pa|Den avancerade plattformen Exchange gör att leverantörer (publishers) och köpare (annonsörer, byråer och nätverk) kan handla direkt. Oavsett vilken av våra lösningar du väljer får du full tillgång till den första globala marknadsplatsen för online och mobil performancetrafik. Föreställ dig att det var lika enkelt, direkt och snabbt att köpa performancebaserad trafik som det är att hitta en matchning i en dejtingapp. Funktionaliteten i vår handelsplattform tillåter alla användare att ingå avtal på några sekunder. Du kan upprätta och acceptera transaktioner (trades) manuellt, eller också kan du låta systemet automatisera detta baserat på de parametrar och inställningar du väljer. Bakom performission står ett team av experter med lång erfarenhet från performance- och affiliatemarknadsföring. perfromission fokuserar på den nordiska marknaden, men kan bidra med resultat i resten av världen också. Våra kontor leds av dedikerade anställda som hanterar sina relationer på bästa möjliga sätt. performission grundades 2016 av ett team av experter och veteraner inom online marketing. Med långa karriärer inom sälj och marknadsföring i ryggen har teamet mycket god insikt i performance marketing, vilket inkluderar affiliatemarknadsföring, SEM, SEO, sociala medier och bloggar. Genom att ta tillvara den unika kompetens varje enskild anställd har, kan performission bistå dina behov inom online marketing. Om vi inte kan bidra, får du ingen faktura. Du betalar endast för resultat! Med teknologin i plattformen Exchange, kan du enklare köpa performancebaserad trafik snabbare, enklare och kostnadseffektivare än tidigare, samtidigt som du har full insyn, öppenhet och kontroll. Hub PMX är lösningen som ger dig hela översikten på ett ställe. Genom vår plattform kan du köra affiliateprogrammen genom en kanal, vilket betyder en rapport, en inloggning och inte minst; allt samlat på en faktura. Convert PMX förutser när en besökare är på väg att lämna webbplatsen utan att konvertera och svarar med ett skräddarsytt meddelande som leder till flera konverteringar, påminnelser i nyhetsbrev och inte minst en förbättrad kundupplevelse. Kontakta oss genom att skicka in formuläret här under di|[recaptcha] st|performance marketing Öppen marknadsplats Automatiserad trading Ett team av experter Tänk om trafiken och verktygen du använder redan var tillgängliga i plattformen h1|Experter inom h2|Om oss Våra produkter Vill du veta mer om performission? h3|Exchange PMX Hub PMX Convert PMX pa|performission AB är en performancebyrå som startade 2016. Bakom performission står ett team av marknadsföringsexperter, som har lång erfarenhet inom bl.a. affiliatemarknadsföring, sökmotormarknadsföring och sociala medier. perfromission har ett nordiskt fokus men med hjälp av e-handelsplattformen Exchange PMX kan vi hjälpa dig med performance marketing i vilket land du än önskar, världen över. performission är inte ett affiliatenätverk. Vi är en byrå bestående av experter på performance marketing. Webbutiker kan använda affiliatenätverk genom plattformen, samt ingå avtal direkt med publishers med hjälp av den. Webbutiker kan använda plattformen som en hub genom att samla flera befintliga avtal med affiliatenätverk, så att alla körs genom en och samma kanal. Vi på performission har ett ganska simpelt önskemål: Att se dig lyckas med performance marketing. Med detta i åtanke gör vi det enkelt för webbutiker: Vi erbjuder en av marknadens bästa programvaror utan fasta kostnader. Som betalning för våra tjänster tar vi endast en låg och förnuftig provisionskostnad för fullföljda och godkända transaktioner. Detta ger dig mer till övers att använda till annat, eller så kan du rätt och slätt spara det som vinst li|Bidra till att publishers och webbutiker lyckas med performance marketing genom att ingå effektiva avtal direkt på e-handelsplattformen. Göra det enklare för webbutiker att få överblick genom att t. ex. samla flera affiliatenätverk på en och samma plattform – en inloggning, en faktura och inga dubletter. Bidra med vår expertis så att du väljer de korrekta kanaler som ger bäst avkastning i marknadsbudgeten. h1|Om oss h2| h3|Om performission Vår mission h4|Kort sagt vill performission: pa|Ger dig full översikt på ett ställe Hub PMX är lösningen som ger dig hela överblicken på ett ställe. Genom vår plattform kan du köra affiliateprogrammen genom en enda kanal, vilket betyder en rapport, en inloggning och inte minst; allt samlat på en faktura. performission tar hand om installation, rapportering och nätverkens betalningar åt dig. Det är ett känt faktum att ett köp kan registreras hos två eller flera affiliatenätverk samtidigt och att provision för samma order därmed utbetalas flera gånger. När all trafik från affiliatemarknadsföring körs genom en och samma plattform blir det slut på dubbla ordrar, eller så kallade dubbelregistreringar. Genom Hub PMX kommer du också att kunna nyttja performissions expertis inom affiliatemarknadsföring. Vi analyserar trafiken och konverteringarna och föreslår ändringar som ökar resultaten genom kanalen. Om du så önskar kan du självfallet fortsätta dialogen direkt med affiliatenätverken också när du använder Hub PMX di|Nu slipper du hoppa mellan olika inloggningar för att se över resultat och godkänna ordrar i flera olika affiliatenätverk. Med Hub PMX loggar du in hos performission och får full överblick på ett ställe. För att använda Hub PMX implementerar du performissions konverteringsscript. Alla anslutna nätverk mottar länkar från performission och kopplas upp mot scriptet, så att en order bara kan krediteras ett nätverk. performissions programvara ger dig detaljerade rapporter över resultaten. Dessa kan du bryta ned på publishernivå, så att du får en fullständig bild över varje enskild webbutiks värden. Ordrar som registeras hos performission utvärderas löpande av kunden. Efter månadsslut skickar vi en rapport till de olika nätverken med information om godkända och avvisade transaktioner. Du mottar faktura ett från performission efter en fullgjord kalendermånad. Med våra dagliga betalningsrutiner betalar vi därefter provision vidare till affiliatenätverken omedelbart efter inbetalning. Du kan självklart fortsätta ha direktkontakt med affiliatenätverk och publishers också när du använder Hub PMX. Men om du inte önskar lägga tid på det, så gör vi jobbet åt dig. [recaptcha] st|En rapport – en inloggning – en faktura Inga dubbla beställningar performissions expertis Spara både tid och pengar med Hub PMX h1|Hub PMX h2|Vill du veta mer om Hub PMX? h3|Förenklad vardag Tracking Rapportering Ordergodkännande Utbetalningar Direktkontakt pa|Performission Sweden AB Du kan även använda kontaktformuläret nedan så återkommer vi till dig di|[recaptcha] h1|Kontakta oss h2| h3|Kontaktinformation pa|1. Definitions “Ad” shall mean any creative including, but not limited to text link, banner, voucher code, video, rich media and/or data feed, or any combination thereof. “Ad Media” shall mean a person or legal entity that is connected to the Platform and supplies traffic to Offers available on the Platform. “Demand Partner Client” shall mean any third-party, including, but not limited to, any person and/or legal entity, for whose benefit the Demand Partner uses the Services. “Interface” shall mean the online element that enables the Demand Partner to use the Platform. “Offer” shall mean the program set up by You that Ad Medias can promote and deliver Users to who purchase Products. In return for promoting Offers Ad Medias are entitled to payouts in accordance with the terms of the Agreement and Offers. “Platform” shall mean performission’s suite of technology. “Product” shall mean the products or services that are advertised in Offers. “Services” shall mean products and services, including, but not limited to, products and services used to target, display, and make available advertising, offers, and payments methods to Demand Partner and Ad Media, process related transactions, and provide accurate and comprehensive reporting to Demand Partner and shall include all data, information and content. “Site” shall mean the website linked to in the Ad promoting the Product. “User” shall mean any user of the internet. “Website” shall mean the performission website. 2. Use of Services performission’s obligations under the Agreement are expressly conditioned upon performission’s receipt and approval, at performission’s sole discretion, of Your application to become a Demand Partner (the “Application”) which, receipt by performission of such Application constitutes Your consent to the terms of the Agreement and Your acceptance of performission’s use of cookies. 3. Scope of the Agreement You desire to use the Services to advertise Products to Users through Offers made available through the Platform in accordance with the Agreement. 4. Changes to the Agreement If performission informs you about changes to the Agreement, you will be deemed to agree to the changes if you continue to use the Services. If performission makes changes to the Agreement that you do not agree with, you must advise performission of this within 7 days. You will then be entitled to 2 use the Services for a period of 21 days after the date that you advise performission of this, after which you must stop using the Services unless in its sole discretion performission agrees otherwise. 5. License 5.1 Subject to the terms of the Agreement performission, for the applicable fees, hereby grants You a limited, non-transferable, non-exclusive, non-sub licensable and revocable license to access, view and use the Platform, Services and any related information provided to You by performission (the “License”). 5.2 The License does not include or authorize: (a) any reproduction, duplication, copying, sale, trading, resale, modification or any other commercial use of any portion of the Platform, Services or any information contained therein; (b) downloading (other than the page caching) of any portion of the Platform, Services or any information contained therein, except as expressly permitted on the Platform; (c) decompiling or reverse engineering any part of the Platform or Services; (d) using any meta-tags or any other “hidden text” utilizing Our trademarks without prior written permission; or (e) any use of the Platform, Services or any information contained therein other than for their intended purpose. Any unauthorized use of the License is strictly prohibited and results in an immediate termination of the Agreement. 5.3 Your data may be included in data sets to analyze trends, calculate price and performance indexes and provide industry and performance insights. 5.4 You acknowledge and agree that performission may improve the form, nature, and content of the Platform, Services and any information contained therein from time to time at its sole discretion without prior notice to You. 5.5 You agree that You will not, in connection with Your use of the Platform, violate any applicable law, ordinance, rule, regulation or treaty. 6. Account 6.1 To use the Platform You must submit a complete and accurate Application via the Website. To join the Platform as Demand Partner, You must be a corporate entity or an individual of at least eighteen (18) years of age. 6.2 performission will evaluate Your Application and promptly notify You of Your Application acceptance or rejection. If any of the information supplied as part of Your Application changes, you must immediately update the information in Your Interface. If You are submitting an Application on behalf of Your employer or another entity, You represent and warrant that You have full legal authority to bind Your employer or such other entity to the Agreement. If You do not have such authority, then You may not submit an Application or use the Platform on behalf of Your employer or another entity and You must discontinue all use of the Platform immediately. 6.3 You accept the terms of the Agreement by completing the Application and clicking “Sign up”, esigning and/or signing the Agreement. The Agreement is effective as of the date that You sign up to the Platform, e-sign or sign the Agreement (the “Effective Date”), provided that performission does not reject the Application. Performission may reject Your Application at its sole discretion. 7. Offers 7.1 Performission shall deliver Ads on behalf of You to Users in accordance with the criteria established through Offers in Your Interface. Each Offer shall specify the information necessary for performission to deliver the Ads. 7.2 You agree that You are solely responsible for any Offer that is published, transmitted and/or posted by and through the Platform. In connection with the Offers that You publish, transmit and/or 3 post by and through the Platform, You agree not to: (a) post, offer for download, email or otherwise transmit any material that contains software viruses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer software or hardware or telecommunications equipment; (b) post, offer for download, transmit, promote or otherwise make available any software, product or service that is illegal or that violates the rights of a third party, including, but not limited to, spyware, adware, programs designed to send unsolicited advertisements (i.e. “spam-ware”), services that send unsolicited advertisements, programs designed to initiate “denial of service” attacks, mail bomb programs and programs designed to gain unauthorized access to networks on the internet; (c) post Offers that could be considered unlawful, harmful, threatening, defamatory, obscene, harassing or otherwise objectionable and/or (d) post Offers that do not fully comply with all applicable local, state and federal laws, rules and regulations. 7.3 Engaging in any of the prohibited actions as described in the preceding paragraph shall be deemed a breach of the Agreement and may result in the immediate Termination of the Agreement without notice, at the sole discretion of performission. Performission reserves the right to pursue any and all legal remedies against Demand Partners that engage in the aforementioned prohibited conduct. 7.4 You acknowledge that performission has the right to pre-screen any Offers, but no obligation to do so. At performission’s sole discretion, any Offer may be included in the Platform in whole or in part and performission may request Offer modifications at any time. Without limiting the foregoing, performission may pause or terminate any Offers at any time and for any cause. 7.5 You acknowledge that the Offers are Your sole responsibility. Performission undertakes no responsibility to monitor or otherwise police: (a) Your Offers posted on the Platform; (b) the Sites the Ads redirect to; (c) any Ad Medias promoting Your Offers; and/or (d) any of the Products offered on the Sites. You agree that under no circumstance, will performission be liable in any way for the Offers including, but not limited to, any errors or omissions in any Offers or any loss or damage of any kind accrued as a result of the use or distribution of any Offers transmitted or otherwise made available via the Platform. 7.6 Individuals or entities who purchase Products advertised through Offers on the Platform or who perform any other transaction on the Sites shall not be deemed to be customers, clients or business associates of performission. The same accounts for any Demand Partner Client using the Platform with the Demand Partner’s permission. Performission has no liability or responsibility to review, endorse, police or enforce any such relationship(s) between Demand Partner, its Demand Partner Clients and/or the Users. Performission shall have no obligation to resolve any dispute between Demand Partner, its Demand Partner Clients and/or the Users. Demand Partner expressly agrees to indemnify and hold harmless performission, its parents, affiliates and/or subsidiaries, and each of their respective officers, partners, members, managers, employees, agents and attorneys, from and against any and all losses and expenses (including reasonable attorney’s fees, court costs and/or settlement costs) arising from any dispute between Demand Partner, its Demand Partner Clients and/or the Users. 8. Invoicing and Payment 8.1 You hereby authorize performission to invoice You monthly for Your use of the Platform and Services starting from the Effective Date. 8.2 You are responsible for any and all fees associated with invoice payments and for any and all costs resulting from currency exchange. 8.3 In the case of SEPA Direct Debit or credit card payment, the invoice is due upon receipt. In case of standard bank transfer, the payment term is thirty (30) days net. 8.4 You are solely responsible for paying any and all applicable sales, use, and/or withholding tax (if any) due to all applicable taxing authorities arising from, or in connection with, Your participation in the Platform or use of the Services including, without limitation, taxes and related fees, costs and penalties incurred by You and/or Your Demand Partner Clients pursuant to those tax laws of any applicable state in which, pursuant to the terms of the Agreement, performission shall be considered a software vendor for tax purposes. 8.5 The following conditions apply to any Termination: (a) You shall not receive any refund or prorated refund for amounts previously paid or amounts owed to performission up to the effective date of termination; and (b) You remain liable for any and all unpaid fees invoiced by performission. Your failure to use the Platform or the Services does not constitute a basis for refusing to pay any of the associated fees indicated herein. 8.6 You are responsible for all fees accrued on and before the effective date of termination, even if such fees do not become due and payable until after the effective date of termination. Performission reserves the right to send Your account to debt collection for non-payment and to use Your information for debt collection purposes. 8.7 Performission may change any fees and/or pricing solutions upon thirty (30) days prior written notice sent to the email address supplied in Your Interface. Continued membership in the Platform or use of the Services after receipt of such notice shall constitute consent to any and all such changes; provided, however, that any amendment or modification to the invoicing provisions shall not apply to any charges incurred prior to the applicable amendment or modification. If You do not agree with these changes, You may cancel Your account at any time by Termination of the Agreement, but You will remain responsible for timely payment of any and all fees charged pursuant to the Agreement that You have already incurred. 8.8 Performission may deactivate Your account and deny you access to the Platform and/or Services for non-payment. If You fail to make any scheduled payment for accrued fees, such overdue months are subject to interest charges in the amount of one and a half percent (1,5%) per month, compounded monthly, or, if different, the maximum amount permitted by law. 8.9 To use our Services, performission may require You to provide Us with accurate, complete, and current information for a valid credit card that You are authorized to use. Amounts owed will be charged to Your credit card unless You request, and performission approves, an alternative payment method. If Your monthly invoice falls below payment thresholds determined at Our sole discretion, performission may wait with charging Your credit card until the aggregated amounts owed exceed the payment threshold. All credit card holders are subject to validation checks and authorization by the card issuer, and performission is not obliged to inform You of the reason for any refusal. Performission is not responsible if Your card issuer or bank charges You as a result of Our processing of Your credit card payment in accordance with Your instructions. 8.10 Demand Partner shall pay performission the fees set forth in the Agreement. The data and records of performission shall be determinative for purposes of calculating the fees due hereunder. 8.11 Performission shall be responsible for processing the Ad Medias payouts based on the recorded and approved transactions subject to the receipt of the corresponding invoice payment. Your transactions approval is irreversible and You shall not be able to claim back any payments made pursuant to Your approval. 9. Your Rights and Obligations 9.1 Demand Partner guarantees that it has the requisite legal mandate to act on behalf of its thirdparty Demand Partner Clients. Upon request, proof of such mandate shall be delivered to performission within seven (7) business days. 9.2 Demand Partner shall be responsible for the Ads and legal aspects of the Products offered through the Offers on the Sites. 9.3 Demand Partner agrees to enter and maintain accurate and current information in the Interface. 9.4 Demand Partner is entitled to decline pending commissions under the following circumstances: (a) duplicate sale, lead or install; (b) User uses incomplete or false information to register; (c) User does not match the profile defined in the Offer; (d) Ad Media violates the Offer policies; (e) any fraudulent action that intentionally attempts to create sales, leads, installs or click-throughs using, without limitation, robots, frames, iframes, scripts, or manually “refreshing” of pages, for the sole purpose of creating commissions; (f) other circumstances specified in the Offer. 9.5 Demand Partner shall continuously monitor the Interface and validate any and all pending transactions via the Interface as soon as possible and, in any event, within 45 days of the first recording of the applicable transaction in the Interface unless agreed otherwise with performission in writing (the “Validation Period”). If Demand Partner does not raise reasonably justified objections within the Validation Period as to why a pending transaction should not be validated, the applicable transaction shall automatically be deemed approved by Demand Partner. 10. Our Rights and Obligations 10.1 Performission shall provide Demand Partner with the Services related to the Offers as follows: (i) provision of the technological platform through which Products by means of Offers can be advertised to Users, and (ii) provision of the tracking solution and the reporting to You and Ad Medias. 10.2 Throughout the term of the Agreement, performission may (a) host or make available Ads; (b) integrate and display links to the Sites from the Services and (c) make minor stylistic changes to Ads to ensure consistency of user experiences with the Services. 11. Intellectual Property Rights 11.1 Unless otherwise indicated, the Services and all content, including, without limitation, Our Website, Platform, materials, trademarks, and the selection and arrangement thereof, are Our proprietary property or are licensed to Us and are protected by Finnish and international intellectual property laws. Any use, copying, redistribution and/or publication of any part of Our Website, Platform, materials, trademarks, and the selection and arrangement thereof, other than as authorized by the Agreement or expressly authorized in writing by Us, is strictly prohibited. In addition, the look and feel of the Website, Platform and Services, including all page headers, custom graphics, button icons and scripts, is part of Our trademarks and may not be copied, imitated or used, in whole or in part, without Our prior written permission. You do not acquire any ownership rights to the Website, Platform or any of Our materials made available by and through the Website, Platform or Services, and performission reserves all rights not expressly granted in the Agreement. 11.2 Demand Partner shall provide performission the Ads. Subject to the terms of the Agreement and for the sole purpose of the Agreement, Demand Partner hereby grants performission a non-exclusive, non-transferable, royalty-free and worldwide license (“Demand Partner License”) during the term of the Agreement to: (a) incorporate the Ads, trademarks, trade names or other designations of source in the Offers and (b) display on, and distribute through, the Website, the Platform and in related marketing material produced and distributed by performission, the Offers and any other information posted on the Platform or otherwise made available by Demand Partner and/or Demand Partner Clients. 11.3 Nothing in the Agreement will be deemed to grant or assign to Us any intellectual property rights, ownership rights, license rights, or interests of any kind in Your trademarks, trade secrets, patents, copyright, products, services, technology or other proprietary content of Yours which at all times remain Your sole and exclusive property. 11.4 Demand Partner agrees that its use of the Platform, any performission logos, trademarks, tracking codes and other material made available by and through the Platform is subject to the Demand Partner License granted hereunder. 12. Confidentiality 12.1 “Confidential Information” means information which by its nature is confidential, is designated by the disclosing Party as confidential, which the receiving Party knows or ought to know is confidential and which is disclosed by or on behalf of the disclosing Party to the receiving Party, or otherwise is in the possession of the receiving Party, in connection with the Agreement and whether disclosed before, on or after the Effective Date including information which is disclosed orally, in writing, or by any other means including but not limited to printed, other graphic or documentary form, contained in software, on computer disks or tapes (whether machine or user readable), visually by way of model or demonstration and, in each case, any copy thereof. 12.2 Notwithstanding 12.1 above, Confidential Information shall not include information which: a. entered or subsequently enters the public domain without breach of the Agreement or any other obligation of confidentiality by the receiving Party; b. the receiving Party can demonstrate was already in its possession or known to it by being in its use or being recorded in its files or computers or other recording media prior to receipt from the disclosing Party and was not previously acquired from or on behalf of the disclosing Party under any obligation of confidentiality; c. is disclosed to the receiving Party by a third party without breach by the receiving Party or such third party of any obligation of confidentiality owed to the disclosing Party; d. the receiving Party can demonstrate is independently developed or discovered by or for it not as a result of any activities relating to the Agreement; e. is hereafter disclosed by the disclosing Party to a third party without restriction on disclosure or use, including, without limitation, by way of the registration of a patent specification; and f. is disclosed by the receiving Party with the prior written permission of the disclosing Party. 12.3 Each Party shall not use the other Party’s Confidential Information, except as necessary for the performance of the Agreement, and will not disclose such Confidential Information to any third Party, except to those of its employees and subcontractors that need to know such Confidential Information for the performance of the Agreement. The foregoing obligations will not restrict either Party from disclosing the other Party’s Confidential Information, if pursuant to the order or requirement of a court, administrative agency, or other governmental body, provided that the Party required to make such a disclosure gives reasonable written notice to the other Party to enable it to contest such order or requirement. 13. Disclaimers Except as expressly set forth herein, to the fullest extent of all applicable laws, the Website (including all information thereon), Platform and Services are provided by Us as a neutral host and on an “as is” basis, and we disclaim: (a) all representations and warranties, expressed or implied, regarding Our Website, Platform, Services, or otherwise relating to the Agreement, including any implied warranties of merchantability, fitness for a particular purpose or arising from course of dealing or course of performance; (b) any warranty that the Website, Platform, Services or any information therein will operate uninterrupted, error-free, or that the servers are free of viruses, spyware, malware or other harmful components; and (c) liability for any third party’s security methods and protection procedures. Further, we make no representation or warranty with respect to any results obtainable through the Services and/or associated products. You must use industry-recognized software to detect and disinfect viruses from any download. No advice or information, whether verbal or written, we give through Our Website, Platform and/or otherwise shall create any warranty, representation and/or guarantee not expressly stated herein. During and after the validity of the Agreement any claim that is not made within the statutory limitation period shall be forfeited. 14. Limitation of Liability 14.1 Nothing in the Agreement excludes or limits either Party’s liability for (i) fraud or fraudulent misrepresentation; (ii) voluntary or gross negligent acts or omissions; (iii) loss of life or personal injury; or (iv) anything which cannot be excluded or limited by law. 14.2 Neither party shall have any liability (whether in contract, tort or otherwise) under or in connection with the Agreement for any special or indirect damages, including, without limitation, consequential damages, loss of profits, loss of savings and damages resulting from interruption of business regardless whether foreseeable, known or otherwise. 14.3 The Platform may be incorporated into, and may incorporate, technology, software and services owned and controlled by third parties. Use of such third party software or services is subject to the terms and conditions of the applicable third party (license) agreements (including, without limitation, terms of use and privacy policies), and you agree to look solely to the applicable third party and not to performission to enforce any of your rights in relation thereto. 14.4 Each Party’s aggregate liability (whether in contract, tort or otherwise) under or in connection with the Agreement shall not exceed the net amount payable by Demand Partner to performission in any rolling 6 calendar month period ending the date on which such liability arises. 15. Indemnification 15.1 The indemnifying Party, at its own expense, shall defend, indemnify and hold harmless the indemnified Party against any losses, damages, liabilities, penalties, costs and expenses, including without limitation reasonable attorneys’ fees, and pay any settlement amounts or awarded damages arising out of any third party claim, suit or action to the extent that such claim, suit or action is based upon an allegation that: (a) the indemnifying Party’s performance of any of its obligations contemplated under the Agreement infringes on any rights of any third party (including, without limitation, any intellectual property rights, privacy rights or publicity rights); or (b) the indemnifying Party have breached any of its obligations, representations or warranties hereunder. The foregoing obligations are conditioned on the indemnified Party promptly notifying the indemnifying Party in writing of such claim. 15.2 The indemnified Party will promptly notify the indemnifying Party of all claims of which it becomes aware (provided that a failure or delay in providing such notice will not relieve the indemnifying Party’s obligations except to the extent such Party is prejudiced by such failure or delay) and will: (a) provide reasonable cooperation to the indemnifying Party at the indemnifying Party’s expense in connection with the defense or settlement of all claims, and (b) be entitled to participate at its own expense in the defense of all claims. The indemnified Party agrees that the indemnifying Party will have sole and exclusive control over the defense and settlement of all claims provided. The indemnifying Party will not acquiesce to any judgment or enter into any settlement, either of which imposes any obligation or liability on the indemnified Party, without the indemnified Party’s prior written consent. 16. Term and Termination 16.1 The Agreement shall be effective from the Effective Date and remain valid unless it is terminated in accordance with the terms of the Agreement. 16.2 The Agreement shall terminate automatically when all its Supplemental Agreements are terminated. 16.3 Either Party may terminate the Agreement with immediate effect by written notice to the other Party if: the other Party commits a material breach of the Agreement and fails to remedy the breach (if remediable) within fourteen (14) days of receiving written notice to that effect specifying the breach and requiring it to be remedied; for the sake of clarity the non-payment of overdue invoices is considered a material breach under the Agreement. the other Party ceases to conduct its business operations; or 8 the other Party enters into a composition with its creditors or goes into liquidation, or is dissolved, or adjudged insolvent or is otherwise rendered incapable of performing its obligations under the Agreement without the consent of a third party. 16.4 Performission may suspend (the “Suspension”) any or all Services at any time, with or without advance notice, for any reason that it finds valid in its sole discretion until cured, including but not limited to where performission believes that: (a) Demand Partner is in any way in breach of the Agreement; (b) any Offers are unsuitable for the Platform for any reason including, without limitation, that the Offers contain, or link to, content that is of adult or explicit nature, offensive, indecent, harmful, threatening, defamatory, obscene, harassing or otherwise unlawful; (c) Demand Partner, at any time, is conducting commercial activities that do not fully comply with all applicable local, state, federal and foreign laws, rules and regulations; and (d) Demand Partner’s invoice(s) are overdue. 16.5 Upon Termination or Suspension of the Agreement, the following terms apply: (a) Performission shall lock all Your user accesses, terminate all Your Offers and cancel all Your other related services; (b) If You are using the Platform, You must either stop tracking transactions in the Platform, remove the SDK from Your mobile app(s), or request a DNS shutdown of Your account in writing (with email sufficing); (c) You must remove all performission links, logos, references and other information, including, but not limited to, container tags, folders, conversion pixels and referring links (the “Links”) and confirm to Us in writing that all Links are removed; (d) the License and any and all other licenses and rights granted to Demand Partner in connection with the Agreement shall immediately terminate; (e) any and all confidential or proprietary information of performission that is in Demand Partner’s possession or control must be immediately returned or destroyed. If requested, Demand Partner will certify in a writing signed by Demand Partner that all such confidential and/or proprietary information has been returned or destroyed; and (f) You are responsible for settling any outstanding balances in accordance with Section 8. 16.6 If performission terminates the Services for breach of the Agreement, Demand Partner shall not be eligible to enter into a new agreement with performission, and any attempt to do so shall be null and void. Obligations that, by their nature, would survive any Termination of the Agreement including, without limitation, Sections 8, 11, 12, 13, 14 and 15 shall survive any Termination of the Agreement. 17. Representations and Warranties Each Party represents and warrants that: (a) it will make no false or misleading representations, warranties or guarantees with respect to the other Party and all material aspects of the other Party’s business including, but not limited to, its products and services; (b) it has the authority and capacity to enter into the Agreement and it is not subject to any restrictive covenant or other legal obligation; (c) it shall perform its obligations under the Agreement in a timely, competent and professional manner and with all reasonable care and skill; and (d) it will comply with all applicable laws and regulations and will maintain any permits, licenses and approvals required to perform its obligations hereunder. 18. Independent Parties The relationship between the Parties is that of independent contracting parties. Nothing in the Agreement shall constitute or be deemed to constitute a relationship of joint venture, partnership, franchise or similar arrangement between the Parties. For the sake of clarity the Agreement shall not constitute an agreement between performission and any Demand Partner Client. 19. Governing Law The Agreement, and Your relationship with performission under the Agreement, will be governed by and construed in accordance with the laws of Finland, without regard to its law provisions. Any claim, dispute or matter arising under or in connection with the Agreement shall be resolved mutually through negotiation to the extent possible. In the event the Parties fail to resolve any dispute arising hereunder through mutual negotiation, each Party shall irrevocably submit to the exclusive jurisdiction of the courts of Stockholm, Sweden. 9 20. Entire Agreement 20.1 The Agreement and its Supplemental Agreements constitute the entire and exclusive agreement between the Parties with respect to the subject matter hereof, superseding any prior agreements, negotiations and discussions (both written and oral) between the Parties relating thereto. 20.2 The Agreement may be executed in two counterparts, each of which shall be deemed an original, but all of which taken together shall constitute one and the same instrument. 21. Electronic Signatures 21.1 By clicking on the “Sign up” button, or such similar links as may be designated by performission as a means of accepting the Agreement and any Supplemental Agreements, You acknowledge and agree that You are submitting a legally binding electronic signature and are entering into a legally binding contract. You acknowledge that Your electronic submissions constitute Your intent and consent to be bound by the Agreement. 21.2 You consent to receiving electronic communications and agree that all agreements, notices, disclosures and other communications that performission provides to You electronically, via email or by posting notifications in Your Interface satisfy any legal requirement that such communications be in writing. 22. Electronic Communication Pursuant to any applicable statutes, regulations, rules, ordinances or other laws including, without limitation, the United Kingdom Electronic Communications Act 2000 (the “E-Signature Law”) or other similar statutes, Demand Partner hereby agrees to the use of electronic signatures, contracts, orders and other records and to electronic delivery of invoices, credit notes, notices, policies, records of transactions and other communications initiated or completed through the Services offered by performission. Further, You hereby waive any rights or requirements under any statutes, regulations, rules, ordinances or other laws in any jurisdiction which require an original signature or delivery or retention of non-electronic records, or to payments or the granting of credits by other than electronic means. 23. Agreement Hierarchy In case of conflict or inconsistency between the Agreement and anything in or associated with the Supplemental Agreements, Ad Media Terms of Use, performission’s Privacy Policy, the Website, Platform, or any other applicable performission operating rules, policies, pricing solutions and other supplemental terms and conditions or documents, the Agreement shall take precedence. 24. Force Majeure Neither party shall be liable, or be considered to be in breach of the Agreement, on account of either Party’s failure or delay in the performance of its obligations as required under the terms of the Agreement for any cause beyond the reasonable control of such Party, including but not limited to electrical outages, failure of internet service providers, default due to internet disruption caused by denial of service attacks, riots, insurrection, war (or similar), fires, flood, earthquakes and explosions. 25. Non Assignment Performission may assign or otherwise transfer the Agreement or any rights and obligations hereunder, in whole or in part, to any person or entity without Demand Partner’s consent. The rights granted to Demand Partner under the Agreement may not be assigned without performission’s prior written consent which should not be unreasonably withheld, and any attempted unauthorized assignment by Demand Partner shall be null and void. 26. Severability The unenforceability of any single provision of the Agreement shall not affect any other provision hereof. Where such a provision is held to be unenforceable, the Parties shall use their best endeavors to negotiate and agree upon an enforceable provision which achieves to the greatest extent possible the economic, legal and commercial objectives of the unenforceable provision. The Demand Partner Supplemental Terms of Use – Exchange specify the use of the Exchange product (the “Supplemental Agreement Exchange”) and are entered into on the Effective Date amending the Agreement between the Parties. In consideration of the mutual covenants set forth herein, the Parties hereby agree as follows: 1. Interpretation Words and expressions defined and rules of interpretation set out in the Agreement shall have the same meaning and effect when used in the Supplemental Agreement Exchange except where the context requires otherwise. 2. Definitions “Exchange” means the core of the Platform. Add-ons are embedded in and integrated with Exchange. “Exchange Services” shall mean performission’s suite of technology and services, including, but not limited to, technology and services to create accounts, offers and campaigns, trade with Ad Medias, track and process events, monitor and analyse results, manage add-on products as well as billing and payments. 3. Fees In consideration of Your use of the Exchange Services on the Platform, You agree to pay the fees described in this Section. 3.1 Performission will charge You one-time start up fees of EUR 0 or the equivalent in the Demand Partner’s selected billing currency. 3.2 Performission will charge You monthly fixed fees of EUR 0 or the equivalent in the Demand Partner’s selected billing currency. 3.3 The commission split between the Ad Media (publisher) and performission is 80/20 for every approved transaction recorded on the Platform (the “Transaction Fees”). The commissions will be agreed upon separately in writing. 3.4 You have a free media usage of 5GB, for every additional GB performission will charge media usage fees of EUR 1.5 per GB or the equivalent in the Demand Partner’s selected billing currency. 4. Term and Termination Exchange Services under the Supplemental Agreement Exchange are provided by performission to Demand Partner on a month-to-month basis, and as such each of the Parties, may, at their sole discretion, terminate the Supplemental Agreement Exchange (and thereby the Exchange Services) at any time with a one month notice period to the end of the month (the “Termination”). Demand Partner must provide the written notice of Termination by email notification to info@performission.se. 5. Effect of the Supplemental Agreement Exchange on the Agreement The Parties agree that the Agreement, as amended by the Supplemental Agreement Exchange, shall remain in full force and effect in accordance with its terms, and with effect from and including the date hereof and during the period in which the amendments made by the Supplemental Agreement Exchange are to have effect, all references in the Agreement to the “Agreement”, “herein”, “hereof”, “hereunder” and other similar expressions shall, unless the context requires otherwise, be read and construed as a reference to the Agreement as amended by the Supplemental Agreement Exchange. The Demand Partner Supplemental Terms of Use – Convert specify the use of the Convert add-on (the “Supplemental Agreement Convert”) and are entered into on the Effective Date amending the Agreement between the Parties. In consideration of the mutual covenants set forth herein, the Parties hereby agree as follows: 1. Interpretation Words and expressions defined and rules of interpretation set out in the Agreement shall have the same meaning and effect when used in the Supplemental Agreement Convert except where the context requires otherwise. 2. Definitions “Convert” means the Convert exit-intent technology that as an add-on forms an integral part of the Platform. “Convert Services” shall mean performission’s suite of technology and services, including, but not limited to, technology and services to create and display overlays to Users, track and process related transactions, and provide reporting to Demand Partner. 3. Overlays 3.1 You are allowed to create and/or upload your own overlays to the Platform which may be included in Our overlay template library (the “Library”) at Our sole discretion. By using the Convert Services Demand Partner gets access to the Library. To remove Your overlays from the Library upon Termination of the Supplemental Agreement Convert, you must request the removal in writing. 3.2 Overlays created free of charge by Us for You or Your Demand Partner Clients (the “Overlays”) are Our proprietary property and part of the License. 4. Fees In consideration of Your use of the Convert Services on the Platform, You agree to pay the fees described in this Section. Convert is connected to and promoting Your Offers as an Ad Media. In return performission shall charge You Ad Media payouts per Offer for every approved transaction recorded on the Platform. The Ad Media payouts per Offer are mutually agreed on by both Parties. 5. Term and Termination Convert Services under the Supplemental Agreement Convert are provided by performission to Demand Partner on a month-to-month basis, and as such each of the Parties, may, at their sole discretion, terminate the Supplemental Agreement Convert (and thereby the Convert Services) at any time with a one month notice period to the end of the month (the “Termination”). Demand Partner must provide the written notice of Termination by email notification to info@performission.se. 6. Effect of the Supplemental Agreement Convert on the Agreement The Parties agree that the Agreement, as amended by the Supplemental Agreement Convert, shall remain in full force and effect in accordance with its terms, and with effect from and including the date hereof and during the period in which the amendments made by the Supplemental Agreement Convert are to have effect, all references in the Agreement to the “Agreement”, “herein”, “hereof”, “hereunder” and other similar expressions shall, unless the context requires otherwise, be read and construed as a reference to the Agreement as amended by the Supplemental Agreement Convert. Latest update 2018-05-23 di|[recaptcha] h1|Terms of use h2| h3|Advertiser Terms of use Advertiser Supplemental Terms of Use ‘Exchange’ & ‘Fuse’ Advertiser Supplemental Terms of Use – Convert pa|Kunden ska komma till webbutiken för att handla, inte för att gå. Retain PMX fångar användarens kundkorg i samband med produktvisningar och sökhistorik i realtid. Denna information kan användas till att skapa mycket personliga mejl som visar användarens kundkorg samt andra relevanta produkter eller gratisprodukter. Ett enkelt klick och användaren skickas till en färdigt fylld kundkorg för att fullfölja köpet. Våra responsiva e-postmallar gör att du kan köra kampanjer mellan enheter. Designa din egen mall eller välj bland våra favoritmallar som du finner i mall-biblioteket. Vårt designteam hjälper dig gärna med att skapa förstklassig e-postreklam så att du lyckas med Retain PMX. När köpet är genomfört börjar arbetet med att förlänga kundens livscykel. Nu kan du skapa märkeslojalitet och öka kundupplevelsen genom att skicka dina kunder ett välkomstmeddelande, frågor om produkter, erbjudanden om påfyllning, samt exklusiva erbjudanden till dina allra bästa kunder di|Vi hämtar användarnas e-postadress i samma ögonblick som de skriver in den i kassan. Detta är nyckeln till att återvinna de kunder som lämnat webbutiken innan de handlat. Om du har olika e-postkampanjer kan du välja mellan enkel- eller flerstegssekvenser och bestämma deras respektive utskickstidpunkter. En elementär metod för att kontinuerligt förbättra e-postkampanjer är genom A/B testing. Genom att skicka flera olika sorters mejl lär du dig vilken design och vilka erbjudanden som ger bäst resultat i förhållande till de förutbestämda målen. Retain PMX är integrerat i plattformen och tillgängligt i navigationen med ett enkelt klick. Det kan kombineras med extern trafik och andra add-ons och stöttar därmed dina multikanaler. Vi spårar varje köp dina kunder gör eller inte gör genom betalningsprocessen för att ge dig full insikt i betalningstransaktionen. Detta göra att du kan identifiera de kritiska punkter där kunder faller bort innan de hunnit fullfölja sitt köp. Vår lösning är fullt kompatibel med de nationella och internationella lagarna om dataskydd med hänsyn till inhämtning, lagring och användning av dina besökares e-postadresser. [recaptcha] st|Segmentering och anpassning Responsiva e-postmallar Öka kundernas livscykel Skapa intäkter från kunder du vanligtvis går miste om h1|Retain PMX h2|Vill du veta mer om Retain PMX? h3|Spårning i realtid Detaljerade kampanjer A/B testing Multikanaler Transaktionsvisualisering Lagenlighet pa|Gör fönstershoppare till betalande kunder Convert PMX är en layover som ger ett skräddarsytt meddelande till kunder som håller på att lämna webbutiken. Convert är integrerat i plattformen Exchange och är tillgängligt i navigationen med ett enkelt klick. Programmet är byggt så att du kan konfigurera det själv, med hjälpsektionen till hands som förklarar varje steg av utförandet och installationen. Vi anser att framgången av en on-site retargeting-lösning endast bör mätas utifrån konverteringar i samma session. Därför upphör Convert PMX tracking när användaren avslutar sessionen och lämnar webbutiken. För att undgå missbruk visas inte layovern på nytt om användaren kommer tillbaka till webbutiken inom en viss tidsperiod. Den inbyggda vitlistningsfunktionen förhindrar att layover stör dina besökande när de navigerar runt i webbutiken. Detta ger dig möjligheten att välja var du vill visa en layover (tex. i kassan) och kan därmed avgöra hela skillnaden när du ska locka tillbaka de kunder som lämnat sidan di|Genom att använda layovers med två eller flera steg, kan du öka kundengagemanget och därmed sannolikheten för konverteringar. Du kan presentera budskapet på ett mer dynamiskt och spännande sätt som gör att du skiljer ut dig från mängden. Använd layovers till att konvertera besökande till potentiella kunder genom att samla värdefulla e-postadresser. Du kan också skräddarsy lösningen genom att använda andra interaktiva element så som räknare eller knappar. Du kan designa din egen mall eller välja en favorit från vårt omfattande mall-bibliotek. Vi kan också hjälpa dig med design och implementeringssupport så att din ibruktagning av Convert PMX blir så enkel som möjligt. Du kan välja om layovers ska aktiveras när kunden surfar runt i webbutiken (scroll trigger), inte gör något i webbutiken (inactivity trigger) eller håller på att lämna webbutiken (exit trigger). Alla triggers kan användas separat eller i kombination. För att passa till din webbutik och publik kan positionering och animering av layovers anpassas efter dina önskemål. Dina layovers blir diskreta och anpassas efter webbutiken för en positiv kundupplevelse. Du kan välja om du vill implementera Convert PMX separat, eller som en del av vår container tag i din webbutik. I båda fallen är det bara en rad med JavaScript-kod som läggs till på några sekunder. [recaptcha] st|Öka antalet konverteringar In-session tracking Anpassningsbar vitlistning Fantastiska skräddarsydda funktioner som du kommer att älska h1|Convert PMX h2|Vill du veta mer om Convert PMX? h3|Multi-level overlays Leadgenerering Mallar Triggers Animationer Implementering av tags pa|Exchange är kärnan i allt vi gör Exchange säkerställer att annonsören är i förarsätet och har full kontroll över vem som får tillgång till att promota webbutiken. Du avgör om bara en eller flera utvalda publishers får tillgång, samtidigt som du kan samarbeta med affiliatenätverk genom plattformen. Oavsett vad du väljer, säkerställer du att all performance marketing körs genom performission, något som säkrar dig mot dubletter och bl.a. ger dig allt på en och samma faktura. När du använder den självbetjänande plattformen kan du låta proffsen administrera sina erbjudanden och sina trafikkällor. Plattformens alla verktyg och funktionaliteter är designade för extern och delad användning. Värdefulla förklaringar och tips för hur plattformen används på bästa sätt, finns till hands på nätet. Plattformens rapporter ger dig insikt i hur olika marknadsföringskanaler bidrar till konverteringar. Möjligheten att analysera konverteringssätt och in-app händelser hjälper dig att upprätta, anpassa och skräddarsy attributionsmodeller. Du kan anpassa omfånget av rapportdatan till önskat övervakningsbehov di|Baserat på målgruppen du väljer kan vi med hjälp av geopositionering och enheter dirigera din trafik i nutid till en verklig destination. Denna sömlösa omdirigering maximerar avkastningen från annonseringen. Eftersom vi uteslutande tar betalt för konverteringar ligger det i vårt största intresse att ha en förstklassig online- och mobiltracking. Varenda nöjd procent är viktig. Vi kombinerar därför både cookiebaserad och cookielös spårning i en unik hierarki. Vår API ger publishers och annonsörer extern tillgång (”läs”) och rättighet (”redigering”) till plattformen. När du använder API kan du bl.a. hämta rapporter, material och trackinglänkar utan att logga in i vår programvara. Våra webbtjänster använder REST-teknologin. När du satsar globalt med dina erbjudanden betyder det att publishers ska ha betalt i olika valutor. Samtidigt kräver någon publisher betalning i en särskild valuta. För att detta ska fungera lagras varenda konvertering i realtid i 160 olika valutor. Många av dem som jobbar inom performance marketing eller affiliatemarknadsföring är oroliga för bedrägeri, men utnyttjar du vår handelsplattform i fullskala kan du utrota bedrägeririsken helt. När detta kombineras med att publishers trafikkällor offentliggörs som standard, hålls din trafik ren. Du kopplar upp dig till vår plattform och kan då utnyttja alla inbyggda add-ons (verktygen), samt implementera vår container tag (en rad med JavaScript-kod) på din webbplats. Du har full uppsikt över vilka tags som placeras i containern och kan lägga till och ta bort tags på sekunden. [recaptcha] st|Performancetrafik genom en kanal Självbetjänande lösningar Analys och rapportering Performance marketing på en gränslös marknadsplats skapar oändliga möjligheter h1|Exchange PMX h2|Vill du veta mer om Exchange PMX? h3|Målinriktning Tracking API Valuta Bedrägeriskydd Tag management pa|Latest update 2018-05–24 These Data Processing Terms (“ “) that include the Standard Contractual Clauses adopted by the European Commission, as applicable, reflect the parties’ agreement with respect to the terms governing the Processing of Personal Data under the Advertiser Terms of Use (“ “) entered into by and between: (i) Performission Sweden AB (as defined under the Principal Agreement) (hereinafter referred to as “ “ acting on its own behalf and as agent for each Vendor Affiliate; and (ii) Demand Partner (as defined under the Principal Agreement) (hereinafter referred to as “ “) acting on its own behalf and as agent for each Company Affiliate. The DPT is an amendment to the Principal Agreement and is effective upon is incorporation, which incorporation is specified in the Principal Agreement. Upon its incorporation into the Principal Agreement, the DPT will from an integral part of, and will be subject to, the Principal Agreement. Vendor and Company are hereinafter jointly referred to as the “parties” and individually as the “party”. The terms used in the DPT shall have the meanings set forth in the DPT. Capitalized terms not otherwise defined herein shall have the meaning given to them in the Principal Agreement. Except as modified below, the terms of the Principal Agreement shall remain in full force and effect. Except where the context requires otherwise, references in the DPT to the Principal Agreement are to the Principal Agreement as amended by, and including, the DPT. In connection with the Services, the parties anticipate that Vendor, each Vendor Affiliate, each Contracted Processor and/or each Subprocessor may process outside of the European Economic Area (“EEA”) and United Kingdom, certain Company Personal Data in respect of which any Company Group Member may be a Controller, as applicable, under applicable EU Data Protection Laws. The parties have agreed to enter into the DPT in order to ensure that adequate safeguards are put in place with respect to the protection of such Company Personal Data as required by EU Data Protection Laws. In the course of providing the Services to Company pursuant to the Principal Agreement, Vendor and each Vendor Affiliate may Process Company Personal Data on behalf of any Company Group Member. Vendor agrees to comply with the following provisions with respect to any Company Personal Data submitted by or for any Company Group Member to Vendor or collected and processed by or for any Company Group Member using Vendor’s services. The parties agree that the obligations under the DPT that are specific to the GDPR shall not apply until the GDPR has come into full force and effect. 1.1 In the DPT, the following terms shall have the meanings set out below and cognate terms shall be construed accordingly: 1.1.2 “ ” means (a) European Union or Member State laws with respect to any Company Personal Data in respect of which any Company Group Member is subject to EU Data Protection Laws; and (b) any other applicable law with respect to any Company Personal Data in respect of which any Company Group Member is subject to any other Data Protection Laws; 1.1.3 “ ” means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with Company, where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise; 1.1.4 “ ” means Company or any Company Affiliate; 1.1.5 “ ” means any Personal Data Processed by a Contracted Processor on behalf of a Company Group Member pursuant to or in connection with the Principal Agreement; 1.1.6 “ ” means Vendor or a Subprocessor; 1.1.7 “ ” means EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other country; 1.1.8 “ ” means the European Economic Area; 1.1.9 “ ” means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to time, including by the GDPR and laws implementing or supplementing the GDPR; 1.1.10 “ ” means the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data); 1.1.11 “ ” means: 1.1.12 “ ” means the services and other activities to be supplied to or carried out by or on behalf of Vendor for Company Group Members pursuant to the Principal Agreement; 1.1.13 “ ” means the contractual clauses set out in Exhibit 1, amended as indicated in that Exhibit and under section 15.4; 1.1.14 “ ” means any person (including any third party and any Vendor Affiliate, but excluding an employee of Vendor or any of its sub-contractors) appointed by or on behalf of Vendor or any Vendor Affiliate to Process Personal Data on behalf of any Company Group Member in connection with the Principal Agreement; and 1.1.15 “ ” means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with Vendor, where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise. 1.2 The terms, “ “, “ “, “ “, “ “, “ “, “ “, “ ” and “ ” shall have the same meaning as in the GDPR, and their cognate terms shall be construed accordingly. 1.3 The word “ ” shall be construed to mean include without limitation, and cognate terms shall be construed accordingly. 2. 2.1 The subject-matter of Processing of Company Personal Data by Contracted Processor is the provision of the Services to any Company Group Member that involves the Processing of Company Personal Data. Company Personal Data will be subject to those Processing activities as may be specified in the Principal Agreement. 2.2 . Company Personal Data will be Processed for the duration of the Principal Agreement. 2.3 . Company Personal Data will be Processed for purposes of providing the Services set out and otherwise agreed to in the Principal Agreement. 2.4 Online identifiers, including cookie identifiers, internet protocol addresses and device identifiers, Company identifiers. 2.5 Company Personal Data will concern the following categories of Data Subjects: 2.5.2 Data Subjects about whom personal data is transferred to Vendor and/or Vendor Affiliate in connection with the Services by, at the direction of, or on behalf of any Company Group Member. Depending on the nature of the Services, these Data Subjects may include individuals: (a) to whom online advertising has been, or will be, directed; (b) who have visited specific websites or applications in respect of which Vendor and/or Vendor Affiliate provide the Services; and/or (c) who are customers or users of Company Group Member’s products or services. 3. 3.1 Each party warrants in relation to Company Personal Data that it will comply with EU Data Protection Laws. As between the parties, the Company shall have sole responsibility for the accuracy, quality, and legality of Company Personal Data and the means by which the Company acquired Company Personal Data. 3.2 Each party shall appoint an individual within its organization authorized to respond from time to time to enquiries regarding the Company Personal Data and each party shall deal with such enquiries promptly. 4. Vendor warrants and represents that, before any Vendor Affiliate Processes any Company Personal Data on behalf of any Company Group Member, Vendor’s entry into the DPT as agent for and on behalf of that Vendor Affiliate will have been duly and effectively authorised (or subsequently ratified) by that Vendor Affiliate. 5. 5.1 Vendor and each Vendor Affiliate shall: 5.1.2 not Process Company Personal Data other than on the relevant Company Group Member’s documented instructions unless Processing is required by Applicable Laws to which the relevant Contracted Processor is subject, in which case Vendor or the relevant Vendor Affiliate shall to the extent permitted by Applicable Laws inform the relevant Company Group Member of that legal requirement before the relevant Processing of that Personal Data. 5.2 Each Company Group Member: 5.2.1.2 in particular, transfer Company Personal Data to any country or territory, as reasonably necessary for the provision of the Services and consistent with the Principal Agreement; and 5.2.2 warrants and represents that it is and will at all relevant times remain duly and effectively authorised to give the instruction set out in section 5.2.1 on behalf of each relevant Company Affiliate. 5.3 Section 2 of the DPT sets out certain information regarding the Contracted Processors’ Processing of the Company Personal Data as required by article 28(3) of the GDPR (and, possibly, equivalent requirements of other Data Protection Laws). Nothing in Section 2 confers any right or imposes any obligation on any party to the DPT. 6. Vendor and each Vendor Affiliate shall take reasonable steps to ensure the reliability of any employee, agent or contractor of any Contracted Processor who may have access to the Company Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know / access the relevant Company Personal Data, as strictly necessary for the purposes of the Principal Agreement, and to comply with Applicable Laws in the context of that individual’s duties to the Contracted Processor, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality. 7. 7.1 Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Vendor and each Vendor Affiliate shall in relation to the Company Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in Article 32(1) of the GDPR. 7.2 In assessing the appropriate level of security, Vendor and each Vendor Affiliate shall take account in particular of the risks that are presented by Processing, in particular from a Personal Data Breach. 8. 8.1 Each Company Group Member authorises Vendor and each Vendor Affiliate to appoint (and permit each Subprocessor appointed in accordance with this section 8 to appoint) Subprocessors in accordance with this section and any restrictions in the Principal Agreement. 8.2 Vendor and each Vendor Affiliate may continue to use those Subprocessors already engaged by Vendor or any Vendor Affiliate as at the date of the DPT, including, but not limited to Amazon Web Services, OVH and Hetzner Online as third party data center operators, and affiliates, publishers, ad media, media buyers, ad networks, demand side platforms (DSP), supply side platforms (SSP), outsourced marketing, business, engineering, customer support and traffic providers to support the performance of the Services. 8.3 Each Company Group Member grants a general authorization: (a) to Vendor to appoint other Vendor Affiliates as Subprocessors, and (b) to Vendor and each Vendor Affiliate to appoint third party data center operators, and affiliates, publishers, ad media, media buyers, ad networks, demand side platforms (DSP), supply side platforms (SSP), outsourced marketing, business, engineering, customer support and traffic providers to support the performance of the Services. For the avoidance of doubt, the above general authorization constitutes each Company Group Member’s prior written consent to the subprocessing by Vendor and each Vendor Affiliate for purposes of Clause 11 of the Standard Contractual Clauses. 8.4 Vendor will maintain a list of Subprocessors in the Company’s Interface on the Vendor’s domain and will add the names of new and replacement Subprocessors to the list prior to them starting sub-Processing of Company Personal Data. If the Company has a reasonable objection to any new or replacement Subprocessor, it shall notify Vendor of such objections in writing within ten (10) days of the Subprocessor’s inclusion on the list and the parties will seek to resolve the matter in good faith. If Vendor is reasonably able to provide the Services to Company in accordance with the Principal Agreement without using the Subprocessor and decides in its sole discretion to do so, then Company will have no further rights under this clause 8.4 in respect of the proposed use of the Subprocessor. If Vendor requires use of the Subprocessor in its sole discretion and is unable to satisfy Company as to the suitability of the Subprocessor or the documentation and protections in place between Vendor and the Subprocessor within ninety (90) days from the Company’s notification of objections, the Company may within thirty (30) days following the end of the ninety (90) day period referred to above, terminate the applicable Insertion Order(s) with at least thirty (30) days written notice, solely with respect to the service(s) to which the proposed new Subprocessor’s Processing of Company Personal Data relates. If Company does not provide a timely objection to any new or replacement Subprocessor in accordance with this clause 8.4, Company will be deemed to have consented to the Subprocessor and waived its right to object. Vendor and each Vendor Affiliate and may use a new or replacement Subprocessor whilst the objection procedure in this clause 8.4 is in process. 8.5 With respect to each Subprocessor, Vendor or the relevant Vendor Affiliate shall: 8.6 Vendor and each Vendor Affiliate shall ensure that each Subprocessor performs the obligations under sections 5.1, 6, 7, 9, 11 and 13.1, as they apply to Processing of Company Personal Data carried out by that Subprocessor, as if it were party to the DPT in place of Vendor. 9. Taking into account the nature of the Processing, Vendor and each Vendor Affiliate shall assist each Company Group Member by implementing appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Company Group Members’ obligations, as reasonably understood by Company, to respond to requests to exercise Data Subject rights under the Data Protection Laws (including access, rectification, restriction, deletion or portability of Company Personal Data, as applicable). If such request is made directly to Vendor or any Vendor Affiliate, Vendor shall promptly inform Company and shall advise Data Subjects to submit their request to Company. Company shall be solely responsible for responding to any Data Subject request. Company shall reimburse Vendor for the costs arising from this assistance. 10. Vendor shall notify Company without undue delay upon Vendor or any Subprocessor becoming aware of a Personal Data Breach affecting Company Personal Data, providing Company with sufficient information to allow each Company Group Member to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws. 11. Vendor and each Vendor Affiliate shall provide reasonable assistance to each Company Group Member with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Company reasonably considers to be required of any Company Group Member by article 35 or 36 of the GDPR or equivalent provisions of any other Data Protection Law, in each case solely in relation to Processing of Company Personal Data by, and taking into account the nature of the Processing and information available to, the Contracted Processors. 12. 12.1 Other than to the extent required to comply with EU Data Protection Law, following termination or expiry of the Principal Agreement, Vendor and each Vendor Affiliate shall promptly delete and procure the deletion of all copies of the Company Personal Data. If Vendor is unable to delete Company Personal Data for technical or other reasons, Vendor will apply measures to ensure that Company Personal Data is blocked from any further Processing. 12.2 Subject to section 12.3, Company may in its absolute discretion by written notice to Vendor within 10 days from the termination or expiry of the Principal Agreement require Vendor and each Vendor Affiliate to (a) return a complete copy of all Company Personal Data to Company by secure file transfer in such format as is reasonably notified by Company to Vendor; and (b) delete and procure the deletion of all other copies of Company Personal Data Processed by any Contracted Processor. 12.3 Each Contracted Processor may retain Company Personal Data to the extent required by Applicable Laws and only to the extent and for such period as required by Applicable Laws and always provided that Vendor and each Vendor Affiliate shall ensure the confidentiality of all such Company Personal Data and shall ensure that such Company Personal Data is only Processed as necessary for the purpose(s) specified in the Applicable Laws requiring its storage and for no other purpose. 13. 13.1 Subject to sections 13.2 and 13.3, Vendor and each Vendor Affiliate shall make available to each Company Group Member on request all information necessary to demonstrate compliance with the DPT, and shall allow for and contribute to audits, including inspections, by any Company Group Member or an auditor mandated by any Company Group Member in relation to the Processing of the Company Personal Data by the Contracted Processors. 13.2 Information and audit rights of the Company Group Members only arise under section 13.1 to the extent that the Principal Agreement does not otherwise give them information and audit rights meeting the relevant requirements of Data Protection Law (including, where applicable, article 28(3)(h) of the GDPR). 13.3 Company or the relevant Company Affiliate undertaking an audit shall give Vendor or the relevant Vendor Affiliate reasonable notice of any audit or inspection to be conducted under section 13.1 and shall make (and ensure that each of its mandated auditors makes) reasonable endeavours to avoid causing (or, if it cannot avoid, to minimise) any damage, injury or disruption to the Contracted Processors’ premises, equipment, personnel and business while its personnel are on those premises in the course of such an audit or inspection. A Contracted Processor need not give access to its premises for the purposes of such an audit or inspection: 13.3.2 outside normal business hours at those premises, unless the audit or inspection needs to be conducted on an emergency basis and Company or the relevant Company Affiliate undertaking an audit has given notice to Vendor or the relevant Vendor Affiliate that this is the case before attendance outside those hours begins; or 13.3.3 for the purposes of more than one audit or inspection, in respect of each Contracted Processor, in any calendar year, except for any additional audits or inspections which: 13.3.3.2 A Company Group Member is required or requested to carry out by Data Protection Law, a Supervisory Authority or any similar regulatory authority responsible for the enforcement of Data Protection Laws in any country or territory, where Company or the relevant Company Affiliate undertaking an audit has identified its concerns or the relevant requirement or request in its notice to Vendor or the relevant Vendor Affiliate of the audit or inspection. 14. 14.1 Subject to section 14.3, each Company Group Member (as “data exporter”) and each Contracted Processor, as appropriate, (as “data importer”) hereby enter into the Standard Contractual Clauses in respect of any Restricted Transfer from that Company Group Member to that Contracted Processor. 14.2 The Standard Contractual Clauses shall come into effect under section on the later of: 14.2.2 the data importer becoming a party to them; and 14.2.3 commencement of the relevant Restricted Transfer. 14.3 Section 14.1 shall not apply to a Restricted Transfer unless its effect, together with other reasonably practicable compliance steps (which, for the avoidance of doubt, do not include obtaining consents from Data Subjects), is to allow the relevant Restricted Transfer to take place without breach of applicable Data Protection Law. 15. 15.1 Without prejudice to clauses 7 (Mediation and Jurisdiction) and 9 (Governing Law) of the Standard Contractual Clauses: 15.2 Nothing in the DPT reduces Vendor’s or any Vendor Affiliate’s obligations under the Principal Agreement in relation to the protection of Personal Data or permits Vendor or any Vendor Affiliate to Process (or permit the Processing of) Personal Data in a manner which is prohibited by the Principal Agreement. In the event of any conflict or inconsistency between the DPT and the Standard Contractual Clauses, the Standard Contractual Clauses shall prevail. 15.3 Subject to section 15.2, with regard to the subject matter of the DPT, in the event of inconsistencies between the provisions of the DPT and any other agreements between the parties, including the Principal Agreement and including (except where explicitly agreed otherwise in writing, signed on behalf of the parties) agreements entered into or purported to be entered into after the date of the DPT, the provisions of the DPT shall prevail. 15.4 Company may: 15.5 If Company gives notice under section 15.4.1: 15.6 If Company gives notice under section 15.4.2, the parties shall promptly discuss the proposed variations and negotiate in good faith with a view to agreeing and implementing those or alternative variations designed to address the requirements identified in Company’s notice as soon as is reasonably practicable. 15.7 Neither Company nor Vendor shall require the consent or approval of any Company Affiliate or Vendor Affiliate to amend the DPT pursuant to this section 15.5 or otherwise. 15.8 Should any provision of the DPT be invalid or unenforceable, then the remainder of the DPT shall remain valid and in force. The invalid or unenforceable provision shall be either (i) amended as necessary to ensure its validity and enforceability, while preserving the parties’ intentions as closely as possible or, if this is not possible, (ii) construed in a manner as if the invalid or unenforceable part had never been contained therein. These Clauses are deemed to be amended from time to time, to the extent that they relate to a Restricted Transfer which is subject to the Data Protection Laws of a given country or territory, to reflect (to the extent possible without material uncertainty as to the result) any change (including any replacement) made in accordance with those Data Protection Laws (i) by the Commission to or of the equivalent contractual clauses approved by the Commission under EU Directive 95/46/EC or the GDPR (in the case of the Data Protection Laws of the European Union or a Member State); or (ii) by an equivalent competent authority to or of any equivalent contractual clauses approved by it or by another competent authority under another Data Protection Law (otherwise). For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection. Both parties have agreed on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Section 2 of the DPT. The data exporter has entered into a data processing DPT (“DPA”) with the data importer. Pursuant to the terms of the DPA, it is contemplated that services provided by the data importer will involve the transfer of personal data to data importer. Data importer is located in a country not ensuring an adequate level of data protection. To ensure compliance with Directive 95/46/EC and applicable data protection law, the controller agrees to the provision of such Services, including the processing of personal data incidental thereto, subject to the data importer’s execution of, and compliance with, the terms of these Clauses. For the purposes of the Clauses: (c) means the processor who agrees to receive from the data exporter personal data intended for processing on his behalf after the transfer in accordance with his instructions and the terms of the Clauses and who is not subject to a third country’s system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC; (d) means any processor engaged by the data importer or by any other subprocessor of the data importer who agrees to receive from the data importer or from any other subprocessor of the data importer personal data exclusively intended for processing activities to be carried out on behalf of the data exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract; (e) ‘ means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data applicable to a data controller in the Member State in which the data exporter is established; (f) means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing. The details of the transfer and in particular the special categories of personal data where applicable are specified in Appendix 1 which forms an integral part of the Clauses. 3.1 The data subject can enforce against the data exporter this Clause, Clause 4(b) to (i), Clause 5(a) to (e), and (g) to (j), Clause 6(1) and (2), Clause 7, Clause 8(2), and Clauses 9 to 12 as third-party beneficiary. 3.2 The data subject can enforce against the data importer this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where the data exporter has factually disappeared or has ceased to exist in law unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law, as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity. 3.3 The data subject can enforce against the subprocessor this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses. 3.4 The parties do not object to a data subject being represented by an association or other body if the data subject so expressly wishes and if permitted by national law. The data exporter agrees and warrants: (c) that the data importer will provide sufficient guarantees in respect of the technical and organisational security measures specified in Appendix 2 to this contract; (d) that after assessment of the requirements of the applicable data protection law, the security measures are appropriate to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation; (e) that it will ensure compliance with the security measures; (f) that, if the transfer involves special categories of data, the data subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC; (g) to forward any notification received from the data importer or any subprocessor pursuant to Clause 5(b) and Clause 8(3) to the data protection supervisory authority if the data exporter decides to continue the transfer or to lift the suspension; (h) to make available to the data subjects upon request a copy of the Clauses, with the exception of Appendix 2, and a summary description of the security measures, as well as a copy of any contract for subprocessing services which has to be made in accordance with the Clauses, unless the Clauses or the contract contain commercial information, in which case it may remove such commercial information; (i) that, in the event of subprocessing, the processing activity is carried out in accordance with Clause 11 by a subprocessor providing at least the same level of protection for the personal data and the rights of data subject as the data importer under the Clauses; and (j) that it will ensure compliance with Clause 4(a) to (i). The data importer agrees and warrants: (c) that it has implemented the technical and organisational security measures specified in Appendix 2 before processing the personal data transferred; (d) that it will promptly notify the data exporter about: (i) any legally binding request for disclosure of the personal data by a law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation, (iii) any request received directly from the data subjects without responding to that request, unless it has been otherwise authorised to do so; (e) to deal promptly and properly with all inquiries from the data exporter relating to its processing of the personal data subject to the transfer and to abide by the advice of the supervisory authority with regard to the processing of the data transferred; (f) at the request of the data exporter to submit its data processing facilities for audit of the processing activities covered by the Clauses which shall be carried out by the data exporter or an inspection body composed of independent members and in possession of the required professional qualifications bound by a duty of confidentiality, selected by the data exporter, where applicable, in agreement with the supervisory authority; (g) to make available to the data subject upon request a copy of the Clauses, or any existing contract for subprocessing, unless the Clauses or contract contain commercial information, in which case it may remove such commercial information, with the exception of Appendix 2 which shall be replaced by a summary description of the security measures in those cases where the data subject is unable to obtain a copy from the data exporter; (h) that, in the event of subprocessing, it has previously informed the data exporter and obtained its prior written consent; (i) that the processing services by the subprocessor will be carried out in accordance with Clause 11; (j) to send promptly a copy of any subprocessor agreement it concludes under the Clauses to the data exporter. 6.1 The parties agree that any data subject, who has suffered damage as a result of any breach of the obligations referred to in Clause 3 or in Clause 11 by any party or subprocessor is entitled to receive compensation from the data exporter for the damage suffered. 6.2 If a data subject is not able to bring a claim for compensation in accordance with paragraph 1 against the data exporter, arising out of a breach by the data importer or his subprocessor of any of their obligations referred to in Clause 3 or in Clause 11, because the data exporter has factually disappeared or ceased to exist in law or has become insolvent, the data importer agrees that the data subject may issue a claim against the data importer as if it were the data exporter, unless any successor entity has assumed the entire legal obligations of the data exporter by contract of by operation of law, in which case the data subject can enforce its rights against such entity. The data importer may not rely on a breach by a subprocessor of its obligations in order to avoid its own liabilities. 6.3 If a data subject is not able to bring a claim against the data exporter or the data importer referred to in paragraphs 1 and 2, arising out of a breach by the subprocessor of any of their obligations referred to in Clause 3 or in Clause 11 because both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, the subprocessor agrees that the data subject may issue a claim against the data subprocessor with regard to its own processing operations under the Clauses as if it were the data exporter or the data importer, unless any successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law, in which case the data subject can enforce its rights against such entity. The liability of the subprocessor shall be limited to its own processing operations under the Clauses. 7.1 The data importer agrees that if the data subject invokes against it third-party beneficiary rights and/or claims compensation for damages under the Clauses, the data importer will accept the decision of the data subject: 7.2 The parties agree that the choice made by the data subject will not prejudice its substantive or procedural rights to seek remedies in accordance with other provisions of national or international law. 8.1 The data exporter agrees to deposit a copy of this contract with the supervisory authority if it so requests or if such deposit is required under the applicable data protection law. 8.2 The parties agree that the supervisory authority has the right to conduct an audit of the data importer, and of any subprocessor, which has the same scope and is subject to the same conditions as would apply to an audit of the data exporter under the applicable data protection law. 8.3 The data importer shall promptly inform the data exporter about the existence of legislation applicable to it or any subprocessor preventing the conduct of an audit of the data importer, or any subprocessor, pursuant to paragraph 2. In such a case the data exporter shall be entitled to take the measures foreseen in Clause 5 (b). The Clauses shall be governed by the law of the Member State in which the data exporter is established. The parties undertake not to vary or modify the Clauses. This does not preclude the parties from adding clauses on business related issues where required as long as they do not contradict the Clause. 11.1 The data importer shall not subcontract any of its processing operations performed on behalf of the data exporter under the Clauses without the prior written consent of the data exporter. Where the data importer subcontracts its obligations under the Clauses, with the consent of the data exporter, it shall do so only by way of a written agreement with the subprocessor which imposes the same obligations on the subprocessor as are imposed on the data importer under the Clauses. Where the subprocessor fails to fulfil its data protection obligations under such written agreement the data importer shall remain fully liable to the data exporter for the performance of the subprocessor’s obligations under such agreement. 11.2 The prior written contract between the data importer and the subprocessor shall also provide for a third-party beneficiary clause as laid down in Clause 3 for cases where the data subject is not able to bring the claim for compensation referred to in paragraph 1 of Clause 6 against the data exporter or the data importer because they have factually disappeared or have ceased to exist in law or have become insolvent and no successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses. 11.3 The provisions relating to data protection aspects for subprocessing of the contract referred to in paragraph 1 shall be governed by the law of the Member State in which the data exporter is established. 11.4 The data exporter shall keep a list of subprocessing agreements concluded under the Clauses and notified by the data importer pursuant to Clause 5 (j), which shall be updated at least once a year. The list shall be available to the data exporter’s data protection supervisory authority. 12.1 The parties agree that on the termination of the provision of data processing services, the data importer and the subprocessor shall, at the choice of the data exporter, return all the personal data transferred and the copies thereof to the data exporter or shall destroy all the personal data and certify to the data exporter that it has done so, unless legislation imposed upon the data importer prevents it from returning or destroying all or part of the personal data transferred. In that case, the data importer warrants that it will guarantee the confidentiality of the personal data transferred and will not actively process the personal data transferred anymore. 12.2 The data importer and the subprocessor warrant that upon request of the data exporter and/or of the supervisory authority, it will submit its data processing facilities for an audit of the measures referred to in paragraph 1. This Appendix forms part of the Clauses. The Member States may complete or specify, according to their national procedures, any additional necessary information to be contained in this Appendix. The data exporter is the Demand Partner, as defined in the Principal Agreement. The data importer is Target Circle, as defined in the Principal Agreement. Categories of Data Subjects set out under Section 2 of the DPT to which the Clauses are attached. Categories of Company Personal Data set out under Section 2 of the DPT to which the Clauses are attached. The parties do not anticipate the transfer of special categories of data. The objective of the Processing of Company Personal Data by Vendor and each Vendor Affiliate is to provide the Services, pursuant to the Principal Agreement. The obligations and rights of Company Group Members are set out in the Principal Agreement and the DPT. This Appendix forms part of the Clauses. Description of the technical and organisational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c) (or document /legislation attached): Contracted Processor currently observes the security practices described in this Appendix 2. Notwithstanding any provision to the contrary otherwise agreed to by data exporter, Contracted Processor may modify or update these practices at its discretion provided that such modification and update does not result in a material degradation in the protection offered by these practices. All capitalised terms not otherwise defined herein shall have the meanings as set forth in the Principal Agreement. Outsourced processing: Contracted Processor hosts its Services with outsourced (cloud) infrastructure providers. Additionally, Contracted Processor maintains contractual relationships with contractors in order to provide the Services in accordance with the DPT. Contracted Processor relies on contractual agreements, privacy policies, and contractor compliance programs in order to protect data processed or stored by these contractors. Physical and environmental security: Contracted Processor hosts its product infrastructure on dedicated servers with outsourced infrastructure providers. The physical and environmental security controls are audited for ISO 27001 compliance, among other certifications. Authentication: Contracted Processor implemented a uniform password policy for its Company products. Clients who interact with the products via the Interface must authenticate before accessing non-public Company data. Authorisation: Client data is stored in multi-tenant storage systems accessible to Company via only application user interfaces and application programming interfaces. Clients are not allowed direct access to the underlying application infrastructure. The authorisation model is designed to ensure that only the appropriately assigned individuals can access relevant features, views, and customisation options. Authorisation to data sets is performed through validating the user’s permissions against the attributes associated with each data set. Application Programming Interface (API) access: Public product APIs may be accessed using an API token. Contracted Processor implements industry standard access controls and detection capabilities for the internal networks that support its products. Intrusion detection and prevention: Contracted Processor implemented a Web Application Firewall (WAF) solution to protect its internet-accessible applications. The WAF is designed to identify and prevent attacks against publicly available network services. Static code analysis: Security reviews of code stored in Contracted Processor’s source code repositories is performed, checking for coding best practices and identifiable software flaws. Product access: Contracted Processor’s employees have access to the products and to Company data via controlled interfaces. The intent of providing access to employees is to provide effective Company support, to troubleshoot potential problems, to detect and respond to security incidents and implement data security. Contracted Processor collects cookie identifiers, tracking identifiers and device identifiers for the sole purpose of accurately tracking the success of the Company’s advertising campaigns and to attribute their success to the right publisher. Any identifier that is redundant for this purpose can be separately excluded from collection. In-transit: Contracted Processor makes HTTPS encryption (also referred to as SSL or TLS) available on every one of its login interfaces. Contracted Processor’s HTTPS implementation uses industry standard algorithms and certificates. At-rest: Contracted Processor stores user passwords following policies that follow industry standard practices for security. IP addresses are anonymised by data masking, device identifiers and tracking identifiers are pseudonymised by hashing. Detection: Contracted Processor designed its infrastructure to log extensive information about the system behaviour, traffic received, system authentication, and other application requests. Internal systems aggregated log data and alert appropriate employees of malicious, unintended, or anomalous activities. Contracted Processor personnel are responsive to known incidents. Response and tracking: Contracted Processor maintains a record of known security incidents that includes description, dates and times of relevant activities, and incident disposition. Suspected and confirmed security incidents are investigated by support personnel; and appropriate resolution steps are identified and documented. For any confirmed incidents, Contracted Processor will take appropriate steps to minimise product and Company damage or unauthorised disclosure. Communication: If Contracted Processor becomes aware of unlawful access to Company data stored within its products, Contracted Processor will: 1) notify the affected Company of the incident; 2) provide a description of the steps Contracted Processor is taking to resolve the incident; and 3) provide status updates to the Company contact, as Contracted Processor deems necessary. Notification(s) of incidents, if any, will be delivered to one or more of the Company’s contacts in a form Contracted Processor selects, which may include via email or telephone. Infrastructure availability: The infrastructure providers use commercially reasonable efforts to ensure a minimum of 99.9% uptime. Fault tolerance: Backup and replication strategies are designed to ensure redundancy and failover protections during a significant processing failure. Client data is backed up to multiple durable data stores. Online replicas and backups: Where feasible, production databases are designed to replicate data between no less than 1 primary and 1 secondary database. All databases are backed up and maintained using at least industry standard methods. Contracted Processor’s products are designed to ensure redundancy and seamless failover. The server instances that support the products are also architected with a goal to prevent single points of failure. This design assists Contracted Processor in maintaining and updating the product applications and backend while limiting downtime di|[recaptcha] st|DPT Principal Agreement Vendor ) Company Data Processing Terms 1. Definitions Adequate Country Applicable Laws Company Affiliate Company Group Member Company Personal Data Contracted Processor Data Protection Laws EEA EU Data Protection Laws GDPR Restricted Transfer Services Standard Contractual Clauses Subprocessor Vendor Affiliate Commission Controller Data Subject Member State Personal Data Personal Data Breach Processing Supervisory Authority include Details of Processing of Company Personal Data Subject-Matter and Nature of the Processing Duration of the Processing Purpose of the Processing Types of Personal Data. Categories of Data Subjects. Status of the parties Authority Processing of Company Personal Data Vendor and Vendor Affiliate Personnel Security Subprocessing Data Subject Rights Personal Data Breach Data Protection Impact Assessment and Prior Consultation Deletion or return of Company Personal Data Audit rights Restricted Transfers General Terms Governing law and jurisdiction Order of precedence Changes in Data Protection Laws, etc. Severance EXHIBIT 1: Standard Contractual Clauses Introduction Background Definitions personal data special categories of data process/processing controller processor data subject ‘supervisory authority the data exporter the data importer the subprocessor the applicable data protection law technical and organisational security measures Details of the transfer Third-party beneficiary clause Obligations of the data exporter Obligations of the data importer Liability Mediation and jurisdiction Cooperation with supervisory authorities Governing Law Variation of the contract Subprocessing Obligation after the termination of personal data processing services APPENDIX 1 to the Standard Contractual Clauses Data exporter Data importer Data subjects Categories of data Special categories of data (if appropriate) Processing operations The obligations and rights of Company Group Members APPENDIX 2 to the Standard Contractual Clauses Access Control Transmission Control Input Control Availability Control h1|Privacy policy / DPA h2| h3|Privacy policy / DPA 1. Preventing Unauthorised Product Access 2. Preventing Unauthorised Product Use 3. Limitations of Privilege & Authorization Requirements 4. Separation of Processed Data em|‘ ‘, ‘ ‘, ‘ ‘, ‘ ‘, ‘ ‘, ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘