Conditions de Services Prim Logix

SERVICES CONDITIONS

PRIM Logix

 Last updated: June 2023


These Service Conditions constitute a legal contract between the accepting entity (the "Client"; "you") and DÉV-NTIC INC., with a registered address at 1798 Jasmin Street, Saint-Jean-sur-Richelieu, Quebec J2W 1Z7 ("DÉV-NTIC," "we," "our," and collectively with the Client, the "parties," and each a "party").

These Service Conditions, along with the Proposal (as defined below) (collectively, the "Agreement"), define the legal relationship between you and us regarding the Services (as defined below). Please read the Agreement carefully before accessing or using our Services, as it contains important information regarding your obligations when using the Services. It also includes information about our liability towards you and the warranties or disclaimers that apply to our Services.

By choosing to use our Services, you must accept and agree to be bound by this Agreement and comply with its terms. Your continued use of any of our Services indicates that you continue to accept the Agreement. If you do not accept this Agreement, you must not use our Services.

If you have any questions regarding this matter, you can contact us at info@primlogix.com.

1.              Definitions

In these Conditions, capitalized words and expressions not defined elsewhere have the meanings given to them below:

  •  "Notification Email Address" refers to the email address you provided in the Proposal, which you designate to receive notices and other communications from us regarding the Services.

  • "Security Breach" refers to any act or omission that significantly compromises the security, confidentiality, or integrity of Personal Data.

  • "Account" refers to the account you acquire as part of your subscription to the Services, which allows you and your end-users to access and use the Software.

  •  "Documents" refer to the documents and any other materials made available to the Client (and end-users) regarding our provision of the Services, including specifications and technical prerequisites, operation, and Service descriptions published on our website.

  •  "Anonymous Data" refers to usage data, Customer Data, and other data generated by the Services that have been processed using a technology or anonymization method recognized by industry standards and, therefore, no longer relate to an identified or identifiable individual or entity. It is understood that Anonymous Data does not include Personal Data.

  • "Customer Data" refers to (i) Personal Data; (ii) Confidential Information; and (iii) other data generated by the Services or submitted through the Services by the Client (including End Users). Notwithstanding any contrary indication in this Agreement, Anonymous Data and Usage Data are not considered Customer Data.

  •  "Personal Data" refers to information that would meet the definition of "personal information" or "personal data" (or similar nomenclature) under the applicable Law and (i) is submitted through the Services by you or your End Users; or (ii) is collected or generated by the Services about End Users.

  • "Usage Data" refers to data inputted and/or generated by the Services relating to statistics, trends, performance, and analytics, such as page views, performance statistics, error frequency, and electronic attributes of devices, such as browser name and version, operating system, and country. Usage Data is generally used to improve our Services, monitor performance, and understand popular features.

  •  "Software" collectively refers to PRIM, PRIMWEB, and Q-LINK, including their respective version updates as provided in Article 2.c).

  •  "Open Source Software" refers to any software licensed under Open Source Code License Terms.

  • "Law" refers to any law, ordinance, regulation, rule, code, constitution, treaty, common law principle, judgment, decree, or other requirement of any federal, provincial, territorial, municipal, or foreign government or political subdivision thereof, or any competent arbitrator or court.

  • "Affiliate" refers to any entity that directly or indirectly controls, is controlled by, or is under common control with a party. For the purposes of this definition, "control" means the ownership or control, directly or indirectly, of more than 50% of the voting interests in the subject entity.

  • "Open Source Code License Terms" refers to licenses and/or distribution models commonly referred to as "open source software" or "free software" and any other license and/or distribution model under which software is generally made available to the public in source code form, allowing modification and redistribution of such software.

  • "PRIM" refers to the software installed on the End Users' workstations, as further described in the Proposal.

  • "PRIMWEB" refers to the web platform intended for use by the Client's candidates and clients, as further described in the Proposal.

  • "Urgent Security Issue" refers to (i) any use of the Services in breach of this Agreement by the Client or an End User; (ii) any Security Breach; or (iii) any situation reasonably requiring DÉV-NTIC to immediately take action to prevent or mitigate security risks, including the installation of critical security patches.

  • "Proposal" refers to the final version of the proposal, including the description of the Services, Fees, Subscription Duration, prepared by DÉV-NTIC and accepted by the Client, whether through a purchase order or other appropriate means, and to which this Agreement is attached.

 

  •  "Intellectual Property" refers to all intellectual property rights, including, but not limited to, works, inventions (whether patentable or not), discoveries, improvements, trade secrets, know-how, scientific formulas, data, information, images, reports, questionnaires, results, analyses, software, models, research and development information, technical information, prototypes, specifications, patterns, designs, algorithms, products, compositions, processes and protocols, methods, tests, devices, computer programs, trademarks, and all exclusive rights provided under patent laws, copyright laws, trademark laws, design patent laws, semiconductor chip or mask work laws, or any other legal provision or principle of civil law or common law applicable to the protection of intangible information or exclusive rights, including trade secret laws, which may confer a right with respect to any of the aforementioned elements, including all applications, registrations, or other evidence of a right with respect to any of the aforementioned elements.

 

  •  "Q-LINK" refers to the web browser extension intended for use by End Users acting as recruiters to quickly add new candidates for the Client.

 

  • "Third-Party Claim" refers to any claim, suit, action, or proceeding by a third party.

 

  •  "Confidential Information" refers to all information of a party (the "Disclosing Party") that is or will be in the possession of the other party (the "Receiving Party") concerning the business, property, affairs, or finances of the Disclosing Party, or of any person, corporation, company, or other entity, and which the Disclosing Party has an obligation to keep confidential, including, but not limited to, trade secrets, source codes, customer lists, business studies, and the terms of this Agreement. Confidential Information may be in written, printed, digital, or verbal form and includes any other type of information that is designated, orally or in writing, as confidential by the Disclosing Party at the time of its disclosure to the Receiving Party or that the Receiving Party should reasonably know, based on the circumstances in which it became aware of the information, constitutes Confidential Information.

 

  • "Representatives" refers to the Affiliates of a party, its subsidiaries, resellers, agents, and subcontractors, as well as the respective employees, directors, officers, and developers of each of these third parties and those of the party concerned, as applicable.

 

  • "Services" collectively refers to the Software Services and Professional Services indicated and further described in the Proposal.

 

  • "Software Services" collectively refers to the software services indicated and further described in the Proposal, including: o Software, along with their respective pre-deployment testing and basic configuration; o All technologies we have developed (software, hardware, algorithms, codes, processes, user interfaces, know-how, techniques, models, designs, and other technical or informational materials, tangible or intangible) related to the Platform; o System administration, hosting, system management, and system monitoring activities we perform in relation to the Platform; o Technical support related to the Software and maintenance, essentially as described in Article 5 herein; o Basic training; and o Level 1 user support (as defined in the Documents).

 

  • "Professional Services" collectively refers to the professional services indicated and further described in the Proposal or as may be the subject of a separate statement of work, which may include, among others: o Implementation services, including initial basic configuration; o Consulting services; o Custom development; o Technical support unrelated to the Software; o Level 2 user support (as defined in the Documents); o Custom Software configuration services, including those related to integration and/or compatibility with third-party platforms; and o End User training related to the Software.

 

  • "End Users" refers to each user authorized by you to use the Services, including authorized employees and candidates.

 

2.             Our Services

a) Eligibility for Services

Subject to your payment of the applicable Fees and your compliance with this Agreement, and provided the foregoing, we will provide the Services and make them available to you during the Subscription Duration, if applicable, all in accordance with this Agreement.

Our Services must not be used by any person under the age of sixteen (16).

b) Modifications to Services

We reserve the right to make changes to the Services. In the event of significant changes, we will notify you using the Notification Email Address. Changes to the Services must not have a materially adverse impact on the provision of the Services in accordance with this Agreement. We may need to modify this Agreement to adapt to new technologies, features, or regulatory requirements based on our legitimate business needs. If we need to modify the Agreement, we will notify you using the Notification Email Address. If you continue to use the Services after such notice, we will consider that you accept the modifications to the Agreement. You may object to such modifications to the Agreement by contacting us at info@primlogix.com, and if you are unable to reach a mutually acceptable modification, you may exercise your right to terminate for cause under Article 20.

c) Version Changes

We may occasionally develop new modules or versions, features, or characteristics related to the Services (each, a "Version Change"). Version Changes are generally included in your subscription to the Services unless otherwise specified by us (the "Excluded Version Change"). The customized configuration of Version Changes and related terms are further described in the Documents and/or the Proposal. Excluded Version Changes may be added through a mutually agreed change request between the parties and may be subject to additional fees and terms and conditions. Excluded Upgrades do not include patches and security updates necessary for the Services to function, for the most part, as described in this Agreement.

d) Third-Party Services

You hereby agree to comply with the terms and conditions of third parties when using the Software Services, including those applicable to third-party websites, sites, and applications made available to you as part of our Services, including integration partners that may be accessible through third-party-developed and owned application programming interfaces ("APIs"). You acknowledge and understand that we are not responsible for these third parties, and you engage with them at your own risk. They are not service providers of DÉV-NTIC.

e) Application Programming Interfaces

DÉV-NTIC may provide you with third-party APIs or APIs developed by DÉV-NTIC ("DÉV-NTIC APIs") that, as agreed between you and us, are part of DÉV-NTIC's Intellectual Property. Your use of DÉV-NTIC APIs must comply with this Agreement and the Documents, which may be modified from time to time to reflect changes in technical and operational environments.

You must use DÉV-NTIC APIs to access the Services. You must not use DÉV-NTIC APIs for any purpose or function or feature not described in the Documents or otherwise communicated to you by us.

 

3.              Your Obligations and Responsibilities

a) Acceptable Use

You represent and warrant that you will only use the Services for lawful purposes and in accordance with the rules set forth in this Agreement. You agree that you will make commercially reasonable efforts to ensure that your End Users use the Services in compliance with these rules. You remain fully responsible for all acts and omissions of your End Users, and any act or omission of an End User that would constitute a breach of the Agreement if done by you or on your behalf shall be deemed a breach of the Agreement by you.You hereby represent and warrant that, unless expressly authorized in writing by us, you and your End Users will not use the Services in any manner:

i) that is prohibited by Law or regulations or by our policies made available to you, including this Agreement;

ii) that disrupts the use or enjoyment of the Services by third parties, including if such use results in automated, constant, and repeated requests for data other than those authorized under this Agreement and has an adverse impact on our systems or network, including abnormal usage that overloads servers or causes a denial of service for certain parts of our network (e.g., distributed denial-of-service attacks);

 iii) that uses the Services to create, transmit, distribute, or store material that violates intellectual property rights, personal data protection, privacy or publicity rights of individuals, export control, or that may otherwise be threatening, abusive, hateful, or constitute or encourage conduct that would be considered fraudulent, a criminal offense, or liable to civil liability;

iv) that results in (A) sharing of credentials, usernames, and passwords between End Users or between End Users and unauthorized third parties; and (B) distribution, disclosure, or use of any of the Services in any format by or to unauthorized third parties (i.e., other than End Users), including through any time-sharing service, any computer service company, any network, or by any other means;

v) that includes the use of any robot, web crawler, data scraper, deep link, or any other tool, program, algorithm, or similar automated method of data collection or extraction to access, in whole or in part, the Services or to acquire, reproduce, or monitor them;

vi) that involves decompiling, disassembling, or otherwise reverse-engineering or attempting to reconstruct or discover any source code, idea, or algorithm relating to the underlying technology of the Services by any means;

vii) that involves any breach of our security, including, but not limited to:

A) disseminating or transmitting any file that contains viruses, computer worms, Trojan horses, or any other contaminating or destructive element;

B) disrupting the proper functioning of the Services;

C) attempting to hack any security requirement or process in connection with the use of the Services;

D) attempting to access any part of the Services (or any of their systems, networks, servers, or other related equipment) to which you are not authorized to access;

E) attempting to disrupt the operation of the Software Services, their servers, or their networks in any way;

F) failing to comply with any requirement, procedure, policy, or regulation of your network connected to the Software Services;

G) manipulating identifiers to conceal the origin of any content transmitted or uploaded to the Software Services, or the source of any content;

H) modifying the Software Services in any unauthorized manner;

 (collectively, "Abuse").

You agree and acknowledge that an indirect violation or attempt to violate this Section 3.a) shall be considered an Abuse. If we discover that you (or your End Users) are about to commit an Abuse (including facilitating an Abuse), we may suspend all or part of the Services on a preventive basis, with or without notice. If no prior notice has been provided, we will send you a written notice as soon as possible and conduct an investigation to reasonably determine whether the suspension of the Services should be maintained.

b) Access Restrictions

Certain countries are highly at risk for cyber-attacks, hacking, and spamming. Access to the Software Services is therefore blocked from these countries, as indicated in the Documents and subject to change without notice.

Upon Client's request, a country may be temporarily unblocked if the Client foresees the need to access PRIM from one of these countries. It is the responsibility of the Client to verify the availability of access before traveling to the destination by contacting DÉV-NTIC.

c) Account

End Users are responsible for maintaining the confidentiality of their access codes and other unique identifiers used to access the Software Services ("Credentials"), and DÉV-NTIC shall not be liable in the event that any of these Credentials is compromised. If Credentials have been compromised, you must immediately notify us of the situation so that we can conduct reasonable investigations. You agree to cooperate with us in such investigations.

d) Administration of Software Services

You are responsible for understanding the settings, privileges, and controls related to the Software Services and determining who is allowed to become an End User and choosing the settings and privileges for any End User. DÉV-NTIC is not responsible for managing End Users, settings, and controls available with respect to the Software Services.

You agree to promptly notify us of any changes to your Notification Email Address. If you fail to do so, we assume no liability for any notices or communications that you do not receive.

4. Interruption and Suspension of Software Services

a) Maintenance

While we strive to perform scheduled maintenance without service interruption, certain maintenance shutdowns may be necessary to ensure the security, integrity, and full functionality of our Services. We will make efforts to conduct maintenance during off-peak hours, such as nights and weekends. Where possible, we will provide advance notice of scheduled maintenance to the Client through the Notification Email Address or other electronic means.

b) Urgent Security Issues

Unless otherwise specified, we reserve the right to suspend, with or without notice, all or part of the Services in the event of urgent security issues.

c) Suspension for Legal Compliance

We may, at our sole discretion and at any time, suspend the provision of the Services, as necessary, to comply with any applicable law.

5. Support and Technical Assistance

DÉV-NTIC ensures the proper functioning of the Software Services under the conditions and technical requirements indicated in the Documents. We provide technical support for your use of the Software, in accordance with the support terms.

Normal business hours are Monday to Friday, 8:00 a.m. to 5:00 p.m. Eastern Standard Time, excluding holidays in effect in Quebec and any other office closure periods of DÉV-NTIC for which the Client has been notified by newsletter. These days are considered outside of normal business hours, even between 8:00 a.m. and 5:00 p.m. ( UTC-5)

6. Proposal; Fees; Taxes and Duties

a) Proposal; Request for Modification

The Proposal specifies the Subscription Term and payment terms (including frequency, amounts, and payment method(s)).

The Proposal is deemed approved upon acceptance by the Parties through their handwritten or electronic signature or by any other means deemed satisfactory by DÉV-NTIC.

In case of conflict between the Proposal and the Service Terms, the Proposal takes precedence over the Service Terms.

The Client may request modifications to certain parameters stipulated in the then-current Proposal through a request for modification to the Proposal ("Request for Modification"), which may be approved by DÉV-NTIC on a case-by-case basis, as required by and acceptable to the Client, at the sole discretion of DÉV-NTIC.

Notwithstanding any contrary provision in the Service Terms, DÉV-NTIC may modify the Fees prior to each Renewal of the Subscription Term. If DÉV-NTIC decides, at its sole discretion, to modify the Fees, it will notify the Client at least sixty (60) days before the end of the then-current Subscription Term by sending an email to the Notification Email Address.

b) Fees; Payments; Refunds

During the Subscription Term, you agree to pay us the fees described in the Proposal in consideration for our provision of the Services, all in accordance with this Section 6 and the payment terms (billing frequency, authorized payment methods, etc.) set out in the Proposal ("Fees").

Unless otherwise specified in the Proposal, all rates stated in this Agreement are in Canadian dollars. Customers outside Canada will be billed in USD.

Unless otherwise specified in the Proposal, the Client must settle invoices using an electronic payment solution, such as pre-authorized debit (PAD), electronic fund transfer (direct deposit or EFT), or Interac e-Transfer.

If you choose the PAD solution, you hereby authorize us to debit the Fees from your bank account, as applicable, and represent and warrant that you have provided us with accurate and truthful financial information as required for us to debit the Fees from your bank account. You also represent and warrant that you will promptly notify us of any changes to your financial information. You are responsible for all fees resulting from your failure to inform us of any changes, or fees incurred by DÉV-NTIC if your payment is declined for any reason.

Notwithstanding the above, DÉV-NTIC is not obligated to make such payment methods available to the Client, and different payment methods may be made available to the Client according to the terms and conditions set forth in the Proposal. We may change our billing options at any time by informing you through the Notification Email Address at least thirty (30) days in advance.

Subject to applicable laws, the Services are non-refundable, and we are not obligated to refund any Fees you have already paid for any reason.

Unless otherwise specified in the Proposal, all invoices issued to the Client by DÉV-NTIC are payable according to the following payment terms:

a) Licenses for the Software Services are payable in advance. Payment for licenses is due before the start of the Subscription Term or upon receipt of the invoice if it is an addition of licenses for the ongoing Subscription Term. They are invoiced to the Client thirty (30) days before the start of the Renewal Term.

 b) Other "à la carte" Services are due Net 15 Days from the billing date.

DÉV-NTIC may terminate these Service Terms (including the Proposal or any statement of work in progress) for cause, and it is not required to provide the Services until all invoices have been paid. Any unpaid portion of the Fees after the due date will accrue interest at a monthly rate of 1.5% (18% annually). The Client is responsible for all reasonable costs (including attorney fees) that DÉV-NTIC may incur in collecting unpaid Fees. The foregoing does not apply if any portion of the Fees is disputed in good faith, including if the matter is subject to mediation under Section 21(b) or arbitration under Section 21(c).

DÉV-NTIC reserves the right to increase the hourly rates by a maximum of 10% of the then-current rate, annually, following written notice of thirty (30) days to the Client, and to increase the license fees following written notice of sixty (60) days to the Client.

All Fees stated in this Agreement do not include applicable taxes, if any.

c) Software Licenses

The types of Software Licenses (as defined in Section 9(c)) and their pricing are described in the Documents.

The number of licenses acquired by the Client determines the number of authorized users allowed to use PRIM simultaneously.

All of the CLIENT's licenses must be of the same type and frequency. This frequency and the related terms for adding, removing, and payment regarding these changes are detailed in the Proposal.

d) Taxes and Duties

If DÉV-NTIC is required by Law or in connection with its administration to collect applicable taxes and duties from the Client, the Client shall pay such taxes and duties to DÉV-NTIC simultaneously with the payment of the Fees and in addition to such payment (and simultaneously with the payment of any other financial consideration payable under this Agreement and in addition to such payment), unless the Client is eligible for an exemption from paying such applicable taxes or duties, in which case the Client shall, instead of making payment of the applicable taxes and duties to DÉV-NTIC, provide DÉV-NTIC with the certificates, choices, or other documents required by Laws or in connection with their administration to substantiate the exemption requested by the Client and give effect to it. If DÉV-NTIC is not required by Law or in connection with its administration to collect applicable taxes and duties, the Client shall pay such taxes and duties directly to the relevant taxing authority and provide proof of such payment to DÉV-NTIC upon request.

 

The Client shall make all payments under this Agreement without any deduction or withholding for any taxes or duties ("Tax Deduction"), unless a Tax Deduction is required by law. If a Tax Deduction is required by law, then (i) if the Tax Deduction relates to taxes or duties other than those imposed on DÉV-NTIC's net income, the relevant amount payable by the Client under this Agreement shall be increased to correspond to the amount that, following any required Tax Deduction, would result in DÉV-NTIC receiving the amount that would have been received if no Tax Deduction had been required; (ii) the Client shall promptly notify DÉV-NTIC upon being informed that it must make a Tax Deduction (or that there is a change in the rate or method of calculating a Tax Deduction); and (iii) the Client shall, within the required time period, remit the amount of the Tax Deduction to the competent tax authorities. The Client shall use commercially reasonable efforts to mitigate, reduce, or eliminate any Tax Deduction (including, without limitation, by taking advantage of any reduction in the tax rate provided by any applicable international double tax treaty in force).

7. Term

These Service Terms are effective from the approval of the Proposal until the expiration of any Subscription Term and Renewal Term, unless earlier terminated in accordance with these terms (in which case they shall terminate as of the termination date) or if a statement of work is still active (in which case they shall terminate upon completion of the project or work specified in that statement) ("Term").

The Subscription Term begins on the date specified in the Proposal and ends at the end of the period specified therein ("Subscription Term"). The Subscription Term automatically renews for one (1) year (or one (1) month in the case of a monthly plan), unless otherwise indicated by either party at least thirty (30) days (or at least three (3) days in the case of monthly plans) prior to the end of the then-current Subscription Term (each, a "Renewal Term").

8. Intellectual Property

Except as expressly provided in this Agreement, we remain the sole and exclusive owner of all rights, titles, and interests, including all Intellectual Property, in relation to the Services, the Documents, and our Confidential Information. Notwithstanding any contrary provision, DÉV-NTIC is also the sole owner of any suggestions, requests for improvement, recommendations, or other feedback provided by the Client (or its end-users) relating to the Services ("Feedback"), as long as they relate to the Services, and the Client hereby assigns all its rights, titles, and interests in and to the Feedback to DÉV-NTIC without any limitation, and DÉV-NTIC accepts such assignment. Upon our reasonable request and at our expense, you will execute and deliver all documents and take all other actions that we may reasonably require to assist us in acquiring, developing, and maintaining our Intellectual Property in and to the Feedback.

The Client remains the sole and exclusive owner of all rights, titles, and interests in its Intellectual Property.

The Software Services may include Open Source Software. The terms and conditions governing your use of such Open Source Software are in accordance with the Open Source License Terms associated with such Open Source Software.

9. License

a) Licenses for Client Data

You retain all rights, titles, and interests in all Client Data, provided that you grant us a revocable (but solely under these Conditions), fully paid-up, non-exclusive, royalty-free, limited, worldwide license to collect, reproduce, distribute, use, and display the Client Data as may be necessary for us to provide the Services or exercise our rights and obligations under this Agreement.

Notwithstanding any contrary provision in this Agreement, you agree and acknowledge irrevocably that DÉV-NTIC owns all rights, titles, and interests, including, without limitation, all Intellectual Property rights, in anonymized data and data related to usage, which may be used and exploited by DÉV-NTIC for any purpose.

b) Licenses for Generated Documentation

The Services may include the provision of reports, self-generated and customized questionnaires, or similar documents to the Client (collectively, "Generated Documentation"). Unless otherwise specified in the Proposal, DÉV-NTIC hereby grants the Client a limited, non-exclusive, non-transferable, non-sublicensable license to reproduce, print, download, and use all Generated Documentation solely in accordance with this Agreement and for your commercial purposes and those of your Representatives. This license shall remain in effect after the Term.

c) Licenses for Services

Subject to your compliance with this Agreement, including payment of the applicable Fees, we hereby grant you a non-exclusive, non-transferable, non-sublicensable, revocable (but solely under this Agreement) right and license, for the Subscription Term, to download, install, use, and access the Software Services (and allow your end-users to access and use the Software Services) for legitimate business purposes, subject to the descriptions, terms, technical specifications, and types of licenses described in the Documents and indicated in the Proposal ("Software Licenses"). It is understood between the Parties that the Software Licenses should allow the Client to continue benefiting from the Services (subject to compliance with the Agreement and the validity of the subscription) in the event of DÉV-NTIC's bankruptcy with permanent closure, including the source code of the Software in the absence of a company to take over the development and support of the Software Services. All rights not expressly granted under these terms are reserved by DÉV-NTIC. End-users may only use the Software Services provided the Client remains responsible for its end-users.

 

10. Confidential Information

a) Exclusions

Confidential Information does not include information for which the receiving Party can demonstrate: (i) that it is readily accessible to the public in the same form without any fault on the part of the receiving Party; (ii) that it does not originate from the disclosing Party and has been legally obtained by the receiving Party in the same form from an independent third party without any restriction on disclosure; or (iii) that it does not originate from the disclosing Party and the receiving Party was in possession of such information in the same form prior to its disclosure to the receiving Party by the disclosing Party.

b) Obligations

The receiving Party acknowledges and agrees that the Confidential Information constitutes proprietary information of the disclosing Party and may constitute intellectual property of the disclosing Party, whether or not any part thereof is or may be validly protected by copyright or patented. The receiving Party shall use the Confidential Information of the disclosing Party solely for the purposes stated in this Agreement and shall protect such Confidential Information by exercising a degree of care and confidentiality at least equivalent to that it exercises for its own confidential information and, in no event, less than a reasonable degree of care and confidentiality.

The receiving Party shall take all reasonable measures necessary to ensure that the Confidential Information of the disclosing Party is not made accessible or disclosed to any third party by the receiving Party or any of its Representatives, except (i) as required by applicable law, including a valid court order; (ii) with the prior written consent of the disclosing Party; or (iii) as otherwise permitted by this Agreement or reasonably inferred from it. The receiving Party shall exercise due diligence to ensure that its Representatives are subject to the same confidentiality obligations.

The receiving Party may not make any copies or reproductions of the Confidential Information of the disclosing Party (in any form) except as required for the purposes of this Agreement (including backup and business continuity purposes).

c) Obligations upon Termination

Upon termination of these Service Terms for any reason, the receiving Party shall promptly return all Confidential Information it has in its possession to the disclosing Party or destroy such Confidential Information, at the option of the disclosing Party. Notwithstanding the foregoing, the receiving Party is allowed to retain copies to the extent required to comply with applicable law, for its business records, or as part of its business continuity, in which case the receiving Party shall ensure the confidentiality and integrity of such Confidential Information for as long as it remains in its custody and shall securely delete it as soon as reasonably possible.

11. Personal Data

a) Collection, Use, and Disclosure of Personal Data

You agree and acknowledge that we collect, use, and disclose Personal Data in accordance with our Privacy Policy.

The Client is responsible for complying with applicable law regarding the collection, use, and disclosure of Personal Data through the Software Services. Without limiting the generality of the foregoing, you represent and warrant that you have obtained all necessary consents or are relying on another legal basis to allow us to collect, use, and disclose Personal Data as stated in our Privacy Policy and to the extent necessary to provide the Services.

We will make commercially reasonable efforts to assist you in responding to requests for privacy protection, such as the right of access, rectification, or erasure of Personal Data, among others. If we receive such requests concerning your end-users, we will promptly notify you. The parties agree to cooperate in good faith to the extent necessary to respond to such requests in accordance with applicable law and as otherwise required to comply with applicable law.

To the extent that the European Union's General Data Protection Regulation applies to you, your customers, or our processing of Client Data for any reason, the Data Processing Addendum [9] is hereby added to and deemed an integral part of this Agreement.

b) Security Breach

In the event of a Security Breach involving Personal Data, we will notify you within forty-eight (48) hours after becoming aware of a Security Breach affecting Personal Data using the notification email address, providing sufficient information to enable you to fulfill your obligations to report to or inform affected individuals or authorities. If such information is not available at the time of the notice, we will follow up as the information becomes available. We may notify affected individuals directly without first obtaining your prior written consent if required by applicable law or if such mode of notification is more appropriate under the circumstances.

12. Information Security

Taking into account factors such as the sensitivity and quantity of Client Data, the nature, scope, context, and purpose of the use, collection, and disclosure of Client Data, as well as the inherent risks associated with such use, collection, and disclosure, including the rights and freedoms of individuals, DÉV-NTIC will implement appropriate physical, administrative, technical, and technological security measures to ensure an adequate level of security for the risks associated with Client Data.

The Client agrees to exercise reasonable diligence in preventing the transmission of any computer virus, worm, bug, or other computer infection to the Software Services. The Client is solely responsible for educating its end-users, providing them with training, and securing its own network and technologies and assets used to access the Software Services.

To the extent permitted by applicable laws, DÉV-NTIC shall not be liable for any loss of data caused by: any intentional or unintentional act of an end-user, intrusion by a malicious person (hacker, cracker, etc.), an external agent to the system (virus, spyware, any other software), failure of the Software Services and/or computer hardware. The Client is responsible for taking appropriate measures to protect its IT environment from various risks that may infect it.

13. Advertising

By subscribing to our Services, you hereby agree (i) that we may publicly use your name and logo together with the names and/or logos of other clients on our website and in our client lists, proposals, investor presentations, and sales presentations; and (ii) that each party shall obtain the other party's prior written consent before publishing any press release.

You may contact us at info@primlogix.com to withdraw the consent provided under this Article 13.

14. Representations and Warranties

We represent and warrant that the Services will substantially conform to the Documents and will be provided in a professional manner.

In addition to other representations and warranties provided in this Agreement, you represent and warrant that (i) all your end-users are at least sixteen (16) years old; and (ii) you have never been subject to suspension or prohibition from using the Services.

Each party represents and warrants (a) that it has the necessary power and authority to enter into this Agreement; and (b) that it will comply with all applicable laws in connection with the provision or use of the Services, as applicable.

15. Indemnification; Remedies

You hereby agree to indemnify, defend, and hold us (including our Representatives) harmless from and against all claims, penalties, fines, costs, expenses (including reasonable attorneys' fees), actions, damages, losses, or liabilities, directly or indirectly, arising out of or relating to: (i) your access to the Services, your use of the Services, or your alleged use of the Services in an unauthorized manner under the Agreement, including, without limitation, any breach of Articles 3 and 14; and (ii) negligence, fraud, and inadvertent misconduct on your part.

16. Disclaimer

**Except as provided in this Agreement, (i) we do not warrant that the Services will be uninterrupted or error-free; (ii) we do not provide any warranty regarding the results that may be obtained from the use of the Services; (iii) DÉV-NTIC is the sole entity authorized to make representations or warranties on its behalf; (iv) we do not warrant that the Services will be in accordance with representations made by our Representatives that are inconsistent with the Documents; (v) the Services are provided "as is," "where is," and "as available"; (vi) to the fullest extent permitted by law, we make no other representations, conditions, or warranties, express or implied, as to the accuracy, quality, reliability, or completeness of any data or information (including any generated Documentation) provided in connection with or as a result of using the Services; and (vii) we expressly disclaim any implied warranties of merchantability, fitness for a particular purpose, title, and non-infringement. Unless otherwise stated in this Agreement, you hereby waive any rights you may have with respect to any of the foregoing warranties, representations, or conditions, whether express or implied. The Client is solely responsible for the accuracy, truthfulness, and quality of the Client Data as well as any content, advice, or information that is directly or indirectly provided or transmitted through the Services by the Client (or its end-users). We exercise no control and assume no responsibility for the accuracy, truthfulness, and quality of such advice and Client Data, including, but not limited to, violations of intellectual property, applicable law, and data protection rights. DÉV-NTIC is not a company that provides human resources, marketing, legal, financial, accounting, tax, insurance, healthcare, real estate, or other professional services or advice. If you need such assistance, please seek the services of a competent professional. You acknowledge and agree that any data (including any generated Documentation) produced by the Services or obtained through the Services (or resulting from their use) is provided for informational purposes only. We assume no responsibility whatsoever for any business or professional decisions based on such data. You must ensure that the data is accurate and consistent. We do not operate the networks of wireless communication service providers or other communication service providers through which you may access the Services, and we have no control over the activities of such providers. Therefore, (i) we disclaim any liability and obligation with respect to your use of such providers to access the Services; and (ii) we cannot guarantee the confidentiality or security of wireless data transmissions. No other verbal advice or written or electronic information provided by DÉV-NTIC or its Representatives shall create a warranty.

17. Limitation of Liability

To the fullest extent permitted by law, neither party shall be liable to the other party or its Representatives for any loss of profits or any indirect, incidental, consequential, or special damages or exemplary damages arising out of or in connection with the provision of the Services or the satisfaction of any other obligation under this Agreement, even if a party has been advised of the possibility of such damages.

Notwithstanding any contrary indication, to the fullest extent permitted by law, our total liability to you for any damages arising out of or related to this Agreement, whether under statute, contract, tort, or otherwise, shall not exceed the amounts of Fees you have paid under this Agreement during the twelve (12) months preceding the event giving rise to such damages.

18. Major Force

Except for payment of Fees, neither party shall be responsible for any delays or failures in performance under these terms for reasons beyond its reasonable control, including, but not limited to, acts of God, criminal acts, actions taken by the government in its sovereign or contractual capacity, floods, earthquakes, and other natural disasters, strikes or other labor disputes, acts of war, acts of civil disobedience, denial of service attacks and distributed denial of service attacks, ransomware, and other cyber-attacks not caused or facilitated by negligence ("Force Majeure Event"). The parties shall promptly notify each other if a Force Majeure Event occurs.

19.Export Control; Anti-Corruption

Each party shall comply with all applicable laws regarding anti-corruption, including, but not limited to, the Corruption of Foreign Public Officials Act (Canada), as amended from time to time ("Anti-Corruption Laws"). Neither party nor any of its Representatives is or has been the subject of any investigation or inquiry by any authority regarding actual or potential violations of Anti-Corruption Laws. If a party has been subject to such investigation or inquiry, it represents and warrants that it has not been found guilty of any violation of applicable law and that no charges have been brought against it. Notwithstanding any contrary indication, if a party takes any action that could constitute a violation of Anti-Corruption Laws, the other party may immediately terminate this Agreement.

The Client acknowledges that the Services may be subject to Canadian and U.S. export laws and regulations, as well as the export laws and regulations of other countries, including, but not limited to, the Export Administration Regulations of the U.S. Department of Commerce and any U.S. government administrative laws made under them.

The Client represents and warrants that neither it nor any of its Representatives will export, re-export, distribute, or otherwise transfer the Services or any related technical information, directly or indirectly, to any country for which the relevant authorities (including Canadian and U.S. governmental entities) require an export license, other government approval, or assurance letter, without first obtaining such license, approval, or letter, including, but not limited to, any country listed on the Canadian Area Control List or subject to Canadian economic sanctions.

20. Termination

a) Termination

DÉV-NTIC may suspend or terminate the Service Terms (or a Statement of Work, if multiple are active) for cause (i) upon providing written notice of thirty (30) days of a material breach of the Agreement to the Client if such breach remains uncured at the expiration of such notice period; (ii) immediately upon written notice in the following cases:

**A) The Client becomes subject to a bankruptcy petition or any other insolvency, receivership, liquidation, or assignment for the benefit of creditors proceeding;

B) The Client refuses a modification to these Terms as more fully set forth in Article 2;

C) The Client or an End User engages in Abuse as described in Article 3, if DÉV-NTIC has conducted a reasonable investigation confirming that the Abuse has occurred;

D) In the case of a violation of Anti-Corruption Laws as described in Article 19;

E) The Client fails to pay any outstanding Fees as described in Article 6.b);

F) There is no reasonable prospect that the Client's material breach of this Agreement can be cured within thirty (30) days following receipt of the notice referred to in this Section 21.a).

The Client irrevocably and expressly waives Articles 2125 and 2126 of the Civil Code of Quebec.

We may terminate these Terms and the applicable Proposal without cause by providing you with written notice of ninety (90) days.

If the Services are terminated for any reason, the Client agrees to pay DÉV-NTIC, proportionally to the agreed Fees in the Proposal, for the actual work performed up to the date of termination of the Service Terms (or the relevant Statement of Work, as applicable).

For certainty, the suspension of the Services under Article 3 or this Section 20 (except for a suspension due to the circumstance set forth in paragraph B) above) does not relieve the Client of its obligation to pay any amounts owed to DÉV-NTIC under this Agreement and to comply with any other obligations under these Terms.

b) Effects of Termination

If this Agreement is terminated for any reason or expires, then: (i) except as otherwise provided in this Agreement, the rights granted by one party to the other shall immediately cease; (ii) you shall have limited access to the Services for a period of thirty (30) days during which you may extract your Client Data;

The provisions of Articles 8, 9, 10, 11, 12, 14, 15, 16, 17, 19, 20, 21, and 22 of these Terms shall survive the Term or termination of this Agreement for any reason.

21.Applicable Law; Dispute Resolution

a) Applicable Law

The validity, interpretation, and performance of this Agreement, and the legal relationship between you and us, shall be governed by the laws of Quebec, Canada, and the federal laws applicable therein and shall be construed in accordance therewith, without regard to any choice or conflict of law provision or rule (whether of Quebec or any other jurisdiction) that would cause the application of the laws of any jurisdiction other than Quebec, Canada. The Terms expressly exclude the application of the United Nations Convention on Contracts for the International Sale of Goods.

Subject to Sections 22.b) and 22.c) herein, any suit, action, or proceeding arising out of or in connection with the Agreement or any transaction contemplated hereby shall be instituted exclusively in Saint-Jean-sur-Richelieu, Quebec, Canada, and each party irrevocably submits to the exclusive jurisdiction of such courts in any suit, action, or proceeding.

b) Mediation

Any dispute between the parties arising out of or relating to the application or interpretation of the Agreement that is not resolved within thirty (30) days after the delivery of a written notice of dispute by one party to the other party shall be submitted to mandatory mediation. The parties shall participate in good faith in at least one (1) mediation session by designating an authorized person to attend. The mediator shall be jointly chosen by the parties acting reasonably. The mediation shall be conducted in French or English in the city of Saint-Jean-sur-Richelieu, Quebec, or by electronic means agreed upon by the parties. The parties shall be responsible for their own costs related to the mediation and shall share equally the other costs associated with the mediation, such as professional fees.

If the parties settle the dispute through mediation, they shall jointly prepare a document setting out the terms of the settlement. The document, once signed, shall irrevocably bind the parties and may be submitted for approval to a competent court in the judicial district of Iberville (Saint-Jean-sur-Richelieu), Quebec, Canada.

c) Arbitration

Subject to the provisions regarding mediation set forth above, any dispute, controversy, or claim arising out of or relating to this Agreement or its subject matter, including any question regarding its existence, interpretation, validity, breach, or termination, or the commercial relationship created thereby, shall be submitted to and conclusively resolved by arbitration under the rules of the Canadian Arbitration Association. The place of arbitration shall be Saint-Jean-sur-Richelieu, Quebec, Canada (unless otherwise agreed in writing by the parties). The language of the arbitration shall be French or English, at the option of the parties. A single arbitrator shall be jointly selected by the parties, or if the parties cannot agree, by a judge of the Superior Court of Quebec sitting for the judicial district of Iberville (Saint-Jean-sur-Richelieu). The arbitrator shall have at least five (5) years of experience in commercial law and in the technology sector such as software as a service (SaaS) tools.

The arbitrator shall select one of the final offers submitted by each party, in its entirety and without modification. The arbitrator shall provide detailed reasons for the decision. No hearing is required, and the parties may make written submissions. The decision of the arbitrator is final and binding, and no appeal may be made therefrom. The costs of arbitration shall be shared equally between the parties, and each party shall bear its own representation costs. Notwithstanding the foregoing, in the event that the decision of the arbitrator is in favor of DÉV-NTIC, the Client shall be solely responsible for bearing the costs of arbitration. The decision of the arbitrator may be enforced by any competent court.

The arbitration proceedings and awards shall be treated as confidential information.

22. General Provisions

The waiver of a breach of any provision of this Agreement shall not be deemed or interpreted as a waiver of any other or subsequent breach.

If any provision of this Agreement is found to be in violation of any applicable law or is illegal for any reason, such provision shall be deemed to be severed from this Agreement without affecting the validity of the remaining provisions.

This Agreement constitutes the entire agreement between the parties and supersedes all oral and written agreements between them relating to its subject matter.

We may assign this Agreement, in whole or in part, at any time as part of a good faith business reorganization, sale of our assets, merger and acquisition, or bankruptcy filing. You may not assign this Agreement or any portion thereof to another person without our prior written approval, which shall not be unreasonably withheld. Any attempt by you to assign this Agreement without our consent is void. You may not transfer to another person, temporarily or permanently, the rights to use the Services or any portion thereof.

 

Caractéristiques et requis techniques

Features and Technical Requirements

This document explains the features and technical requirements of the PRIM Logix environment and may be modified at any time by Dev-NTIC Inc.

Table of Contents

         1.Terminology 1

         2.System Operation 1

         3.Restrictions 3

         4.Remote Support 3

1.Terminology

1.1. DEV-NTIC refers to the service provider (development, sales, service of PRIM Logix).

1.2. The CLIENT refers to the user of the services and the SYSTEM.

1.3. The SYSTEM is defined as all software components developed by DEV-NTIC that are installed on the CLIENT's workstations and/or on DEV-NTIC servers, and all its software products, including but not limited to:

1.3.1. PRIM - Software installed on internal user workstations 1.3.2. PRIMWEB - Web platform used by candidates and clients

2.System Operation

2.1. The client's data is hosted through a cloud infrastructure managed by DEV-NTIC. DEV-NTIC, through selected service providers, is responsible for data storage, service access, and backup copying.

2.2. The client consents that DEV-NTIC will receive and store their data and understands that the transfer of such data will occur via the internet.

2.3. Backup copies are hosted on the platform of Dev-NTIC's choice.

2.4. Service Level Agreement: Since the services are hosted by external providers, access to the SYSTEM is directly linked to the level of service provided by these external providers. Dev-NTIC selects its external providers with great care for reliability and accessibility to services. Dev-NTIC cannot be held responsible for a service interruption caused by a problem with an external provider.

2.5. DEV-NTIC ensures the proper operation of the SYSTEM under the following conditions:

2.5.1. PRIM: Microsoft environment or emulation thereof. The client is responsible for providing an adequate technological environment that meets the following minimum technical standards:

2.5.1.1. Computer: 2.5.1.1.1. Windows 10 or newer (32-bit or 64-bit) 2.5.1.1.2. If MS Office is used, MS Office 2013 or newer. 2.5.1.1.3. Technical specifications (memory, processor, disk space) that comply with the standards recommended by Microsoft for the installed Windows version. The CLIENT acknowledges that they will have better PRIM performance if they increase the technical capabilities of their computers. 2.5.1.1.4. If antivirus software is present on the computers, the CLIENT must ensure that it does not conflict with PRIM. The CLIENT is responsible for adding PRIM to the antivirus's authorized software list to prevent the antivirus from blocking PRIM during installation, regular use, and updates. Any technical intervention by the Dev-NTIC team regarding antivirus software is billable.

2.5.2. Network: 2.5.2.1. High-speed internet access based on the number of users on their network.

2.5.3. PRIMWEB: 2.5.3.1. Supported browsers. The following browsers are tested during version creation, and Dev-NTIC ensures the proper functioning of PRIMWEB on these browsers:

?      Google Chrome

?      Mozilla Firefox

?      Microsoft Edge

?      Safari

2.5.3.2. The CLIENT is informed that "cookies" are placed on the computers of web platform users during their connections to PRIMWEB to enhance their experience, and they must accept them to ensure the proper functioning of PRIMWEB.

2.6. PRIMWEB is hosted on DEV-NTIC's servers (hosted by external providers) and accessible via a personalized URL for the CLIENT (e.g., client.prim-web.com).

2.6.1. If the URL is a subdomain of the CLIENT (e.g., portal.client.com): The CLIENT must ensure that any security management system such as "CloudFlare" (not limited to) allows the proper functioning of the platform. The CLIENT understands that any technical intervention related to these security systems is at their own expense.

3.Restrictions

3.1. International access to the SYSTEM: Some countries are at high risk for computer attacks, hacking, and spamming. Access to the SYSTEM is therefore blocked from these countries (subject to change without notice):

•   Chine,
•   Russie,
•   Japon,
•   Ukraine,
•   Brésil,
•   Inde,
•   Turquie,
•   Corée du Nord,
•   Argentine,
•   Vietnam,
•   Colombie,
•   Taïwan,
•   
Iran,
•   Arabie Saoudite,
•   Pakistan,
•   Indonésie,
•   Égypte,
•   Nigeria,
•   Mexique,
•   Philippines,
•   Thaïlande,
•   Venezuela
•   Lituanie


3.2. If the CLIENT wishes to use PRIM in a blocked country, we suggest using a VPN service to modify the IP address that accesses the system to an IP address from an authorized country.

4.Remote Support

4.1. To ensure efficient support, the CLIENT must allow DEV-NTIC to use remote control software via the internet. The inability for DEV-NTIC to connect remotely will result in additional charges based on the time lost. ConnectWise is the remote control service used by Dev-NTIC, accessible at this URL: http://support.primlogix.com:8040/login.



Clauses contractuelles types

CLAUSES CONTRACTUAL TEMPLATES

SECTION I

 

Clause 1 Purpose and Scope

a)     These contractual clauses aim to ensure compliance with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) in the event of personal data transfers to a third country.

 

b)    The parties: i) the natural or legal persons, public authorities, agencies, or other bodies (hereinafter referred to as the "data exporter") transferring the personal data, as listed in Annex I.A. ii) the entities in a third country receiving the personal data from the data exporter, directly or indirectly through another entity also bound by these clauses, as listed in Annex I.A. (hereinafter referred to as the "data importer") have agreed to these contractual clauses (hereinafter referred to as the "clauses").

 

c)      These clauses apply to the transfer of personal data specified in Annex I.B. The appendix to these clauses, containing the mentioned annexes, forms an integral part of these clauses.

 

 

Clause 2 Effect and Invariability of the Clauses

a) These clauses provide appropriate safeguards, including enforceable rights for data subjects and effective legal remedies, pursuant to Article 46(1) and Article 46(2)(c) of Regulation (EU) 2016/679. Regarding the transfers of personal data from data controllers to processors and/or from processors to subprocessors, these are the standard contractual clauses referred to in Article 28(7) of Regulation (EU) 2016/679, provided that they are not modified except to select the appropriate module(s) or to add or update information in the appendix. This does not prevent the parties from including these standard contractual clauses in a broader contract and/or adding other clauses or additional safeguards, provided that they do not directly or indirectly contradict these clauses and do not undermine the fundamental rights and freedoms of data subjects.

b) These clauses are without prejudice to the obligations of the data exporter under Regulation (EU) 2016/679.

 

Clause 3 Third-Party Beneficiaries

a) Data subjects may invoke and enforce these clauses as third-party beneficiaries against the data exporter and/or data importer, with the following exceptions:

i) Clause 1, Clause 2, Clause 3, Clause 6, Clause 7;

ii) Clause 8—Clause 8.1, paragraph (b), Clause 8.9, paragraphs (a), (c), (d), and (e);

iii) Clause 9—Clause 9, paragraphs (a), (c), (d), and (e);

iv) Clause 12—Clause 12, paragraphs (a), (d), and (f);

v) Clause 13;

vi) Clause 15.1, paragraphs (c), (d), and (e);

vii) Clause 16, paragraph (e);

viii) Clause 18—Clause 18, paragraphs (a) and (b).

b) Paragraph (a) is without prejudice to the rights of data subjects under Regulation (EU) 2016/679.

 

Clause 4 Interpretation

a) When these clauses use terms defined in Regulation (EU) 2016/679, they have the same meaning as in that regulation.

b) These clauses shall be interpreted in light of the provisions of Regulation (EU) 2016/679.

c) These clauses shall not be interpreted in a way that contradicts the rights and obligations provided for in Regulation (EU) 2016/679.

 

Clause 5 Hierarchy

In the event of any contradiction between these clauses and the provisions of any agreements between the parties existing at the time of agreement to or subscription to these clauses, or entered into thereafter, these clauses shall prevail.

Clause 6 Description of Transfers

 The details of the transfers, particularly the categories of personal data transferred and the purposes for which they are transferred, are specified in Annex I.B.

 

Clause 7 — Adherence Clause [NTD: Optional Clause]

 

a) An entity that is not a party to these clauses may, with the agreement of the parties, adhere to them at any time, either as a data exporter or as a data importer, by completing the appendix and signing Annex I.A.

 

b) Once the appendix is completed and Annex I.A. is signed, the adhering entity becomes a party to these clauses and has the rights and obligations of a data exporter or a data importer, as designated in Annex I.A.

 

 c) The adhering entity has no rights or obligations arising from these clauses for the period prior to its adherence to them.

 

SECTION II — OBLIGATIONS OF THE PARTIES

 

Clause 8 Data Protection Guarantees

 

The data exporter guarantees that it has taken reasonable steps to ensure that the data importer is able to fulfill its obligations under these clauses by implementing appropriate technical and organizational measures.

 

8.1. Instructions

a) The data importer processes personal data only on documented instructions from the data exporter. The data exporter may provide these instructions throughout the duration of the contract.

b) If the data importer is unable to follow these instructions, it shall immediately inform the data exporter.

 

8.2. Limitation of Purposes

 

The data importer processes personal data only for the specific purposes of the transfer, as specified in Annex I.B, unless otherwise instructed by the data exporter.

 

8.3. Transparency

 

Upon request, the data exporter shall provide a copy of these clauses, including the appendix as completed by the parties, free of charge to the data subject. To the extent necessary to protect trade secrets or other confidential information, including the measures described in Annex II and the personal data, the data exporter may redact part of the text of the appendix to these clauses before providing a copy, but shall provide a meaningful summary if it would otherwise be impossible for the data subject to understand the content or exercise their rights. The parties shall, upon request, provide the data subject with the reasons for the redactions, to the extent possible without revealing the redacted information. This clause is without prejudice to the data exporter's obligations under Articles 13 and 14 of Regulation (EU) 2016/679.

 

8.4. Accuracy

If the data importer becomes aware that the personal data it has received is inaccurate or outdated, it shall promptly inform the data exporter. In such cases, the data importer shall cooperate with the data exporter to erase or rectify the data.

 

8.5. Duration of Processing and Erasure or Return of Data

 

The data importer shall process data only for the duration specified in Annex I.B. Upon termination of the provision of processing services, the data importer, at the discretion of the data exporter, shall either erase all personal data processed on behalf of the data exporter and provide proof thereof, or return all personal data processed on behalf of the data exporter and erase existing copies. Until the data is erased or returned, the data importer shall continue to ensure compliance with these clauses. If the applicable local law of the data importer prohibits the return or erasure of personal data, the data importer warrants that it will continue to comply with these clauses and will only process the personal data to the extent and for as long as required by such local law. This is without prejudice to Clause 14, in particular the data importer's obligation under Clause 14(e) to inform the data exporter throughout the duration of the contract if it has reason to believe that it is or has become subject to a law or practice that does not conform to the requirements of Clause 14(a).

 

8.6. Security of Processing

 

a) The data importer and, during transmission, the data exporter shall implement appropriate technical and organizational measures to ensure the security of the data, including protection against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to such data ("personal data breach"). When assessing the appropriate level of security, the parties shall duly consider the state of the art, the costs of implementation, the nature, scope, context, and purposes of the processing, as well as the risks inherent in the processing for the data subjects. The parties shall particularly consider the use of encryption or pseudonymization, including during transmission, where the purpose of the processing can be achieved in that manner. In case of pseudonymization, additional information enabling the attribution of the personal data to a specific data subject shall, as far as possible, remain under the exclusive control of the data exporter. To fulfill its obligations under this paragraph, the data importer shall implement at least the technical and organizational measures specified in Annex II. It shall conduct regular checks to ensure that these measures continue to provide an appropriate level of security.

 

b) The data importer shall grant access to personal data to members of its personnel only to the extent strictly necessary for the implementation, management, and monitoring of the contract. It shall ensure that persons authorized to process personal data are committed to confidentiality or are subject to an appropriate legal obligation of confidentiality.

 

c) In the event of a personal data breach involving personal data processed by the data importer under these clauses, the data importer shall take appropriate measures to address the breach, including measures to mitigate any negative effects. The data importer shall also promptly notify the data exporter of such breach upon becoming aware of it. This notification shall include contact details for obtaining further information and a description of the nature of the breach (including, if possible, the categories and approximate number of data subjects concerned and the personal data records concerned), its likely consequences, and the measures taken or proposed to address it, including, where applicable, measures to mitigate any potential negative effects. If, and to the extent, it is not possible to provide all the information at the same time, the initial notification shall contain the information available at that time, and additional information shall be provided as soon as it becomes available.

 

d) The data importer shall cooperate with the data exporter and provide assistance to enable the data exporter to fulfill its obligations under Regulation (EU) 2016/679, including the obligation to notify the competent supervisory authority and data subjects, taking into account the nature of the processing and the information available to the data importer.

 

8.7. Sensitive Data

 

When the transfer involves personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a person's sex life or sexual orientation, or data relating to criminal convictions and offenses ("sensitive data"), the data importer shall apply the specific restrictions and/or additional safeguards described in Annex I.B.

 

8.8. Subsequent Transfers

 

The data importer shall disclose personal data to a third party only on documented instructions from the data exporter. Furthermore, data may be disclosed to a third party located outside the European Union (in the same country as the data importer or another third country, hereinafter referred to as "subsequent transfer") only if the third party is bound by these clauses or agrees to be bound by them, using the appropriate module, or if:

 

i) the subsequent transfer is made to a country benefiting from an adequacy decision under Article 45 of Regulation (EU) 2016/679 that covers the subsequent transfer;

 

ii) the third party otherwise provides appropriate safeguards pursuant to Articles 46 or 47 of Regulation (EU) 2016/679 with respect to the processing in question;

 

iii) the subsequent transfer is necessary for the establishment, exercise, or defense of legal claims in the context of specific administrative, regulatory, or judicial proceedings; or

 

iv) the subsequent transfer is necessary to protect the vital interests of the data subject or another natural person.

 

Any subsequent transfer shall be subject to compliance by the data importer with all other safeguards under these clauses, particularly the limitation of purposes.

 

8.9. Documentation and Compliance

 

a) The data importer shall promptly and properly address inquiries from the data exporter regarding the processing under these clauses.

 

b) The parties shall be able to demonstrate compliance with these clauses. In particular, the data importer shall maintain appropriate documentation of the processing activities carried out on behalf of the data exporter.

 

c) The data importer shall provide the data exporter with all necessary information to demonstrate compliance with the obligations laid down in these clauses and, at the request of the data exporter, enable and contribute to audits of the processing activities covered by these clauses at reasonable intervals or when there are indications of non-compliance. When deciding on an examination or audit, the data exporter may take into account relevant certifications held by the data importer.

 

d) The data exporter may choose to conduct the audit itself or to engage an independent auditor. Audits may also include inspections of the premises or physical facilities of the data importer and, if applicable, shall be carried out with reasonable prior notice.

 

e) The parties shall provide the competent supervisory authority, upon request, with the information referred to in paragraphs (b) and (c), including the results of any audits.

 

Clause 9 Use of Subprocessors

 

MODULE 2: Transfer from Data Controller to Data Processor [NTD: Option 2 recommended, considering the DPA]

 

a) OPTION 1: SPECIFIC PRIOR AUTHORIZATION - The data importer shall not subcontract any of the processing activities it performs on behalf of the data exporter under these clauses to a subsequent data processor without the specific prior written authorization of the data exporter. The data importer shall submit the request for specific authorization at least [specify timeframe] before engaging the subsequent data processor, providing the necessary information to enable the data exporter to make a decision regarding the authorization. The list of subsequent data processors already authorized by the data exporter is available in Annex III. The parties shall keep this annex up to date.

 

OPTION 2: GENERAL WRITTEN AUTHORIZATION - The data importer has the general authorization from the data exporter to engage one or more subsequent data processors from a jointly agreed list. The data importer shall expressly and in writing inform the data exporter of any changes regarding the addition or replacement of subsequent data processors that are planned to be made to this list at least [specify timeframe - align with the DPA] in advance, thereby giving the data exporter sufficient time to object to these changes before the engagement of the subsequent data processor(s). The data importer shall provide the data exporter with the necessary information to exercise its right to object.

b) When the data importer engages a subsequent data processor to perform specific processing activities (on behalf of the data exporter), it does so through a written contract that includes, in substance, the same data protection obligations as those binding the data importer under these clauses, particularly concerning the rights of the data subject as a third-party beneficiary. The parties agree that by complying with this clause, the data importer fulfills its obligations under Clause 8.8. The data importer ensures that the subsequent data processor complies with the obligations to which it is subject under these clauses.

 

c) At the data exporter's request, the data importer shall provide a copy of the contract with the subsequent data processor and any subsequent amendments. To the extent necessary to protect trade secrets or other confidential information, including personal data, the data importer may redact part of the text of the contract before providing a copy.

 

d) The data importer remains fully responsible to the data exporter for the performance of the obligations of the subsequent data processor under the contract concluded between them. The data importer shall notify the data exporter of any breach by the subsequent data processor of its obligations under that contract.

e) The data importer agrees with the subsequent data processor on a third-party beneficiary clause, whereby, in cases where the data importer has materially disappeared, ceased to exist in law, or become insolvent, the data exporter has the right to terminate the contract with the subsequent data processor and instruct it to erase or return the personal data.

 

Clause 10 Rights of Data Subjects

 

a) The data importer promptly informs the data exporter of any requests received from a data subject. It does not respond to such requests unless authorized to do so by the data exporter.

 

b) The data importer assists the data exporter in fulfilling its obligation to respond to requests from data subjects seeking to exercise their rights under Regulation (EU) 2016/679. In this regard, the parties specify in Annex II the appropriate technical and organizational measures, taking into account the nature of the processing, through which the assistance will be provided, as well as the scope and extent of the assistance required.

 

c) When fulfilling its obligations under paragraphs (a) and (b), the data importer complies with the instructions of the data exporter.

 

Clause 11 Remedies

 

a) The data importer informs data subjects, in a transparent and easily accessible form, through individual notification or on its website, of an authorized contact point to handle complaints. It promptly addresses any complaints received from a data subject.

 

[OPTION: The data importer agrees that data subjects may also file a complaint, free of charge, with an independent dispute resolution body. It informs data subjects, as indicated in paragraph (a), of this recourse mechanism and that they are not required to use it or observe a hierarchy in remedies.]

 

b) In the event of a dispute between a data subject and either party concerning compliance with these clauses, that party shall make every effort to reach an amicable settlement as soon as possible. The parties shall keep each other informed of such disputes and, where appropriate, cooperate to resolve them.

 

c) When a data subject invokes a third-party beneficiary right under Clause 3, the data importer accepts the decision of the data subject:

 

i) to lodge a complaint with the supervisory authority of the Member State where the data subject's habitual residence or place of work is located or with the competent supervisory authority under Clause 13;

 

 ii) to refer the matter to the competent courts under Clause 18.

 

d) The parties agree that the data subject may be represented by a nonprofit body, organization, or association in accordance with Article 80(1) of Regulation (EU) 2016/679. e) The data importer complies with a binding decision under applicable Union or Member State law.

 

f) The data importer agrees that the choice made by the data subject shall not prejudice the procedural and substantive rights of the data subject to seek remedies under applicable law.

 

Clause 12 Liability

 

a) Each party is liable to the other party or parties for any damages it causes as a result of a breach of these clauses.

 

b) The data importer is liable to the data subject, and the data subject has the right to seek compensation for any material or non-material damage caused by the data importer or its subsequent data processor due to a breach of the rights of the third-party beneficiary under these clauses.

 

c) Notwithstanding paragraph (b), the data exporter is liable to the data subject, and the data subject has the right to seek compensation for any material or non-material damage caused by the data exporter or the data importer (or its subsequent data processor) due to a breach of the rights of the third-party beneficiary under these clauses. This is without prejudice to the liability of the data exporter and, if the data exporter is a data processor acting on behalf of a data controller, the liability of the data controller under Regulation (EU) 2016/679 or Regulation (EU) 2018/1725, as applicable.

 

d) The parties agree that if the data exporter is held liable under paragraph (c) for damage caused by the data importer (or its subsequent data processor), it has the right to claim from the data importer the portion of compensation corresponding to the data importer's liability for the damage.

 

e) When several parties are responsible for damage caused to the data subject due to a breach of these clauses, all responsible parties are jointly and severally liable, and the data subject has the right to bring an action for damages against any of those parties. f) The parties agree that if liability is established under paragraph (e) against one of them, that party has the right to claim from the other party or parties the portion of compensation corresponding to their liability for the damage.

 

g) The data importer may not invoke the conduct of a subsequent data processor to escape its own liability.

 

Clause 13 Supervision

 

a) [If the data exporter is established in a Member State of the Union:] The supervisory authority responsible for ensuring the compliance of the data exporter with Regulation (EU) 2016/679 regarding the transfer of data, as indicated in Annex I.C, acts as the competent supervisory authority.

 

[If the data exporter is not established in a Member State of the Union but falls within the territorial scope of Regulation (EU) 2016/679 under Article 3(2) and has designated a representative under Article 27(1) of the said Regulation:] The supervisory authority of the Member State in which the representative referred to in Article 27(1) of Regulation (EU) 2016/679 is established, as indicated in Annex I.C, acts as the competent supervisory authority.

 

[If the data exporter is not established in a Member State of the Union but falls within the territorial scope of Regulation (EU) 2016/679 under Article 3(2) without having to designate a representative under Article 27(2) of Regulation (EU) 2016/679:] The supervisory authority of one of the Member States where the data subjects whose personal data is transferred under these clauses in relation to the offering of goods or services, or whose behavior is monitored, are located, as indicated in Annex I.C, acts as the competent authority.

 

b) The data importer agrees to submit to the jurisdiction of the competent supervisory authority and to cooperate with it in any proceedings aimed at ensuring compliance with these clauses. In particular, the data importer agrees to respond to inquiries, undergo audits, and comply with measures adopted by the supervisory authority, including corrective and compensatory measures. The data importer provides written confirmation to the supervisory authority that necessary measures have been taken.

 

SECTION III — LOCAL LAWS AND OBLIGATIONS IN CASES OF ACCESS BY PUBLIC AUTHORITIES

 

Clause 14 Local Laws and Practices Impacting Compliance with the Clauses

 

a) The parties warrant that they have no reason to believe that the legislation and practices of the destination third country applicable to the processing of personal data by the data importer, including requirements regarding the disclosure of personal data or measures authorizing public authorities' access to such data, prevent the data importer from fulfilling its obligations under these clauses. This provision is based on the understanding that legislation and practices respecting the essence of fundamental rights and freedoms and not exceeding what is necessary and proportionate in a democratic society to safeguard one of the objectives listed in Article 23(1) of Regulation (EU) 2016/679 are not in conflict with these clauses.

 

b) The parties declare that in providing the warranty under paragraph a), they have duly considered, in particular, the following elements:

 

i) The specific circumstances of the transfer, including the length of the processing chain, the number of actors involved, and the transmission channels used; the intended further transfers; the type of recipient; the purpose of the processing; the categories and format of the transferred personal data; the economic sector in which the transfer takes place, and the location of the transferred data;

 

ii) The legislation and practices of the destination third country, including those requiring the disclosure of data to public authorities or authorizing their access to data, that are relevant in light of the specific circumstances of the transfer, as well as applicable limitations and safeguards;

 

iii) Any relevant contractual, technical, or organizational safeguards put in place to supplement the guarantees provided by these clauses, including measures implemented during transmission and the processing of personal data in the destination country.

 

c) The data importer warrants that, in the assessment under paragraph b), it has made every effort to provide relevant information to the data exporter and agrees to continue cooperating with the data exporter to ensure compliance with these clauses.

 

d) The parties agree to keep a record of the assessment under paragraph b) and make this assessment available to the competent supervisory authority upon request.

 

e) The data importer agrees to promptly inform the data exporter if, after adopting these clauses and during the term of the contract, it has reason to believe that it is or has become subject to legislation or practices that do not conform to the requirements under paragraph a), including as a result of a change in the legislation of the third country or a measure (such as a disclosure request) indicating a practical application of such legislation that does not conform to the requirements under paragraph a).

 

f) Following a notification under paragraph e), or if the data exporter has other reasons to believe that the data importer can no longer fulfill its obligations under these clauses, the data exporter promptly defines appropriate measures (such as technical or organizational measures to ensure security and confidentiality) that it or the data importer must adopt to remedy the situation. The data exporter suspends the transfer of data if it believes that no appropriate safeguards can be provided for such transfer or if instructed to do so by the competent supervisory authority. In such a case, the data exporter has the right to terminate the contract to the extent it concerns the processing of personal data under these clauses. If the contract involves more than two parties, the data exporter can exercise this termination right only with respect to the party concerned, unless otherwise agreed by the parties. When the contract is terminated under this clause, clause 16, paragraphs d) and e), apply.

 

Clause 15 Obligations of the Data Importer in Case of Access by Public Authorities

 

15.1 Notification

 

a) The data importer agrees to promptly inform the data exporter and, if possible, the data subject (with the assistance of the data exporter if necessary):

i) If it receives a legally binding request from a public authority, including a judicial authority, under the legislation of the destination country for the disclosure of personal data transferred under these clauses; this notification includes information about the requested personal data, the requesting authority, the legal basis of the request, and the response provided; or

ii) If it becomes aware of any direct access by public authorities to the personal data transferred under these clauses under the legislation of the destination country; this notification includes all the information available to the data importer.

 

b) If the legislation of the destination country prohibits the data importer from informing the data exporter and/or the data subject, the data importer agrees to make every effort to obtain a lifting of this prohibition in order to communicate as much information as possible, promptly. The data importer agrees to keep a record of its efforts to provide evidence to the data exporter upon request.

 

c) Where the legislation of the destination country allows, the data importer agrees to provide the data exporter, at regular intervals during the term of the contract, with as much relevant information as possible regarding the requests received (including the number of requests, the type of data requested, the requesting authorities, the challenging or not of the requests, and the outcome of such challenges, etc.).

 

d) The data importer agrees to keep the information mentioned in paragraphs a) to c) during the term of the contract and make it available to the competent supervisory authority upon request. e) Paragraphs a) to c) are without prejudice to the obligation of the data importer, under clause 14, paragraph

 

e), and clause 16, to promptly inform the data exporter if it is unable to comply with these clauses.

 

15.2 Legality Control and Data Minimization

 

a) The data importer agrees to verify the legality of the disclosure request, particularly by assessing whether it falls within the limits of the powers conferred to the requesting public authority, and to challenge it if, following a careful evaluation, it has reasonable grounds to believe that it is unlawful under the legislation of the destination country, the applicable obligations under international law, and the principles of international courtesy. The data importer pursues available appellate remedies under the same conditions. When challenging a request, the data importer seeks interim measures to suspend the effects of the request until the competent judicial authority determines its merits. It does not disclose the requested personal data until required to do so under applicable procedural rules. These requirements are without prejudice to the obligations of the data importer under clause 14, paragraph e).

 

b) The data importer agrees to keep a record of its legal assessment and any challenge to the disclosure request and, to the extent permitted by the legislation of the destination country, make the relevant documents available to the data exporter. It also makes them available to the competent supervisory authority upon request.

 

c) The data importer agrees to provide the minimum amount of information allowed when responding to a disclosure request, based on a reasonable interpretation of the request.

 

SECTION IV — FINAL PROVISIONS

 

Clause 16 Non-compliance with the Clauses and Termination

 

a) The data importer promptly informs the data exporter if it is unable to comply with these clauses, regardless of the reason.

 

b) In the event that the data importer breaches these clauses or is unable to comply with them, the data exporter suspends the transfer of personal data to the data importer until compliance with these clauses is ensured again or until the contract is terminated. This is without prejudice to clause 14, paragraph f).

c) The data exporter has the right to terminate the contract, to the extent it concerns the processing of personal data under these clauses, when:

 

i) The data exporter has suspended the transfer of personal data to the data importer under paragraph b) and compliance with these clauses is not restored within a reasonable period and, in any event, within one month from the suspension;

 

ii) The data importer seriously or persistently breaches these clauses; or

 

 iii) The data importer fails to comply with a binding decision of a court or supervisory authority concerning its obligations under these clauses.

 

In these cases, the data exporter informs the competent supervisory authority of the non-compliance. If the contract involves more than two parties, the data exporter can exercise this termination right only with respect to the party concerned, unless otherwise agreed by the parties.

 

d) Personal data transferred prior to the termination of the contract under paragraph c) shall be promptly returned to the data exporter or erased in their entirety, at the data exporter's discretion. The same applies to any copies of the data. The data importer provides evidence of the erasure to the data exporter. Until the data is erased or returned, the data importer continues to ensure compliance with these clauses. When the applicable local legislation prohibits the return or erasure of transferred personal data, the data importer warrants that it will continue to comply with these clauses and will process the data only to the extent and for as long as required by such local legislation.

 

e) Each party may revoke its consent to be bound by these clauses i) if the European Commission adopts a decision under Article 45(3) of Regulation (EU) 2016/679 that covers the transfer of personal data to which these clauses apply; or ii) if Regulation (EU) 2016/679 is incorporated into the legal framework of the country to which the personal data is transferred. This is without prejudice to other obligations applicable to the processing in question under Regulation (EU) 2016/679.

 

Clause 17 Applicable Law

[OPTION 1: These clauses are governed by the law of one of the European Union Member States, provided that such law recognizes rights to the third-party beneficiary. The parties agree that it is the law of _______ (specify the Member State).]

 

[OPTION 2: These clauses are governed by the law of the European Union Member State in which the data exporter is established. If this law does not recognize rights to the third-party beneficiary, the clauses are governed by the law of another European Union Member State that recognizes such rights. The parties agree that it is the law of _______ (specify the Member State).]

 

Clause 18 Choice of Forum and Jurisdiction

a) Any dispute arising from these clauses is settled by the courts of a European Union Member State.

b) The parties agree that it is the courts of _______ (specify the Member State).

c) The data subject may also bring a legal action against the data exporter and/or the data importer before the courts of the European Union Member State in which the data subject has their habitual residence.

d) The parties agree to submit to the jurisdiction of these courts.

 

APPENDIX EXPLANATORY NOTE:

It should be possible to clearly distinguish the information applicable to each transfer or category of transfers and, in this regard, determine the respective roles of the parties as data exporter(s) and/or data importer(s). It is not necessarily required to fill in and sign separate appendices for each transfer/category of transfers and/or contractual relationship if this transparency can be ensured through a single appendix. However, if necessary to guarantee sufficient clarity, separate appendices should be used.

 

ANNEX I

A. LIST OF PARTIES

Data exporter(s): [Identity and contact details of the data exporter(s) and, where applicable, their data protection officer and/or representative in the European Union]

Name: ...

Address: ...

Name, position, and contact details of the contact person: ...

Activities related to the data transferred under these clauses: ...

Signature and date: ...

Role (data controller/processor): ...

Data importer(s): [Identity and contact details of the data importer(s), including any data protection contact person]

Name: ...

Address: ...

Name, position, and contact details of the contact person: ...

Activities related to the data transferred under these clauses: ...

Signature and date: ...

Role (data controller/processor): …

 

B. DESCRIPTION OF THE TRANSFER

Categories of data subjects whose personal data is transferred ...

Categories of personal data transferred ...

 

Sensitive data transferred (if applicable) and any applied restrictions or safeguards that fully take into account the nature of the data and the risks involved, such as strict purpose limitations, access restrictions (including access limited to trained personnel), maintaining an access register, restrictions on onward transfers, or additional security measures.

 

 ...

 

Transfer frequency (indicate, for example, if the data is transferred on an ad hoc or continuous basis).

 

...

 

Nature of processing ...

 

Purpose(s) of the transfer and subsequent processing of the data

 

...

 

Retention period for personal data or, when not possible, criteria used to determine this period

 

...

 

For transfers to subprocessors (subsequent), please also specify the purpose, nature, and duration of the processing

 

 …

 

 C. COMPETENT SUPERVISORY AUTHORITY

Indicate the competent supervisory authority(s) in accordance with clause 13

 

 

 

 

 

 

ANNEX II

TECHNICAL AND ORGANIZATIONAL MEASURES, INCLUDING TECHNICAL AND ORGANIZATIONAL MEASURES TO ENSURE DATA SECURITY

 

The technical and organizational measures should be described in specific terms (not general). Also refer to the general comment on the first page of the appendix, particularly regarding the need to clearly indicate the measures that apply to each transfer/set of transfers.

 

 Description of the technical and organizational measures implemented by the data importer(s) (including any relevant certifications) to ensure an appropriate level of security, taking into account the nature, scope, context, and purpose of the processing, as well as the risks to the rights and freedoms of individuals.

 

[Examples of possible measures:

Pseudonymization and encryption measures for personal data

Measures to ensure constant confidentiality, integrity, availability, and resilience of processing systems and services

Measures to ensure means of restoring the availability of and access to personal data in a timely manner in the event of a physical or technical incident Procedures for regularly testing, assessing, and evaluating the effectiveness of technical and organizational measures to ensure processing security

User identification and authorization measures

Data protection measures during transmission

Data protection measures during storage Measures to ensure physical security of locations where personal data is processed

Measures to ensure event logging

Measures to ensure system configuration, including default configuration

Measures for internal IT governance and IT security management Process and product certification/assurance measures

Measures to ensure data minimization

Measures to ensure data quality

Measures to ensure limited data retention

Measures to ensure accountability

Measures to enable data portability and ensure erasure]

 

For transfers to subprocessors (subsequent), please also describe the technical and organizational measures that the subprocessor (subsequent) must take to assist the data controller and, for transfers from a subprocessor to a subsequent subprocessor, the data exporter.

 

 

 

ANNEX III

LIST OF SUBSEQUENT SUBPROCESSORS

 

EXPLANATORY NOTE:

 This annex should be completed in case of specific authorization of subsequent subprocessors [clause 9(a), option 1]. The data controller has authorized the use of the following subsequent subprocessors:

 

Name:

 

...

 

Address:

 

...

 

Name, position, and contact details of the contact person:

 

...

 

Description of processing (including clear delineation of responsibilities if multiple subsequent sub proce

Modes et termes de paiement

Payment Methods and Terms

Table of Contents

         1. Payment Methods

         2. Functioning of Pre-Authorized Debit (PAD) Payment

         3. Payment Terms

1. Payment Methods

The CLIENT must settle invoices using an electronic payment solution, which includes:

1.1. Pre-Authorized Debit (PAD) payment,

1.2. Electronic funds transfer (Direct Deposit or EFT),

1.3. Interac e-Transfer.

2. Functioning of Pre-Authorized Debit (PAD) Payment

2.1. Clients who choose the PAD solution commit to making the necessary funds available for PAD and to informing DEV-NTIC of any changes in financial institution or bank account.

2.2. PAD payments will be processed as follows: 2.2.1. Monthly, on the 1st day of each month, following the receipt of a payment notice/statement for all amounts due.

2.2.2. Variable, following a 10-day notice prior to the withdrawal from the account.

2.2.3. Based on the client's written authorization for a date with a shorter notice period of fewer than 10 days (See the Pre-Authorized Debit enrollment form).

2.3. If the PAD is returned by the financial institution for any reason, a payment recovery notice will be sent to the CLIENT with a resumption date, allowing necessary corrections to be made. A fee of $50 will be charged, along with any applicable late payment fees, for any payment returned by the financial institution. These fees will be deducted at a later date.

 

3. Payment Terms

3.1. All invoices issued to the CLIENT by DEV-NTIC shall be settled according to the following payment terms: 3.1.1. Licenses: Licenses are payable in advance. Payment for licenses is due before the start of the service period (monthly or annual) or upon receipt of the invoice if it is for additional licenses during the current service period.

3.1.1.1. Licenses are invoiced to the CLIENT 30 days before the start of the new service period.

3.1.2. Other services: Other "per item" services are due Net 15 Days from the invoice date.

3.1.3. Prepaid services at preferential rates: Payment receipt confirms the activation of funds available for use.

3.2. Any late payment will be subject to a late payment fee at a rate of 1.5% per month, compounded monthly (18% per annum) of the amount due, calculated based on the number of days past the invoice date.

3.2.1 Any client outside of Canada will be charge in USD.

Terms and Conditions of Use for the PrimLogix Software

Terms and Conditions of Software Use

PrimLogix

The following terms and conditions constitute a legally binding agreement between DEV-NTIC and the CLIENT upon signing the service agreement. The CLIENT must read this document carefully before signing.

1. Terminology

1.1. DEV-NTIC: The service provider as mentioned in the service agreement.

1.2. The CLIENT refers to the user of the services and the SYSTEM, as mentioned in the service agreement.

1.3. The SYSTEM is defined as all the software components developed by DEV-NTIC installed on the CLIENT's workstations and/or DEV-NTIC's servers and all its software products such as Prim, Primweb, Q-Link, among others.

1.4. VERSION: SYSTEM VERSIONS are defined as software developments (including but not limited to: new features, feature improvements, new reports, report enhancements) that become an integral part of the SYSTEM.

1.5. CONFIGURATION: Configuration is defined as the implementation of software processes within the SYSTEM and its functional framework. The basic configuration is offered to all clients during implementation and/or updates. Customized configurations complement the basic configuration and allow the SYSTEM to produce results tailored exclusively to the CLIENT's business model.

2. Nature of the Document

2.1. This document, being an integral part of the service agreement between DEV-NTIC and the CLIENT, specifies the rights to use the SYSTEM and the services offered to the CLIENT.

3. Implementation

DEV-NTIC must install and configure the SYSTEM for the CLIENT before first use: this is the Integration service. This service is subject to separate billing.

4. Operation of the SYSTEM

4.1. The CLIENT's data is hosted on various servers managed by DEV-NTIC. DEV-NTIC, through a service provider, is responsible for data storage, service access, and backup.

4.1.1. The CLIENT consents that DEV-NTIC will receive and store its data and understands that the transfer will occur via the internet.

4.1.2. Backups are hosted on DEV-NTIC's chosen platform and are retrievable via a shared link at the CLIENT's request.

4.1.3. The CLIENT will agree with DEV-NTIC on the timing and frequency of backups.

4.2. The application portion of the SYSTEM is locally installed software on the CLIENT's computers. The SYSTEM is designed to operate in a Microsoft environment or an emulation thereof. The CLIENT is responsible for providing a suitable system that meets the following minimum technical standards:

4.2.1. DEV-NTIC ensures the proper operation of the SYSTEM only on workstations equipped with Windows 7 or later (32 or 64 bits).

4.2.2. Access to the service is conditional on broadband internet access for each of the CLIENT's workstations.

4.3. The PRIMWEB platform is hosted on DEV-NTIC's servers and accessible via a URL customized for the CLIENT.

4.3.1. CLIENTS are informed that "cookies" are placed on their computers when they connect to PRIMWEB. Cookies are small computer files that store information related to pages viewed, dates and times of consultation, and information entered on the site to avoid re-entry. A cookie can also be used for authentication, a session, and to store specific information about the client or user, such as site preferences.

5. Updates

5.1. Access to UPDATES is automatically included as long as the CLIENT complies with the terms of this document.

5.2. Newsletter:

A newsletter dedicated to updates will be published and sent as necessary to inform the CLIENT of new features, changes, new version releases, or any other information deemed relevant by DEV-NTIC, without limitation.

The CLIENT must designate, from its staff, who will receive this newsletter. DEV-NTIC recommends that the CLIENT's Project Manager and at least one other person have access to the newsletter to ensure that the CLIENT is aware of the content.

5.3. The CLIENT will agree with DEV-NTIC on an appropriate time for installing updates.

5.4. UPDATES do not include modifications and/or additions (if necessary) of CONFIGURATIONS specific to the CLIENT, nor user training related to the use of new VERSIONS.

5.4.1. When a new VERSION of the SYSTEM is released, adapting the CLIENT's exclusive custom reports is not included. A quote will be provided to the CLIENT, and the work to make the custom reports compatible with the new SYSTEM VERSION will begin upon the CLIENT's approval of the quote.

6. Maintenance of Previous Products

6.1. DEV-NTIC reserves the right to cease maintenance of all previous products from one version to the current (commercial) version provided that the End User has been informed, unless otherwise contractually specified, at least three (3) months in advance. Each update must be implemented within a maximum period of 1 year.

7. Payment Terms and Conditions

7.1. The CLIENT must pay invoices via an electronic payment solution: either pre-authorized debit (PAD), electronic funds transfer (EFT), or Interac transfer.

7.1.1. The client who chooses the pre-authorized debit (PAD) payment solution agrees to make the funds available for PAD and to inform DEV-NTIC of any changes to the institution or bank account.

7.1.2. PADs will be made MONTHLY on the 1st day of each month following the receipt of a debit notice/statement for all amounts due. Or VARIABLE, following 10 days' notice before the account withdrawal. Or according to the client's written authorization for a shorter delay. (See the pre-authorized debit enrollment form).

7.1.3. If the pre-authorized debit (PAD) is returned by the financial institution for any reason, a payment recovery notice of the initial amount will be sent to you with a recovery date to make the necessary corrections. A $50 fee will be charged along with any other applicable late fees for any payment returned by the financial institution. These will be subsequently withdrawn.

7.2. All invoices issued to the CLIENT by DEV-NTIC will be paid according to the following payment terms:

7.2.1. LICENSES: Licenses are payable in advance. Your license payment is DUE before the start of your service period (monthly or annual); or, upon receipt of the invoice, if adding licenses for the current service period.

7.2.1.1. Licenses are invoiced to the client 30 days before the start of the new service period.

7.2.2. OTHER SERVICES: Other services, known as "à la carte," are DUE Net 15 days from the invoice date.

7.2.3. PREPAID SERVICES AT PREFERENTIAL RATES: Receipt of payment confirms the activation of available funds for use.

7.3. Late payments will be subject to a late fee at a rate of 2% per month, compounded monthly (26.82% annually) of the amount due, calculated based on the number of days late from the invoice date.

8. License Operation

8.1. The software functions accessible to different licenses are established here: https://prim-logiciel.com/tarifs/.

8.2. The number of user licenses acquired by the CLIENT determines the number of users authorized to use the SYSTEM simultaneously.

8.3. Monthly Agreement

8.3.1. The CLIENT must pay the following month's installment before the first day of the service period.

8.3.2. The monthly amount is determined based on the number and type of licenses chosen by the CLIENT.

8.3.3. The CLIENT subscribed to a monthly agreement can modify their service agreement at any time concerning the number and type of user licenses:

8.3.3.1. Removing licenses and/or changing the type of licenses to a lower option: no credit is granted for the current month's licenses. The request must be made by the CLIENT before the last day of the current month to avoid being billed for the following month. The modification will be made on the last day of the month for which the licenses have already been billed.

8.3.3.2. Adding licenses and/or changing the type of licenses to a higher option: The request can be made at any time by the CLIENT. DEV-NTIC commits to making this addition and/or change available as soon as possible. An invoice will be issued to cover the addition proportionate to the current month's use and will be payable upon receipt.

8.3.3.3. Licenses must be of the same type as defined on the rates page.

8.3.3.4. One (1) integration license (monthly) will be billed as soon as the client has access to the SYSTEM until the SYSTEM is put into production at the CLIENT's site. After the go live the client must keep a minimum of 5 active licences all the time.

8.4. Annual Agreement

8.4.1. The CLIENT must pay the following year of use before the first day of the service period.

8.4.2. The CLIENT subscribed to an annual agreement can modify their service agreement under certain conditions concerning the number and type of user licenses; additional licenses will be billed pro-rata for the remaining portion of the contract. Removing licenses and/or downgrading to a lower level of license is non-refundable, and no credit will be issued.

8.4.2.1. Removing licenses and/or changing the type of licenses to a lower option: no credit is granted for already billed licenses. The request must be made by the CLIENT before the last day of the last month of their service year to avoid being billed for the following year. The modification will be made on the last day of the service year for which the licenses have already been billed.

8.4.2.2. Adding licenses and/or changing the type of licenses to a higher option: The request can be made at any time by the CLIENT. DEV-NTIC commits to making this addition and/or change available as soon as possible. An invoice will be issued to cover the addition pro-rata for the current year's use.

8.4.2.3. One (1) integration license (monthly) will be billed as soon as the client has access to the SYSTEM until the SYSTEM is put into production at the CLIENT's site.

8.4.2.4. Cancellation of an annual agreement: The request can be made at any time by the CLIENT. In the event of cancellation following the client's decision, DEV-NTIC will not refund the balance of the current agreement and commits to keeping the system active until the end of the current agreement. In the event of cancellation due to the removal by DEV-NTIC of a function present in the software and making its use impossible by the client, a refund of the balance of the current agreement will be negotiable at the regular monthly rate excluding the annual discount.

9. Complementary Services from External Partners

9.1. DEV-NTIC offers complementary services integrated into the SYSTEM. Use of these complementary services by the CLIENT is optional. It is the CLIENT's responsibility to assess the relevance of using the complementary services.

9.1.1. DEV-NTIC reserves the right to add, remove, or modify the partners offering complementary services to the SYSTEM.

9.1.2. To benefit, the CLIENT must subscribe to the desired service according to the terms and rates defined by the service provider. Using these services entails additional costs not included in the license price.

9.1.3. Data exchanges between the CLIENT and a third-party provider and transactions between them only concern the CLIENT and the provider. The terms and conditions applicable to these services are those of the provider exclusively.

10. Business Hours, Rates, and Support Services

10.1. Normal business hours are Monday to Friday, 8:00 AM to 5:00 PM Eastern Standard Time.

10.2. Hourly rates vary based on the task to be performed, the complexity of the required operations, and will be billed in 15-minute increments. Please refer to the rate schedule for more details.

10.3. Travel by a team member for demonstration purposes is not considered a billable service. Travel by a team member for training or user-defined support purposes is billable as follows: at the regular hourly rate or double rate depending on the travel time and the standard Quebec price per kilometer plus taxes.

In the event the client cancels a scheduled training or meeting session with less than 24 hours' notice or does not specify a notice period, a cancellation penalty will be applied. The client will be required to pay 50% of the normal compensation rate for the trainer/employee. This measure aims to compensate for the preparation and time reserved by the trainer or the employee, resources that cannot be reassigned at such short notice.

10.4. User support is offered at the regular hourly rate (unless it is a prepaid hour bank at a reduced rate) in effect. These services are billed in 15-minute increments with a minimum duration of 30 minutes.

10.5. A technical issue originating from the SYSTEM is not billable and should be reported as soon as detected by the CLIENT. Example: Bug, system inaccessible despite a functioning internet connection, etc.

10.6. An emergency user support service is available outside normal business hours (24/7), billed in 15-minute increments with a minimum of one (1) hour. The hourly rate for emergency support is billed at double the regular hourly rate in effect.

10.6.1. On holidays, the emergency rate applies for the entire day (even from 8:00 AM to 5:00 PM).

10.6.2. Holidays are as follows:

  • January 1 (New Year's Day)
  • Good Friday and Easter Monday (variable, according to the calendar of the current year)
  • The Monday before May 25 (National Patriots' Day)
  • June 24 (Quebec National Day)
  • July 1 or July 2 or 3 (Canada Day) according to the calendar of the current year
  • The first Monday of September (Labor Day)
  • The second Monday of October (Thanksgiving)
  • December 25 (Christmas Day)

10.7. The CLIENT may request support by phone or email. The CLIENT must clearly indicate whether their request is classified as "urgent" or "non-urgent." DEV-NTIC guarantees a return call or email within 4 hours of the service request. DEV-NTIC cannot be held responsible for any malfunction caused by the CLIENT's negligence in transmitting information, the inaccuracy of information transmitted, or the omission of transmitting information.

10.7.1. For a request classified as "non-urgent" by the CLIENT, the 4-hour return call or email is calculated during normal business hours. If it is user support, the regular rate applies since the work is performed during normal business hours.

10.7.2. For a request classified as "urgent" by the CLIENT, the 4-hour return call is calculated in real-time. If it is user support, the emergency rate (double time) applies if the work is performed outside normal business hours.

10.8. To ensure effective support, the CLIENT must allow DEV-NTIC to use its remote control software via the internet. Inability for DEV-NTIC to connect remotely will incur additional charges based on lost time. The connection will be established with an internet connection at the following address: http://192.168.15.11:8040/Login?Reason=0

10.9. An invoice will be issued for all fees related to these services.

11. Partnership Agreement between the CLIENT and DEV-NTIC

11.1. To develop the SYSTEM according to its business needs, the CLIENT is encouraged to submit improvement requests for the SYSTEM. All improvement requests that can apply to other DEV-NTIC clients will be included, as far as possible, in a future VERSION at no additional cost to the CLIENT initiating the request(s). DEV-NTIC remains the exclusive and non-transferable owner of all modifications initiated following a CLIENT suggestion.

12. Responsibilities

12.1. The CLIENT must provide a complete and valid contact and billing address. This information must include the legal company name, mailing address, email address, and the name and phone number of the accounts payable responsible.

12.2. The CLIENT must provide a list of authorized individuals to request CONFIGURATION modifications, including changes related to user security management.

12.3. Password Management and Updates

It is your responsibility to securely manage your password(s) to access the PRIM SOFTWARE and to contact DEV-NTIC if you are aware of unauthorized access to your account.

12.4. The CLIENT cannot, under any circumstances, modify the SYSTEM.

12.4.1. If a SYSTEM component is modified by the CLIENT (or its agents), the CLIENT will be responsible for any damage caused and will pay the costs for restoring the SYSTEM and the integrity of its data. The work must be performed by DEV-NTIC, and an invoice will be issued to the CLIENT.

12.4.2. If the CLIENT (or its agents) causes data loss or damage to the database with a non-conventional act, i.e., deleting, modifying, adding data to the database without using the SYSTEM, the CLIENT will be responsible for the damage caused and will pay the costs for restoring the SYSTEM and the integrity of its data. The work must be performed by DEV-NTIC, and an invoice will be issued to the CLIENT.

12.5. DEV-NTIC must perform maintenance on its servers to ensure an adequate level of service. Maintenance may, in some cases, result in service interruption and, as far as possible, will be scheduled with the client.

12.5.1. DEV-NTIC cannot be held liable to the CLIENT in any way for financial loss resulting from SYSTEM interruption due to maintenance, software failure, or hardware failure on which it is installed, regardless of the nature of the failure.

12.6. Under no circumstances can DEV-NTIC be held responsible for data loss caused by: voluntary or involuntary user action, intrusion by a malicious person (hacker, cracker, etc.), an external system agent (virus, spyware, any other software), SYSTEM failure and/or computer hardware. The CLIENT is responsible for taking adequate measures to protect its IT environment from various risks that may contaminate it.

12.7. Without limiting the generality of the foregoing, DEV-NTIC's liability to the CLIENT or any other person can only be engaged in the event of gross negligence or willful misconduct.

13. Restrictions

13.1. The CLIENT cannot use the SYSTEM or allow it to be used for purposes or in a manner contrary to the law or applicable regulations.

13.2. The CLIENT cannot, under any circumstances, lend, lease, sell, or distribute the SYSTEM to a third party without written consent from DEV-NTIC.

13.3. International Access to the SYSTEM

Some countries are at high risk for denial-of-service attacks (DDOS: Distributed Denial of Service), hacking, or spamming. Access to the SYSTEM is therefore restricted in these countries but can be temporarily or permanently unlocked upon request. As of October 2019, these countries include China, Russia, Japan, Ukraine, Brazil, India, Turkey, South Korea, Argentina, Vietnam, Colombia, Taiwan. This list is subject to change without notice. It is the CLIENT's responsibility to verify that access will be available upon arrival at the destination.

14. Discontinuation of SYSTEM Use

14.1. The CLIENT can discontinue using the SYSTEM at any time. However, this does not relieve the CLIENT of the obligation to pay any amount due under this contract to DEV-NTIC and to comply with any other obligations under these terms.

14.2. Upon discontinuation, DEV-NTIC will provide a copy of all data, in database format, belonging to the client on DEV-NTIC servers once all amounts due have been paid according to these terms. Subsequently, DEV-NTIC will delete all traces of the CLIENT's data from its servers.

15. Withdrawal of SYSTEM Use Rights and Suspension of Services by DEV-NTIC

15.1. DEV-NTIC can withdraw the CLIENT's rights to use the SYSTEM and/or suspend its services only in the following cases:

15.1.1. If the CLIENT fails to pay any amount due to DEV-NTIC under these terms, provided that the amounts due have been outstanding for more than thirty (30) days.

15.1.2. If the CLIENT uses or allows others to use the SYSTEM for purposes or in a manner contrary to the law or applicable regulations;

15.1.3. If the CLIENT fails to comply with any provision of these terms after thirty (30) days following receipt of notice from DEV-NTIC specifying the default and requesting remediation;

15.1.4. If the CLIENT compels DEV-NTIC to take illegal actions or uses the SYSTEM for criminal purposes.

15.2. Before proceeding with the service suspension and/or withdrawal of SYSTEM use rights, DEV-NTIC must give the CLIENT at least ten (10) days' written notice, which must state the reason and date of withdrawal/suspension, the amount due, if applicable, restoration fees, and any other relevant information.

15.3. Service suspension and/or withdrawal of SYSTEM use rights does not relieve the CLIENT of the obligation to pay any amount due under this contract to DEV-NTIC and to comply with any other obligations under these terms.

16. Confidentiality, Successors, and Assigns

16.1. DEV-NTIC commits to the CLIENT not to use the information contained in the CLIENT's databases in any way, to keep it confidential even in case of discontinuation by the CLIENT, unless such information is required by judicial authorities.

16.2. DEV-NTIC and the CLIENT cannot disclose the content of this contract to third parties unless they have obtained written consent from the other party, except where such disclosure is required by judicial authorities.

16.3. The CLIENT cannot assign its rights or obligations under this contract to a third party without written consent from DEV-NTIC.

16.4. The commitments contained in this contract apply to the parties and their agents, legal representatives, successors, assigns, and beneficiaries.

17. General

17.1. Unless otherwise stated, all new features or modifications to the current service are subject to the same terms and conditions, without limitation.

17.2. DEV-NTIC reserves the right to modify this document "Terms and Conditions of SYSTEM Use" at any time via thirty (30) days' written notice to the CLIENT.

17.3. DEV-NTIC reserves the right to increase hourly rates once a year by up to 10% of the current rate, following thirty (30) days' written notice to the CLIENT.

17.4. DEV-NTIC reserves the right to increase license rates annually, following sixty (60) days' written notice to the CLIENT.

17.5. All rates presented in this contract do not include taxes, if applicable.

17.6. All rates are in Canadian Dollars (CAN$).

18. Ownership and Copyright

The PRIM SOFTWARE is protected by international copyright laws and treaties, as well as other international intellectual property laws and treaties. All copyright and other rights relating to, among other things, intellectual and industrial property, patents, trademarks, trade secrets, know-how, concepts, and inventions, whether covered by applicable law or not, concerning the PRIM SOFTWARE, including all copies, modifications, improvements, corrections, updates, or new versions, belong to and remain at all times the exclusive property of DEV-NTIC. All intellectual property and other rights relating to third-party software and components included in the PRIM SOFTWARE owned by their respective owners may be protected by international copyright and intellectual property laws and treaties. The End User agrees not to infringe directly or indirectly on the value of the intellectual property rights relating to any part of the PRIM SOFTWARE.

19. The CLIENT acknowledges having read the SYSTEM usage terms and agrees to comply with them.

E et s’engage à les suivre.