ເງື່ອນໄຂການໃຫ້ບໍລິການ📖

ອັບເດດຫຼ້າສຸດທີ່ 2023-01-01

Terms of Service

1. Introduction

The Extravagant Company Oy Ltd (“Exolyt”, “we”, “us”, “our”)

Lapinlahdenkatu 16 c/o Maria01, 00180 Helsinki, Finland

E-mail: support@exolyt.com

Company ID: 3136121-2

EU VAT ID: FI31361212

These Terms of Service (“Terms”, “Terms of Service”) govern your use of our service Exolytlocated at www.exolyt.com (together or individually “Service”) operated by The Extravagant Company Oy Ltd. Service has been created for providing analytical and statistical tools related to social media platforms and their use. Service is meant to be used with only on the latest versions of the following browsers: Safari, Chrome.

Our Privacy Policy also governs your use of our Service and explains how we collect, safeguard and disclose information that results from your use of our web pages.

Your agreement with us includes these Terms. You acknowledge that you have read and understood Terms, and agree to be bound of them. You have also read our Privacy Policy.

If you do not agree with (or cannot comply with) Agreements, then you may not use the Service, but please let us know by emailing at so we can try to find a solution. These Terms apply to all visitors, users and others who wish to access or use Service.

2. Communications

By using our Service, you agree to subscribe to newsletters, marketing or promotional materials and other information we may send. However, you may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or by emailing at .

3. Purchases

If you wish to purchase any product or service made available through Service (“Purchase”), you may be asked to supply certain information relevant to your Purchase including but not limited to, your credit or debit card number, the expiration date of your card, and your billing address.

You represent and warrant that: (i) you have the legal right to use any card(s) or other payment method(s) in connection with any Purchase; and that (ii) the information you supply to us is true, correct and complete.

We may employ the use of third party services for the purpose of facilitating payment and the completion of Purchases. By submitting your information, you grant us the right to provide the information to these third parties subject to our Privacy Policy.

We reserve the right to refuse or cancel your order at any time for reasons including but not limited to: product or service availability, errors in the description or price of the product or service, error in your order or other reasons.

We reserve the right to refuse or cancel your order if fraud or an unauthorized or illegal transaction is suspected.

4. Contests, Sweepstakes and Promotions

Any contests, sweepstakes or other promotions (collectively, “Promotions”) made available through Service may be governed by rules that are separate from these Terms of Service. If you participate in any Promotions, please review the applicable rules as well as our Privacy Policy. If the rules for a Promotion conflict with these Terms of Service, Promotion rules will apply.

5. Subscriptions

Some parts of Service are billed on a subscription basis ("Subscription(s)"). You will be billed in advance on a recurring and periodic basis ("Billing Cycle"). Billing cycles will be set depending on the type of subscription plan you select when purchasing a Subscription.

Our order process is conducted by our online reseller Paddle.com. Paddle.com is the Merchant of Record for all our orders. Paddle provides all customer service inquiries and handles returns. Your order may be processed by our online reseller and Merchant of Record, Paddle, who may also handle all customer services enquiries and returns. More information can be found in Paddle's  

Data Sharing Addendum,

Terms and Conditions and Privacy Policy. If some information regarding the payments and subscriptions between this document and Paddle's documents is conflicting, Paddle's documentation are prioritised over this.

At the end of each Billing Cycle, your Subscription will automatically renew under the exact same conditions unless you cancel it or Exolyt cancels it. You may cancel your Subscription renewal either through your online account management page or by contacting customer support team.

A valid payment method is required to process the payment for your subscription. You shall provide Exolyt with accurate and complete billing information that may include but not limited to full name, address, state, postal or zip code, telephone number, and a valid payment method information. By submitting such payment information, you automatically authorize Exolyt (or Paddle) to charge all Subscription fees incurred through your account to any such payment instruments.

Should automatic billing fail to occur for any reason, Exolyt reserves the right to terminate your access to the Service with immediate effect.

6. Free Trial

Exolyt may, at its sole discretion, offer a Subscription with a free trial for a limited period of time ("Free Trial").

You may be required to enter your billing information in order to sign up for Free Trial.

If you do enter your billing information when signing up for Free Trial, you will not be charged by Exolyt until Free Trial has expired. On the last day of Free Trial period, unless you cancelled your Subscription, you will be automatically charged the applicable Subscription fees for the type of Subscription you have selected.

At any time and without notice, Exolyt reserves the right to (i) modify Terms of Service of Free Trial offer, or (ii) cancel such Free Trial offer.

7. Fee Changes

Exolyt, in its sole discretion and at any time, may modify Subscription fees for the Subscriptions. Any Subscription fee change will become effective at the end of the then-current Billing Cycle.

Exolyt will provide you with a reasonable prior notice of any change in Subscription fees to give you an opportunity to terminate your Subscription before such change becomes effective. "Reasonable time" will be at least two weeks.

Your continued use of Service after Subscription fee change comes into effect constitutes your agreement to pay the modified Subscription fee amount.

8. Refunds

As a main rule, our services are non refundable.

9. Content

Content found on or through this Service are the property of Exolyt or used with permission. You may not distribute, modify, transmit, reuse, download, repost, copy, or use said Content, whether in whole or in part, for commercial purposes or for personal gain, without express advance written permission from us.

TikTok profile, other social media profile, or any other content available online that you request analytics from Exolyt, you will need to have written consent from the actual account owner or their guardian if the account owner is underage. By requesting any analytics, you assure that you have this permission.

Due to the nature of our service, social media data and analytical insights provided by Service are not always up-to-date. Reasons for this can include changes in third party services or other changes that are out of our reach. If you experience problems with having up-to-date insights available for over 24 hours, you have right to request extension to your current paid subscription plan for the time that the data update issues were affecting the use of service. This extension of subscription is not a refund, it cannot be exchanged into a cash amount, is capped at a maximum of 30 days, require you to have paid any outstanding invoices and expire upon termination of your paid subscription.

10. Prohibited Uses

You may use Service only for lawful purposes and in accordance with Terms. You agree not to use Service:

0.1. In any way that violates any applicable national or international law or regulation.

0.2. For the purpose of exploiting, harming, or attempting to exploit or harm minors in any way by exposing them to inappropriate content or otherwise.

0.3. To transmit, or procure the sending of, any advertising or promotional material, including any “junk mail”, “chain letter,” “spam,” or any other similar solicitation.

0.4. To impersonate or attempt to impersonate Company, a Company employee, another user, or any other person or entity.

0.5. In any way that infringes upon the rights of others, or in any way is illegal, threatening, fraudulent, or harmful, or in connection with any unlawful, illegal, fraudulent, or harmful purpose or activity.

0.6. To engage in any other conduct that restricts or inhibits anyone’s use or enjoyment of Service, or which, as determined by us, may harm or offend Company or users of Service or expose them to liability.

Additionally, you agree not to:

0.1. Use Service in any manner that could disable, overburden, damage, or impair Service or interfere with any other party’s use of Service, including their ability to engage in real time activities through Service.

0.2. Use any robot, spider, or other automatic device, process, or means to access Service for any purpose, including monitoring or copying any of the material on Service.

0.3. Use any manual process to monitor or copy any of the material on Service or for any other unauthorized purpose without our prior written consent.

0.4. Use any device, software, or routine that interferes with the proper working of Service.

0.5. Introduce any viruses, trojan horses, worms, logic bombs, or other material which is malicious or technologically harmful.

0.6. Attempt to gain unauthorized access to, interfere with, damage, or disrupt any parts of Service, the server on which Service is stored, or any server, computer, or database connected to Service.

0.7. Attack Service via a denial-of-service attack or a distributed denial-of-service attack.

0.8. Take any action that may damage or falsify Company rating.

0.9. Otherwise attempt to interfere with the proper working of Service.

11. Analytics

We may use third-party Service Providers to monitor and analyze the use of our Service. More information about the use of third-party service providers can be found on the Privacy Policy.

12. No Use By Minors

Service is intended only for access and use by individuals at least eighteen (18) years old. By accessing or using Service, you warrant and represent that you are at least eighteen (18) years of age and with the full authority, right, and capacity to enter into this agreement and abide by all of the terms and conditions of Terms. If you are not at least eighteen (18) years old, you are prohibited from both the access and usage of Service.

13. Accounts

When you create an account with us, you guarantee that you are above the age of 18, and that the information you provide us is accurate, complete, and current at all times. Inaccurate, incomplete, or obsolete information may result in the immediate termination of your account on Service.

You are responsible for maintaining the confidentiality of your account and password, including but not limited to the restriction of access to your computer and/or account. You agree to accept responsibility for any and all activities or actions that occur under your account and/or password, whether your password is with our Service or a third-party service. You must notify us immediately upon becoming aware of any breach of security or unauthorized use of your account.

You may not use as a username the name of another person or entity or that is not lawfully available for use, a name or trademark that is subject to any rights of another person or entity other than you, without appropriate authorization. You may not use as a username any name that is offensive, vulgar or obscene.

We reserve the right to refuse service, terminate accounts, remove or edit content, or cancel orders in our sole discretion.

14. Intellectual Property

Service and its original content (excluding Content provided by users), features and functionality are and will remain the exclusive property of Exolyt and its licensors. Service is protected by copyright, trademark, and other laws of and foreign countries. Our trademarks may not be used in connection with any product or service without the prior written consent of Exolyt.

15. Copyright Policy

We respect the intellectual property rights of others. It is our policy to respond to any claim that Content posted on Service infringes on the copyright or other intellectual property rights (“Infringement”) of any person or entity.

If you are a copyright owner, or authorized on behalf of one, and you believe that the copyrighted work has been copied in a way that constitutes copyright infringement, please submit your claim via email to , with the subject line: “Copyright Infringement” and include in your claim a detailed description of the alleged Infringement as detailed below, under “DMCA Notice and Procedure for Copyright Infringement Claims”

You may be held accountable for damages (including costs and attorneys’ fees) for misrepresentation or bad-faith claims on the infringement of any Content found on and/or through Service on your copyright.

16. DMCA Notice and Procedure for Copyright Infringement Claims

You may submit a notification pursuant to the Digital Millennium Copyright Act (DMCA) by providing our Copyright Agent with the following information in writing (see 17 U.S.C 512(c)(3) for further detail):

0.1. an electronic or physical signature of the person authorized to act on behalf of the owner of the copyright’s interest;

0.2. a description of the copyrighted work that you claim has been infringed, including the URL (i.e., web page address) of the location where the copyrighted work exists or a copy of the copyrighted work;

0.3. identification of the URL or other specific location on Service where the material that you claim is infringing is located;

0.4. your address, telephone number, and email address;

0.5. a statement by you that you have a good faith belief that the disputed use is not authorized by the copyright owner, its agent, or the law;

0.6. a statement by you, made under penalty of perjury, that the above information in your notice is accurate and that you are the copyright owner or authorized to act on the copyright owner’s behalf.

You can contact our Copyright Agent via email at .

17. Error Reporting and Feedback

You may provide us either directly at or via third party sites and tools with information and feedback concerning errors, suggestions for improvements, ideas, problems, complaints, and other matters related to our Service (“Feedback”). You acknowledge and agree that: (i) you shall not retain, acquire or assert any intellectual property right or other right, title or interest in or to the Feedback; (ii) Company may have development ideas similar to the Feedback; (iii) Feedback does not contain confidential information or proprietary information from you or any third party; and (iv) Company is not under any obligation of confidentiality with respect to the Feedback. In the event the transfer of the ownership to the Feedback is not possible due to applicable mandatory laws, you grant Company and its affiliates an exclusive, transferable, irrevocable, free-of-charge, sub-licensable, unlimited and perpetual right to use (including copy, modify, create derivative works, publish, distribute and commercialize) Feedback in any manner and for any purpose.

18. Links To Other Web Sites

Our Service may contain links to third party web sites or services that are not owned or controlled by Exolyt.

Exolyt has no control over, and assumes no responsibility for the content, privacy policies, or practices of any third party web sites or services. We do not warrant the offerings of any of these entities/individuals or their websites.

YOU ACKNOWLEDGE AND AGREE THAT COMPANY SHALL NOT BE RESPONSIBLE OR LIABLE, DIRECTLY OR INDIRECTLY, FOR ANY DAMAGE OR LOSS CAUSED OR ALLEGED TO BE CAUSED BY OR IN CONNECTION WITH USE OF OR RELIANCE ON ANY SUCH CONTENT, GOODS OR SERVICES AVAILABLE ON OR THROUGH ANY SUCH THIRD PARTY WEB SITES OR SERVICES.

WE STRONGLY ADVISE YOU TO READ THE TERMS OF SERVICE AND PRIVACY POLICIES OF ANY THIRD PARTY WEB SITES OR SERVICES THAT YOU VISIT.

19. Disclaimer Of Warranty

THESE SERVICES ARE PROVIDED BY COMPANY ON AN “AS IS” AND “AS AVAILABLE” BASIS. COMPANY MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, AS TO THE OPERATION OF THEIR SERVICES, OR THE INFORMATION, CONTENT OR MATERIALS INCLUDED THEREIN. YOU EXPRESSLY AGREE THAT YOUR USE OF THESE SERVICES, THEIR CONTENT, AND ANY SERVICES OR ITEMS OBTAINED FROM US IS AT YOUR SOLE RISK.

NEITHER COMPANY NOR ANY PERSON ASSOCIATED WITH COMPANY MAKES ANY WARRANTY OR REPRESENTATION WITH RESPECT TO THE COMPLETENESS, SECURITY, RELIABILITY, QUALITY, ACCURACY, OR AVAILABILITY OF THE SERVICES. WITHOUT LIMITING THE FOREGOING, NEITHER COMPANY NOR ANYONE ASSOCIATED WITH COMPANY REPRESENTS OR WARRANTS THAT THE SERVICES, THEIR CONTENT, OR ANY SERVICES OR ITEMS OBTAINED THROUGH THE SERVICES WILL BE ACCURATE, RELIABLE, ERROR-FREE, OR UNINTERRUPTED, THAT DEFECTS WILL BE CORRECTED, THAT THE SERVICES OR THE SERVER THAT MAKES IT AVAILABLE ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS OR THAT THE SERVICES OR ANY SERVICES OR ITEMS OBTAINED THROUGH THE SERVICES WILL OTHERWISE MEET YOUR NEEDS OR EXPECTATIONS.

COMPANY HEREBY DISCLAIMS ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING BUT NOT LIMITED TO ANY WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, AND FITNESS FOR PARTICULAR PURPOSE.

THE FOREGOING DOES NOT AFFECT ANY WARRANTIES WHICH CANNOT BE EXCLUDED OR LIMITED UNDER APPLICABLE LAW.

20. Limitation Of Liability

EXCEPT AS PROHIBITED BY LAW, YOU WILL HOLD US AND OUR OFFICERS, DIRECTORS, EMPLOYEES, AND AGENTS HARMLESS FOR ANY INDIRECT, PUNITIVE, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGE, HOWEVER IT ARISES (INCLUDING ATTORNEYS’ FEES AND ALL RELATED COSTS AND EXPENSES OF LITIGATION AND ARBITRATION, OR AT TRIAL OR ON APPEAL, IF ANY, WHETHER OR NOT LITIGATION OR ARBITRATION IS INSTITUTED), WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE, OR OTHER TORTIOUS ACTION, OR ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, INCLUDING WITHOUT LIMITATION ANY CLAIM FOR PERSONAL INJURY OR PROPERTY DAMAGE, ARISING FROM THIS AGREEMENT AND ANY VIOLATION BY YOU OF ANY FEDERAL, STATE, OR LOCAL LAWS, STATUTES, RULES, OR REGULATIONS, EVEN IF COMPANY HAS BEEN PREVIOUSLY ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. EXCEPT AS PROHIBITED BY LAW, IF THERE IS LIABILITY FOUND ON THE PART OF COMPANY, IT WILL BE LIMITED TO THE AMOUNT PAID FOR THE PRODUCTS AND/OR SERVICES, AND UNDER NO CIRCUMSTANCES WILL THERE BE CONSEQUENTIAL OR PUNITIVE DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF PUNITIVE, INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE PRIOR LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU.

21. Termination

We may terminate or suspend your account and bar access to Service immediately, without prior notice or liability, under our sole discretion, for any reason whatsoever and without limitation, including but not limited to a breach of Terms.

If you wish to terminate your account, you may simply discontinue using Service.

All provisions of Terms which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability.

22. Governing Law and Settlement of Disputes

These Terms shall be governed and construed in accordance with the laws of Finland, which governing law applies to agreement without regard to its conflict of law provisions.

Our failure to enforce any right or provision of these Terms will not be considered a waiver of those rights. If any provision of these Terms is held to be invalid or unenforceable by a court, the remaining provisions of these Terms will remain in effect. These Terms constitute the entire agreement between us regarding our Service and supersede and replace any prior agreements we might have had between us regarding Service.

Any dispute, controversy or claim arising out of or relating to the agreement, or the breach, termination or validity there of shall be finally settled by arbitration in accordance with the Arbitration Rules of the Finland Chamber of Commerce. A dispute shall be resolved by a solearbitrator. Not withstanding the preceding sentences, claims for non-payment of monetary charges may be resolved in the district court of therespondent’s place of domicile if the respondent does not contest its payment obligation.

If the parties so agree in writing, any dispute, controversy or claim arising out of the agreement shall beresolved in the district court.

23. Changes To Service

We reserve the right to withdraw or amend our Service, and any service or material we provide via Service, in our sole discretion without notice. We will not be liable if for any reason all or any part of Service is unavailable at any time or for any period. From time to time, we may restrict access to some parts of Service, or the entire Service, to users, including registered users.

24. Amendments To Terms

We may amend Terms at any time by posting the amended terms on this site. It is your responsibility to review these Terms periodically.

Your continued use of the Platform following the posting of revised Terms means that you accept and agree to the changes. You are expected to check this page frequently so you are aware of any changes, as they are binding on you.

By continuing to access or use our Service after any revisions become effective, you agree to be bound by the revised terms. If you do not agree to the new terms, you are no longer authorized to use Service.

25. Waiver And Severability

No waiver by Company of any term or condition set forth in Terms shall be deemed a further or continuing waiver of such term or condition or a waiver of any other term or condition, and any failure of Company to assert a right or provision under Terms shall not constitute a waiver of such right or provision.

If any provision of Terms is held by a court or other tribunal of competent jurisdiction to be invalid, illegal or unenforceable for any reason, such provision shall be eliminated or limited to the minimum extent such that the remaining provisions of Terms will continue in full force and effect.

26. Organizational use

Unless you have specifically notified Exolyt to the contrary in writing (including via email to support@exolyt.com), Exolyt may disclose that your organisation is a customer of Exolyt (if your organisation has a Exolyt subscription and/or uses a business email address as your Exolyt user email address) and may use your organisation’s name and logo on the website and in Exolyt promotional content. Exolyt will request your prior written consent for any other uses.

27. Acknowledgement

BY USING SERVICE OR OTHER SERVICES PROVIDED BY US, YOU ACKNOWLEDGE THAT YOU HAVE READ THESE TERMS OF SERVICE AND AGREE TO BE BOUND BY THEM.

28. Contact Us

Please send your feedback, comments, requests for technical support by email: .


Agreement on the processing of personal data

Processor

The Extravagant Company Oy Ltd (“Exolyt”, “we”, “us”, “our”)

Lapinlahdenkatu 16 c/o Maria01, 00180 Helsinki, Finland

E-mail: support@exolyt.com

Company ID: 3136121-2

EU VAT ID: FI31361212

(hereinafter referred to as the “Processor”)

Controller

Controller is the client who has accepted the Terms and Conditions of the Exolyt service as part of the service’s registration process. (hereinafter referred to as the “Controller”)

Definitions

Processor and Controller have signed the Terms and Conditions regarding Exolyt service located at www.exolyt.com (hereinafter referred to as the "Service") (hereinafter referred to as the “Main Agreement”). In order to achieve the objectives of the Main Agreement, it is necessary for the Processor to process the personal data collected and provided by the Controller. This agreement provides the terms according to which this personal data must be processed.

“Personal data” refers to all information related to an identified or identifiable natural person (hereinafter referred to as the “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic or social identity of that natural person.

“Processing of personal data” refers to any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

In the agreement relationship referred to in this agreement, the Controller is the party with control over the data who defines the purposes and means of processing personal data, and the Processor is the technical operator who processes personal data on the Controller’s behalf as part of the Main Agreement.

General rights and obligations of the controller

Controller

a) is responsible for the collection of personal data;

b) processes personal data lawfully, carefully and in accordance with good data processing practices, and otherwise works in ways that do not limit the data subjects’ privacy protection and other basic rights ensuring protection of privacy without grounds laid down in the law;

c) determines the purposes and means of the processing of personal data and provides the Processor with written instructions concerning the processing of personal data. The purpose of the processing of personal data must indicate the types of tasks in which personal data is processed;

d) is responsible for delivering all legally required notices and information concerning the processing of personal data to the data subjects;

e)is responsible for ensuring that the rights of the data subjects are enforced;

f) ensures that the transfer of personal data to the Processor and the processing of personal data under this agreement remains lawful for the entire duration of the agreement;

g) declares that, if it represents consolidated companies or third parties in this agreement, it has the right to commit to this agreement and to give the Controller the right to process personal data under this agreement and the Main Agreement;

h) confirms and is responsible for ensuring that the processing of personal data under this agreement is in accordance with the requirements set forth in the legislation, including the data security requirements;

i) confirms that it has provided the Processor with all the necessary information in order for the Processor to meet all the obligations set forth in this agreement in accordance with the data protection legislation requirements; and

j) is responsible for submitting any corrections, deletions and amendments to personal data to the Processor.

General rights and obligations of the processor

Processor

a) processes personal data solely for the purposes defined in the Main Agreement and this agreement, only to the extent that is necessary for fulfilling the purpose of the Main Agreement and solely for the duration of this agreement, unless otherwise required by mandatory legislation. The Processor is not entitled to use the received personal data in its own operations, disclose it, process it or combine the data with other data in its possession except for in the scope referred to in the Main Agreement and while managing its tasks pursuant to that agreement;

b) processes personal data lawfully, carefully and in accordance with good data processing practices, and otherwise works in ways that do not limit the data subjects’ privacy protection and other basic rights ensuring protection of privacy without grounds laid down in the law;

c) processes, and ensures that any persons employed by it with access to the personal data process, the personal data solely according to the documented, lawful and reasonable instructions provided by the Controller. Exceptions may be made if the applicable mandatory law so requires, but in such a case, the Processor shall immediately inform the Controller of the exception, provided that such information is not prohibited by the aforementioned law;

d) ensures that personal data is exclusively processed by persons for whom it is necessary in order to perform their duties, and that the persons in question are committed to an obligation of confidentiality or bound by a legal non-disclosure obligation;

e) implements all the security measures required by the legislation for the processors of personal data, as agreed in more detail in this agreement;

f) insofar as this is possible and taking into account the nature of the processing, assists the Controller by appropriate technical and organisational measures for the fulfilment of the Controller's obligation to respond to requests for exercising the data subject's rights;

g) taking into account the nature of the processing and the information available to the Processor, assists the Controller in ensuring that the legal obligations set for the Controller, such as the security measures, impact assessment and prior consultation, are being adhered to. The Processor has an obligation to assist the Controller only to the extent of the obligations set by applicable law to the Processor as the processor of personal data;

h) takes note of any corrections, deletions and amendments of personal data submitted by the Controller without any undue delays in the processing of personal data;

i) during the validity of this agreement or following its termination, either destroys or returns to the Controller, at the Controller's discretion and in accordance with the instructions provided by it, all personal data and deletes any existing duplicates, unless otherwise required by mandatory legislation. The parties may separately agree on the practices concerning the destruction and return;

j) maintains the necessary reports or records of the processing activities and makes available to the Controllerany information which demonstrates that the Processor is adhering to its obligations set forth in this agreement and the applicable legislation;

k) permits audits performed by the Controller or an auditor authorised by the Controller and participates in them in the manner agreed in more detail in this agreement;

l) notifies the Controller if the Processor considers that the instructions provided by the Controller are in violation of the applicable legislation;

m) notifies the Controller if the Processor considers that the practices of the Controller are deficient and assists the Controller in rectifying its practices, if necessary.

The Processor is entitled to invoice separately for any actions taken to assist, rectify and respond to request, for providing assistance with audits, and for any actions taken or costs incurred due to changes in the client’s instructions.

Subcontractors

As a general rule, the Processor may utilise subcontractors in the processing of personal data under this agreement. “Subcontractor” refers to a processor that processes personal data under this agreement, wholly or in part, on behalf of the Processor and is commissioned by it.

The subcontractors used in the processing have been reported to the Controller prior to the signing of this agreement. The Processor shall inform the Controller of any intended changes concerning the addition or replacement of subcontractors and, thereby giving the Controller the opportunity to object to such changes.

The Processor signs a written processing agreement with the subcontractor and requires that all subcontractors adhere to the data protection obligations set for the Processor in this agreement or to obligations that ensure an equivalent level of data protection. The subcontractor shall only process personal data in accordance with the written agreement. The Processor is responsible for the actions of their subcontractors as if they were their own.

Geographical location of personal data processing

The Processor is only entitled to transfer personal data outside of the European Union, the European Economic Area or other countries which the European Commission has established to guarantee an adequate level of data protection subject to the written prior consent of the Controller.

If the data is transferred outside of the areas mentioned hereinabove, the Processor shall sign an agreement on the transfer of personal data with the relevant parties that is pursuant to the requirements of the applicable law. An agreement on the transfer of personal data is drawn up according to the standard contractual clauses approved by the European Commission. As an alternative to using the standard contractual clauses, the transfer may take place by utilising the other grounds for transfer approved in the applicable legislation.

If a conflict exists between this agreement or the Main Agreement and the standard contractual clauses or any other legal grounds for transfer, the standard contractual clauses and alternative grounds for transfer will always have priority over this agreement and the Main Agreement.

At the time of signing of this agreement, the personal data covered by the agreement’s area of application is being processed in Finland or elsewhere within the EEA and in USA.

Audits

The Controller is entitled to audit the data processing activities of the Processor under this agreement. The Processor shall assist in the audit and participate in it to the best of its ability.

The Controller may authorise an external inspector to perform the audit; however, such inspectors may not be competitors to the Processor. The parties agree on the time and other details of the audit in good time before its implementation. The audit shall be performed in a manner that does not interfere with the commitments of the Processor to third parties. All representatives of the Controller and all participants of the audit shall sign a standard non-disclosure agreement for the benefit of the Processor.

The Controller is responsible for covering all costs incurred from the audit. The Processor is also entitled to invoice the Controller for assisting with the audit and for any other additional work caused by the audit.

Confidentiality

The Processor commits toa) keeping confidential all personal data received from the Controller;b) ensuring that persons authorised to process the personal data have committed themselves to an obligation of confidentiality; andc) ensuring that personal data is not transferred to third parties without the prior written consent of the Controller, unless the Processor is obligated to disclose the said data based on mandatory legislation or an authority regulation.

If a data subject or authority makes a request concerning personal data, the Processor shall, as soon as reasonably possible, notify the Controller of such a request before responding to the request or taking any other action concerning personal data. If a competent authority demands an immediate response, the Processor shall notify the Controller of the request as soon as possible after responding to it, unless otherwise required by mandatory legislation.

Limitations of liability

The limitations of liability in the Main Agreement shall also apply to this agreement. If no limitations on liability have been set in the Main Agreement, the provisions of this chapter shall apply.

The Processor is liable for direct damage suffered by the Controller due to a breach of this agreement or an act in violation of data protection legislation.

In no event shall the Processor be liable for consequential damage, such as loss of income, revenue or market share, interruption of production or service, loss of profits or other comparable damage.

If a data subject files a claim for compensation against a party on the basis of the processing of personal data, this must be reported to the other party without delay.

If the Processor needs to pay damages to a data subject, the Controller shall compensate the Processor for the loss, insofar as it is not due to an error or negligence of the terms of the agreement on the part of the Processor.

All claims to the Processor must be made in writing and without delay. If an error or deficiency is observed or observable immediately, the notice shall be made immediately and no later than thirty (30) days after the observation. No compensation will be paid if a specified claim has not been made to the Processor within six (6) months from the observation of the damage. Compensation will also not be paid if the claim is made after more than three (3) years have passed since the error or deficiency.

In all cases, both parties are solely responsible for any administrative sanctions imposed on them by the supervisory authority or a competent court of law that are, according to the decision of the supervisory authority or court of law in question, a consequence of the party not adhering to the requirements and obligations set for it in the data protection legislation.

Purpose of the processing

The main purpose of the processing is to provide Controller with the Service.Purposes of the processing are defined in more detail in chapter 3 of the Service's Privacy Policy https://exolyt.com/privacy-policy.

Personal data being processed

The Controller's employees who use the Service or who are otherwise in contact with the Processor regarding the Service.

The Processor processes the following categories of personal data:

  • Name
  • Phone number
  • Email address
  • Online identifiers such as cookies or IP addresses
  • Role within the Controller's organisation

Data security for processing of personal data

The Controller will implement and maintain appropriate technical and organisational measures that ensure an adequate level of security for the processing of personal data and protect personal data against unauthorised and unlawful processing and accidental loss, destruction, damage, modification or disclosure, taking into account in particular the state of the art and costs of implementation, the nature, scope, context and purposes of the processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons.

The Controller is responsible for ensuring that the Processor is informed of all the aspects related to the personal data provided by the Controller (such as risk assessments and the processing of special categories of personal data) that affect the technical and organisational measures under this agreement.

The data security arrangements are regularly assessed, inspected and updated.

Validity of the agreement and the duration of the processing of personal data

The validity of the agreement is tied to the validity of the Main Agreement, and it will be automatically terminated when the Main Agreement is terminated for any reason. The right and obligation of the Processor to process personal data ends when the agreement is terminated.

The validity of the agreement is tied to the validity of the Main Agreement, and it will be automatically terminated when the Main Agreement is terminated for any reason. The right and obligation of the Processor to process personal data ends when the agreement is terminated.

Obligations which, by their very nature, are to survive the termination of this agreement, such as obligation of confidentiality, will remain in force irrespective of the termination of this agreement.