Subscription Agreement
Date (21.10.2020) Version [1.2] Revision date: [26.01.2021]
Content:
Subscription Agreement – General Terms and Conditions
Exhibit 1 – End User License Agreement (EULA)
Exhibit 2 – Privacy Policy
Exhibit 3 – Data Processor Agreement
Exhibit 4 – Additional Services Agreement
Exhibit 5 – Products and prices
***
GENERAL TERMS AND CONDITIONS
Last updated: 21 October 2020
1. DEFINITIONS
Account: The Customer is provided with an Account. An Account is necessary to access the Product. The Account will be accessible through a set of credentials, consisting of a username and password combination for authorization.
Admin: A physical person that the Customer appoints who will have administrative rights on behalf of the Customer in the Customer Portal.
Agreement: This Subscription Agreement, which regulates the conditions under which the Customer buys a license (a subscription) to one or several Products from the Supplier on behalf of the Customer’s End Users. These conditions are the standard terms that apply to anyone who uses the Products covered by this Agreement, including the End User License Agreement (EULA). Changes in the Agreement are only valid if signed by the Supplier’s General Manager, or if published on the Supplier’s Official Website(s) or in Bridge as a general updated version of this document. The Products may also be bought through a sales agent or reseller of the Supplier, and the EULA applies in addition to the agreement from such agent or reseller.
Bridge: The Supplier’s front-end application available at https://bridge.axess.no to be used as the Customer’s Portal. Bridge allows the Customer to log in to a Customer account and access the paid Products (the Licenses) connected to this account.
Customer: The legal entity which has entered into the Agreement with the Supplier.
Customer Portal: The Customer will through a separate web page (Bridge) dedicated for the Customer’s Admin after login on Bridge be able to review the status on its total Licenses and minimum technical requirements for using the Products.
End User: The physical person who holds a valid right of use to the Products as described in the Agreement. The End User is party to and bound by the EULA once the End User downloads or starts to use the Product. The Customer’s Admin defines and authorizes which persons can have access to the Products as the Customer’s End Users. End Users are not required to be an employee of the Customer.
End User Agreement: The EULA together with the Privacy Policy, which is made available for the End User of the Product through Bridge.
EULA: The End User License Agreement to the Product. The EULA will be based upon Appendix 1 and made available for the End User together with the Product. The EULA is available through Bridge.
License: A subscription license is i) a right to use the Products in the License Period, ii) a right to receive standard support in the License Period, iii) a right to receive standard maintenance in the License Period and iv) a right to receive standard SLA in the License Period. A subscription license to the Products from the Supplier on behalf of the Customer’s End Users giving such End Users a non-exclusive, non-transferable, royalty-free and time-limited right of use of such Products (limited to the period the License Fee is pre-paid for by the Customer).
License Fee: The fee that the Customer is obligated to pay in order to give the End Users authorization through this Agreement to use the Products the Customer has paid such fee for in the relevant license period. The License Fee for the Products may be annual, quarterly or monthly.
License Period: The time period (annual, quarterly or monthly) for which the Customer has paid the License Fee and has a valid license giving the End Users authorization and access to use the Products.
Partner: The company that is accepted by Supplier to act as an authorized Partner of Supplier’s Products. A Partner may resell both Licenses on Products (on the conditions in this Agreement) and Additional Services on Products (on the conditions in the Additional Services Agreement from Supplier). The Customer may pay the Partner for both the License Fee and the Additional Services Fee. The Partner is only handling the transaction element on behalf of the Supplier.
Party: The Supplier or the Customer.
Parties: The Supplier and the Customer.
Privacy Policy: The Privacy Policy to the Product. The Privacy Policy will be based upon Exhibit 2 and made available for the End User together with the Product. The Privacy Policy is available through Bridge.
Products: The standard software products developed by the Supplier that the Supplier supplies separately or jointly to the Customer pursuant to the agreed upon terms in the Agreement. The Products may be standalone applications and/or features that may be licensed (subscribed to) separately or as packages. A detailed description of each Product with prices and license period may be found in Bridge, on the Customer Portal, or on the Supplier’s Official Website(s).
Supplier: Axess Digital AS with business registration no. 923 232 007, and registered office address Oscar Hanssens veg 5, 6415 Molde, Norway.
Additional Services Agreement: The agreement between Customer and Supplier describing the agreed additional services, such as extended SLA, extended support, extended maintenance and/or consultancy services, regarding the Product that the Supplier shall deliver to the Customer.
The Supplier’s Official Website(s): Products described at www.axessgroup.com/software-digital-solutions/, and Bridge (login to Customer’s Portal to access the Products) at https://bridge.axess.no.
Third Party Products: Products not developed by the Supplier, including hardware or other software products than the Products. Bridge may contain links to Third Party Products.
2. GENERAL
2.1 Agreements between the Parties
The Supplier has developed Products that it chooses to license to the Customer as described in this Agreement.
The Supplier can also deliver certain consultancy assistance in order to customize the Products to the Customer’s needs. Specification of such services with delivery and other terms regarding such assistance shall be regulated between the Parties by Exhibit 4 Additional Service Agreement.
2.2 Bridge and Customer account
Bridge provides an interface for the Customer to access the licensed Products. After the Customer has paid the License Fee for a specific Product, the End User will be able to access such Product through Bridge. The License Period will be shown through Bridge (month, quarter or year).
Each Customer will have its own Customer Account, and the Customer will through its Customer Account be able to see purchased Products with License Periods and License fees.
Third Party Products are not covered by this Agreement (the Customer must enter into a separate agreement with such third party).
2.3 Minimum requirements to Customer for using Supplier’s Products
The Customer is responsible for Internet connection for the Customer as well as for its End Users as well as other general minimum requirement that apply for use of the relevant Products as described together with the technical description of the Products available on the Customer Portal.
3. CUSTOMER’S RIGHTS AND OBLIGATIONS
Once the Customer has paid the License Fee for the Products, the set End User shall receive a non-exclusive, non-transferable, royalty-free and time-limited license (right of use) to the Product(s) in object code covered by the License Fee for the License Period, within the scope of this Agreement and without the right to sub-license, see Exhibit 1.
The Customer shall have no right of title or ownership to the Product, and no right to distribute, license (whether or not through multiple tiers) or otherwise transfer the Product to any third party. The Customer shall have no right to rebrand or repurpose the Product in any way. The Customer can act as a rental house for Products: A Customer may purchase Licenses from the Supplier by paying the applicable License Fees and thereafter decide prices to be paid by its End Users for their use, conditional upon them accepting the End User License Agreement and the Privacy Policy.
The Customer may not reverse engineer, decompile, modify or disassemble the Product or otherwise reduce the Product to human-perceivable form in whole or in part, except and only to the extent that such activity is expressly permitted by this Agreement or by applicable laws.
4. INTELLECTUAL PROPERTY RIGHTS
Unless otherwise stated herein, the existing content and any other information available through the Products belongs to the Supplier. The Supplier with its licensors, retain all copyright and all other intellectual property rights and other related rights to the Products, including the technology and databases behind the Product as well as the Product’s associated software. This also applies to any corrections, bug fixes, enhancements, updates, improvements or modifications thereto, and the Customer hereby irrevocably transfers, conveys and assigns to the Supplier all of its rights, titles and interests therein.
The Customer retains the property rights that are rightfully the Customer’s to the data that the Customer or the Customer’s End Users enters into the Products. The Customer is responsible for keeping backups of all data the Customer itself or the End User enters into the Products. The Customer and its End Users are also responsible for their respective use of such data.
5. STANDARD SUPPORT
The Customer shall have the right, under any and the same restrictions and obligations as follows from this Agreement, for its appointed Admin to send questions regarding the Products to the Supplier to the e-mail stated in the Customer Portal for Single point of contact (SPOC). Such requests will be responded to within 5 working days in Norway during the License Period, provided that the Customer has paid the applicable License Fee for such Products.
Any other support regarding the Products from the Supplier is available as described in the Additional Service Agreement between the Parties.
6. STANDARD MAINTENANCE
Updates of the Products in the License Period: The Customer shall have the right, under any and the same restrictions and obligations as follow from this Agreement, to use any updates and upgrades to the Products released by the Supplier on the Customer Portal during the License Period, provided that the Customer has paid the applicable License Fee for such Products.
Any other maintenance regarding the Products from the Supplier is available as described in the Additional Service Agreement between the Parties.
7. STANDARD SLA
The Supplier provides the standard SLA for each Products in the License Period: The Customer will have access to standard documentation and FAQ for the Products that will be made available after login on the Customer Portal. If such access is not granted, the appointed Admin shall have the right to send an e-mail with subject “error in access” to the address stated in the Customer Portal for Single point of contact (SPOC) that will be responded to within the next working day in Norway during the License Period, provided that the Customer has paid the applicable License Fee for such Products.
Any other SLA regarding the Products from the Supplier is available as described in the Additional Service Agreement between the Parties.
8. PAYMENT
8.1 Prices and delivery terms
All prices including the License Fee are specified exclusive of value-added tax (VAT) and other relevant taxes, duties or other such additional sums. This is including, but without prejudice to the foregoing generality, purchase tax, excise tax, tax on sales, property or use; import or other duties, whether levied in respect of this Agreement, the Product, its use or otherwise and if applicable; packing, delivery and installation. Delivery terms and conditions are Ex Works (Incoterms 2020).
In the event the Supplier must purchase products/services in foreign currency as part of its deliveries to the Customer, the exchange rate on the Supplier’s invoice date shall be used.
8.2 Invoicing
The License Fee will be invoiced by the Supplier or by the Partner, which shall send invoices to the Customer itemizing each Product the Customer orders from the Supplier or the Partner. The invoice or order confirmation will specify the applicable Product with License Period and License Fee.
The Customer shall pay the set License Fee within ten (10) days of receipt of the invoice. The End User will not have any right to use the Product before the License Fee is paid. The terms in the offer or in the order confirmation from the Supplier or the Partner will prevail in case it conflicts with this section 8.
Upon renewal of a License the current License Fee at the time of renewal will be applicable. Unless otherwise specifically agreed in writing, the Supplier may conduct annual price regulations with effect from January 1st each year at a rate not exceeding 4 % of the previous year’s License Fee.
The Supplier may update its License Fees from time to time with thirty (30) days’ notice.
8.3 Late payment
If the Customer after receiving an invoice issued in accordance with this Agreement fails to make the payment within the due date, the Supplier or the Partner may submit a written notice requesting payment from Customer. If the Customer still fails to make the payment within ten (10) days of receipt of the written notice, the Customer shall be deemed in default and the Supplier’s contractual obligations shall be suspended until payment is made.
9. WARRANTY
The Supplier’s warranty is limited to the Products and for the period the Customer has paid the License Fee for, and reads as follows: The Product is sold “as is”, the Supplier shall not be liable towards the Customer or the End User if the Product is unavailable for a short amount of time, nor does the Supplier guarantee that the Product will always be available. Updates and service to the Product as well as unforeseen obstacles may incur shorter periods of unavailability. However, if the Product is unavailable for use for the End User for a considerable amount of time during the period covered by the License Fee, the Supplier shall give the End User access to a new copy of the Product, free of charge for the End User or the Customer. The Customer or the End User shall be given the opportunity to install the Product via e-mail or other means of electronic communication such as a web page from which the Products can be downloaded.
The Supplier does not warrant that the Product(s) are free from errors or defects. The Supplier will only rectify errors or defects in the Product as stipulated in the Service Agreement with the Supplier.
The Supplier does not warrant that the Product can be used for one or several specific purposes, or will function without problems with Third Party Products or the Customer’s systems. The Supplier does not warrant any results or suitability of results, from the use of the Product, based on the Customer’s input of data.
Both during the term of the Agreement and after the termination of the Agreement, the Customer shall refrain from using the Products in a way that is unlawful, unethical or may discredit, depreciate or otherwise be harmful to the Supplier’s reputation or goodwill, and shall also refrain from making statements in relation to the Supplier or the Products with similar effects, in so far as this restriction is permissible by applicable law. If the Supplier becomes aware that the Customer has breached this paragraph, the Supplier shall first give the Customer a notice with ten (10) days to cease and remedy the damages. If the Customer fails to do so in the given time, the Supplier may revoke the Customer’s License with immediate effect.
In the event that the Supplier becomes aware that the Customer has used the Product for gross human rights violations, the Supplier retains the right to revoke the Customer’s License with immediate effect.
10. ASSIGNMENT
The Supplier can assign its rights and/or obligations under the Agreement in whole or in part to a third party. Upon such assignment, the Customer shall be notified in writing. The Customer cannot assign rights or obligations without the Supplier’s written consent.
11. DURATION AND TERMINATION
This Agreement lasts for the duration of the License Period paid by the Customer.
The Customer’s rights to use the Products will automatically cease on the last day of the License Period (the last day of the period covered by the paid License Fee).
If the Customer pays for a new License Period, then the Agreement will be deemed renewed according to such additional License Period the Customer has paid for.
In the event that the Supplier becomes aware that the Customer has used, or is using, any Product in a manner that is deemed illegal, extreme, politically extreme, violent or otherwise harmful to others, the Supplier will send the Customer a cease and desist notice. If the Customer either fails to respond to the cease and desist notice within 10 days of receipt, and/or continues to use the product to create the same content as described in the cease and desist notice, the Supplier reserves the right to terminate the License until a resolution is agreed upon between the Supplier and the Customer.
12. COMPLAINTS, DEFAULT AND SANCTIONS
The Supplier's liability towards the Customer is in its entirety regulated in this Agreement. The Supplier shall under no circumstances be liable towards the Customer for any loss, whether consequential, indirect or direct, unless mandatory law stipulates otherwise. In the event of such mandatory law, the Customer loses the right to argue liability/sanctions against the Supplier under this Agreement if the Supplier has not received written, specific complaints within 30 days after the Customer discovered or should have discovered the breach of contract.
The Supplier is not liable for loss, injury to, and/or of deletion or similar of data, software, systems etc. Further, the Supplier is not responsible for direct or indirect loss of the Customer or a third party caused by errors or defects regarding data, software, systems etc. This also applies for losses incurred by third parties and losses that could occur after wrongful use of the Products or use of Products that is inconsistent with user manuals.
Under any circumstances the Supplier's maximum liability following the Agreement is limited to NOK 100 000.
13. FORCE MAJEURE
In the event that the implementation of the Parties’ Agreement is impeded or made significantly more difficult by a factor outside the Parties’ or subcontractor’s control, or which under general law in Norway is considered force majeure, the Parties’ obligations under the Agreement will be suspended to the extent to which and for the period in which they are impeded. A Party affected by such a factor shall notify the other Party immediately that a force majeure is deemed to have occurred.
14. CONFIDENTIAL INFORMATION
Information the Party becomes acquainted with in relation to the conclusion or execution of the Agreement, and that relates to the other Party’s operations, employees, products, services or use of the service, shall be kept confidential and not be disclosed to third parties without the other Party’s written consent.
The duty of confidentiality does not prevent the Parties from utilizing the general knowledge and expertise acquired in relation to the execution of the Service in its future operations. The duty of confidentiality extends beyond the termination of this Agreement.
15. DISPUTE RESOLUTION
The Agreement shall be interpreted and governed in accordance with Norwegian law. Any disputes between the Customer and the Supplier related to the Agreement shall be decided by the ordinary courts of Norway. Both Parties consent that all disputes are submitted under the jurisdiction of the Romsdal District Court (Romsdal tingrett).
Exhibit 1 – End User License Agreement (EULA)
Version 1.0. Last updated: 5 October 2020
1. Introduction
By using the Product, you agree to have entered into a binding agreement with the Supplier and accept that your use of any Product is subject to this Agreement, effective as of your use.
If you as the End User do not agree to the terms of the Agreement, any use of the Product by the End User is prohibited and the End User is not permitted to install or use the Product.
2. Definitions
Customer: The company that pays the License Fee for the Products on behalf of the End User.
End User: The physical person using the Products on behalf of the Customer.
EULA: This End User License Agreement between the Supplier and the End user.
SaaS: Software-as-a-Service is a software distribution model in which a third-party provider such as the Supplier hosts software applications such as the Products and makes the Products available to customers such as the Customer with its End Users over the Internet. Instead of a one-time-transaction the Customer subscribes to the Product and pays the Supplier a recurring fee called the License.
Products: The software or other solutions that the Supplier had developed that the Customer has paid the License Fee for providing the Customer’s End Users a right to use as described in the EULA. The Products may be described on the Suppliers web sites www.axessgroup.com/software-digital-solutions and bridge.axess.no/
Supplier: Axess Digital AS with business registration no. 923 232 001, and registered office address Oscar Hanssens veg 5, 6415 Molde, Norway.
3. Your rights and obligations to the Product as the End User
Once the Customer has paid the License Fee for the Products, you as the End User will receive a non-exclusive, non-transferable, royalty-free and time-limited license (right of use) to the Product(s) in object code within the scope of this EULA.
The End User himself is responsible and liable for all use of the Product, including the data the End User enters into the Product, how the End User uses data generated from the Product and any other results that the End User’s use of the Product generates.
The End User shall comply with any and all restrictions regarding use of the Product, which may be stipulated in manuals and similar documentation related to a Product, this Agreement or other restrictions which the End User should reasonably expect from the Supplier, such as ensuring that the Product is not exposed to computer viruses or similar.
The End User shall have no right of title or ownership to the Product, and no right to sub-license or to distribute, license (whether or not through multiple tiers) or otherwise transfer the Product to any third party or incorporate the Product in any software, product or technology. The End User cannot assign rights or obligations without the Supplier’s written consent.
The End User may not reverse engineer, decompile, modify or disassemble the Product or otherwise reduce the Product to human-perceivable form in whole or in part, except and only to the extent that such activity is expressly permitted by this Agreement or by applicable laws.
The End User hereby confirms that the End User will not engage in any sort of hacking, tampering, modifying or altering of the software. This applies regardless of the intention. Any breach of this obligation will result in termination in accordance with this EULA.
4. Your rights and obligations to the Account as the End User
The Customer is responsible for their own Account. The Customer’s username and password are for the use of End Users appointed by the Customer. The End User is responsible for maintaining the confidentiality of the provided username and password and the End User is fully and solely responsible for all activities that occur through the use of the Customer’s Account, whether authorized by the Customer or not.
It is the End User’s responsibility to take adequate precautions to ensure the integrity and confidentiality of username and password. The End User shall immediately notify the Customer and Supplier if the End User becomes aware of any unauthorized use of the Customer’s Account. Customarily, the Customer’s email address will be used as the End User’s username. It is therefore vital that the End User’s password is treated as strictly confidential, as possessing the combination of these two will allow unauthorized persons to access the Customer’s Account.
5. Personal Data
Since the Products are SaaS, the content from the End User generated while using the Products will be accessible for the Supplier in the Supplier’s cloud systems.
The End User should not include personal data (sensitive or not) related to other identifiable persons in any user-generated content unless strictly necessary for use of the Products, in example name of the person that will perform an inspection. The Supplier is not responsible for any content generated by users. The End User acknowledges that the End User’s user-generated content could potentially be viewed, reproduced, published, shared and/or modified by third parties, including law enforcement agencies. The End User acknowledges that End User’s data may be published and shared with other end users of the Product.
If the End User enters any personal data to the Product and/or any of the Supplier’s other databases or systems, whether as user-generated content or as data related to an End User’s account, the End User is responsible for ensuring a legal basis for the required processing of that personal data.
The Supplier will only need to process personal data such as name, phone number and e-mail address of the Customer’s contact persons, name, phone number, e-mail, installation access (location), place of work/employer (Associated Customer), picture of signature, language, username and password for the End Users and billing information as well as company name regarding such persons.
6. Intellectual Property Rights (IPR)
Products: The Supplier with its prospective licensors, retain all copyright and all other intellectual property rights and other related rights to the Products, including the technology and databases behind the Product as well as the Product’s associated software. This also applies to any corrections, bug fixes, enhancements, updates, improvements or modifications thereto and the End User hereby irrevocably transfers, conveys and assigns to the Supplier all of its rights, titles and interests therein.
Customer data (data generated by use of the Products): The Customer retains the property rights that are rightfully theirs to the data that the Customer or the End User enters into the Products. The Supplier is responsible for keeping standard backups of all data the End User enters into the Products as long as the data is entered in the period the Customer has paid a License for. The Customer and the End User are also responsible for the way their respective use such data.
7. End User’s Responsibility and the Supplier’s indemnification
The End User commits to ensure the Product is used by the End User only for purposes as intended by the Supplier and pursuant to the EULA.
The End User is responsible for procuring, financing and maintaining necessary computer equipment and internet access etc. to ensure access to the Product. The End User is responsible for the creation, maintenance and use of any data or other content received from or through the Product.
The End User is responsible for ensuring that the End User is using the Product and any of its content correctly, including to ensure that any use or data entry does not constitute an infringement of third party intellectual property rights. This obligation applies to any use of the Product, including the End User’s receipt or distribution of data or information belonging to any third party as well as content that is imported from any other service provided by the Supplier to the End User.
The End User agrees that under no circumstances will the Supplier be liable in any way for any content, including any errors or omissions, or any loss or damage of any kind incurred as a result of the End User’s use of any content. The End User understands that the End User must evaluate and bear all risks associated with the use of any content, including any reliance on the content, integrity, and accuracy of such content.
The End User may not use the Products in a way prohibited by law, regulation, governmental order or decree; to violate the rights of others; to try to gain unauthorized access to or disrupt any service, device, data, account or network; to spam or distribute malware, or in a way that could harm the Products or impair anyone else’s use of it. The End User shall refrain from using the Products in a way that is unlawful, unethical or may discredit, depreciate or otherwise be harmful to the Supplier’s reputation or goodwill, and shall also refrain from making statements in relation to the Supplier or the Products with similar effects, in so far as this restriction is permissible by applicable law. If the Supplier becomes aware that the End User has breached this paragraph, the Supplier shall first give the Customer a notice with ten (10) days to cease and remedy the damages. If the Customer fails to do so in the given time, the Supplier may revoke the Customer’s License with immediate effect.
In the event the Supplier becomes aware that the End User has used the Products for gross human rights violations, the Supplier retains the right to revoke the Customer’s license with immediate effect, thereby also terminating the EULA with the End User.
8. Termination
This EULA lasts for the duration of the License Period (dependent on a paid License Fee by the Customer for each License Period). The End User’s rights will automatically cease when the License Period covered by the License Fee expires. However, the End User may have reading and printing access to reported data and reported discoveries from use of the Products during the License Period as long as the Customer has paid the Supplier for the storage cost and still provides the End User with such limited access to the Products.
The EULA will automatically terminate on the same calendar day the Agreement between the Customer and the Supplier is terminated. Upon termination of the EULA, the Supplier may make the Products non-accessible for the End User. If after such termination the End User is or becomes aware of, or has been notified about through normal channels such as the account of the End User or similar, that he or she still has access to the Products, the End User agrees to immediately cease using the Products or destroy all copies of the Product.
The Supplier shall have the right to audit the End User to verify that their use of the Product is in accordance with this EULA, and the End User will provide reasonable assistance for this purpose. The Supplier has the right to terminate the EULA with a specific End User upon thirty (30) days written notice to the End User.
9. Liability limitations
The Product is sold “as is”. The Supplier shall not be liable towards the End User if the Product is unavailable for a short amount of time, nor does the Supplier guarantee that the Product will always be available. Updates and service to the Product as well as unforeseen obstacles may incur shorter periods of unavailability.
The Supplier does not warrant that the Product(s) are free from errors or defects. The Supplier does not warrant that the Product can be used for one or several specific purposes, or will function without problems with third party’s products or systems.
The Supplier is not liable for loss, injury to, and deletion or similar of data, software, systems etc. made by any End User. The Supplier shall under no circumstances be liable towards the Customer or the End User for any loss, whether consequential, indirect or direct, unless mandatory law stipulates otherwise. In the event of such mandatory law, the Customer and the End User loses the right to argue liability/sanctions against the Supplier under this EULA if the Supplier has not received written, specific complaints within 30 days after the Customer or the End User discovered or should have discovered the breach of contract.
10. Disputes
The EULA shall be interpreted and governed in accordance with Norwegian law. Any disputes related to the EULA shall be decided by the ordinary courts of Norway, and the Parties consent that all disputes are submitted under the jurisdiction of the Romsdal District Court (Romsdal tingrett).
Exhibit 2 – Privacy Policy
Version 1.0. Last updated: 5 October 2020
1. ABOUT THIS PRIVACY POLICY
1.1 Definitions
Account: The Customer is provided with an Account. An Account is necessary to access the Products. The Account will be accessible through a set of credentials, consisting of a username and password combination for authorization.
Axess Digital: Axess Digital AS with business registration no. 923 232 001, and registered office address Oscar Hanssens veg 5, 6415 Molde, Norway.
Customer: The legal entity that has entered into an agreement with Axess Digital to purchase Axess Digital’s products or services.
Bridge: Axess Digital’s front-end system, Axess Bridge™, at bridge.axess.no is a web based portal that enables the End Users to log in to the Account and access any licenses connected to the Account.
End User: A physical person connected to the Customer as an employee or by other means, and which has been given authorization to use Bridge, a Product or otherwise be in contact with Axess Digital on behalf of the Customer.
GDPR: Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (this regulation is referred to as GDPR which is an abbreviation of the General Data Protection Regulation)
SaaS: Software-as-a-Service is a software distribution model in which a third-party provider such as the Supplier hosts software applications such as the Products and makes the Products available to customers such as the Customer with its End Users over the Internet. Instead of a one-time-transaction the Customer subscribes to the Product and pays the Supplier a recurring fee called the License.
Personal data: Any information relating to an identified or identifiable natural persons, see GDPR article 4 (1).
Products: The standard software products developed by Axess, which Axess Digital supplies separately or jointly to the Customer, pursuant to the agreed upon terms in the agreement with the Customer. The Products may be standalone applications or features that may be licensed (subscribed to) separately or as packages. A detailed description of each Product with prices and license period may be found on Axess Digital’s websites, see www.axessgroup.com/software-digital-solutions and bridge.axess.no.
1.2 Introduction
Our Products are sold as SaaS, and it is up to the Customer how the Products are used. If the Customer chooses to store or otherwise process personal data through one of our Products, this will be accessible for Axess Digital and our sub-suppliers. Our Products have no purpose or aim to process personal data, and Axess Digital has no control or insight in how the Customer uses our Products.
The only exception is Bridge, which is the interface between the Customer and Axess Digital. Axess Digital is the supplier of Bridge, as well as all Products and services made available through and which can be administered in Bridge. To a small degree, it is necessary for Axess Digital to process personal data in and through Bridge, in order for Bridge to function as the interface it is intended for. For all intents and purposes, the processing described in this Privacy Policy is for the processing in Bridge, not our Products.
In the event Axess Digital should offer a specific Product at a later time, which processes personal data in another way than described in this Privacy Policy, a separate Privacy Policy will be created and made available for all potential End Users for such Product.
Axess Digital is committed to your privacy and want your personal data to be private and secure.
1.3 Overview
In this Privacy Policy, Axess Digital explains:
- What personal data Axess Digital collects and how
- The purpose of collecting your personal data
- Disclosure of data to third parties
- Axess Digital’s security measures when processing your personal data
- Your rights as a data subject
Axess Digital is a Norwegian company. Axess Digital adheres to relevant Norwegian privacy law and meet the requirements of applicable laws and regulations within the EU/EEA. Axess Digital will ensure that your privacy rights and our processing of your personal data is held to the highest standard. Axess Digital offers Products with additional services according to requirements in the GDPR.
1.4 The Account and Bridge
Axess Digital may process personal data related to physicals persons that may be identified by using the Account. This Privacy Policy is relevant to you if you are a data subject that may be identified by the username used to log-in to the Account.
Axess Digital may process personal data related to the End Users that a Customer chooses to connect to Bridge. This Privacy Policy is relevant to you if you are an End User of Bridge with Account access.
For the purposes described in this Privacy Policy, Axess Digital is the controller, which collects and processes data as described herein. It is important for Axess Digital that you read this Privacy Policy thoroughly. We want you to be aware of your rights so you can help Axess Digital improve our policies. If you do not accept this Privacy Policy, you will not be able to access or use Bridge or any other Products as they rely on the use of Bridge.
1.5 Contact Information
If you have any requests concerning your personal data or any queries with regards to this Privacy Policy, please contact Axess Digital by reaching out to our Data Protection Officer at: privacy@axessgroup.com.
2. WHAT PERSONAL DATA WE COLLECT AND HOW
Axess Digital collects different types of personal data about End Users. It is up to the Customer which End Users Axess Digital collects personal data about. As far as Axess Digital is concerned, it is freely optional to be an End User of Bridge.
The personal data Axess Digital collects can be divided into three groups:
-
Minimum personal data needed to register an Account (these can be generic, non-personal data if the Customer chooses):
- · Your first name and surname
- · Email address
- · User name
- · Password
- · Place of work/employer (Associated Customer)
- · Installation access (location)
- · Picture of signature
- · Telephone number
- · Language
-
Personal data which may be generated while you use Bridge or a Product:
-
· Information about your mobile device:
- IP-address
- Hardware Manufacturer
- Operating system
-
· Application usage statistics
-
Personal data concerning yourself that you might choose to provide Axess Digital with through the Account or by other means whilst using Axess Digital’s Products and services, for example:
- Place of work such as boat or rig
- Nationality
- Gender
- Occupation or position
- Other details you actively choose to provide through Bridge or your contact with Axess Digital directly
- To manage the agreement between Axess Digital and the Customer and the agreement with you as the End User
- To communicate with the Customer of Axess Digital including the Customer’s End Users, by answering service requests or providing any necessary and agreed upon assistance for the Products or Bridge.
- To ensure the technical functionality of Bridge with connecting Accounts and Products for each End User to fulfil the agreement with the Customer or the End User.
- To be able to control and monitor Bridge’s user base and prevent fraudulent activity or similar.
Axess Digital processes personal data in order to make it possible to enter into and to fulfill the agreement with the Customer. As Axess Digital and the Customer are two separate controllers, Axess Digital’s legal basis for processing personal data is through the agreement between Axess Digital and the Customer that includes this EULA and Privacy Policy (these two documents are presented to you as the agreement between Axess Digital and you as the End User). It is the Customer’s choice which End Users are connected to Bridge through authorization and access via the Account.
In the event the Customer decides to use a generic business email address and not a personal email address related to an identifiable natural person, then the processing of personal data in Bridge will be limited accordingly. Using a generic email address rather than a personal one, will not limit the Customer’s user experience of Bridge.
To prevent fraudulent activity in or in relation to Bridge, Axess Digital’s legal basis for processing is Axess Digital’s legitimate interest. This legitimate interest is Axess Digital’s desire in keeping Bridge secure and keeping the integrity and confidentiality of the underlying software behind Bridge, the data related to Bridge and the Products, whether personal data or data otherwise considered commercially sensitive.
Furthermore, Axess Digital may process your personal data when Axess Digital is legally obliged to do so, or if it is necessary to establish, exercise or defend a legal claim.
Axess Digital will also ask you as the End User to have read and accepted this Privacy Policy as well as the End User License Agreement from Axess Digital (these two documents are the agreement between the End User and Axess Digital). You will on Bridge be presented with a link to this Privacy Policy as well as End User License Agreement in order to make sure each End User has been informed about how and why Axess Digital processes personal data.
5. DISCLOSURE OF DATA TO THIRD PARTIES
Except in the instances described below, Axess Digital does not disclose collected personal data to third parties.
Axess Digital may disclose user base demographics and similar non-personal data to third parties. Such aggregated data does not identify any individuals and will not be linked to any personal data.
Your personal data is not transferred out of the EU/EEA by Axess Digital or our subcontractors unless you contact a sub-supplier outside the EU for support.
The personal data is stored in Microsoft Azure on servers within EU.
The sub-supplier Axbit AS are developing the Products and provide support regarding the Products to End Users.
Freshworks Inc. stores e-mail and name including any meta data stored in the signature field of an e-mail.
6. STORAGE AND PERSONAL DATA DELETION
Upon your request or otherwise when the personal data Axess Digital has collected is no longer necessary for the purposes described above, for instance in the event the End User’s authorization to use Bridge is removed by Customer or by another authorized End User, the personal data concerning you will be erased unless Axess Digital must store such data longer due to local legal obligations..
Personal data with the exception of approvals, results or discoveries from inspections related to an Account, will be erased no later than after 12 months after an Account has been deactivated or the Customer relationship has been terminated unless Axess Digital must store such data longer due to local legal obligations.
7. YOUR RIGHTS
This Privacy Policy is adherent to Norwegian law and falls under Norwegian jurisdiction. As such, you are entitled to certain rights. Please refer to the contact details provided in the first section (see section 1.5) if you wish to make use of or need assistance regarding the rights listed below.
Terminate the agreement with Axess Digital: If you wish to terminate the agreement with Axess Digital or to terminate your right to use the Products or to terminate your account needed to access the Products, Axess Digital will delete your account access and related personal data (unless Axess Digital must store such data longer due to local legal obligations) without undue delay after receiving an e-mail from you with such written request.
Consent: To the extent Axess Digital’s processing of your personal data relies on your consent, you may withdraw said consent at any time. If you wish to withdraw your consent, Axess Digital will stop any processing activities related to such consent and delete your related personal data without undue delay. The withdrawal of consent does not affect the legality of Axess Digital’s processing of your personal data based on the consent before it was withdrawn.
Access: You can at any time request access to the personal data relating to you. You can also request information about how Axess Digital collects personal data at any time.
Erasure and rectification: You can at any time request that Axess Digital erases or rectifies any of the personal data relating to you that Axess Digital has collected.
Objections: You may likewise request a restriction of the processing of your personal data or object to the processing of your personal data, but this may affect your user experience in Bridge or the Products. For Axess Digital’s processing activities that are based on legitimate interests as legal basis, you may object to such processing on ground relating to your particular situation, by contacting Axess Digital with using the email stated in section 1.5.
Data Portability: In the event Axess Digital’s collection and processing of your personal data is based on automatic means and Axess Digital’s legal basis is your consent or an agreement with you, you may request that the personal data concerning you and which you have provided Axess Digital with, be transmitted to you or to another data controller.
Complaints: You have the right to lodge complaints with the Norwegian Data Protection Authority (Datatilsynet).
Exhibit 3 – Data Processing Agreement
Version 1.0. Last updated: 5 October 2020
1. DEFINITIONS
Data Processing Agreement (DPA): These terms and conditions with appendices and any alterations and updates agreed upon between the Parties in writing (electronically or on paper). The DPA shall take priority over any similar provisions contained in other agreements between the Parties. The DPA is in accordance with the Norwegian Personal Data Act, guidelines from the Norwegian Data Protection Authority and the GDPR. The DPA applies between the Customer as the Controller and the Supplier as Processor, within the meaning of the Norwegian Personal Data Act.
Supplier: See page 1 of the Subscription Agreement.
Processor: Supplier (the company that processes personal data on behalf of the Customer).
Customer: See page 1 of the Subscription Agreement.
Controller: Customer (the company that receives goods or services from the Supplier that includes the processing of personal data).
Party: Customer or Supplier.
Parties: Customer and Supplier.
Subscription Agreement: The agreement in force between the Customer and the Supplier that establishes what the Supplier shall supply to the Customer and the commercial terms. This DPA is an Exhibit to the Subscription Agreement and does not entail any changes to the commercial terms of the Subscription Agreement.
GDPR: The EU’s General Data Protection Regulation. (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC) which came into force in the EU on 25th of May 2018.
2. THE PURPOSE OF THE DPA
The purpose of the DPA is to regulate the rights and obligations of the Parties in accordance with the Norwegian Personal Data Act. The DPA fulfils the minimum requirements of the GDPR. The DPA shall ensure that personal data related to the data subjects is not processed unlawfully or made available for unauthorized persons.
The DPA regulates the Processor’s processing of personal data on behalf of the Controller, including collection, recording, organization, storage and disclosure or combinations thereof.
3. THE AIM OF THE DPA
The aim of this DPA is to specify that the Supplier as the Customer’s Processor may process personal data within the terms that are agreed upon with the Customer, including processing pursuant to the Subscription Agreement, to perform any processing that the Customer requests the Supplier to assist the Customer with, or to fulfil the Supplier’s contractual relationship with the Customer, as it stands at any time. The Parties agree that new purposes for processing must be documented (in writing, electronically constitutes as written).
The Processor and any person acting on behalf of the Processor that has access to personal data, shall process the data only on documented instructions from the Controller. The Parties agree that this DPA constitutes such instructions from the Controller.
The personal data to be processed: All personal data (excluding sensitive personal data) that the Processor is given access to by the Customer or through the contractual relationship with the Customer. The personal data that the Processor may process is defined in the DPA Appendix 1.
Categories of data subjects: the Customer’s own employees and hired personnel, contact persons associated with the Customer’s suppliers or clients, as well as individuals that register themselves as buyers or members in the Customer’s systems. Categories of data subjects are described in more detail in the DPA Appendix 1.
The processing covered by the DPA: The processing that is necessary for the Supplier to fulfil its obligations as a Supplier to the Customer in accordance with the agreement between the Parties and as a Processor under the applicable laws, as well as the processing pursuant to the Subscription Agreement and subsequent contractual relationship between the Parties. This includes giving advice to the Controller regarding any matters that may improve the level of service the Supplier is providing pursuant to the Subscription Agreement. The processing under this DPA is further defined in the DPA Appendix 1.
The framework for the Processor's processing of personal data: The Supplier may process personal data in accordance with the framework provided by the Customer in the Subscription Agreement and in the subsequent contractual relationship between the Parties at any time and to fulfil the Supplier’s responsibility as Processor under the applicable laws.
4. THE PROCESSOR'S OBLIGATIONS
The Processor shall comply with the procedures and instructions for the processing that the Controller has decided is applicable at any given time. The Processor is obliged to provide the Controller with access to its security documentation, and assist so the Controller can comply with its own responsibilities under the relevant privacy laws.
Unless otherwise agreed upon or provided by law, the Controller has the right to access and inspect the personal data processed and the systems used for this purpose. The Processor is obligated to provide necessary assistance to this.
The Processor has a duty of confidentiality regarding documentation and personal data that they obtain access to pursuant to this DPA. This provision also applies after the DPA’s termination.
The Processor shall ensure that persons authorized to process the personal data are committed to processing the information confidentially by a confidentiality statement in an employment contract or in another agreement with the Processor, if such person is not subject to an appropriate statutory duty of confidentiality. The Processor shall implement appropriate technical and organizational measures to achieve a level of security appropriate to the risks associated with processing personal data and to ensure that processing meets the requirements of applicable data protection legislation, including the requirements of the GDPR, and the protection of the rights of the data subject.
The Processor shall assist the Controller with fulfilling the Controller’s duty to respond to requests from the data subject for the purpose of exercising his/her rights as a data subject pursuant to the GDPR Chapter III. Taking into account the type of processing and the information made available to the Processor, the Processor shall assist the Controller in ensuring compliance with the Controller’s obligations pursuant to GDPR articles 32 through 36.
The Processor shall immediately inform the Controller if, in its opinion, an instruction from the Controller infringes the GDPR or other statutory provisions on the protection of personal data. The Processor shall keep a record of their processing activities performed on behalf of the Controller, pursuant to the GDPR article 30 section 2.
5. USE OF SUB-PROCESSORS
In the event the Processor uses a sub-processor or a person that normally is not employed by the Processor, this shall be agreed upon in writing with the Controller before the processing of personal data commences.
The Processor shall not engage another processor without prior specific or general written authorization from the Customer, seeing as the Customer is the Controller for the processing. If the Controller has given a general, written authorization, the Processor must inform the Customer of any plans to use a new sub-processor or to change sub-processors, thereby giving the Customer appropriate time to oppose the changes.
Appendix 1 section 4 to this DPA gives an overview of approved sub-processors. Appendix 1 section 1 shall be updated if changes are made to the use of sub-processors.
6. THE RIGHTS AND DUTIES OF THE CONTROLLER
The Controller has the rights and duties at any time given by law applicable to the Controller for the processing of personal data. The Controller is responsible for ensuring that the processing of personal data takes place in compliance with the GDPR and national data protection laws. The Controller has the right and obligation to make decisions about the purposes and means of the processing of personal data. The Controller shall be responsible, amongst other things, for ensuring that the processing of personal data, which the data processor is instructed to perform, has a legal basis. The Controller is responsible for forwarding any security breach notices to the Data Protection Authority. In the event of violations of this DPA or the Norwegian Personal Data Act, the Controller may require the Processor to stop further processing of the data with immediate effect.
7. SECURITY
The Processor shall comply with the security requirements imposed by the applicable personal data protection legislation. The Processor shall document routines and other measures to fulfil these requirements. The documentation shall be made available upon request from the Controller.
Appendix 2 to this DPA gives an overview of the Processor’s technical and organizational security measures. The technical and organizational security measures may be improved and further developed in accordance with the technological development. In such cases, the Processor may implement updated technical and organization security measures, provided that the security level for the relevant security measures remains unchanged or is increased to a better level of security.
In case of any personal data breach, the Processor shall notify the Controller of the breach without undue delay. When possible, the Processor shall notify the Controller of any breaches within 48 hours. The Controller is responsible for ensuring that breaches are notified to the Data Protection Authority.
8. SECURITY AUDITS
The Controller shall decide with the Processor that security audits are carried out regularly for the systems and similar entities covered by this DPA. The Processor shall, upon request, enable and contribute to audits, including inspections, carried out by the Controller or another inspector, authorized by the Controller. The Processor shall, upon request, make available to the Controller all information necessary to demonstrate that the requirements set out in this DPA are met.
9. DURATION OF THE AGREEMENT
Unless a specific provision herein is expressly given a longer period of application, the DPA applies as long as the Processor is processing personal data on behalf of the Controller, and the DPA follows the same rules for termination as the Subscription Agreement.
10. UPON TEMRINATION
Pursuant to the Controller’s decision, the Processor shall delete or return all personal data received on behalf of the Controller to the Controller after the services associated with the processing are provided (upon termination of this DPA).
Upon termination of the DPA it can be agreed upon that the Processor will delete or securely dispose of all documents, data, etc., which contain data covered by the DPA. This also applies to any backups. The Processor shall delete existing copies of such personal data, documents and data, unless applicable laws require that the Supplier continues to store personal data or such documents/information.
The Processor shall document in writing that the deletion and/or destruction has been carried out according to the DPA within reasonable time after the termination of the DPA.
11. NOTICES
Notices pursuant to this DPA shall be sent in writing to the Parties’ given contact persons as defined in the Subscription Agreement between the Parties. Other contact persons may be defined in Appendix 1 section 2 to this DPA, in which case all notices pursuant to this DPA shall be given to the contact persons defined in Appendix 1 section 2 to this DPA.
12. LIABILITY
The Parties' liability for damage suffered by a data subject or other natural persons which is due to a violation of the GDPR, the Norwegian Data Protection Act with regulations or other regulations that implement the GDPR, will follow the provisions of article 82 of the GDPR. The limit of liability in the Subscription Agreement does not apply for damages pursuant to GDPR article 82. The Parties are individually liable for administrative fines imposed pursuant to article 83 of the GDPR.
13. DISPUTE RESOLUTION
The DPA shall be interpreted and regulated in accordance with Norwegian law. Any disputes between the Customer and the Supplier relating to the DPA shall be settled by ordinary Norwegian courts. Lawsuits in such disputes shall be brought before the Romsdal District Court (Romsdal tingrett), which the parties agree upon as the legal venue. This also applies after termination of the DPA.
APPENDIX 1: SPECIFICATION OF THE SUPPLIER’S SERVICES AND PROCESSING OF PERSONAL DATA COVERED BY THIS DPA
1. Parties
Supplier (Processor): Axess Digital AS with business registration no. 923 232 001, and registered office address Oscar Hanssens veg 5, 6415 Molde, Norway.
Customer (Controller): See page 1 of the Subscription Agreement.
2. Contact Persons for Notices
Contact person from Supplier:
Same as stated in the Subscription Agreement
See Subscription Agreement
Contact person from Customer:
See Subscription Agreement
See Subscription Agreement
If a contact person for this DPA is different from the contact person stated in the Subscription Agreement, the contact person for such Party in the Subscription Agreement shall send the contact person for the other Party an e-mail stating such name and e-mail address for notices regarding the DPA.
3. The Supplier’s services and processing of personal data covered by the DPA
In accordance with the Subscription Agreement, the Processor shall deliver the products and services as agreed upon in the Subscription Agreement with amendments agreed upon by and between the Parties.
Personal data processed pursuant to the agreement:
User name and password, name, e-mail address, telephone number, place of work/employer, installation access, picture of signature, and other personal data such as language or other general personal data which the Customer or the Customer’s end user inserts when logging into Axess Bridge and using the Supplier’s products or services. See more details on what type of personal data will be collected in Exhibit 2 Privacy Policy section 2 to the Subscription Agreement.
Categories of data subjects:
The Customer’s own employees, the Customer’s contract personnel, the Customer’s owners and management, and/or contact persons associated with the Customer’s suppliers or customers that make use of the solution from the Supplier pursuant to the Subscription Agreement, and any other end user the Customer connects with the Supplier’s offered product or service. The categories of data subjects may be further described in an additional appendix to this DPA or an e-mail between the Parties given contact persons.
Processing pursuant to the agreement:
The Supplier’s processing activities which is necessary to fulfil the Supplier’s duties pursuant to the Subscription Agreement with amendments. In addition, the processing activities that is necessary for the Processor to fulfil its duties and rights pursuant to this DPA or applicable laws or to suggest improvements to the information security of the personal data being processed.
The framework for the processing:
The Supplier only processes personal data within EU/EEA and may only transfer personal data to countries within the EU/EEA. If the Processor plans to transfer or process personal data outside the EU/EEA, the Processor shall notify the Customer before such processing is initiated and document that the Processor has entered into a data processor agreement or other necessary contracts with the relevant sub-processor which fulfils the requirements for such transfers/processing. The Processor shall ensure that the security for such processing fulfils the requirements in the GDPR article 32.
Instructions from the Controller:
The Processor and any other person who processes personal data on behalf of the Processor and has access to personal data, shall process such personal data only in accordance with documented instructions from the Controller.
This DPA is considered such documented instructions. E-mails from the Controller to the Processor are also considered as such documented instructions.
4. List of sub-processors the Processor has an equivalent data processor agreement with:
NAME SUB-PROCESSOR
WEBSITE
DATA PROCESSOR AGREEMENT ENTERED INTO
Axbit AS
https://axbit.com/personvern
Yes, entered into 17 December 2018.
Freshworks Inc
https://freshdesk.com/gdpr
https://www.freshworks.com/data-processing-addendum/
Yes, entered into 2020.
Microsoft
https://privacy.microsoft.com/en-us/PrivacyStatement
Yes, entered into 2020 for the service Azure.
Appendix 2: TECHNICAL AND ORGANISATIONAL SECURITY MEASURES
The Processor guarantees that appropriate technical and organizational security measures are implemented at any given time to ensure satisfactory information security so that personal data is protected against unauthorized or accidental destruction, loss, damage, alteration or unauthorized disclosure of said personal data. This applies particularly to personal data that is transferred over a network and for all other illegal forms of transfer of data.
Such technical and organizational security measures include, but are not limited to: Control of physical access at data centres, digital access control and password protection, transfer control, limited accessibility.
The Processor shall at the Controller’s request make available all information that is necessary to demonstrate that the obligations stipulated in this DPA are met.
For more detailed and updated information concerning the technical and organizational security measures, please see https://bridge.axess.no
Exhibit 4 – Additional Services Agreement
Last updated 21 October 2020
1. ADDITIONAL DEFINITIONS
Event Outside the Supplier’s Control: Any act or event beyond the Supplier’s reasonable control, including without limitation failure of public or private telecommunications networks.
Help Desk Support: Any support provided by the Supplier’s help desk technicians by calling the national telephone number provided to the Customer.
Online Support: The remote provision of Support from the Supplier offices or Supplier’s other chosen location and not on site as specified in Appendix 1.
Ordinary Support Hours: The hours between 08 to 16 CET on Working Days in Norway during which the Additional Support Services is available at regular prices.
Response Time: The period from the Customer contacts the Supplier as designated for Support Response, until the Supplier responds to inform that the Supplier has begun to handle the request.
Working Days: The ordinary working days in Norway, meaning Monday through Friday except public holidays in Norway.
2. LIABILITY LIMITATION
The Supplier will perform the Support in accordance with the Agreement but the Supplier gives no representation or warranty that all faults, hereunder bugs, errors, defects and other malfunctions, will be fixed, or will be fixed within a specified period of time.
The Agreement sets out the full extent of our obligations and liabilities in respect of the provision of the Support. Except as expressly stated in this Agreement, there are no conditions, warranties, representations or other terms, express or implied, that are binding on the Supplier. Any condition, warranty, representation or other term concerning the provision of the Support, which might otherwise be relevant to the Agreement, whether statutory or otherwise, is excluded to the fullest extent permitted by law.
The Supplier will not be liable or responsible for any failure to perform, or delay in performance of, any of our obligations under this Agreement that is caused by an Event Outside the Supplier’s Control. If an Event Outside the Supplier’s Control takes place that affects the performance of the Supplier’s obligations under this Agreement, the Supplier’s obligations will be suspended and the time for performance of the obligations will be extended for the duration of the Event Outside the Supplier’s Control. During this time period, the Supplier shall use Commercially Reasonable Endeavours to find a solution by which the Supplier’s obligations may be performed despite the Event Outside the Supplier’s Control.
3. CONSULTANCY SERVICES
The Customer can order certain consultancy services that will be delivered to the Customer on a time and material basis. Such services may in example be one of the following consultancy services :
- Creation of data for the Customer.
- Assistance in connection with consequential damages for the Customer caused by defects in the Products or incorrect use of the Products.
- Support Response that is not included in any Standard Support or pre-paid Extended Support.
- Training services to the Customer or the Admin.
- Installation services not included in the License fee.
- Implementation services of other Products than the ones that are included in the License fee.
- Any assistance due to changes the Customer has made to the Hardware setup, a new operating System, or other things that lead to disturbances in the operation or use of the Products.
- Any work due to negligence from the Customer or his people, and damage and / or loss the Customer carries the risk of, accidents, fire, etc.
4. EXTENDED SUPPORT
The Supplier offers the Customer extended support regarding the Products as described in this Additional Service Agreement between the Parties. The Customer may choose one or several of this Additional Support Services, and such choices shall be reflected in the Price Attachment to Exhibit 5.
Support Response time NB : This extended support service will give the Customer the right for its appointed Admin to send questions regarding the Products to the Supplier on the e-mail stated in the Customer Portal for Single point of contact (SPOC) that will be responded to within the next business day (NBD) measured on working days in Norway during the License Period, provided that the Customer has paid the applicable License Fee for such Products.
Support Response time 4 hours: This extended support service will give the Customer the right for its appointed Admin to send questions regarding the Products to the Supplier on the e-mail stated in the Customer Portal for Single point of contact (SPOC) that will be responded to within 4 hours measured on working days in Norway during the License Period, provided that the Customer has paid the applicable License Fee for such Products.
Support Response time 2 hours: This extended support service will give the Customer the right for its appointed Admin to send questions regarding the Products to the Supplier on the e-mail stated in the Customer Portal for Single point of contact (SPOC) that will be responded to within 2 hours measured on working days in Norway during the License Period, provided that the Customer has paid the applicable License Fee for such Products.
5. EXTENDED MAINTENANCE
The Supplier offers the Customer extended maintenance regarding the Products as described in this Additional Service Agreement between the Parties. The Customer may choose one or several of this Additional Maintenance Services, and such choices shall be reflected in the Price Attachment to Exhibit 5.
User Forum : This extended support service will give the Customer the right for its appointed Admin to send suggestions to the Supplier on a dedicated e-mail address of what the Supplier should update or develop regarding the Products.
Extended development: This extended development service will give the Customer the right for its appointed Admin to send request to the Supplier on a dedicated e-mail address of what the Supplier should update or develop regarding the Products, and the Supplier should make such request a priority for next Product development.
6. EXTENDED SLA
The Supplier offers the Customer different extended SLA regarding the Products as described in this Additional Service Agreement between the Parties. The Customer may choose one or several of this Additional SLA Services, and such choices shall be reflected in the Price Attachment to Exhibit 5.
SLA Response time 8 hours : If the standard documentation and FAQ for the Products that will be made available after login on the Customer Portal are not granted, the appointed Admin shall have the right to send an e-mail with subject “error in access” to the address stated in the Customer Portal for Single point of contact (SPOC) that will be responded to within 4 hours response time measured during business hours on working days in Norway during the License Period, provided that the Customer has paid the applicable License Fee for such Products.
SLA Response time 4 hours: If the standard documentation and FAQ for the Products that will be made available after login on the Customer Portal are not granted, the appointed Admin shall have the right to send an e-mail with subject “error in access” to the address stated in the Customer Portal for Single point of contact (SPOC) that will be responded to within 2 hours response time measured during business hours on working days in Norway during the License Period, provided that the Customer has paid the applicable License Fee for such Products.
Dedicated Service Consultant: The Customer is given access to a Dedicated Customer Contact which is a Consultant with a special responsibility to follow up the Customer quickly during the agreed Service Period. If this additional service is selected, the Supplier shall send the name, telephone number and e-mail of such Dedicated Service Consultant to the Customer's appointed contact person.
Exhibit 5 – Products and prices
Last updated: 21 October 2020
1. The Price document
The Parties agree that the agreed Products and Additional Services shall be specified in the separate Exhibit 5 Appendix 1 Prices. If the Parties agree on an additional Product for the Customer or another Additional Service, the Parties will update Exhibit 5 Appendix 1 Prices accordingly.
2. Prices and delivery terms
All prices are specified in NOK exclusive of value-added tax (VAT) and other relevant taxes. In the event the Supplier must purchase products/services in foreign currency as part of its deliveries to the Customer, the exchange rate on the Supplier’s invoice date shall be used. Delivery terms and conditions are Ex Works (Incoterms 2010).
3. Invoicing
The Supplier may invoice the Customer in advance for the agreed upon License Fee and other agreed Additional Services, corresponding to the Customer’s chosen level of Additional Services and the agreed upon invoicing period (annually unless otherwise stated in Exhibit 5 Appendix 1). The License shall be provided from the agreed upon starting date (from the first working day in Norway after the Supplier has received the applicable Support Fee).
If the Parties agree that an additional Product shall be part of the services provided by the Supplier during an already started License Term, the Supplier may invoice the Customer the License Fee separately and from the day the Parties agree on the Support services for the additional Product(s). The License Fee will be calculated for the entire month of the day the Parties agreed on the License services for the additional Product(s) and until the end of the License Term of already existing License services for Products. For the next License Term the License Fee will be increased accordingly covering existing and additional Products.
Additional Services and additional rates for support outside Ordinary Support Hours shall be invoiced monthly in arrears. The invoice will specify the applicable period.
The Customer shall pay the Supplier the set amount within ten (10) days of receipt of the Supplier’s invoice for Support. Unless otherwise specified in Appendix 1 or instructed by the Customer, the invoice shall be sent by email to the Customers contact person as defined in Appendix 1.
Unless otherwise specifically agreed in writing, the Supplier may conduct annual price regulations with effect from January 1st each year at a rate not exceeding 5 % of the previous year’s ordinary hourly rates.
4. Additional rates
When executing the Support upon the Customer’s request outside the Ordinary Support Hours between the hours of 17:00-20:00 on Working Days, an addition of 50% will be added to the Supplier’s ordinary hourly rate for Additional Support Services. When executing the Support upon the Customer’s request beyond these hours and beyond Ordinary Support Hours, there will be an addition of 100% to the Supplier’s ordinary hourly rate for Additional Support Services.
5. Late payment
If the Customer fails to make the agreed upon payments after receipt of invoice within the agreed payment period, the Supplier may submit a written notice demanding such payment from Customer. If the Customer still fails to make the agreed upon payments within ten (10) days of receipt of the written notice, the Customer shall be deemed in default and the Supplier’s contractual obligations shall be suspended until payment is made. In such case, the Supplier is entitled to interest on the amount due for payment pursuant to Act No. 100 of 17 December 1976 relating to Interest on Overdue Payments, etc. (The Act relating to Interest on Overdue Payments).
6. Working place
Unless the Parties have agreed on a specific workplace location, the Support shall be performed in the Supplier’s facilities or where the Supplier deems appropriate as Online Support or Help-Desk Support until the Parties’ contact persons agree on a specific location. Other places of work may be specified in Exhibit 5 Appendix 1 Prices.