1. Definitions
i. ‘Sale Conditions’: these terms that apply to the relationship between You and Us when purchasing Services;
ii. ‘Agreement: Any agreement under which We undertake to provide the Services to You subject to compliance with the Sale Conditions;
iii. ‘Platform’: the cloud-based platform on which You can organise a specific virtual event;
iv. ‘Services’: the access to and the facility to design a specific virtual event on Our Platform which is offered on Our Website;
v. ‘We/Us/Our’: the company as mentioned in article two of these Sale Conditions;
vi. ‘You/Your’: any natural or legal person who enters into a contractual relationship with Us and who is acting for purposes that fall within his business or professional activity;
vii. ‘Visitor’: any visitor of Our Platform invited by You for a specific virtual event organised by You;
viii. ‘Party/Parties’: You and/or We;
ix. ‘Website’: meet.thola.events, dashboard.thola.events, account.thola.events and account.thola.events.
2. Our identification
Who we are:
Thola NV
Veldkant 33A
2550 Kontich
VAT BE0761.819.984
Contact:
Availability: Monday to Friday from 09h00 to 17u00 (Brussels time)
Telephone number: +32 3 450 80 30 ask for Thola – Wouter Janssens
E-mail address: welcome@thola.events
3. Application
3.1. These Sale Conditions apply to all purchases of Our Services. When placing an order, you must expressly accept these Sale Conditions and agree to their application. These Sale Conditions apply to the exclusion of any other conditions. Unless expressly accepted by Us in writing, Your possible general or special conditions are expressly excluded.
3.2. We reserve the right to change these Sale Conditions from time to time. However, the version of these Sale Conditions that was applicable at the time the order was placed will continue to apply between You and Us as far as the Agreement is concerned.
4. Offer and acceptance
4.1. We make all reasonable efforts to make the information on the features of the Services as accurate as possible, to the extent permitted by technical means.
4.2. Your acceptance of Our offer is done by placing the order on Our Website. This purchase is binding. We will send a confirmation of the order no later than within the fourteen (14) calendar days to the e-mail address you have provided.
4.3. It is Your responsibility to ensure that the information You provide to Us is correct. If it does contain errors, We ask You to inform Us as soon as possible or, if possible, to correct the errors yourself.
4.4. We reserve the right to refuse an order due to a serious shortcoming by You.
4.5. In accordance with the Economic Law Code, the Parties expressly acknowledge that electronic forms of communication bring about a valid Agreement. We may use any electronic file at Our disposal, within the limits of the law, to prove the existence of the Agreement. An ordinary, digital or electronically qualified signature is not an essential requirement of proof.
4.6. The Agreement will only come into effect as soon as We send You a confirmation of Your order at the e-mail address You have provided. This confirmation will contain the information about the Services ordered by You.
5. Our prices
5.1. The prices of Our Services are listed on the Website and are fixed at the time of the order. The indication of the price refers exclusively to the Services as described verbatim. Any accompanying photographs are decorative and may contain elements that are not included in the price. All prices mentioned are expressed in EURO and are exclusive of VAT and any other taxes or duties to be borne by You. Any other costs charged will be mentioned separately.
5.2. We have the right to change prices at any time, but We undertake to use the rates indicated on the Website at the time of Your order. When Your order relates to a subscription formula, We can change the price upon each renewal of the subscription, in which case You will have the right to cancel Your subscription within a period of two (2) weeks.
6. Payments
6.1. In principle, each payment will be processed immediately and in full, from the moment you place the order. For the payment of Our Services we accept MasterCard or invoice payable upon receipt.
6.2. The payment for the Services is due with immediate effect.
6.3. We can expand the payment options in the future. We will take all reasonable measures to ensure the security of Your online transactions. We guarantee this security by engaging specialized parties such as authorized credit card issuers and payment partners.
7. Access
7.1. We provide the Services with the necessary care and skills, in accordance with the standards of Our industry. We take all reasonable steps to ensure that the Services are provided in accordance with the Agreement and in accordance with best business practices.
7.2. You will be granted access to the Platform by logging into Your personalised account whose account details We will provide in advance. This personalised account allows You to create and design Your specific event on Our Platform. Depending on Your purchase, Your personalised account will be closed as soon as the Services are fully delivered, which means You will no longer have access to Our Platform.
7.3. On Our Platform We may use of external applications. By using these applications, You expressly agree to their terms and conditions. However, We cannot guarantee that these applications will work at all times. After all, We use the external applications “if available” and “with all defects”.
7.4. Access to Our Platform is offered “if available” and “with all defects”. If We are unable to provide You with access to the Platform, You will request that You commence performance of the Agreement within an additional period which is appropriate to the circumstances. If We fail to provide You with access to the Platform within the additional time limit, You will be entitled to terminate the Agreement.
8. Liability
8.1. To the extent permitted, We cannot be held liable for indirect or consequential damages. Unless excluded by mandatory law, We will only be liable for damage caused by Our failure to comply with Our obligations if and to the extent that such damage is caused by Our wilful and gross negligence. We are not liable for any other errors.
8.2. Nothing in these Sale Conditions is intended to exclude or limit any of Your statutory rights. In addition, nothing in these Sale Conditions is intended to limit or exclude Our liability for death or personal injury caused by Our negligence (including that of Our employees); or for fraud or fraudulent misrepresentation.
8.3. Should We nevertheless be held liable, the amount of the fee will be limited to the total amount You have paid for the Services purchased.
9. Protection of personal data
9.1. The information You provide is necessary for the processing, handling and completion of Your orders, and the preparation of the accounts. If this information is missing, Your order cannot be executed. Submitting incorrect or false personal data will be considered a breach of the present Sale Conditions. Your personal data will only be processed in accordance with Our Platform Privacy Policy (https://thola.events/platform-privacy-policy).
9.2. You are considered as the data controller for the processing of personal data of the Visitors of the Platform within the meaning of the General Data Protection Regulation (Regulation EU 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC). You declare that you assume and fully comply with the obligations incumbent on the data controller set out in this legislation. The rights and obligations of the Parties will be laid down separately in a data processing agreement (“Annex: Data Processing Agreement”). This processing agreement will lay down further agreements regarding the processing of personal data by us as processor on your behalf.
9.3. You expressly declare and guarantee that, in Your capacity as data controller, You will not process any special categories of personal data (such as any data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade-union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or sex life or sexual orientation or the criminal records and personal data regarding criminal convictions and offences) or instruct us, as data processor, to do so.
10. Intellectual property
10.1. We guarantee to have the necessary rights to offer Our Services. All intellectual property rights and derived rights to these Services, including the Platform, remain with Us and/or the actual entitled party. These intellectual property rights are understood to mean copyright, trademark, design and model rights and/or other (intellectual property) rights, including technical and/or commercial know-how, methods and concepts, whether or not patentable.
10.2. The content of the Website is Our property. This means: texts, graphics, photos, images, moving images, sounds, illustrations and software. The content is copyrighted or protected by other rights. It is prohibited to copy, publish, reproduce or otherwise use this content without written permission from Us.
11. Force majeure
11.1. We are not responsible for compliance with Our obligations under these Sale Conditions in the event of force majeure. Force majeure is understood to mean the situation in which the execution of Our obligations is wholly or partly, temporarily or otherwise, prevented by circumstances beyond Our control.
11.2. In the event of force majeure, these obligations shall be suspended and We shall make all reasonable efforts to limit the consequences of the force majeure situation. In the event that the force majeure lasts longer than two (2) months, either Party shall be entitled to terminate the Agreement by giving written notice to the other Party, without the Parties owing each other any compensation (except for the reimbursement of the Services paid for and not provided by You).
12. General
12.1. If any provision of these Sale Conditions (or part thereof) is declared void, invalid or unenforceable, such invalidity, invalidity or unenforceability will in no way affect the validity or enforceability of the remaining provisions of these Sale Conditions. In the event of nullity, invalidity or unenforceability, the Parties will, to the fullest extent possible, negotiate to replace the invalid, void or unenforceable provision (or part thereof) with an equivalent provision that complies with the spirit of these Sale Conditions.
12.2. Our failure to require the strict application of any of the provisions of these Sale Conditions cannot be considered as a tacit waiver of Our rights and does not prevent Us from subsequently requiring strict compliance with these provisions.
12.3. These Sale Conditions, including any references contained in the Sale Conditions, fully represent the rights and obligations of the Parties and supersede all previous agreements and proposals, both oral and written, including any terms and conditions of the Parties.
12.4. The Sale Conditions always and exclusively apply to all present and future Agreements between You and Us, except in the case of an express deviation. An explicit deviation is only valid in so far as it is the result of a mutual Agreement between You and Us which is explicitly recorded in writing. Express deviations are only valid to replace or supplement the clauses to which they relate. The other provisions of these Sale Conditions remain in full force and effect.
13. Applicable law and competent court
13.1. To the extent permitted by law, all Agreements to which these Sale Conditions apply shall be governed by Belgian law.
13.2. Any dispute relating to the interpretation or application of these Terms for Sale shall be subject to the exclusive jurisdiction of the courts in which Our registered office is located, unless another court is mandatory by law.
Annex: Data Processing Agreement
This Annex (Data Processing Agreement) contains the rights and obligations of the Parties with respect to the processing of Personal Data pursuant to the agreement agreed between You (hereinafter: “Controller”) and Us (hereinafter: “Processor”) (hereinafter: “DPA”).
1. Definitions
In this Annex, the following definitions apply:
“Annex” means this Annex, which will form an integral part of the Sales Conditions.
“Appendix” means the appendix entitled “Details of Processing of Personal Data” which is attached to this Annex and forms an integral part of it.
“Third Party” means any person or entity which is not a party to the Sales Conditions , including any contractors (including Sub Contractors).
“Sub-Contractor” means a Third Party engaged by Processor as sub-contractor to provide the Services or any part of them.
“Services” means the services, functions, responsibilities and outputs to be provided and fulfilled by Processor under the Sales Conditions.
“Controller”, “Processor”, “Data Subject”, “Personal Data”, “Personal Data Breach” and “Processing” shall have the same meanings as in the Data Protection Legislation. “Processed” and “Process” shall be construed in accordance with the definition of “Processing”;
“Data Protection Legislation” means any legislation in force within the European Union on the protection of personal data, including Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter: GDPR);
2. Data processing
2.1. The Controller requests the Services of the Processor, by which the Processor will Process Personal Data on behalf of the Controller. The Controller determines the purposes and means of the Processing and expressly acknowledges and warrants that it has all necessary rights to provide the Personal Data to the Data Processor, and that one or more lawful bases set forth in the Data Protection Legislation supports the lawfulness of the processing. The Processor shall without undue delay inform the Controller if, in its opinion, an instruction infringes this DPA, Data Protection Legislation or other EU or Member State data protection provisions.
2.2. Where Personal Data is Processed by Processor, its agents, Sub Contractors or employees under or in connection with the Sales Conditions , Processor shall, and shall procure that its agents, Sub Contractors and employees shall:
a) only Process the Personal Data or disclose or permit the disclosure of the Personal Data to any Third Party:
a. in accordance with the instructions of the Controller as stated in this DPA and Annex ; or
b. where required by EU or Member State law to which Processor is subject, in which case Processor shall inform Controller of that legal requirement before Processing that Personal Data, unless that law prohibits such information being provided on important grounds of public interest;
b) take reasonable steps to ensure that all employees, agents and Sub-Contractors who may have access to the Personal Data:
a. are informed of the confidential nature of the Personal Data; and
b. are subject to confidentiality undertakings or professional or statutory obligations of confidentiality that apply with respect to (the Processing of) such Personal Data;
c) except where statutory guidance indicates that a Personal Data Breach is not required to be notified by a Processor to a Controller, notify Controller without undue delay upon becoming aware of a Personal Data Breach, and otherwise assist Controller taking into account the nature of Processing and the information available to Processor, in meeting its obligations regarding the notification, investigation, mitigation and remediation of a Personal Data Breach under the Data Protection Legislation, without prejudice to Processors right to charge the Controller any reasonable costs for such assistance;
d) co operate as reasonably requested by Controller, to the extent necessary to enable Controller to comply with any exercise of rights by a Data Subject under the Data Protection Legislation in respect of Personal Data Processed by Processor under the Sales Conditions or comply with any assessment, enquiry, notice or investigation under the Data Protection Legislation, including by any regulator, subject to reasonable advance notice and without prejudice to Processor’s right to charge Controller any reasonable costs for such assistance;
e) only authorise Sub-Contractors to Process the Personal Data (“Sub-Processor”) not objected to by Controller, subject to:
a. informing Controller of the identity of the proposed Sub-Processor. This is set out in Article 2.3. Processor informs the Controller of all intended changes with regard to the addition or replacement of other Sub-Contractors. The Controller has the right to object to such changes.; and
b. including terms in the contract between Processor and the Sub-Processor which are mutatis mutandis as those set out in this DPA; and
c. Processor remaining liable to Controller in accordance with the terms of the Sales Conditions relating to liability, for any failure by a Sub-Processor to fulfil its obligations in relation to the Processing of any Personal Data;
f) cease Processing the Personal Data upon the termination or expiry of the Sales Conditions or, if sooner, the Service to which it relates and, at Controller’s option, either (if technically possible) return or delete the Personal Data and any copies of it or of the information it contains, without prejudice to any EU or Member State legal obligations for Processor to store or archive such Personal Data.
2.3 The nature and purpose of the Processing, type of personal data and categories of Personal Data to be Processed are further detailed in the Appendix.
2.4 Controller hereby agrees that Processor will engage with Microsoft Azure and Mailjet for the Processing of Personal Data as stated in this DPA.
2.5 Processor can only be held liable for an infringement of this DPA that is directly attributable to them, or the provisions that apply directly to Processor on the basis of the applicable Data Protection Legislation insofar as Controller has complied with its own obligations as set out in this DPA and the applicable Data Protection Legislation. The liability provision set out in the Sales Conditions is fully applicable.
2.6 Upon request, Processor shall make available to Controller all information necessary to demonstrate compliance with its obligations under Article 32 to 36 of the GDPR and allow for and contribute to audits conducted by Controller or another auditor mandated by Controller (which may be refused by Processor if this is a competitor of Processor or if there is a conflict of interest with this mandated auditor) for the purpose of verifying the compliance with its obligations under this DPA without prejudice to Processor’s right to charge Controller any reasonable costs for such assistance. An audit may not take place more than once per contract year and must be notified at least 60 days in advance. All audit costs are exclusively borne by the Controller. Processor may limit the access of Controller to the premises of Processor to a space provided by Processor and the auditor may not copy or delete documents from Processor without the prior approval and consent of Processor. Controller shall guarantee that the audit is carried out in such a way that the inconvenience for Processor is kept to a minimum. Controller will impose sufficient confidentiality obligations on its auditors. In addition, Processor has the right to require the auditors to sign a non-disclosure agreement before the start of the audit. In all cases, it is essential to protect the confidential information of Processor. Controller must, or will request that its external auditors, send a draft version of the audit report to Processor. Processor has the right to submit its comments within a timeframe as agreed between the Parties. The auditor shall take the comments of Processor into account.
2.7 Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, each Party shall implement the measures stated in article 32 of the GDPR and ensure that its agents, Sub Contractors and employees implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, taking into account in particular the risk of accidental or unlawful destruction, loss, alteration or unauthorised disclosure of or access to the Personal Data. The Controller and Processor shall take steps to ensure that any natural person acting under the authority of the Controller or the Processor who has access to personal data does not process them except on instructions from the controller, unless he or she is required to do so by EU or Member State law.
2.8 Any transfer of Personal Data to a third country or international organisation may only take place in accordance with the principles set out in the applicable Data Protection Legislation and this DPA. The Controller grants the Processor permission to transfer Personal Data to a third country or to an international organisation, as set out in the Annex . Any change or addition to the list as stated in the Annex , as proposed or required by the Processor, will be communicated to the Controller before such transfer takes place. The Controller has the right to object to such transfer within five (5) days of notification of the change. The Parties agree on whether or not to proceed with the transfer and the consequences thereof for the provision of the Services in terms of scope, timing and budget. Any transfer to a third country or international organisation can take place on the following grounds:
a) An adequacy decision by the Commission;
b) Appropriate safeguards, including the availability of enforceable rights of Data Subjects and effective legal means. Appropriate safeguards must be adhered to in the following cases: (i) binding corporate rules; (ii) standard data protection clauses adopted by the Commission or by a Supervisory Authority and approved by the Commission; or (iii) an approved code of conduct or an approved certification mechanism.
2.9 If there is new guidance or a change in the Data Protection Legislation or case law that renders all or part of the Services illegal, Processor may terminate the Sales Conditions unless the Parties reach agreement to change the Services whereby the Services are no longer illegal.
APPENDIX: DETAILS OF PROCESSING OF PERSONAL DATA
This Appendix includes further information relating to the processing activities, in addition to the information already provided in the Sales Conditions
1. The subject-matter of the Processing of Personal Data
Personal Data may be processed for the performance of the following Services: organisation of online events.
2. The nature and purpose of the Processing of Personal Data
The Services facilitates interaction between organizers and participants and between participants.
3. The categories of Personal Data to whom Personal Data relates
the personal data concern the following categories of Data Subjects:
- (potential)/(ex) customers
- Any other category: attendees of events
4. The Personal Data concern the following categories of Personal Data:
The personal data concern the following categories of Data Subjects:
- Identification data (e.g. first name, surname, age, gender, data of birth, electronic identification data (such as IP Address, cookies),…
- communication data (e.g. name, address, title, position, telephone, e-mail address, address etc.)
- Relational data (e.g. marital status, children, family members)
- Professional data (e.g. employment, attendance, salary)
- Location data (e.g. GPS or mobile phone, other tracking mechanisms)
- Lifestyle and habits or consumption habits
- usernames, passwords and any other log-in data
- contractual data (contractual relationship, order history, order numbers, billing and payment etc.)
- Image or sound recordings (e.g. photo, video or sound)
5. Transfer(s) of Personal Data
No Personal Data are transferred to third countries (outside the EEA)
© 2020 deJuristen IT Law, Intellectual Property, Privacy & e-Compliance (http://www.dejuristen.be/ ). The information provided is copyrighted by law, so it may not be reproduced or communicated without the prior written consent of deJuristen (contact@dejuristen.be). All applicable intellectual property rights are therefore retained.