The following definitions apply to these Terms:
- “Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity.
- “Authorized Affiliate” means any of Customer’s Affiliate(s) which (a) is subject to the data protection laws and regulations of the European Union, the European Economic Area and/or their member states, Switzerland and/or the United Kingdom, and (b) is permitted to use the Services pursuant to the Agreement between Customer and Deskcove.
- “Control,” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data; where the purposes and means of such processing are determined by the Union or Member State law, the controller of the specific criteria for its nomination may be provided for the Union or Member State law.
- “Customer Data” means what is defined in the Agreement as “Customer Data” or “Your Data.”
- “Data Protection Laws and Regulations” means all laws and regulations, including laws and regulations of the European Union, the European Economic Area and their member states, Switzerland and the United Kingdom, applicable to the Processing of Personal Data under the Agreement.
- “Data Subject” means the identified or identifiable person to whom Personal Data relates.
- “Platform” refers to Staff Monitoring Application, Project Management Application (“Deskcove”)
- “Personal Data” means any information relating to (i) an identified or identifiable natural person and, (ii) an identified or identifiable legal entity (where such information is protected similarly as personal data or personally identifiable information under applicable Data Protection Laws and Regulations), where for each (i) or (ii), such data is Customer Data.
- “Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- “Processor” means the entity which Processes Personal Data on behalf of the Controller.
- “Project Management Application” refers to Deskcove’s web-based project management tool that allows Users to organize, assign, and track progress on tasks.
- “Service” refers to all software, mobile apps, websites, and related services provided to you by Deskcove.
- “Staff” refers to an individual within a User’s organization who is subject to the Staff Monitoring Application.
- “Staff Monitoring Application” refers to Deskcove’s software application that allows Users to track time worked, activities, locations, and other related information for individuals within the User’s organization. The Staff Monitoring Application is one aspect of the Service provided by Deskcove under these terms.
- “Sub-processor” means any Processor engaged by Deskcove or a member of the Deskcove Group.
- “Supervisory Authority” means an independent public authority which is established by an EU Member State pursuant to the GDPR.
- “You,” “Your,” or “User” refers to anyone accessing or subject to the Service, including any Staff member, or user of the Project Management Application.
2. License for use of the service; identity authentication
The Service is licensed for use only under these Terms. Deskcove reserves all rights not expressly granted to You, including title and exclusive ownership of the Service, any and all software or updates thereto and source code for the Service.
Upon registering for the Service, Deskcove gives You the right to install the Service for use by the total number of Users You identify and authorize. The Service may not be used or accessed by (a) individuals who are not named individuals; or (b) any other software or hardware device that does not require a named individual to use or access it. A named individual means an individual identified by You by name who is authorized to use the Service, regardless of how such access occurs or if such individual uses any hardware or software that reduces the apparent number of users who are using the Service, such as by using a terminal service. The Service may not be used or accessed by any other software or hardware device that does not require an individual to use or access it. Deskcove reserves the right at any time to require You to provide a list of the named individual(s).
You may not rent, lease, lend, sell, redistribute or sublease the Service. These Terms will govern any upgrades provided by Deskcove that replace and/or supplement the original Service. You agree to use your best efforts to protect the Service and upgrades from unauthorized use, reproduction, distribution, publication or alteration.
3. Installation, customization, and updates
Installation of the Service and any required modification of the Service to accommodate Your computer system must be performed by You. All updates, upgrades, enhancements and modifications to the Service MUST be performed by Deskcove. Such updates include any changes or improvements to the Service, whether arising out of the Service’s particular configuration for Your use or otherwise. At all times while these Terms are in effect, You shall provide Deskcove with access to Your computer system so that Deskcove may install all updates. Failure to allow Deskcove to install updates or to compensate Deskcove for the installation of updates automatically terminates all warranties for any purpose related to the Service as well as Your license to use the Service.
4. Term and fees
Provided prior notice of pricing is given to You, Deskcove reserves the right to charge You for use of the Service on a periodic (e.g., weekly or monthly) basis or otherwise. These Terms shall begin upon Your registration for the Services and shall continue until Your use of the Service is terminated by you or by Deskcove. You are responsible for all fees due to Deskcove and any compensation due to any Marketplace Member prior to the termination date.
Upon the termination of these Terms, the Service and all updates may cease to properly function and all warranties, express or implied, regarding the Service shall terminate. Your rights under these terms will automatically terminate without notice from the Deskcove if You fail to comply with any provision of these Terms. Further, Deskcove may terminate the Service for any action taken by You that Deskcove believes in its sole discretion is an inappropriate use of the Service even if not specifically detailed by these Terms, including any use of the Service that is prohibited by federal, state, or local law. Any warranty regarding the Service will automatically terminate without notice if You fail to comply with any provision these Terms. The parties expressly acknowledge and agree that all provisions of these Terms that concern Copyright or other protectable interests of Deskcove shall remain in full force and effect notwithstanding termination of any warranty or use of the Service.
6. Proprietary nature of the service
The Service and Platform are proprietary to, and valuable trade secrets of Deskcove. You acknowledge the Service contains proprietary content, information and material that is protected by applicable intellectual property and other laws, including, but not limited to, copyright, trademark, and service marks, and that You will only use such proprietary content, information, or materials for permitted uses under these Terms. The Service is entrusted to You only for the purposes set forth in these Terms. You will not reverse engineer, duplicate, translate, modify, copy, printout, disassemble, decompile or otherwise tamper with the Service or any software provided therewith. The parties acknowledge that any violation of this provision will cause irreparable harm to Deskcove. As a consequence, the parties agree that if You fail to abide by these Terms, Deskcove will be entitled to specific performance, including immediate issuance of a temporary restraining order or preliminary injunction enforcing these Terms, and to judgment for damages caused by such breach, and to any other remedies provided by law.
7. Consent to use of data
8. Content and linking to other websites
The Service may enable access to the Deskcove and the parties’ websites, as well as the websites of third parties (collectively, the “Websites”). The Websites may display, include, or make available content, data, information, applications or materials from third parties, including Your data, or provide links to additional third-party websites (“Data and Materials”). By using the Service, You acknowledge and agree that Deskcove is not responsible for examining or evaluating the content, accuracy, completeness, timeliness, validity, copyright or trademark compliance, legality, decency, quality or any other aspect of the Websites. Deskcove does not warrant or endorse and does not assume and will not have any liability or responsibility to You or any other person for any data and materials on the Websites. To the extent You choose to access such Websites, You do so at Your own initiative and are responsible for compliance with any applicable laws, including, but not limited to, applicable local laws. Deskcove reserves the right to change, suspend, remove, or disable access to the Websites at any time without notice. In no event will Deskcove be liable for the removal of or disabling of access to any such Websites. Deskcove may also impose limits on the use of or access to certain Websites, in any case and without notice or liability. You agree to use the Websites at Your sole risk and that Deskcove shall not have any liability to You for content that may be found to be offensive, indecent, or objectionable.
9. User content
You agree that all information, data, text, sound, photographs, graphics, video, software, or other materials submitted, posted or displayed by You on or through the Service (“User Content”) is your sole responsibility. Deskcove claims no ownership or control over any User Content. By submitting, posting or displaying User Content on or through the Service, you grant Deskcove a worldwide, non-exclusive, royalty-free, transferable license to use, reproduce, and adapt, such User Content to provide the Service to You. By submitting, posting or displaying User Content which is intended to be shared or made available to the general public, including through Deskcove, you grant Deskcove a worldwide, non-exclusive, royalty-free license to reproduce, adapt, distribute and publish such User Content through the Service and for the purpose of promoting Deskcove and its services.
As a condition of using the Service, You agree not to use the Service to infringe the intellectual property rights of others in any way. You represent that You have the right to grant, or that the holder of any rights, including moral rights in such content has completely and effectively waived all such rights and validly and irrevocably granted to You the right to grant, the license stated above. If You post User Content in any public area of the Service, You also permit any User to access, display, view, store and reproduce such User Content for personal use. Subject to the foregoing, the owner of such User Content placed in the Service retains any and all rights that may exist in such User Content.
Deskcove may review and refuse to accept or remove any User Content in its sole discretion. Deskcove reserves the right to expel Users and prevent their further access to the Services for violating these terms or applicable laws, rules or regulations. Deskcove may take any action with respect to User Content that it deems necessary or appropriate in its sole discretion if it believes that such User Content could create liability for Deskcove, damage Deskcove’s public image or business. It is Deskcove’s policy to terminate the accounts of any Users who are repeat infringers of the copyrights, or other intellectual property rights, of others.
Any profile You submit must accurately describe You, as an individual person, or an agency or organization that you are authorized to create a profile for. Profiles derived from User Content may be made available through the Service. Deskcove does not make any representations regarding the accuracy or validity of such derived profiles, which may differ significantly from User Content.
11. Intellectual Property Rights
The trademarks, trade names, trade dress, logos, and service marks (collectively, the “Trademarks”) displayed on www.deskcove.com are the registered and/or unregistered Trademarks of Deskcove LLC, or such other third party that may own the displayed Trademarks. Nothing contained on this Web site or in these terms of service grants to you, by implication or otherwise, any license or right to use any Trademarks displayed on this Web site without the written permission of Deskcove, LLC or such other third party that may own the displayed Trademarks.
Site contents and copyright
The text, Trademarks, logos, images, graphics, photos, video files, application functionality, or any other digital media, and their arrangement on this Website (“Website Content”) are all subject to patent, copyright, trademark and other intellectual property protection. Website Content may not be copied for commercial use or redistribution, nor may Website Content be modified, processed, or reposted to other websites. Access to and uses of this Website are solely for your purchase of our services or for personal use, information, education and communication with Deskcove, LLC or www.deskcove.com. You may download, copy or print the Website Content of this Website for your personal non-commercial use only. No right, title or interest in any of the Website Content of this Website is transferred to you as a result of any downloading, copying, printing or use of this Website. All rights not expressly granted to you by these Terms are reserved by Deskcove, LLC.
Identification of agent to receive notification of claimed copyright or trademark infringement
If You believe that Your copyrighted work or trademark has been uploaded, posted or copied to the Service and is accessible in a way that constitutes copyright or trademark infringement, please contact Deskcove by email at [email protected]
12. Disclaimer of warranty
YOU EXPRESSLY ACKNOWLEDGE AND AGREE THAT USE OF THE SERVICE IS AT YOUR SOLE RISK. DESKCOVE CANNOT AND DOES NOT WARRANT THE SERVICE WILL MEET YOUR REQUIREMENTS, THAT THE OPERATION OF THE SERVICE WILL BE UNINTERRUPTED OR ERROR-FREE, OR THAT DEFECTS IN THE SERVICE WILL BE CORRECTED. AS SUCH, YOU SHALL NOT RELY EXCLUSIVELY ON THE SERVICE FOR ANY REASON. THE SERVICE AND ANYTHING RELATED THERETO ARE PROVIDED “AS IS” AND “AS AVAILABLE”, WITH ALL FAULTS AND WITHOUT WARRANTY OF ANY KIND, AND Deskcove HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS WITH RESPECT TO THE SERVICE AND ANYTHING RELATED THERETO, EITHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES AND/OR CONDITIONS OF MERCHANTABILITY, OF SATISFACTORY QUALITY, OF FITNESS FOR A PARTICULAR PURPOSE, OF ACCURACY, OF QUIET ENJOYMENT, AND NON-INFRINGEMENT OF THIRD PARTY RIGHTS. NO ORAL OR WRITTEN INFORMATION OR ADVICE GIVEN BY Deskcove OR ITS AUTHORIZED REPRESENTATIVE SHALL CREATE A WARRANTY.
13. Privacy and cybersecurity indemnification
You agree that the Deskcove Services and Platform are used to process information and Personal Data that you provide on an individual basis or by way of a transfer by a business entity under these Terms, and for purposes of these Terms you are designated the data Controller and Deskcove is designated as Processor as those terms in defined in the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council (“GDPR”). You further agree and acknowledge your obligations as the data Controller under the Personal Data Processing Addendum set forth below.
To the fullest extent permitted by law for all Personal Data that you collect, process via the Services or maintain on the Platform, you shall indemnify and hold Deskcove, its affiliates, and their respective officers, directors, trustees, shareholders, employees, and agents (each an “Indemnified Party”), harmless from and against any and all damages and liabilities or third party claims against any Indemnified Party, for loss, cost, damage, or expense of every kind and nature (including, without limitation, penalties imposed by law, regulations, rules by any regulatory authority, court costs, expenses, and reasonable attorneys’ fees) to the extent arising out of, relating to privacy and cybersecurity requirements, including without limitation, failure to comply with Articles 5 to 21, and 32 to 37 of the GDPR, or resulting from, in whole or in part, the breach or non-compliance with this Agreement or the omission, negligence, gross negligence or willful misconduct by you or any of your representatives.
14. Limitation of liability
DESKCOVE SHALL NOT BE RESPONSIBLE FOR ANY LOSS OR DAMAGE TO YOU OR ANY THIRD PARTIES CAUSED BY THE SERVICE OR INFORMATION CONTAINED IN THE SERVICE. YOU WAIVE ANY AND ALL CLAIMS YOU MAY HAVE AGAINST Deskcove ARISING OUT OF THE PERFORMANCE OR NONPERFORMANCE OF THE SERVICE. YOU SPECIFICALLY WAIVE ANY AND ALL CLAIMS YOU MAY HAVE AGAINST Deskcove AS A RESULT OF INCORRECT INFORMATION CONTENT DISPLAYED BY THE SERVICE OR CHANGES TO CONTENT MADE BY YOU. Deskcove SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGE, WHETHER BASED ON CONTRACT OR TORT OR ANY OTHER LEGAL THEORY, ARISING OUT OF ANY USE OF THE SERVICE OR ANY PERFORMANCE OF THESE TERMS, INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, LOSS OF DATA, BUSINESS INTERRUPTION OR ANY OTHER COMMERCIAL DAMAGES OR LOSSES, ARISING OUT OF OR RELATED TO YOUR USE OR INABILITY TO USE THE SERVICE, EVEN IF Deskcove HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO EVENT SHALL Deskcove’S TOTAL LIABILITY TO YOU FOR ALL DAMAGES (OTHER THAN AS MAY BE REQUIRED BY APPLICABLE LAW IN CASES INVOLVING PERSONAL INJURY) EXCEED THE AMOUNT ACTUALLY PAID BY YOU TO Deskcove FOR THE SERVICE IN THE 365 DAYS IMMEDIATELY PRECEDING THE DATE THAT Deskcove RECEIVES NOTICE OF A CLAIM IN WRITING FROM YOU. THE FOREGOING LIMITATIONS WILL APPLY EVEN IF THE ABOVE STATED REMEDY FAILS OF ITS ESSENTIAL PURPOSE.
15. Consent to electronic communications
By registering to use the Service or Platform, or by sending us or emails, faxes, push notifications, or text or voice messages, you are communicating with us electronically. And in doing so, you expressly consent to receive communications from us electronically via email, fax, push notification, or voice or text message, whether pre-recorded or auto-dialed (“Digital Means”). We will communicate with you by the aforementioned Digital Means, or by posting notices on the Services or Platform. You agree that all agreements, notices, disclosures and other communications that we provide to you electronically satisfy any legal requirement that such communications be in writing. For the Services and Platform that integrate with a mobile functionality, your carrier’s normal messaging; data and other rates and fees will still apply.
16. International users consent to cross-border transfers of personal information
For those Deskcove users located outside the United States, you acknowledge and expressly consent to Deskcove’s use of your Personal Data and further acknowledge that Deskcove’s processing of Personal Data is required to perform the Services or use the Platform. Further at times Personal Data will be accessible by individuals who are located worldwide including in countries that the European Commission or other geopolitical authorities have not determined to provide the same level of data protection as in your country, province, territory or geopolitical region, and that such information may be accessed by the courts, law enforcement and national security authorities of such jurisdictions. By providing us with your Personal Data, you are consenting to our use of it in accordance with these Terms, including the transfer of your information across international boundaries to jurisdictions anywhere in the world as permitted by local law.
17. No rights granted; Non-assignability
These Terms do not constitute a grant or an intention or commitment to grant any right, title, or interest in the Service or Deskcove’s trade secrets to You. You may not sell or transfer any portion of the Service to any third party. You shall not identify the Service as coming from any source other than Deskcove. These Terms are exclusive and personal to You. You shall not assign or otherwise transfer any rights or obligations under these Terms.
18. Miscellaneous provisions
- Choice of Law. Regardless of the place of execution, delivery, performance or any other aspect of these Terms, these Terms and all of the rights of the parties under these Terms shall be governed by, construed under, and enforced in accordance with the procedural and substantive law of the State of New York, United States of America, to the exclusion of any conflicts or choice of law rule or principle that might otherwise refer construction or interpretation of these Terms to the substantive law of another jurisdiction.
- Jurisdiction. You consent to personal jurisdiction in any of the state courts sitting in New York, New York, United States of America, and agree that any suit arising under these Terms shall exclusively be commenced and maintained in such courts.
- General Indemnity. You agree to indemnify and hold Deskcove and (as applicable) its related entities, affiliates, and Deskcove’s and their respective officers, directors, agents, and employees, harmless from and against any and all claims, demands, proceedings, losses and damages (actual, special, and consequential) of every kind and nature, known and unknown, including reasonable attorney fees, made by any third party due to or arising out of Your breach of these Terms or Your violation of any law or the rights of any third party.
- Attorney Fees and Expenses. In a dispute arising out of or related to these Terms, Deskcove shall have the right to collect reasonable attorney fees and costs and necessary expenditures from You.
- Severability. If a court finds any provision of these Terms invalid or unenforceable, the remainder of these Terms shall be interpreted so as best to affect the intent of the parties.
- Effect of Waiver. The failure to exercise any right provided in these Terms shall not be a waiver of prior or subsequent rights.
19. Suggestions and feedback
Deskcove welcomes feedback or inquiries about the Service. If You elect to provide any feedback or comments of any nature to Deskcove, all feedback and comments shall be the sole and exclusive property of Deskcove, and Deskcove shall have the right to use such feedback in any manner and for any purpose in its exclusive discretion without remuneration, compensation, or attribution to you. Deskcove is under no obligation, however, to use such feedback.
20. Refund policy
You can cancel your account at any point in time from your organization page, or by sending an email to [email protected] with the subject line, “Cancel”. We would be glad to provide further instructions at that time on how to cancel your account if needed. There will be no refunds given except for specific situations where our support team deems it necessary.
21. Legal notice
Deskcove may modify these Terms or any additional terms, and such modification shall be effective and binding on You upon notice by Deskcove via email to the email account provided by You upon registration for the Service. If you do not agree to any modification of these Terms, you should discontinue your use of the Service.
Communications made through the Deskcove’s website or any email or contact links provided thereon shall in no way be deemed to constitute legal notice to Deskcove or any of its officers, employees, agents, or representatives, such as where notice to Deskcove is required by contract, or any federal, state, or local laws, rules, or regulations.
You may provide notice to Deskcove at:
22. Minimum age of users
All Users of Deskcove’s Service must be at least 18 years of age and older than the age of legal majority in Your jurisdiction (if it is over 18). By using the Service you promise that you are over 18 years of age and are a competent legal adult in Your jurisdiction.
Personal data processing addendum
This Personal Data Processing Addendum (“PDPA”) addresses Personal Data Processing, privacy and cyber security obligations in addition to those expressed in the Terms as between Deskcove and Customer for subscriptions to the Deskcove Services and Platform. By agreeing to these Terms, Customer acknowledges that it and its Authorized Affiliates qualify as the “Controller” as defined under General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council (“GDPR”) to the extent that Deskcove processes Personal Data in connection with Customer’s subscription to Platform. All capitalized terms not defined in this PDPA shall have the meaning set forth in the Terms. In the course of providing the Services to Customer pursuant to the Terms, Deskcove may Process Personal Data on behalf of Customer and the Parties agree to comply with the following provisions with respect to any Personal Data.
This PDPA shall not replace any comparable or additional rights relating to Processing of Customer Data contained in the Terms.
2. PROCESSING OF PERSONAL DATA
2.1 Roles of the parties. The parties acknowledge and agree that with regard to the Processing of Personal Data, Customer is the Controller, Deskcove is the Processor and that Deskcove or members of the Deskcove Group will engage Sub-processors pursuant to the requirements set forth in Section 5 “Sub-processors” below.
2.2 Customer’s processing of personal data. Customer shall, in its use of the Services, Process Personal Data in accordance with the requirements of Data Protection Laws and Regulations. For the avoidance of doubt, Customer’s instructions for the Processing of Personal Data shall comply with Data Protection Laws and Regulations. Customer shall have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which Customer acquired Personal Data.
2.3 Deskcove’s processing of personal data. Deskcove shall treat Personal Data as Confidential Information and shall only Process Personal Data on behalf of and in accordance with Customer’s documented instructions for the following purposes: (i) Processing in accordance with the Terms and applicable order form(s); (ii) Processing initiated by Users in their use of the Services; and (iii) Processing to comply with other documented reasonable instructions provided by Customer (e.g., via email) where such instructions are consistent with the terms of the Agreement.
2.4 Details of the processing. The subject-matter of Processing of Personal Data by Deskcove is the performance of the Services pursuant to the Terms. The duration of the Processing, the nature and purpose of the Processing, the types of Personal Data and categories of Data Subjects Processed under this PDPA are further specified above.
3. RIGHTS OF DATA SUBJECTS
3.1 Data subject request. Deskcove shall, to the extent legally permitted, promptly notify Customer if Deskcove receives a request from a Data Subject to exercise the Data Subject’s right of access, right to rectification, restriction of Processing, erasure (“right to be forgotten”), data portability, object to the Processing, or its right not to be subject to an automated individual decision making (“Data Subject Request”). Taking into account the nature of the Processing, Deskcove shall assist Customer by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of Customer’s obligation to respond to a Data Subject Request under Data Protection Laws and Regulations. In addition, to the extent Customer, in its use of the Services, does not have the ability to address a Data Subject Request, Deskcove shall upon Customer’s request provide commercially reasonable efforts to assist Customer in responding to such Data Subject Request, to the extent Deskcove is legally permitted to do so and the response to such Data Subject Request is required under Data Protection Laws and Regulations. To the extent legally permitted, Customer shall be responsible for any costs arising from Deskcove’s provision of such assistance.
4. Deskcove PERSONNEL
4.1 Confidentiality. Deskcove shall ensure that its personnel engaged in the Processing of Personal Data are informed of the confidential nature of the Personal Data, have received appropriate training on their responsibilities and have executed written confidentiality agreements. Deskcove shall ensure that such confidentiality obligations survive the termination of the personnel engagement.
4.2 Reliability. Deskcove shall take commercially reasonable steps to ensure the reliability of any Deskcove personnel engaged in the Processing of Personal Data.
4.3 Limitation of access. Deskcove shall ensure that Deskcove’s access to Personal Data is limited to those personnel performing Services in accordance with the Agreement.
4.4 Data protection officer. Members of the Deskcove Group have appointed a data protection officer. The appointed person may be reached at [email protected]
5.1 Appointment of sub-processors. Customer acknowledges and agrees that (a) Deskcove’s Affiliates may be retained as Sub-processors; and (b) Deskcove and Deskcove’s Affiliates respectively may engage third-party Sub-processors in connection with the provision of the Services. Deskcove or a Deskcove Affiliate has entered into a written agreement with each Sub-processor containing data protection obligations not less protective than those in these Terms with respect to the protection of Customer Data to the extent applicable to the nature of the Services provided by such Sub-processor.
5.2 List of current sub-processors and notification of new sub-processors. Deskcove shall make available to Customer the current list of Sub-processors for the Services. Such Sub-processor lists shall include the identities of those Sub-processors and their country of location. Deskcove shall provide notification of a new Sub-processor(s) before authorizing any new Sub-processor(s) to Process Personal Data in connection with the provision of the applicable Services.
5.3 Objection right for new sub-processors. Customers may object to Deskcove’s use of a new Sub-processor by notifying Deskcove promptly in writing within ten (10) business days after receipt of Deskcove’s notice in accordance with the mechanism set out in Section 5.2. In the event Customer objects to a new Sub-processor, as permitted in the preceding sentence, Deskcove will use reasonable efforts to make available to Customer a change in the Services or recommend a commercially reasonable change to Customer’s configuration or use of the Services to avoid Processing of Personal Data by the objected-to new Sub-processor without unreasonably burdening the Customer. If Deskcove is unable to make available such change within a reasonable period of time, which shall not exceed thirty (30) days, Customer may terminate the applicable Services with respect only to those Services which cannot be provided by Deskcove without the use of the objected-to new Sub-processor by providing written notice to Deskcove. Deskcove will refund Customer any prepaid fees covering the remainder of the term of such Services following the effective date of termination with respect to such terminated Services, without imposing a penalty for such termination on Customer.
5.4 Liability. Deskcove shall be liable for the acts and omissions of its Sub-processors to the same extent Deskcove would be liable if performing the services of each Sub-processor directly under the terms of this PDPA, except as otherwise set forth in the Terms.
6.1 Controls for the protection of customer data. Deskcove shall maintain appropriate technical and organizational measures for protection of the security (including protection against unauthorized or unlawful Processing and against accidental or unlawful destruction, loss or alteration or damage, unauthorized disclosure of, or access to, Customer Data), confidentiality and integrity of Customer Data, as set forth in the Security, Privacy and Architecture Documentation. Deskcove regularly monitors compliance with these measures. Deskcove will not materially decrease the overall security of the Services during a subscription term.
6.2 Third-party certifications and audits. Deskcove has obtained the third-party certifications and audits set forth in the Security, Privacy and Architecture Documentation. Upon Customer’s written request at reasonable intervals, and subject to the confidentiality obligations set forth in the Agreement, Deskcove shall make available to Customer that is not a competitor of Deskcove (or Customer’s independent, third-party auditor that is not a competitor of Deskcove) a copy of Deskcove’s then most recent third-party audits or certifications, as applicable.
7. CUSTOMER DATA INCIDENT MANAGEMENT AND NOTIFICATION
Deskcove maintains security incident management policies and procedures specified in the Security, Privacy and Architecture Documentation and shall, notify Customer without undue delay after becoming aware of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Data, including Personal Data, transmitted, stored or otherwise Processed by Deskcove or its Sub-processors of which Deskcove becomes aware (a “Customer Data Incident”). Deskcove shall make reasonable efforts to identify the cause of such Customer Data Incident and take those steps as Deskcove deems necessary and reasonable in order to remediate the cause of such a Customer Data Incident to the extent the remediation is within Deskcove’s reasonable control. The obligations herein shall not apply to incidents that are caused by Customer or Customer’s Users.
8. RETURN AND DELETION OF CUSTOMER DATA
Deskcove shall return Customer Data to Customer and, to the extent allowed by applicable law, delete Customer Data in accordance with the procedures and timeframes specified in the Security and Privacy Documentation.
9. AUTHORIZED AFFILIATES
9.1 Contractual relationship. The parties acknowledge and agree that, by executing the Terms, the Customer enters into the PDPA on behalf of itself and, as applicable, in the name and on behalf of its Authorized Affiliates, thereby establishing a separate PDPA between Deskcove and each such Authorized Affiliate subject to the provisions of the Agreement and this Section 9 and Section 10. Each Authorized Affiliate agrees to be bound by the obligations under this PDPA and, to the extent applicable, the Agreement. For the avoidance of doubt, an Authorized Affiliate is not and does not become a party to the Terms, and is only a party to the PDPA. All access to and use of the Services and Content by Authorized Affiliates must comply with the Terms and any violation of the Terms by an Authorized Affiliate shall be deemed a violation by Customer.
9.2 Communication. The Customer that is the contracting party to Terms shall remain responsible for coordinating all communication with Deskcove under this PDPA and be entitled to make and receive any communication in relation to this PDPA on behalf of its Authorized Affiliates.
9.3 Rights of authorized affiliates. Where an Authorized Affiliate becomes a party to the PDPA with Deskcove, it shall to the extent required under applicable Data Protection Laws and Regulations be entitled to exercise the rights and seek remedies under this PDPA, subject to the following:
9.3.1 Except where applicable Data Protection Laws and Regulations require the Authorized Affiliate to exercise a right or seek any remedy under this PDPA against Deskcove directly by itself, the parties agree that (i) solely the Customer that is the contracting party to the Agreement shall exercise any such right or seek any such remedy on behalf of the Authorized Affiliate, and (ii) the Customer that is the contracting party to the Terms shall exercise any such rights under this PDPA not separately for each Authorized Affiliate individually but in a combined manner for all of its Authorized Affiliates together (as set forth, for example, in Section 9.3.2, below).
9.3.2 The parties agree that the Customer that is the contracting party to the Terms and shall, when carrying out an onsite audit of the procedures relevant to the protection of Personal Data, take all reasonable measures to limit any impact on Deskcove and its Sub-Processors by combining, to the extent reasonably possible, several audit requests carried out on behalf of different Authorized Affiliates in one single audit.
10. LIMITATION OF LIABILITY
Each party’s and all of its Affiliates’ liability, taken together in the aggregate, arising out of or related to this PDPA, and all PDPAs between Authorized Affiliates and Deskcove, whether in contract, tort or under any other theory of liability, is subject to the ‘Limitation of Liability’ section of Terms, and any reference in such section to the liability of a party means the aggregate liability of that party and all of its Affiliates under the Terms and all PDPAs together. For the avoidance of doubt, Deskcove’s and its Affiliates’ total liability for all claims from the Customer and all of its Authorized Affiliates arising out of or related to the Agreement and each PDPA shall apply in the aggregate for all claims under both the Agreement and all PDPAs established under this Agreement, including by Customer and all Authorized Affiliates, and, in particular, shall not be understood to apply individually and severally to Customer and/or to any Authorized Affiliate that is a contractual party to any such PDPA.
11. EUROPEAN SPECIFIC PROVISIONS
11.1 GDPR. With effect from 25 May 2018, Deskcove will Process Personal Data in accordance with the GDPR requirements directly applicable to Deskcove’s provision of its Services.
11.2 Data protection impact assessment. With effect from 25 May 2018, upon Customer’s request, Deskcove shall provide Customer with reasonable cooperation and assistance needed to fulfill Customer’s obligation under the GDPR to carry out a data protection impact assessment related to Customer’s use of the Services, to the extent Customer does not otherwise have access to the relevant information, and to the extent such information is available to Deskcove. Deskcove shall provide reasonable assistance to Customer in the cooperation or prior consultation with the Supervisory Authority in the performance of its tasks relating to Section 11.2 of this PDPA, to the extent required under the GDPR.