AGREEMENT

This Agreement sets forth the terms and conditions whereby the Company grants the Customer a license to use the System and various Services performed by the Company.

This Agreement is in addition to the terms of use, set forth in the Company’s website at arboxapp.com.

In case of contradiction or discrepancy between the terms of this Agreement to the terms at the

Company’s Website – the terms which are more favorable to the Company shall prevail.

The Company reserves the right to update the terms of use in its Website from time to time.

By confirming this Agreement, the Customer acknowledges and agrees that they have read the Agreement and consented to its terms, and that they have checked the System and found it compliant with the needs of their business.

1. Preamble and Terms

1.1. The preamble to this Agreement, the statements included therein and the annexes to this agreement constitute a part thereof and shall be binding upon the parties as part of this agreement.

1.2. In any event of discrepancy or contradiction between the terms of any annex hereof to the terms of this Agreement, the terms of the annex shall prevail.

1.3. The headings of the sections are for convenience only, and shall not bear any meaning in interpreting this Agreement.

1.4. The following capitalized terms shall have the meaning ascribed to them as follows, unless otherwise specifically stated:

1.4.1. The Company – Arbox Ltd.

1.4.2. The Customer – a customer wishing to get a license to use the System.

1.4.3. The System or Arbox – an ERP software for management of sports clubs which has been developed by the Company and is uniquely and solely owned by the Company.

2. License

2.1. Subject to the Customer’s performance of its obligations hereunder, the Company hereby grants to the Customer a personal, non-exclusive, non-transferable and limited (according to the terms of this Agreement) license to use the System as per the service package agreed upon by the parties when closing the transaction. The license purchased by the Customer is subject to the terms of the Service package chosen by the Customer. 

2.2. Monthly license fee is set in accordance with the Service package chosen by the Customer. The license fee does not include payment for further developments and/or adaptations of the System, which if required may be charged separately. 

2.3. This license does not allow for copying, duplicating, moving, changing, recreating, sale, distribution of the System or any breach of the Company’s intellectual property rights in the System.

2.4. The Customer shall bear the sole liability for providing the required information as needed for use of the System. If the Customer realizes that wrong information was provided or that information has been wrongly recorded in the System and/or in the Company, the Customer should immediately report to the Company and act to remedy any wrong information. 

2.5. The Company is entitled to update the System’s versions from time to time. Version updates shall be affected automatically, as long as the Customer is fulfilling their obligations according to this Agreement. 

2.6. The Company may use the Customer’s name in its publications of the Company and the System, and the Customer hereby consents to such use. 

2.7. The Company is entitled to induce advertisements into the System, and to promote and/or sell various products and services through the System, including via specific notice to a group of users or to certain users. 

3. Customer’s Declarations and Undertakings

3.1. The System operated on-line only, and cannot operate when there’s no active internet connection. The Customer hereby declares and confirms that they’re aware that the use of the System is subject to the adaptation of their internet and computer network to the System requirements. The Client assumes full responsibility for ensuring the integrity of the computers and/or the network and/or the communications infrastructure, including the Internet infrastructure used by them, and full and exclusive liability for all the consequences that will result from the failure of any of these factors will apply to the customer only. 

3.2. The Customer confirms that they know that the information that the Customer is integrating and is exposed to them during the use of the System is saved and backed-up in cloud services, provided by third parties with security level as customary in the field. The Company shall not be liable for loss of Customer’s data deriving from a resulting from a malfunction of the System and/or its backup services and/or the cloud services provided by such third party, and the Customer is responsible to back up the data that they integrate in the System in customary ways and at their discretion. 

3.3. The Customer shall not make any addition, subtraction, change or adaptation in the System, including de-compilation, disassembly, reverse engineering and creating derivative products and/or works from the System. Without derogating from the generality of the above, it is hereby clarified that in any event, any change, fix, update, translation and any other action performed in the System, whether in accordance with the terms of this Agreement or in breach thereof, shall become the sole property of the Company, and all rights therewith shall automatically vest with the Company. 

3.4. The Customer confirms that they understand that the license is provided to use of the System as-is, and that the Company does not undertake responsibility for the uninterrupted operation 

of the System, nor that the System is free of inaccuracies, errors, nor that there will not be specific communications problems which might render the operation and use of the System difficult. In such cases, the Company shall work to quickly resolve such problems, and the Customer shall have no claim against the Company for such problems, provided that these are solved within reasonable time. 

3.5. The Customer confirms and acknowledges that the Company may update the System and the System’s database as needed, at its discretion and according to technology needs which may arise. 

3.6. Joining the service constitutes the Customer’s consent to receive direct mailing, (hereinafter: “Direct Mailing”), and for the use of their details for this purpose. The Customer may cancel their consent to receive Direct Mailing by writing to the Company and/or by clicking the right buttons in a notice attached to any Direct Mailing. 

3.7. The Customer cannot transfer and/or assign their rights under this Agreement, and the license to use the System granted to the Customer hereunder is meant for the Customer only and is non-transferable. 

4. Support

4.1. The Company shall grant the Customer, during the term of license, support for the use and operating of the System. 

4.2. Customer support shall be provided Sunday through Thursday between 9am and 6pm (Israel time), and on holiday eves between 9am and 1pm (Israel time), via email support@arboxapp.com or through WhatsApp  at +972-53-965-3886. On weekends and holidays support will be provided only for failed-service malfunctions only, via email. 

4.3. Malfunctions and errors caused by handling of the System by the Customer and/or anyone on their behalf not in accordance with the Company’s instructions, and/or due to external factors (such as short circuit, fire, etc.) and/or resulting from additions and/or changes to the System not performed by the Company and/or with the Company’s consent and/or resulting from updates of other systems which affect the System, shall not be included in the support services under this Agreement, and the Company bears no liability to them and/or to their effects.

4.4. In as much as a fix in the System shall require a version update of the applications stores (App Store and Google Play), the Customer acknowledges that they’re aware of the fact that this requires the stores’ approval, and the Company shall not be responsible for the time it takes to get such approval. 

5. Remuneration

5.1. The License to use the System is granted for a license fee according to the service package chosen by the Customer. 

5.2. VAT according to law, if applicable, shall be added to each payment of the license fee. 

5.3. Payments will be made on the 10th of each month via credit card. 

5.4. Any payment not made in a timely manner shall bear late payment interest as set by Bank Leumi Le Israel for exceeding approved credit limits. 

5.5. The Company is entitled to add new features and offer them to the Customer for additional fees. 

5.6. Credit Card clearing services and producing and maintaining accounting documents are operated by a third party clearing company. (hereinafter: “Clearing Company”). The Client hereby acknowledges that he is aware that the full responsibility for the operation of the service provided by the Clearing Company lies solely with such Clearing Company, that the Company does not bear any liability in connection with the said services and that the Customer will have no claim or demand against the Company in respect of or in connection with any damage, expense or loss caused to him by the use of the Clearing Company’s services or products. The services and support as described in this Section are provided by the Clearing Company, in accordance with the terms and conditions of the agreement signed between the Customer and the Clearing Company. Support services for the above are provided by the Clearing Company, and under such Clearing Company’s full liability, and the Company will not have any responsibility or liability to the Customer in connection with that regards

6. Term of this Agreement

6.1. This Agreement is signed for an indefinite period starting upon signature thereof, provided however, that each party may terminate this Agreement any time, at its sole discretion and with no need for explanations, by giving prior notice to the other party as follows: 

6.1.1. When the terminating party is the Customer – 30 days in advance. 

6.1.2. When the terminating party is the Company – 60 days in advance. 

6.2. The parties agree that the notice terms stated above constitute a sufficient and fair notice for terminating this Agreement, without any party having any claims against the other party for the notice period or for the termination of the Agreement. 

6.3. Without derogating from any right granted to any party with regard to the breach of this Agreement or any part thereof, or according to law, the non-breaching party may terminate this Agreement immediately without prior notice, if any of the following occurs: (a) the other party (“the Breaching Party”) has breached or has failed to fulfill any of the terms of this Agreement or his undertakings hereunder, and has failed to remedy such breach within 7 days of the date they were demanded to do so by the other party; (b) the Breaching Party has gone bankrupt or has been issued a receivership order or a temporary or permanent receivership order or if he has proposed a creditors arrangement with his creditors or if a stay of proceedings order has been issued against him or if he ceases to pay his debts or if a material part of his property is foreclosed upon, provided that such forclosing order is not removed within 30 days from the day on which it was imposed (the 30 day limit is for the foreclosing order only, for all other events the agreement will be terminated immediately); (c) The Breaching Party or any of its managers or shareholders shall be convicted of a criminal offense involving moral turpitude; (d) The Breaching Party acted unreliably or disloyally, or dishonestly, towards the injured party.  

7. Limitation of Liability

7.1. The Company shall provide the System and its ancillary documents to the Customer “as-is”. The Company does not undertake that the System works smoothly and with no interruptions, nor does it undertake that the System does not contain errors, bugs or inaccuracies. The Company shall not be liable to the Customer, and the Customer hereby waives the Company from any liability, express or implied, regarding the System and/or use thereof and/or the results of such use and/or of the inability to use the System, including any liability relating to fitness to a particular purpose, and damaged deriving and/or which might derive from any failure, delay or omission having to do with the System. 

7.2. The Company shall not bear responsibility and shall not be liable for any direct and/or indirect and/or additional and/or special and/or consequential  and/or any other sort of damages resulting from the development of the System, use of the System, System performance and/or the inability to use the System, including but without limitation, damages for lost profits, disturbance to business, loss of business data, wrong or lost data, even if the Company was aware and/or was supposed to be aware of the possibility of such damages. The risk for use of the System lies solely with the Customer. 

7.3. The Company’s total liability relating to this Agreement shall be limited to the total accumulating sum paid by the Customer to the Company for the license to use the System in the 6 months period preceding the claim against the Company (hereinafter: “the Liability Limit”). To remove doubt, it is hereby clarified that the Liability Limits relates to any and all fiscal remedies to which the Customer may be entitled from the Company, and constitutes the final and inclusive limit of liability. 

7.4. The Liability Limit shall apply even if this remedy fails to compensate the Customer for the total damages caused to the Customer, or if it does not fulfil its main purpose, and even if the Company knew, or should have known, of the possibility to damage. 

7.5. To remove doubt, it is hereby clarified that the Company shall not be liable for the System and/or any part and/or component of the System, and/or for any other service provided to the Customer by any third party and/or which has been changed or interfered with following the System’s installment and/or which were combined with products, processes or other material. The Company shall not be liable for any kind of damages caused by the use of the System in any of the circumstances described above. 

8. Unauthorized Use

8.1. The Customer is liable for any use of the System, including use which wasn’t authorized by it. 8.2. The Customer is liable for any inappropriate use of the System by the Customer or any of its employees. 

8.3. If the Company finds any inappropriate use of the System by any Customer, the Company may suspend use of the System for such Customer until such time as this matter is resolved.  

9. Intellectual Property Rights

9.1. All rights in the System, including its content, belongs to the Company and/or to third parties who gave license to the Company to use their material. The System contains material and content protected by copyrights, patents, trademarks and other intellectual property rights, according to Israeli law and international treaties to which Israel is a party. 

9.2. The Customer declares that they are aware that the System and all rights in the System, including copyrights and other intellectual property rights, with all of its versions existing today and which shall exist from time to time, especially new and/or upgraded versions of the  System, and all copies thereof, and any and all material and content attached and/or which shall be attached to it, is and shall remain the sole property of the Company. 

9.3. License granted by this Agreement, allows the Customer the right to use the System in accordance with the terms of this Agreement, which does not constitute a sale of the System and/or its source code and/or any component thereof. 

9.4. The Customer and/or anyone else cannot copy and/or publish and/or broadcast and/or duplicate and/or rent and/or lease and/or lend and/or give and/or change and/or trade and/or insert changes and/or sell and/or distribute and/or create derivatives of the System and/or any part therof. The Customer undertake not to infringe the rights of the Company and/or of any third party, and not to breach the terms of use of the System. 

10. Privacy

10.1. The Company shall use information provided to it by the Customer to let the Customer know of products and services which could be of interest to the Customer, including via direct mailing, as defined in the Privacy Protection Law. 

10.2. The Customer is entitled to request to unsubscribe from any such mailing list. 

10.3. Without derogating from the above, the Company shall keep in confidence any information it may have about the Customer, unless it was obligated to provide such information in accordance to law, and/or where providing such information to a third party in required for the Company’s activity and/or for providing the service to the Customer and/or for billing the Customer and/or according to any law demanding that the Company provides such information about the Customer. 

10.4. The Company does its best to protect the Customer’s information and other data going through the System through the use of security methods acceptable in the industry. In spite of taking action regarding protecting the information and the Customer’s data in the System, the Company shall not be liable for any leak and/or exposure of information obtained by unpermitted entry to the System and forbidden use of information given by the Customer while using the System. 

11. Miscellaneous

11.1. Any waiver by either party of a right such party has according to this Agreement or according to law in any case, shall not be deemed a waiver of this right in another event. No waiver shall be valid under this Agreement, unless done in writing and signed by the waiving party. 

11.2. This Agreement constitutes and contains all terms agreed upon between the parties regarding the subject matter of this Agreement. Any promises, guarantees, contracts, whether written or oral, undertakings or representations, estimations and suppositions regarding this Agreement, which were given or done by the parties before signing this Agreement, and which are not explicitly included herewith, shall not add to the obligations and rights set forth in this Agreement, nor subtract from them or change them, and they shall not be binding upon the parties. 

11.3. This Agreement shall be governed by the laws of the State of Israel, and the sole jurisdiction of any issue relating to or deriving from this Agreement shall vest with the competent courts in Tel Aviv, Israel, and not with any other court or judicial authority. 

11.4. The parties’ addresses for purposes of this Agreement are as detailed in the preamble to this Agreement, or any other address or facsimile number of which either party gave written  notice to the other party at least 15 days in advance. Messages according to this Agreement shall be written, and shall be sent to the parties via registered mail or facsimile or delivered by hand with emailed copies; Any message sent by registered mail shall be deemed received within 3 days of its dispatch; Any message sent by facsimile on a business day, shall be deemed received upon receipt of sent confirmation, and if sent not on a business day, it shall be deemed received on the first business day following such receipt of sent confirmation; Messages delivered by hand shall be deemed received upon delivery thereof. Any material legal notice to the Company shall also be sent to Adv. Udi Doron, Kokhva St. 23, Bene Beraq, VTOWER floor 9. 

DATA PROTECTION AGREEMENT

This Data Protection Agreement (“Agreement”) is made in connection with the provision of Services by Arbox Ltd. (“Arbox”) to the customer of the Services (“Customer”) in accordance with the License Agreement signed between the parties.

The terms used in this Agreement shall have the meanings set forth in this Agreement.

In consideration of the mutual obligations set out herein, the parties hereby agree that the terms and

conditions set out below shall be added as an Agreement to any previous transaction between the parties, whether oral or written.

1. Definitions

1.1 In this Agreement, the following terms shall have the meanings set out below and cognate termsshall be construed accordingly:

1.1.1 “Applicable Laws” means (a) European Union or Member State laws with respect to any Customer Personal Data in respect of which Customer is subject to EU Data Protection Laws; and (b) any other applicable law with respect to any Customer Personal Data in respect of which Customer is subject to any other Data Protection Laws;

1.1.2 “Customer Personal Data” means any Personal Data Processed by a Contracted Processor on behalf of Customer pursuant to or in connection with the Agreement;

1.1.3 “Contracted Processor” means Arbox or a Subprocessor;

1.1.4 “Data Protection Laws” means EU Data Protection Laws;

1.1.5 “EEA” means the European Economic Area;

1.1.6 “EU Data Protection Laws” means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to time, including by the GDPR and laws implementing or supplementing the GDPR;

1.1.7 “GDPR” means EU General Data Protection Regulation 2016/679;

1.1.8 “License Agreement” means the agreement signed between the parties with regard to the terms of conditions of license of the System to the Customer;

1.1.9 “Restricted Transfer” means:

1.1.9.1 a transfer of Customer Personal Data from Customer to a Contracted Processor; or

1.1.9.2 an onward transfer of Customer Personal Data from a Contracted Processor to a Contracted Processor, or between two establishments of a Contracted Processor, in each case, where such transfer would be prohibited by Data Protection Laws (or by the terms of data transfer agreements put in place to address the data transfer restrictions of Data Protection Laws) in the absence of the Standard Contractual Clauses to be established under section 5.4 below; For the avoidance of doubt: where a transfer of Personal Data is of a type authorized by Data Protection Laws in the exporting country, for example in the case of transfers from within the European Union to a country (such as Israel) or scheme (such as the US Privacy Shield) which is approved by the Commission as ensuring an adequate level of protection or any transfer which falls within a permitted derogation, such transfer shall not be a Restricted Transfer.

1.1.10 “Services” means the license to use the System and other services and activities to be supplied to or carried out by or on behalf of Arbox for Customer pursuant to the License Agreement;

1.1.11 “Standard Contractual Clauses” means the Standard Contractual Clauses (processors) or any subsequent version thereof released by the European Commission. The current Standard Contractual Clauses are located on the European Commission’s website at: https://ec.europa.eu/info/law/law-topic/data-protection_en;

1.1.12 “Subprocessor” means any person (including any third party, but excluding an employee of Arbox or any of its sub-contractors) appointed by or on behalf of Arbox to Process Personal Data on behalf of the Customer in connection with the Services; and

1.2 The terms, “Commission”, “Controller”, “Data Subject”, “Member State”, “Personal Data”, “Personal Data Breach”, “Processing” and “Supervisory Authority” shall have the same meaning as in the GDPR, and their cognate terms shall be construed accordingly.

1.3 Capitalized terms which are not defined herein shall have the same meaning ascribed to them in the License Agreement.

1.4 The word “include” shall be construed to mean include without limitation, and cognate terms shall be construed accordingly.

2. Processing of Customer Personal Data

2.1 Arbox will Process Customer Personal Data in accordance with Customer’s documented instructions, unless Processing is required by Applicable Laws to which the relevant Contracted Processor is subject, in which case Arbox will, to the extent permitted by Applicable Laws, inform the Customer of that legal requirement before the relevant Processing of that Personal Data.

2.2 The Customer:

2.2.1 instructs Arbox (and authorises Arbox to instruct each Subprocessor) to:

2.2.1.1 Process Customer Personal Data; and

2.2.1.2 in particular, transfer Customer Personal Data to any country or territory, as reasonably necessary for the provision of the Services and consistent with the terms agreed upon between the parties whether orally or in writing; and

2.2.2 warrants and represents that it is and will at all relevant times remain duly and effectively authorised to give the instruction set out in section 2.2.1.

2.3 Customer is and will at all times remain the Controller of the Customer Personal Data Processed by Arbox. Customer is responsible for compliance with its obligations as a Controller under Applicable Law, in particular for justification of any transmission of Customer Personal Data to Arbox and/or any other Contracted Processor (including providing any required notices and obtaining any required consents and/or authorizations, or otherwise securing an appropriate legal basis under Applicable Law), and for Customer’s decisions and actions concerning the Processing of such Customer Personal Data.

2.4 Annex 1 to this Agreement sets out certain information regarding the Contracted Processors’ Processing of the Customer Personal Data as required by Article 28(3) of the GDPR (and, possibly, equivalent requirements of other Data Protection Laws). Nothing in Annex 1 confers any right or imposes any obligation on any party to this Agreement.

3. Arbox Personnel

Arbox will take reasonable steps to ensure that persons authorized to process Personal Data are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.

4. Security

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Arbox will in relation to the Customer Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in Article 32(1) of the GDPR.

5. Subprocessing

5.1 Customer authorises Arbox to appoint (and permit each Subprocessor appointed in accordance with this section 5 to appoint) Subprocessors in accordance with this section 5.

5.2 Arbox may continue to use those Subprocessors already engaged by Arbox at the date of this Agreement.

5.2.1 Arbox will keep a list of Subprocessors and make it available for Customer’s review upon request on an annual basis or in the event that a new Subprocessor is added. Customer consents to Arbox’s use of Subprocessors in the performance of the Services.

5.3 With respect to each Subprocessor, Arbox will ensure that such Subprocessor is required by written contract to abide by the same level of data protection and security as Arbox under this Agreement, as applicable to such Subprocessor’s Processing of Personal Data.

5.4 If that arrangement involves a Restricted Transfer, Arbox will:

5.4.1 ensure that the Standard Contractual Clauses are at all relevant times incorporated into the agreement between Arbox and on the other hand the Subprocessor, or

5.4.2 before the Subprocessor first Processes Customer Personal Data procure that it enters into an agreement incorporating the Standard Contractual Clauses with the Customer.

6. Data Subject Rights

Personal Data Breach

6.1 Arbox will notify Customer without undue delay upon Arbox or any Subprocessor becoming aware of a Personal Data Breach affecting Customer Personal Data, providing Customer with sufficient information to allow Customer to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws.

6.2 Arbox will co-operate with Customer and take such reasonable commercial steps as are directed by Customer to assist in the investigation, mitigation and remediation of each such Personal Data Breach.

7. Data Protection Impact Assessment and Prior Consultation Arbox will, at Customer’s expense, provide reasonable assistance to Customer with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Customer reasonably considers to be required by Article 35 or 36 of the GDPR, in each case solely in relation to Processing of Customer Personal Data by, and taking into account the nature of the Processing and information available to, the Contracted Processors.

8. Deletion or return of Customer Personal Data

8.1 Subject to Section 8.2 below, Customer may, by written notice to Arbox within fourteen (14) days of the cessation of any Services involving the Processing of Customer Personal Data (“Cessation Date”) require Arbox to return a copy of all Customer Personal Data to Customer and delete all other copies of Customer Personal Data Processed by Arbox. If Arbox receives no such written notice within fourteen (14) days of the Cessation Date, Arbox will delete all Customer Personal Data and copies thereof.

8.2 Notwithstanding Section 8.1, each Contracted Processor may retain Customer Personal Data to the extent required by Applicable Laws and only to the extent and for such period as required by Applicable Laws. Arbox will ensure the confidentiality of all such Customer Personal Data and will ensure that such Customer Personal Data is only Processed as necessary for the purpose(s) specified in the Applicable Laws requiring its storage and for no other purpose.

9. Audit rights

9.1 Subject to sections Error! Reference source not found. and 9.3, Arbox will make reasonable efforts to make available to Customer on request information necessary to demonstrate compliance with this Agreement (to the extend required by Applicable Law), and, at Customer’s expense, will make reasonable efforts to allow for and contribute to audits by Customer or an auditor mandated by Customer in relation to the Processing of the Customer Personal Data by Arbox.

9.2 Customer may only mandate an auditor for the purposes of section 9.1 if the auditor is agreed to by Customer and Arbox and the auditor must execute a written confidentiality agreement acceptable to Arbox before conducting the audit.

9.3 Customer shall give Arbox reasonable notice of any audit or inspection to be conducted under section 9.1 and shall (and ensure that each of its mandated auditors) avoid causing any damage injury or disruption to Arbox’s premises, equipment, personnel and business while its personnel are on those premises in the course of such an audit or inspection. Arbox need not give access to its premises for the purposes of such an audit or inspection:

9.3.1 to any individual unless he or she produces reasonable evidence of identity and authority;

9.3.2 outside normal business hours at those premises; or

9.3.3 for the purposes of more than one audit or inspection in any calendar year.

10. General Terms

Order of precedence

10.1 In the event of any conflict or inconsistency between this Agreement and the Standard Contractual Clauses, the Standard Contractual Clauses shall prevail.

10.2 With regard to the subject matter of this Agreement, in the event of inconsistencies between the provisions of this Agreement and the License Agreement and/or any other agreements between the parties, whether written or oral, including (except where explicitly agreed otherwise in writing, signed on behalf of the parties) agreements entered into or purported to be entered into after the date of this Agreement, the provisions of this Agreement shall prevail. Severance

10.3 Should any provision of this Agreement be invalid or unenforceable, then the remainder of this Agreement shall remain valid and in force. The invalid or unenforceable provision shall be either (i) amended as necessary to ensure its validity and enforceability, while preserving the parties’ intentions as closely as possible or, if this is not possible, (ii) construed in a manner as if the invalid or unenforceable part had never been contained therein.



ANNEX 1: DETAILS OF PROCESSING OF CUSTOMER PERSONAL DATA

This Annex 1 includes certain details of the Processing of Customer Personal Data as required by Article 28(3) GDPR.

Subject matter and duration of the Processing of Customer Personal Data

The subject matter and duration of the Processing of the Customer Personal Data are set out in this Agreement.

The nature and purpose of the Processing of Customer Personal Data

Arbox and any Contracted Processor may Process Customer Personal Data for the purpose of (i) providing the Services to the Customer; (ii) complying with Customer’s documented written instructions; or (iii) complying with Applicable Law

The types of Customer Personal Data to be Processed

Customer Personal Data typically relates to some or all of the following categories of Personal Data: personal contact information such as name, home address, home telephone or mobile number, fax number, email address, and passwords, information concerning family, lifestyle and social circumstances including age, date of birth, marital status, number of children etc., employment details including employer name, job title and function, employment history, salary and other benefits, job, performance and other capabilities, education/qualification, identification numbers, social security details and business contact details, financial details, goods and services provided, unique IDs collected from mobile devices, network carriers or data providers and IP addresses. Nevertheless, Customer has control over and determines the categories of Customer Personal Data and can configure and/or customize data fields. Customer may also include in the Customer Personal Data free text data, as well as attachments.

The categories of Data Subject to whom the Customer Personal Data relates

Data Subjects typically include, among others, Customer’s representatives and end users, such as Customer employees, job applicants, contractors, collaborators, partners, suppliers, customers and clients. Nevertheless, Customer has control over and determines the categories of Data Subjects.

Notwithstanding the above, Customer shall ensure that Customer Personal Data does not include any sensitive or special personal data that imposes specific data security or data protection obligations on Arbox in addition to or different from those specified in the Agreement.

The obligations and rights of Customer

The obligations and rights of Customer are set out in this Agreement and any other agreement, whether oral or written, between the parties.

This website uses cookies to ensure you get the best experience on our website. Learn more