is intended or likely to be used for such purpose.
11.4 Interpretation and Relationship of the Parties. The relationship between TRAXMATE and Customer is strictly that of independent contractors. The validity, construction, and interpretation of the Agreement will be governed by the internal laws of the State of California, excluding its conflict of law provisions. If any provision of the Agreement is held to be contrary to law, then the remaining provisions of the Agreement will remain in full force and effect. No delay or omission by either party to exercise any right or power it has under the Agreement will be construed as a waiver of such right or power. This Agreement, and any applicable exhibits or referenced documents represent the entire agreement between the parties and supersedes all prior communications, understandings, and agreements relating to the subject matter herein. No additional term or condition contained in Customer’s purchase order or similar document will apply and are expressly rejected by TRAXMATE.
11.5 Order of Precedence. In the event of a conflict among this Agreement, the SaaS Listing or applicable Documentation, and the order form, the order of precedence from highest to lowest shall be (i) the order form, (ii) SaaS Listing or applicable Documentation, and (iii) this Agreement.
Addendum A: Personal Data Assistance Agreement according to EU GDPR regulation
between
Personal Data Officer: “The Customer”
and
Personal Data Assistant: Traxmate AB
Organization Number: 559218-4864
Establishment Country: Sweden
“Personal data assistant” refers to Traxmate AB for the Traxmate Offerings. The person responsible for personal data refers to the Customer. Traxmate’s contact person for general questions about the agreement and Traxmate’s processing of personal data is reported on https://traxmate.io/privacy-policy/.
1 Introduction
1.1 Both Parties confirm that the undersigned have the authority to enter into this Personal Data Assistance Agreement (“Agreement”) which is an integral part of the service agreement (s) signed between the Parties (the “Service Agreement”). This Agreement regulates the Processing of Personal Data due to the Service Agreement in force at any given time.
1.2 Traxmate acts in accordance with the Traxmates Privacy Statement which is available at https://traxmate.io/privacy-policy/.
2 Definitions
2.1 The definition of Personal Data, Specific Categories of Personal Data (Personal Data), Processing of Personal Data, Registered, Personal Data Officer, and Personal Data Assistant is the same as that used in applicable data protection legislation, including the General Data Protection Regulation (GDPR), as contained in this Agreement and in Europe from May 25, 2018, and at any time applicable national supplementary legislation, together hereinafter referred to as “Existing Personal Data Act”.
2.2 In this appendix, the Personal Data Officer is referred to as “the Customer” or “the Party”, the Personal Data Assistant as “Traxmate” or “The Party” and collectively as the “Parties”.
3 Extent
3.1 The agreement regulates Traxmate’s Processing of Personal Data on behalf of the Customer and describes how Traxmate shall ensure data protection, through technical and organizational measures in accordance with Applicable Data Protection Act.
3.2 The purpose of Traxmate’s Processing of Personal Data on behalf of the Customer is to fulfill obligations under the Service Agreement.
3.3 This Agreement takes precedence over any conflicting provisions regarding the Processing of Personal Data in Service Contracts or in other agreements concluded between the Parties.
4 Traxmate’s obligations
4.1 Traxmate may only process Personal Information on behalf of and in accordance with the Customer’s documented instructions. By entering into this Agreement, the Customer instructs Traxmate to process Personal Data in the following manner: i) only in accordance with applicable law, ii) to fulfill all obligations under the Service Agreement, iii) as further specified by the Customer’s normal use of Traxmate’s services, and iv) the ways stated in this Agreement.
4.2 Traxmate has no reason to believe that there are laws that prevent Traxmate from following the instructions given above. Traxmate shall, after becoming aware of it, inform the Customer in cases where the Customer’s instructions or processing, in accordance with Traxmate, is in violation of applicable data protection legislation.
4.3 The categories of Registered and Personal Data covered by Processing in this Agreement are set forth in this document.
4.4 Traxmate shall ensure the confidentiality, integrity, and availability of Personal Data in accordance with the Applicable Personal Data Act. Traxmate shall implement systematic, organizational, and technical measures to ensure an appropriate level of security, taking into account the latest technology and implementation costs in relation to the risk involved in the Processing, and the type of Personal Data to be protected.
4.5 Traxmate shall assist the Customer in appropriate technical and organizational measures, as far as possible, taking into account the type of Treatment and the information available to Traxmate, in order to fulfill the Customer’s obligations under current data protection legislation regarding requests from Registered and general data protection pursuant to the Data Protection Regulation Article 32-36.
4.6 About the Customer need information about security measures, documentation, or other information on how Traxmate Processes Personal Information and such inquiries provide more information than the standard information provided by Traxmate to comply with applicable data protection Laws such as Personal Data Assistant, and that means more work for Traxmate, Traxmate may charge the Customer for such additional services.
4.7 Traxmate and its staff shall ensure the confidentiality of Personal Information Processed under this Agreement. This condition also applies after the Agreement has ceased to apply.
4.8 Traxmate shall, by promptly and without undue delay notifying the Customer, make it possible for the Customer to comply with the legal requirements that apply to information to relevant data protection authorities and Registered regarding personal data incidents.
4.9 Furthermore, Traxmate, to the extent practicable and lawful, notify the Customer of i) requests for disclosure of Personal Information received from a Registreradii) inquiries from authorities, such as the Police, regarding the disclosure of Personal Data
4.10 Traxmate may not respond directly to inquiries from Registered without the consent of the Customer. Traxmate may not disclose content regarding the Agreement to the Authority as the Police, including Personal Data, except for what is statutory, for example by court order or similar decision.
4.11 Traxmate does not control whether and how the Customer chooses to avail of any third-party integrations through the Traxmate API, via direct database connection, or the like. Responsibility for such integrations with third parties is the sole responsibility of the Customer. Traxmate is not responsible as Traxmate for any processing of Personal Data through such third-party integration.
5 Customer’s obligations
5.1 By signing this Agreement, Customer acknowledges that Customer:
- When using the Services provided by Traxmate under the Service Agreement, Processing Personal Data in accordance with the requirements of the applicable Data Protection Act has the legal basis to process and disclose the current Personal Data to Traxmate (including any subordinates used by Traxmate),
- is solely responsible for the correctness, integrity, content, reliability, and legality of the Personal Information provided to Traxmate,
- has fulfilled any and all mandatory requirements and obligations to notify or obtain from the relevant authorities for the processing of Personal Data,
- has fulfilled to provide relevant information to the Registered in respect of Processing of Personal Data in accordance with the Applicable Data Protection Act,
- agrees that Traxmate has provided guarantees regarding the implementation of technical and organizational security measures sufficient to protect the integrity of the Registrar and the Personal Data,
- the use of the Services provided by Traxmate under the Service Agreement does not transmit any sensitive Personal Data, or information relating to convictions in criminal proceedings and infringements of Traxmate. In the event of such a transfer, Traxmate cannot be held responsible for incorrect processing of these Sensitive Personal Data,
- shall maintain an updated record of the types and categories of Personal Data that this Processes.
6 Use of subordinates and data transfer
6.1 As part of the delivery of services to the Customer under the Service Agreement and this Agreement, Traxmate may use subcontractors in the role of subordinate. Such subordinates may be sister companies of Traxmate AB or external subcontractors (third parties) within or outside the EU. Traxmate shall ensure that subcontractors agree by agreement to assume responsibility corresponding to the obligations set out in this Agreement.
6.2 Current subcontractors with access to Personal Data are published on the Traxmates Privacy website https://traxmate.io/privacy-policy/ which through this Agreement has been accepted as subordinates of the Customer.
6.3 The Customer may at any time request a complete overview and more detailed information about the subcontractors involved in the delivery of the Service under the Service Agreement.
6.4 If the subcontractors are located outside the EU, Traxmate shall ensure that transmission takes place in accordance with Applicable Privacy Legislation. The Customer hereby grants Traxmate authorization and authority to secure appropriate legal grounds for the transfer of Personal Data outside the EU on the Customer’s assignment, for example by signing EU standard contract clauses on behalf of the Customer or transferring Personal Data in accordance with EU / US Privacy Shield.
6.5 The Customer shall be notified before any changes are made regarding subcontractors who process personal data. If a new subcontractor does not comply with the applicable data protection legislation and the subcontractor still does not comply with applicable data protection legislation, after Traxmate has been given reasonable time to ensure that the subcontractor complies with the regulations, the Customer can terminate the Agreement. Such termination may mean the right to terminate the Service Agreement, in whole or in part, according to the termination clauses contained in the respective Service Agreement. An important part of such assessments shall be to what extent the subcontractor’s Processing of Personal Data is a necessary part of the services provided under the Service Agreement. A change of subcontractor shall not in itself be regarded as a violation of the Service Agreement.
6.6 By signing this Agreement, the Customer accepts that Traxmate uses subcontractors in the manner described above.
7 Security
7.1 Traxmate is committed to providing a high level of security in its products and services. Traxmate provides the security level through organizational, technical, and physical security measures, in accordance with the information security requirements described in Article 32 of the Data Protection Regulation. The following measures are of particular importance in this regard:
- Classification of Personal Data to ensure the implementation of security measures that correspond to risk assessment.
- Evaluation of the use of encryption and pseudonymization as risk-reducing factors.
- Restrictions on access to Personal Information to those who need access to fulfill the obligations of this Agreement or Service Agreement.
- Use of systems that detect, restore, prevent, and report personal incidents.
- Implementation of safety assessments to assess the quality of current technical and organizational measures to protect Personal Data, taking into account the requirements of current data protection legislation.
8 Audit Rights
8.1 The Customer is entitled to carry out annual audits of Traxmate compliance with the terms of the Agreement. If the legislation so requires, the Customer may request revisions more often. When Traxmate AB’s services are multi-user environments, the Customer empowers Traxmate to, for security reasons, decide that audits should be performed by a neutral third-party auditor who selects Traxmate.
8.2. A qualified third-party auditor within the previous twelve months, and Traxmate confirms that there are no known significant changes in the actions under scrutiny, the Customer accepts this review report instead of requesting a new audit of actions that have already been reviewed.
8.3 If Customer does not accept Traxmate AB selected neutral third-party auditor, the Customer, together with Traxmate AB, may choose another neutral third-party auditor.
8.4 The Customer stands for any costs that arise in connection with requested audits. Traxmate help that exceeds the standard service provided by Traxmate and/or Traxmate’s subcontractors to comply with applicable data protection laws will be charged.
9 Duration and termination
9.1 This Agreement is valid as long as Traxmate Processes Personal Information on behalf of the Customer in accordance with the applicable Service Agreement.
9.2 The Agreement will automatically terminate when the Service Agreement expires. Upon termination of the Agreement, Traxmate will delete or return the Personal Data Processed on behalf of the Customer, in accordance with applicable clauses in each Service Agreement. Unless otherwise agreed in writing, the cost of such measures shall be based on;
i) hourly rate for Traxmate’s time and
ii) the complexity of the requested process.
9.3 Traxmate may retain Personal Data after the Agreement has terminated, to the extent required by law, with the same type of technical and organizational security measures described in this Agreement.
10 Responsibility
10.1 The responsibility for violating the terms of this agreement shall be governed by liability clauses in the respective Service Agreement between the Parties. This also applies to any infringements committed by Traxmate subcontractors.
11 Applicable law and jurisdiction
11.1 This Agreement is governed by the applicable law and the jurisdiction set forth in each Service Agreement between the Parties.
12 Categories of Personal Data and Registered
12.1 When Traxmate’s services allow the Customer to process arbitrary data within the services, it is not possible to generally report the categories of Registered and Personal Data covered by Processing. This information is the responsibility of the Customer to register.
12.2 The Customer may not transfer any Sensitive Personal Information to Traxmate. In the event of such a transfer, Traxmate cannot be held responsible for the incorrect processing of this Sensitive Personal Data. Sensitive Personal Data is defined in the applicable Personal Data Act, ie:
- racial or ethnic origin, political opinions, religious or philosophical beliefs,
- health information,
- details of a person’s sexual or sexual orientation,
- union membership,
- genetic data or biometric data to uniquely identify a natural person
12.3 Nor can the Customer transfer personal data relating to convictions in criminal cases and infringements.
13 Overview of current subcontractors
13.1 Current subcontractors to Traxmate who have access to the Customer’s Personal Data are reported on https://traxmate.io/privacy-policy/
c23-924 TRAXMATE-master-saas-agreement Rev A 231024