Terms of Service

Thank you for signing up for a subscription with MiLynk. (“MiLynk”, “we” or “us”). By placing an order, clicking to accept this Agreement, or using or accessing any MiLynk Service or related services, you agree to all the terms and conditions of this Terms of Service Agreement (“Agreement”). If you are using a MiLynk Service or related services on behalf of a company or other entity, then “Customer” or “you” means that entity, and you are binding that entity to this Agreement. You represent and warrant that you have the legal power and authority to enter into this Agreement and that, if the Customer is an entity, this Agreement and each Order Form is entered into by an employee or agent with all necessary authority to bind that entity to this Agreement. Please note that we may modify this Agreement as further described in the amendments section below, so you should make sure to check this page from time to time. This Agreement includes any Order Forms, Purchase Orders and Service-Specific Terms (as defined below) as well as any policies or exhibits linked to or referenced herein.

This Agreement is effective as of January 1, 2018.

There were no Purchase Orders, Order forms and Proposals issued before January 1, 2018.

BACKGROUND AND PURPOSE
MiLynk is a mobile web application publishing platform empowering people to improve online relationships and productivity by providing a platform to create interactive mobile web applications that do not need to be downloaded and are easily accessible via a URL. MiLynk enables consumers and businesses to overcome the limitations of designing, creating, and integrating mobile applications with social media, text messaging, and email. The platform combines web application publishing, intranet, text messaging, email publishing, cloud storage, productivity tools, and social networking tools into one unified solution.

The purpose of this Contract is to define the terms and conditions under which MiLynk shall provide the Service(s) and potential support services to the Customer in exchange for payment for the services.

1. DEFINITIONS

1.1. “Active Use” refers to data stored within the Service under a current Order Form or within six (6) months of expiration of the most recent Order Form.

1.2. “Add-On” means integrations, applications, and other add-ons that are used with the Service.

1.3. “Affiliate(s)” means any entity which is controlled by, in control of, or is under common control with a Party to this Contract, where “control” means either the power to direct the management or affairs of the entity or ownership of 50% or more of the voting securities of the entity.

1.4. “Aggregate/Anonymous Data” means: (i) data generated by aggregating Customer Data so that results are non-personally identifiable with respect to the Customer or any natural person; and (ii) learnings, logs, and data regarding use of the Service.

1.5. “Authorized Users” means the Customer’s employees and contractors who have or may be assigned a Seat to access and use the Service and who are acting for the Customer’s benefit and on its behalf.

1.6. “Confidential Information” means for any such information exchanged under this Contract, that is identified as confidential at the time of disclosure or that should reasonably be considered confidential based on the circumstances surrounding the disclosure and the nature of the information disclosed, for example code, inventions, know-how, product plans, inventions, and technical and financial information.

1.7. “Content” means text, images, videos or other content uploaded or integrated with the Service by Customer.

1.8. “Contract” means this Master Subscription Agreement document and its annexes, appendices, schedules and amendments, including any Order Forms and service-specific terms as well as any policies or exhibits linked to or referenced herein.

1.9. “Customer Data” means: (i) Content; (ii) Submitted Data; and (iii) Visitor Data.

1.10. “Customer’s Administrators” means the Authorized Users that have been provided with administrator permissions within the Service. Customer’s Administrators have broader user permissions to the Service than regular Authorized Users.

1.11. “Documentation” means the technical documentation created and provided by MiLynk in connection with the Service, currently available upon request by emailing documentation@MiLynk.com.

1.12. “Intellectual Property Rights” mean copyrights, software, domain names, trademarks, service marks, designs and registrations and applications thereof, data, and documentation thereof, trade secrets and know-how (including but not limited to development information, specifications, plans, proposals and technical data).

1.13. “Service(s)” means the specific proprietary SaaS (Software as a Service) product(s) of MiLynk specified in Customer’s Order Form, including any related MiLynk Documentation, and excluding any Third-Party Products. The Service(s) include access to the features and functionalities made available by MiLynk from time to time.

1.14. “MiLynk Technology” means the Service, any and all related or underlying Intellectual Property Rights, documentation, technology, code, know-how, logos and templates (including any reports or output obtained from the Service), anything delivered as part of support or other services, and any updates, modifications or derivative works of any of the foregoing.

1.15. “Order Form” means any MiLynk ordering documentation or online sign-up or subscription flow that references this Contract.

1.16. “Scope of Use” means the usage limits or other scope of use descriptions for the Service included in the applicable Order Form (including descriptions of packages and features) or Documentation, including any numerical limits on Seats or Authorized Users.

1.17. “Submitted Data” means data uploaded or otherwise submitted by Customer to the Service, including Third-Party Content.

1.18. “Subscription Term” means the initial term for the subscription to the applicable Service, as specified on the Customer’s Order Form(s), and each subsequent renewal term (if any).

1.19. “Third Party” and “Third-Party” means any party that is not the Customer, MiLynk, an Affiliate of the Customer or MiLynk’s subcontractor.

1.20. “Third-Party Content” means content, data or other materials that the Customer submits to the Service from its third-party data providers, including through Add-Ons used by the Customer.

1.21. “Third-Party Product(s)” means any applications, integrations, software, code, online services, systems, other products, and Add-Ons not developed by MiLynk.

1.22. “Seat(s)” or “Account(s)” mean each individual user account granting access to the Service as assigned or assignable by the Customer’s Administrator via the admin panel within the Service.

1.23. “Party” means either MiLynk or the Customer. Together they may be referred to as Parties.

1.24. “Google Account” means a Google-wide username and password that can be used to access various Google products. The Google Account is a Third-Party Product and has its own privacy policy and terms of service.

1.25. “Visitor Data” is the data collected from a user when they use the MiLynk service, including IP address, browser information, and/or header information.

Other terms are defined in other Sections of this Master Subscription Agreement or in the relevant policies, or annexes.

2. ACCOUNT REGISTRATION AND USE

2.1. Google Account The Customer and its Authorized Users may need to register for a Google Account in order to access the Service. MiLynk may, at its discretion, provide alternative means of accessing the Service other than a Google Account. The MiLynk Service may also require installation by a G-Suite administrator.

2.2. Account Information All Account information must be accurate, current, and complete.

2.3. Credentials The Customer must ensure that any user IDs, passwords, and other access credentials (such as API tokens) for the Service are kept strictly confidential and not shared with any unauthorized person. The Customer must notify MiLynk immediately of any breach of security or unauthorized use of an account which the Customer has become aware of. Accounts are personal and must not be shared with others. If any Authorized User stops working for the Customer, the Customer must immediately terminate that person’s access to the Service. The Customer will be responsible for any and all actions taken using the accounts, passwords or access credentials designated to Customer.

2.4. Administration Rights The Customer is responsible for designating those individuals who are authorized to access the Customer’s Admininstrators’ account(s).

ACCESS TO THE SERVICE
General Conditions Subject to the compliance with this Contract and the Acceptable Use Policy (currently available at www.MiLynk.com/acceptable-use-policy/), MiLynk grants to the Authorized Users of the Customer, a worldwide, non-exclusive, non-transferable, non-sublicensable right during the applicable Subscription Term to access and use the Service(s) designated on the Customer’s Order Form. The service may be used solely for the Customer’s internal business purposes. For the avoidance of doubt, the Customer will be responsible and liable for all Authorized Users’ use and access of the Service and their compliance with the terms and conditions of this Contract.
Developments The Customer acknowledges that the Service constantly develops and evolves over time. Consequently, MiLynk may, at its option, make updates, bug fixes, modifications or improvements to the Service from time to time. Updates to the Service can be found on the MiLynk blog (currently available at https://www.MiLynk.com/blog). Customers can also opt-in to the MiLynk Customer Community Channel that will provide proactive updates about major changes to the Service. MiLynk may also make such new applications, features or functionalities for the Services available from time to time, the use of which may be contingent upon the Customer’s agreement to additional terms.
Early Stage Services MiLynk may provide the Customer with access to “Alpha”, “Beta”, or other early-stage Services, integrations, or features (“Alpha and Beta Releases”), which are optional for the Customer to use. MiLynk may use good faith efforts in its discretion to assist the Customer with Alpha and Beta Releases. Without limiting the other disclaimers and limitations in this Contract, the Customer acknowledges and agrees that Alpha and Beta Releases may not be complete or fully functional and may contain bugs, errors, omissions, and other problems for which MiLynk will not be responsible. Accordingly, any use of Alpha and Beta Releases are at the Customer’s sole risk. MiLynk makes no promises that future versions of Alpha and Beta Releases will be released or will be available under the same commercial or other terms. MiLynk may terminate the Customer’s right to use any Alpha and Beta Releases at any time for any reason or no reason in MiLynk’s sole discretion, without liability.

3. ACCESS TO THE SERVICE

3.1. General Conditions Subject to the compliance with this Contract and the Acceptable Use Policy (currently available at www.MiLynk.com/acceptable-use-policy/), MiLynk grants to the Authorized Users of the Customer, a worldwide, non-exclusive, non-transferable, non-sublicensable right during the applicable Subscription Term to access and use the Service(s) designated on the Customer’s Order Form. The service may be used solely for the Customer’s internal business purposes. For the avoidance of doubt, the Customer will be responsible and liable for all Authorized Users’ use and access of the Service and their compliance with the terms and conditions of this Contract.

3.2. Developments The Customer acknowledges that the Service constantly develops and evolves over time. Consequently, MiLynk may, at its option, make updates, bug fixes, modifications or improvements to the Service from time to time. Updates to the Service can be found on the MiLynk blog (currently available at https://www.MiLynk.com/blog). MiLynk may also make such new applications, features or functionalities for the Services available from time to time, the use of which may be contingent upon the Customer’s agreement to additional terms.

3.3. Early Stage Services MiLynk may provide the Customer with access to “Alpha”, “Beta”, or other early-stage Services, integrations, or features (“Alpha and Beta Releases”), which are optional for the Customer to use. MiLynk may use good faith efforts in its discretion to assist the Customer with Alpha and Beta Releases. Without limiting the other disclaimers and limitations in this Contract, the Customer acknowledges and agrees that Alpha and Beta Releases may not be complete or fully functional and may contain bugs, errors, omissions, and other problems for which MiLynk will not be responsible. Accordingly, any use of Alpha and Beta Releases are at the Customer’s sole risk. MiLynk makes no promises that future versions of Alpha and Beta Releases will be released or will be available under the same commercial or other terms. MiLynk may terminate the Customer’s right to use any Alpha and Beta Releases at any time for any reason or no reason in MiLynk’s sole discretion, without liability.

4. CUSTOMER OBLIGATIONS

4.1. Respecting Third Party Rights The Customer represents and warrants that the collection, use, and disclosure of Customer Data will not violate any third-party rights, including Intellectual Property Rights, privacy and publicity rights. If the Customer receives any take down requests or infringement notices related to Customer Data or its use of Third-Party Products it must promptly stop using the related item with the MiLynk Service and notify MiLynk. If MiLynk receives any take down requests or infringement notices related to Customer Data or Customer’s use of Third-Party Products, MiLynk may respond in accordance with its policies, including immediate removal of the relevant content from the Service, and will notify the Customer on next steps. The Customer must not take any action that would cause MiLynk or the Service to become subject to any third-party terms (including open source license terms).

4.2. Obtaining Consents The Customer may have the ability to access, monitor, use, or disclose data available to Authorized Users within the Authorized Users’ Accounts. The Customer will obtain and maintain all required consents from Authorized Users to allow: (i) Customer’s access, monitoring, use and disclosure of such data and (ii) MiLynk to provide the Service(s).

4.3. Prohibited Use The Customer must not and must not allow Authorized Users or any third party to: (i) rent, lease, copy, transfer, resell, sublicense, lease, time-share, or otherwise provide access to the Service to a third party (except Authorized Users); (ii) publicly disseminate information regarding the performance of the Service (which is deemed MiLynk’s Confidential Information); (iii) modify or create a derivative work of the Service or any portion of it; (iv) reverse engineer, disassemble, decompile, translate, or otherwise seek to obtain or derive the source code, underlying ideas, algorithms, file formats, or non-public APIs to any Service (including MiLynk’s code), except to the extent expressly permitted by applicable law and then only with advance notice to MiLynk; (v) access the Service for the purpose of building a competitive product or service or copying its features or user interface; (vi) use the Service for purposes of product evaluation, benchmarking, or other comparative analysis intended for publication without MiLynk’s prior written consent; or (vii) remove or obscure any proprietary or other notices contained in the Service, including in any reports or output obtained from the Service.

4.4. Customer Affiliates Where Affiliates of the Customer purchase subscriptions to the Service from MiLynk (or an Affiliate of MiLynk) by executing an Order Form that references this Contract, such agreement shall be deemed to form a separate agreement. For clarification: (i) the Customer or the Customer’s Affiliates have no rights under other Customer Affiliate agreements; and (ii) breach or termination by any Customer entity or a MiLynk entity of any separate agreement is not a breach or termination under any other agreement between a MiLynk entity and another Customer entity.

5. CUSTOMER DATA

5.1. Rights in Customer Data As between the Parties, the Customer retains all right, title, and interest (including any Intellectual Property Rights) in and to the Customer Data (excluding any MiLynk Technology). The Customer hereby grants MiLynk a non-exclusive, worldwide, royalty-free right and license to collect, use, copy, store, transmit, modify, and create derivative works of the Customer Data solely to the extent necessary to provide the Service and related services to the Customer. For Content, this includes the right to publicly display and perform Content (including derivative works and modifications) as directed by the Customer through the Service. This Section does not however limit MiLynks right to generate the Aggregate/Anonymous Data in accordance with Section 5.3 below.

5.2. Third-Party Products and Customer Data. If the Customer installs or enables Third-Party Products for use with the Service, the Customer acknowledges that providers of those Third-Party Products may have access to Customer Data in connection with the interoperation and support of such Third-Party Products with the Service. To the extent the Customer authorizes the access or transmission of Customer Data through a Third-Party Product, MiLynk will not be responsible for any use, disclosure, modification or deletion of such Customer Data.

5.3. Aggregate/Anonymous Data. MiLynk will have the right to generate Aggregate/Anonymous Data from the Service. Aggregate/Anonymous Data shall be regarded as MiLynk Technology, which MiLynk may use for any business purpose during or after the term of this Contract (including without limitation to develop and improve MiLynk’s products and services and to create and distribute reports and other materials). For clarity, MiLynk will only disclose Aggregate/Anonymous Data externally in a de-identified (anonymous) form that does not identify the Customer, or Authorized Users, and that is stripped of all persistent identifiers (such as device identifiers, IP addresses, names, addresses, and cookie IDs). The Customer is not responsible for MiLynk’s use of Aggregate/Anonymous Data.

5.4. No Archiving MiLynk does not provide an archiving service. The Customer acknowledges that MiLynk may delete Content no longer in Active Use. Additionally, the Customer acknowledges that MiLynk may, by giving reasonable prior notice, delete such data relating to a feature of the Service no longer being offered or made available as part of the Service. MiLynk expressly disclaims all other obligations with respect to storage.

6. PERSONAL DATA AND DATA PROTECTION

6.1. Data Processing and DPA In the course of providing the Service to the Customer, MiLynk may process certain personal data (as defined in the EU General Data Protection Regulation 2016/679) on behalf of the Customer. Such processing shall be subject to a Data Processing Agreement (“DPA”) executed by the Parties.

6.2. International Data Transfers Where the provision of the Service involves transferring personal data of the Customer from the European Economic Area to third countries, the EU Standard Contractual Clauses appended to this Contract shall apply to such transfer. Where the Parties have not executed a DPA, the terms contained in the Standard Contractual Clauses shall however be secondarily applied to all data processing, regardless of whether international data transfers are involved.

7. SUPPORT SERVICES

7.1. Provision of Support Services MiLynk makes available web-based support through its website (currently available at help.MiLynk.com). Additional support services may be available to the Customer upon payment of applicable fees, as specified in Customer’s Order Form or MiLynk’s price list applicable at each time. Any support services are subject to this Contract and MiLynk’s applicable support policies. MiLynk may also provide onboarding, deployment and other services under this Contract. The scope, pricing, and other terms for these additional services will be specified in an Order Form, Order Form exhibit, or other document referencing this Contract. The Customer may use anything delivered as part of these additional services internally during its Subscription Term to support its authorized use of the Service, subject to the restrictions in Section 3 (Access to the Service) and Section 4.3 (Prohibited Use) above applicable to the Service itself. MiLynk’s ability to deliver additional services will depend on the Customer’s reasonable and timely cooperation and the accuracy and completeness of any information from the Customer needed to deliver the additional services.

8. SUBSCRIPTION TERM

8.1. Subscription Term The applicable Subscription Term shall be specified in the Order Form. By executing an Order Form for purchase of a subscription to the Service, the Customer agrees to pay all applicable fees for the entire Subscription Term.

8.2. Cancellation or Termination The Customer cannot cancel or terminate a Subscription Term except as expressly permitted by Section 11.3 (Termination for cause) and Section 16.1 (Performance Warranty).

8.3. Start Date If a subscription start date is not specified on the applicable Order Form, the Subscription Term starts the day that the Customer signs the Order Form.

8.4. Renewals Each Subscription Term is initially valid for twelve (12) months, after which it will automatically renew for additional successive twelve-month (12-month) periods unless otherwise stated on the applicable Order Form or unless either Party gives written notice of non-renewal at least sixty (90) days before the end of the then-current Subscription Term.

9. FEES AND PAYMENT

9.1. Prices and Payment Schedule The Customer is billed according to the Seats, fees and payment schedule determined in the applicable Order Form. The Customer agrees to pay all fees in the agreed currency and in accordance with the payment schedule specified in the applicable Order Form.

9.2. Taxes MiLynk’s fees are exclusive of all taxes. If MiLynk is obligated to collect or pay taxes, the taxes will be invoiced from the Customer, unless the Customer provides MiLynk with a valid tax exemption certificate authorized by the appropriate tax authority. If the Customer is required by law to withhold any taxes from its payments to MiLynk, the Customer must provide MiLynk with an official tax receipt or other appropriate documentation to support such payments. Any applicable taxes shall be added to the Customer’s invoice.

9.3. Additional Seats If the Customer adds additional Seats in excess of the amount on the applicable Order Form, MiLynk may charge additional fees. The fees for such additional Seats are charged monthly in arrears. Where such Additional Seats have been mutually agreed upon with MiLynk, such Additional Seats will be priced at the same cost per Seat as agreed in the applicable Order Form. After additional Seats have been created and an invoice issued, all future invoicing will be based on the increased number of Seats for the remainder of the Subscription Term. If changes have minimal financial effect the changes can be pooled on its own invoice on a later date. Billing of changes made will commence from the beginning of the month of the date when the change took effect.

9.4. Annual Price Adjustments All fees specified in the Order Form shall be subject to an automatic annual 3% increase, which shall apply immediately during the applicable Subscription Term.

9.5. Price Changes Apart for the annual automatic adjustments applicable to an ongoing Subscription Term which shall be limited to the increase specified above in section 9.4, MiLynk shall have the full right to make changes to their pricing. Such price changes shall take effect upon the commencement of a new Subscription Term or a renewal thereof. MiLynk shall inform any Customers with an ongoing Subscription Term of such price changes at least ninety (90) days in advance.

9.6. Payment Method The payment shall be made via wire transfer to MiLynk’s bank account specified by MiLynk in the invoice. The message of the payment shall include the applicable invoice number or the reference number of the invoice.

10. INVOICING

10.1. Standard Invoicing Schedule The Service is invoiced for a 12-month period at the beginning of the Subscription Term unless otherwise specified on the Order Form. If the Subscription Term is longer than 12 months but under 24 months the Subscription Term shall be invoiced in total in the beginning of the Subscription Term. Otherwise the Service shall be invoiced in 12-month terms.

10.2. Invoicing Method The invoices shall be sent to the billing address provided by the Customer. The preferred Invoicing method is electronic invoicing via email (as pdf) or e-invoice where available. MiLynk has the right to add a reasonable invoicing fee for traditional paper invoices sent via traditional mail.

10.3. Payment Term and Late Payments The term of payment is 14 days net. MiLynk has the right to charge a late payment fee from the Customer if MiLynk has not received payment within three (3) business days from the due date. The late payment fee shall be calculated from the due date to the day the payment is received by MiLynk. The late payment fee shall be calculated by actual days. The Customer has five (5) business days to notify a dispute to the Invoice. The five-business-day period is calculated from the date the Customer received the invoice. If there are no other means to determine the receipt date, it shall be the next business day from the date the invoice was sent by MiLynk. If the Customer does not react to the invoice in five (5) business days the invoice is considered undisputed and valid. Undisputed late payments are subject to a late payment fee equal to the lesser of 1.5% per month of the amount due or the maximum amount allowed by law.

10.4. Invoicing Information The Customer shall provide MiLynk with all necessary reference information needed to process each invoice, including a valid billing address. If the Customer has not provided such information to MiLynk the Customer cannot waive the obligation to pay the Invoice even if it does not have the reference information needed to internally process the payment.

11. TERMINATION

11.1. Termination without Cause Either Party may terminate the Contract with sixty (60) days’ advance written notice. If the termination notice is submitted later than sixty (60) days prior to the end of the Subscription Term, the subscription shall renew as defined in Section 8.4 and the termination shall commence at the end of the renewed Subscription Term.

11.2. Termination Notice The Customer shall submit the termination notice via email to support@MiLynk.com. Only termination notices submitted to support@MiLynk.com are considered valid termination notices.

11.3. Termination for Cause The Contract can be terminated with immediate effect, if:
a) the other Party is in material breach of the Contract and fails to cure that breach within sixty (60) days after receipt of written notice;
b) the other Party ceases its business operations or becomes subject to insolvency proceedings; or
the other Party is in material breach of the Contracts more than two (2) times notwithstanding any cure of such breaches.

11.4. Suspension or Termination due to Unpaid Invoices MiLynk has the right to suspend the Customer’s accounts and terminate this Contract if the Customer has either two (2) undisputed unpaid invoices or at least one (1) undisputed unpaid invoice past due a minimum of 60 days. The Customer’s liability to pay any undisputed invoice does not cease with the suspension or termination of this Contract.

11.5. Obligations upon Termination Upon the termination of this Contract: (i) the rights granted by one Party to the other will cease immediately (except as set forth in this Section); (ii) MiLynk shall provide the Customer access to, and the ability to export, the Customer Data for thirty (30) days at the Company’s then-current rates for the applicable services; (iii) after a commercially reasonable period of time, MiLynk shall delete Customer Data; and (iv) upon request each Party will promptly use commercially reasonable efforts to return or destroy all other Confidential Information of the other Party. If the Customer terminates the Contract prior to the conclusion of the Subscription Term, MiLynk will bill the Customer, and the Customer is responsible for paying MiLynk, for the remaining unpaid amount of the Customer’s commitment per the Contract.

11.6. Surviving Terms Such Sections of the Contract that by their nature are intended to remain in force after the termination or expiration of the Contract shall survive the termination or expiry of the Contract. Such Sections include, namely, without limitation, Sections 12 (Confidentiality), 13 (Intellectual Property Rights), 15 (Indemnification), 17 (Limitations of Liability) and 19 (General terms).

12. CONFIDENTIALITY

12.1. Confidentiality Obligation Each Party (as the receiving Party) must: (i) hold in confidence and not disclose the other Party’s Confidential Information to Third Parties except as permitted by this Contract; and (ii) only use the other Party’s Confidential Information to fulfill its obligations and exercise its rights under this Contract. Each Party may share the other Party’s Confidential Information with its, and its Affiliates’, employees, agents or contractors on a legitimate need-to-know basis (which, for MiLynk, includes the subcontractors referenced in Section 19.4), provided that the Party remains responsible for any recipient’s compliance with the terms of this Section and that such recipients are bound to confidentiality obligations no less protective than those set herein.

12.2. Exemptions from Confidentiality These confidentiality obligations do not apply to (and Confidential Information does not include) information that: (i) is or becomes public knowledge through no fault of the receiving Party; (ii) was known by the receiving Party before it received the Confidential Information; (iii) is rightfully obtained by the receiving Party from a third party without breach of any confidentiality obligation; or (iv) is independently developed by the receiving Party without using the disclosing Party’s Confidential Information, as can be shown by documentary evidence. A Party may also disclose the other Party’s Confidential Information to the extent required by law or court order, provided it gives advanced notice (if permitted by law) and cooperates in any effort by the other Party to obtain confidential treatment for the information.

12.3. Equitable Relief The Parties acknowledge that disclosing Confidential Information may cause substantial harm for which damages alone may be an insufficient remedy, and so on breach of this Section 12, each Party is entitled to seek appropriate equitable relief in addition to any other remedies it may have at law.

13. INTELLECTUAL PROPERTY RIGHTS

13.1. No Transfer of intellectual Property Rights Except as expressly set forth herein, this Contract does not grant either Party any rights, implied or otherwise, to the other’s Intellectual Property Rights. As between the Parties, the Customer owns all Intellectual Property Rights in Customer Data, and MiLynk owns all Intellectual Property Rights in the Service.

14. MiLynk TECHNOLOGY

14.1. Subscription Basis The Service is provided in the form of an online service subscription. The Customer acknowledges that it is obtaining only a limited right to use the Service and that irrespective of any use of the words “purchase”, “sale” or similar terms, no ownership rights are transferred to the Customer under this Contract. The Customer agrees that MiLynk (or its suppliers) retain all rights, title and interest (including all Intellectual Property Rights) in and to all MiLynk Technology and that MiLynk reserves all rights not specifically granted in this Contract. Customer further acknowledges and agrees that it has no right to obtain a copy of the software behind any Service.

14.2. Feedback If the Customer elects to provide any suggestions, comments, improvements, information, ideas or other feedback or related materials to MiLynk (collectively, “Feedback”), the Customer hereby grants MiLynk a worldwide, perpetual, non-revocable, sublicensable, royalty-free right and license to use, copy, disclose, license, distribute, and exploit any Feedback in any format and in any manner without any obligation, payment, or restriction based on Intellectual Property Rights or otherwise. MiLynk will not identify the Customer as the source of the Feedback. Nothing in this Contract limits MiLynk’s right to independently use, develop, evaluate, or market products, whether incorporating Feedback or otherwise.

15. INDEMNIFICATION

15.1. Indemnification by MiLynk MiLynk agrees to defend and indemnify the Customer from and against any third party claims resulting from infringement of any Australian, Canadian, European Union member state, United Kingdom, or United States patent, copyright, trademark, or trade secret by the Service itself, as provided by MiLynk and used by the Customer in accordance with this Contract. In response to any claim or potential claim of infringement, if required by settlement or injunction, or if MiLynk determines these actions are reasonably necessary to avoid material liability, MiLynk may at its option: (i) procure a license for the affected portion of the Service; (ii) modify the Service so as to avoid infringement but be materially equivalent; or (iii) terminate the Order Form for the affected Service and refund any subscription fees the Customer has pre-paid for the terminated portion of the applicable Subscription Term. Notwithstanding the above, MiLynk’s obligations under this Section 15 do not apply to the extent infringement results from: (i) Third-Party Products or combinations with these items; (ii) modification of the Service by someone other than MiLynk or its subcontractors; or (iii) use of the Service other than the then-most current release. MiLynk’s obligations under this Section 15 also do not apply to use in breach of this Contract, to Customer Data or to Alpha and Beta Releases.

THIS SECTION 15 STATES THE SOLE AND EXCLUSIVE REMEDY OF THE CUSTOMER AND THE ENTIRE LIABILITY OF MiLynk, OR ANY OF ITS SUPPLIERS, OFFICERS, DIRECTORS, EMPLOYEES, SHAREHOLDERS, CONTRACTORS OR REPRESENTATIVES, WITH RESPECT TO ANY CLAIM OF INTELLECTUAL PROPERTY INFRINGEMENT.

15.2. Indemnification by Customer The Customer agrees to defend and indemnify MiLynk from and against any third-party claims and liabilities to the extent resulting from Customer Data or a breach or alleged breach of Section 4 (Customer Obligations) or Section 12 (Confidentiality).

15.3. Conditions for Indemnification Each Party’s defense and indemnification obligations are subject to the indemnifying Party receiving: (i) prompt written notice of the claim; (ii) the exclusive right to control and direct the investigation, defense, and settlement of the claim; and (iii) all reasonable necessary cooperation of the indemnified Party at the indemnifying Party’s expense (as to reasonable out-of-pocket costs). The indemnifying Party must not settle any claim without the indemnified Party’s prior written consent if the settlement would require the indemnified Party to admit fault, pay amounts that the indemnifying Party must pay under this Section 15, or take or refrain from taking any action (other than with respect to the Service or features). The indemnified Party may participate in a claim through counsel of its own choosing at its own expense.

16. WARRANTY; DISCLAIMERS

16.1. Performance Warranty. During the Subscription Term, MiLynk warrants, for the Customer’s benefit only, that: (i) the Service will operate in substantial conformity with the applicable Documentation (“Performance Warranty”). The Customer must notify MiLynk in writing within thirty (30) days of discovery and include a brief reference to the applicable warranty and detailed description of the potential breach. If MiLynk receives a valid warranty claim within this period, it will use commercially reasonable efforts in its discretion to repair the affected portion of the Service or re-perform the services (as applicable). If MiLynk determines this remedy is not commercially reasonable, either Party may terminate the applicable Order Form with prompt written notice. Upon termination as a result of a warranty claim under this Section 16, the Customer will receive a refund of any subscription fees it has pre-paid for the terminated portion of the applicable Subscription Term. The remedy in this Section 16 will be the Customer’s sole and exclusive remedy (and MiLynk’s sole liability) for any breaches of the Performance Warranty. Notwithstanding the above, the Performance Warranty does not cover and MiLynk will not be responsible for: (i) errors in or resulting from Third-Party Products or Third-Party Content; (ii) the Customer’s misuse or failure to follow the Documentation; (iii) modifications or services by anyone other than MiLynk or its subcontractors; (iv) any version of the Service other than the then most recent release; or (v) any Alpha or Beta Releases.

16.2. NO OTHER WARRANTIES. EXCEPT FOR THE ABOVE PERFORMANCE WARRANTY, ALL MiLynk TECHNOLOGY AND RELATED SERVICES ARE PROVIDED “AS IS” AND ON AN “AS AVAILABLE” BASIS. NEITHER MiLynk NOR ITS SUPPLIERS MAKE ANY OTHER WARRANTIES, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, TITLE, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.

MiLynk MAKES NO REPRESENTATION, WARRANTY OR GUARANTEE THAT MiLynk TECHNOLOGY WILL MEET THE CUSTOMER’S REQUIREMENTS OR EXPECTATIONS, THAT CUSTOMER DATA WILL BE ACCURATE, COMPLETE, OR PRESERVED WITHOUT LOSS, OR THAT MiLynk TECHNOLOGY WILL BE TIMELY, UNINTERRUPTED OR ERROR-FREE. MiLynk DOES NOT GUARANTEE THAT SECURITY MEASURES WILL BE ERROR-FREE AND WILL NOT BE RESPONSIBLE OR LIABLE FOR UNAUTHORIZED ACCESS BEYOND ITS REASONABLE CONTROL.

MiLynk WILL NOT BE RESPONSIBLE OR LIABLE IN ANY MANNER FOR ANY THIRD-PARTY PRODUCTS, THIRD-PARTY CONTENT, OR NON-MiLynk SERVICES (INCLUDING FOR ANY DELAYS, INTERRUPTIONS, TRANSMISSION ERRORS, SECURITY FAILURES, AND OTHER PROBLEMS CAUSED BY THESE ITEMS), FOR PERSONAL DATA OR OTHERWISE REGULATED DATA RECEIVED FROM THE CUSTOMER IN BREACH OF THIS CONTRACT, FOR THE COLLECTION, USE AND DISCLOSURE OF CUSTOMER DATA AUTHORIZED BY THIS CONTRACT, OR FOR DECISIONS OR ACTIONS TAKEN (OR NOT TAKEN) BY THE CUSTOMER BASED UPON MiLynk TECHNOLOGY OR MiLynk’S RELATED SERVICES.

THE DISCLAIMERS IN THIS SECTION 16 WILL APPLY TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS CONTRACT. THE CUSTOMER MAY HAVE OTHER STATUTORY RIGHTS. HOWEVER, ANY STATUTORILY REQUIRED WARRANTIES UNDER APPLICABLE LAW, IF ANY, WILL BE LIMITED TO THE SHORTEST PERIOD AND MAXIMUM EXTENT PERMITTED BY LAW.

17. LIMITATIONS OF LIABILITY

17.1. DIRECT DAMAGES ONLY TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL EITHER PARTY OR ITS SUPPLIERS BE LIABLE FOR ANY LOSS OF USE, LOST OR INACCURATE DATA, INTERRUPTION OF BUSINESS, LOST PROFITS, COSTS OF DELAY, REPUTATIONAL HARM, OR ANY INDIRECT, SPECIAL, INCIDENTAL, COVER, RELIANCE OR CONSEQUENTIAL DAMAGES OF ANY KIND HOWEVER CAUSED, EVEN IF INFORMED IN ADVANCE OF THE POSSIBILITY OF THESE DAMAGES.

17.2. MAXIMUM LIABILITY EACH PARTY’S AND ITS SUPPLIERS’ TOTAL LIABILITY WILL NOT EXCEED IN AGGREGATE THE AMOUNT ACTUALLY PAID OR PAYABLE BY THE CUSTOMER TO MiLynk FOR THE APPLICABLE MiLynk SERVICE OR RELATED SERVICES IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM. FOR ALPHA AND BETA RELEASES, MiLynk’S TOTAL LIABILITY WILL HOWEVER NOT EXCEED IN AGGREGATE FIFTY DOLLARS (50 USD).

17.3. EXCEPTIONS THE LIABILITY LIMITATIONS IN THIS SECTION 17 DO NOT APPLY TO: (i) THE INDEMNITY OBLIGATIONS UNDER SECTION 15 (INDEMNIFICATION); AND (ii) THE CUSTOMER’S PAYMENT OBLIGATIONS AS EXPRESSLY PROVIDED IN THIS CONTRACT.

17.4. LEGAL LIMITATIONS IN CASE THE LAW APPLICABLE TO THIS CONTRACT DOES NOT ALLOW SOME OF THE LIMITATIONS OF LIABILITY IN THIS SECTION 17, THIS SECTION 17 WILL APPLY TO THE MAXIMUM EXTENT PERMITTED BY LAW.

18. THIRD-PARTY PRODUCTS AND INTEGRATIONS

18.1. No Liability for Third Party Products If the Customer uses Third-Party Products in connection with the Services, those products may make Third-Party Content available to the Customer and may access the Customer’s instance of the Service, including Customer Data. MiLynk does not warrant or support Third-Party Products or Third-Party Content (whether or not these items are designated by MiLynk as “powered”, “verified” or otherwise) and disclaims all responsibility and liability for these items and their access to the Services, including their modification, deletion, disclosure, or collection of Customer Data. MiLynk is not responsible in any way for Customer Data once it is transmitted, copied, or removed from the Services by the Customer or under the Customer’s direction.

19. GENERAL TERMS

19.1. Notice Any notice or communication under this Contract must be in writing. The Customer must send any notices under this Contract (including breach notices and warranty and indemnity claims) to MiLynk, in English, at the following address, support@MiLynk.com, and include “Attn. Legal Department” in the subject line. MiLynk may send notices to the email addresses on the Customer’s account or, at MiLynk’s option, to the Customer’s last-known postal address. MiLynk may also provide operational notices regarding the Service or other business-related notices through conspicuous posting of the notice on MiLynk’s website or the Service. Each Party consents to receiving electronic notices. MiLynk is not responsible for any automatic filtering the Customer or its network provider may apply to email notification.

19.2. Assignment This Contract will bind and inure to the benefit of each Party’s permitted successors and assigns. Neither Party may assign this Contract without the advance written consent of the other Party, except that each Party may assign this Contract without consent in connection with a merger, reorganization, acquisition, or other transfer of all or substantially all of its assets or voting securities. Any attempt to transfer or assign this Contract except as expressly authorized under this Section 19.2 will be void.

19.3. Publicity Unless otherwise specified in the applicable Order Form, MiLynk may use the Customer’s name, logo, and marks to identify the Customer as a customer of MiLynk and a user of the relevant Service(s) on MiLynk’s website and in other marketing materials.

19.4. Subcontractors MiLynk may use subcontractors and permit them to exercise the rights granted to MiLynk in order to provide the Service and related services under this Contract. These subcontractors may include, for example, MiLynk’s hosting provider. However, subject to all terms and conditions of this Contract, MiLynk will remain responsible for: (i) compliance of its subcontractors with the terms of this Contract; and (ii) the overall performance of the Services if and as required under this Contract.

19.5. Independent Contractors The Parties to this Contract are independent contractors. This Contract does not create a partnership, joint venture, employment, franchise, or agency relationship between the Parties. Neither Party has the power to bind the other or incur obligations on the other Party’s behalf without the other Party’s prior written consent.

19.6. Force Majeure Neither Party will be liable for any delay or failure to perform its obligation under this Contract if the delay or failure is due to causes beyond its reasonable control, such as a strike, blockade, war, act of terrorism, riot, natural disaster, failure or reduction of power or telecommunications or data networks or services, or government act.

19.7. Export The Customer is responsible for obtaining any required export or import authorisations or control laws for the use of any Service.

19.8. Amendments Any modification or amendment to this Contract must be made in writing and executed by an authorized representative of each Party. If, during the Customer’s Subscription Term, MiLynk modifies the service-specific terms relevant for a specific Service purchased under an Order Form, the modified version will take effect upon the Customer’s next renewal. If MiLynk launches new products or optional features that require opt-in acceptance of new terms, those terms will apply upon the Customer’s acceptance or use. If Customer accepts new Order Forms or Order Form changes following the modification, the changes will take effect immediately. However, during a Subscription Term, MiLynk may update MiLynk’s policies, including without limitation the Acceptable Use Policy, and Documentation from time-to-time to reflect process improvements or changing practices, provided these changes do not substantially diminish the Customer’s rights or create substantial additional Customer obligations during a Subscription Term, and these changes will take immediate effect from the date of posting.

19.9. No Waiver Failure to enforce any provision of this Contract will not constitute a waiver.

19.10. Severability If any provision of this Contract is found by any court of competent jurisdiction to be unenforceable or invalid, that provision will be limited to the minimum extent necessary so that this Contract may otherwise remain in effect.

19.11. No Third Party Rights Nothing in this Contract confers on any third party the right to enforce any provision of this Contract. Customer acknowledges that each Order Form only permits use by and for the legal entity or entities identified in the Order Form(s).

19.12. Entire Agreement This Contract represents the Parties’ complete and exclusive understanding relating to the Contract’s subject matter. It supersedes all prior or contemporaneous oral or written communications, proposals and representations with respect to the MiLynk Technology or any other subject matter covered by this Contract. Any terms provided by the Customer (including as part of any purchase order or other business form used by the Customer) are for administrative purposes only and have no legal effect. This Contract may be signed in counterparts, including by electronic copy, each of which will be deemed an original, and all counterparts together constituting one and the same Contract.

19.13. Governing Law and Dispute Resolution This Contract is governed by the laws of Finland without regard to any conflict of law provisions. All disputes will primarily be resolved by negotiation between the Parties. If such negotiations fail, any dispute, controversy or claim arising out of or relating to this Contract, or the breach, termination or validity thereof, shall be finally settled by arbitration in accordance with the Arbitration Rules of the Finland Chamber of Commerce. The number of arbitrators shall be one (1). The seat of arbitration shall be Helsinki, Finland. The language of the arbitration shall be English. The arbitral proceedings and award shall be confidential.

20. ORDER OF PRECEDENCE

20.1. The Order of Precedence is i) Order Form(s) ii) This Contract, iii) DPA, iv) Annexes in descending order, v) written communication between the Parties.

Annex 1. EU Standard Contractual Clauses for International Data Transfers

Clause 1

Definitions

For the purposes of the Clauses:

(a) ‘personal data’, ‘special categories of data’, ‘process/processing’, ‘controller’, ‘processor’, ‘data subject’ and ‘supervisory authority’ shall have the same meaning as in Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data;

(b) ‘the data exporter’ means the controller who transfers the personal data;

(c) ‘the data importer’ means the processor who agrees to receive from the data exporter personal data intended for processing on his behalf after the transfer in accordance with his instructions and the terms of the Clauses and who is not subject to a third country’s system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC;

(d) ‘the subprocessor’ means any processor engaged by the data importer or by any other subprocessor of the data importer who agrees to receive from the data importer or from any other subprocessor of the data importer personal data exclusively intended for processing activities to be carried out on behalf of the data exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract;

(e) ‘the applicable data protection law’ means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data applicable to a data controller in the Member State in which the data exporter is established;

(f) ‘technical and organizational security measures’ means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.

Clause 2

Details of the transfer

The details of the transfer and in particular the special categories of personal data where applicable are specified in Appendix 1 which forms an integral part of the Clauses.

Clause 3

Third-party beneficiary clause

1. The data subject can enforce against the data exporter this Clause, Clause 4(b) to (i), Clause 5(a) to (e), and (g) to (j), Clause 6(1) and (2), Clause 7, Clause 8(2), and Clauses 9 to 12 as third-party beneficiary.

2. The data subject can enforce against the data importer this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where the data exporter has factually disappeared or has ceased to exist in law unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law, as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity.

3. The data subject can enforce against the subprocessor this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.

4. The parties do not object to a data subject being represented by an association or other body if the data subject so expressly wishes and if permitted by national law.

Clause 4

Obligations of the data exporter

The data exporter agrees and warrants:

(a) that the processing, including the transfer itself, of the personal data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter is established) and does not violate the relevant provisions of that State;

(b) that it has instructed and throughout the duration of the personal data processing services will instruct the data importer to process the personal data transferred only on the data exporter’s behalf and in accordance with the applicable data protection law and the Clauses;

(c) that the data importer will provide sufficient guarantees in respect of the technical and organisational security measures specified in Appendix 2 to this contract;

(d) that after assessment of the requirements of the applicable data protection law, the security measures are appropriate to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;

(e) that it will ensure compliance with the security measures;

(f) that, if the transfer involves special categories of data, the data subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC;

(g) to forward any notification received from the data importer or any subprocessor pursuant to Clause 5(b) and Clause 8(3) to the data protection supervisory authority if the data exporter decides to continue the transfer or to lift the suspension;

(h) to make available to the data subjects upon request a copy of the Clauses, with the exception of Appendix 2, and a summary description of the security measures, as well as a copy of any contract for subprocessing services which has to be made in accordance with the Clauses, unless the Clauses or the contract contain commercial information, in which case it may remove such commercial information;

(i) that, in the event of subprocessing, the processing activity is carried out in accordance with Clause 11 by a subprocessor providing at least the same level of protection for the personal data and the rights of data subject as the data importer under the Clauses; and

(j) that it will ensure compliance with Clause 4(a) to (i).

Clause 5

Obligations of the data importer

The data importer agrees and warrants:

(a) to process the personal data only on behalf of the data exporter and in compliance with its instructions and the Clauses; if it cannot provide such compliance for whatever reasons, it agrees to inform promptly the data exporter of its inability to comply, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;

(b) that it has no reason to believe that the legislation applicable to it prevents it from fulfilling the instructions received from the data exporter and its obligations under the contract and that in the event of a change in this legislation which is likely to have a substantial adverse effect on the warranties and obligations provided by the Clauses, it will promptly notify the change to the data exporter as soon as it is aware, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;

(c) that it has implemented the technical and organisational security measures specified in Appendix 2 before processing the personal data transferred;

(d) that it will promptly notify the data exporter about:

(i) any legally binding request for disclosure of the personal data by a law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation,

(ii) any accidental or unauthorised access, and

(iii) any request received directly from the data subjects without responding to that request, unless it has been otherwise authorised to do so;

(e) to deal promptly and properly with all inquiries from the data exporter relating to its processing of the personal data subject to the transfer and to abide by the advice of the supervisory authority with regard to the processing of the data transferred;

(f) at the request of the data exporter to submit its data processing facilities for audit of the processing activities covered by the Clauses which shall be carried out by the data exporter or an inspection body composed of independent members and in possession of the required professional qualifications bound by a duty of confidentiality, selected by the data exporter, where applicable, in agreement with the supervisory authority;

(g) to make available to the data subject upon request a copy of the Clauses, or any existing contract for subprocessing, unless the Clauses or contract contain commercial information, in which case it may remove such commercial information, with the exception of Appendix 2 which shall be replaced by a summary description of the security measures in those cases where the data subject is unable to obtain a copy from the data exporter;

(h) that, in the event of subprocessing, it has previously informed the data exporter and obtained its prior written consent;

(i) that the processing services by the subprocessor will be carried out in accordance with Clause 11;

(j) to send promptly a copy of any subprocessor agreement it concludes under the Clauses to the data exporter.

Clause 6

Liability

1. The parties agree that any data subject, who has suffered damage as a result of any breach of the obligations referred to in Clause 3 or in Clause 11 by any party or subprocessor is entitled to receive compensation from the data exporter for the damage suffered.

2. If a data subject is not able to bring a claim for compensation in accordance with paragraph 1 against the data exporter, arising out of a breach by the data importer or his subprocessor of any of their obligations referred to in Clause 3 or in Clause 11, because the data exporter has factually disappeared or ceased to exist in law or has become insolvent, the data importer agrees that the data subject may issue a claim against the data importer as if it were the data exporter, unless any successor entity has assumed the entire legal obligations of the data exporter by contract of by operation of law, in which case the data subject can enforce its rights against such entity.

The data importer may not rely on a breach by a subprocessor of its obligations in order to avoid its own liabilities.

3. If a data subject is not able to bring a claim against the data exporter or the data importer referred to in paragraphs 1 and 2, arising out of a breach by the subprocessor of any of their obligations referred to in Clause 3 or in Clause 11 because both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, the subprocessor agrees that the data subject may issue a claim against the data subprocessor with regard to its own processing operations under the Clauses as if it were the data exporter or the data importer, unless any successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law, in which case the data subject can enforce its rights against such entity. The liability of the subprocessor shall be limited to its own processing operations under the Clauses.

Clause 7

Mediation and jurisdiction

1. The data importer agrees that if the data subject invokes against it third-party beneficiary rights and/or claims compensation for damages under the Clauses, the data importer will accept the decision of the data subject:
(a) to refer the dispute to mediation, by an independent person or, where applicable, by the supervisory authority;
(b) to refer the dispute to the courts in the Member State in which the data exporter is established.

2. The parties agree that the choice made by the data subject will not prejudice its substantive or procedural rights to seek remedies in accordance with other provisions of national or international law.

Clause 8

Cooperation with supervisory authorities

1. The data exporter agrees to deposit a copy of this contract with the supervisory authority if it so requests or if such deposit is required under the applicable data protection law.

2. The parties agree that the supervisory authority has the right to conduct an audit of the data importer, and of any subprocessor, which has the same scope and is subject to the same conditions as would apply to an audit of the data exporter under the applicable data protection law.

3. The data importer shall promptly inform the data exporter about the existence of legislation applicable to it or any subprocessor preventing the conduct of an audit of the data importer, or any subprocessor, pursuant to paragraph 2. In such a case the data exporter shall be entitled to take the measures foreseen in Clause 5 (b).

Clause 9

Governing Law

The Clauses shall be governed by the law of the Member State in which the data exporter is established, namely Finland

Clause 10

Variation of the contract

The parties undertake not to vary or modify the Clauses. This does not preclude the parties from adding clauses on business related issues where required as long as they do not contradict the Clause.

Clause 11

Subprocessing

1. The data importer shall not subcontract any of its processing operations performed on behalf of the data exporter under the Clauses without the prior written consent of the data exporter. Where the data importer subcontracts its obligations under the Clauses, with the consent of the data exporter, it shall do so only by way of a written agreement with the subprocessor which imposes the same obligations on the subprocessor as are imposed on the data importer under the Clauses. Where the subprocessor fails to fulfil its data protection obligations under such written agreement the data importer shall remain fully liable to the data exporter for the performance of the subprocessor’s obligations under such agreement.

2. The prior written contract between the data importer and the subprocessor shall also provide for a third-party beneficiary clause as laid down in Clause 3 for cases where the data subject is not able to bring the claim for compensation referred to in paragraph 1 of Clause 6 against the data exporter or the data importer because they have factually disappeared or have ceased to exist in law or have become insolvent and no successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.

3. The provisions relating to data protection aspects for subprocessing of the contract referred to in paragraph 1 shall be governed by the law of the Member State in which the data exporter is established, namely Finland.

4. The data exporter shall keep a list of subprocessing agreements concluded under the Clauses and notified by the data importer pursuant to Clause 5 (j), which shall be updated at least once a year. The list shall be available to the data exporter’s data protection supervisory authority.

Clause 12

Obligation after the termination of personal data processing services

1. The parties agree that on the termination of the provision of data processing services, the data importer and the subprocessor shall, at the choice of the data exporter, return all the personal data transferred and the copies thereof to the data exporter or shall destroy all the personal data and certify to the data exporter that it has done so, unless legislation imposed upon the data importer prevents it from returning or destroying all or part of the personal data transferred. In that case, the data importer warrants that it will guarantee the confidentiality of the personal data transferred and will not actively process the personal data transferred anymore.

2. The data importer and the subprocessor warrant that upon request of the data exporter and/or of the supervisory authority, it will submit its data processing facilities for an audit of the measures referred to in paragraph 1.