1. GENERAL TERMS AND CONDITIONS
The agreement is valid as long as the Customer has an agreement with ITassist for one or more Services. Special terms for some Services are set out in the document. Services that are not specifically mentioned are governed by the general terms and conditions.
The agreement shall mean this document, as well as any offer documents, specifications and order form used in connection with the Services. The customer shall mean the customer who enters into an agreement with ITassist for the delivery of the Service. The Service or Services shall mean the services provided by ITassist in accordance with the offer letter, including specifications. The software shall mean the standard computer software or software offered by ITassist for access to the Services at any time, with any additional modules, whether developed by ITassist or third parties.
The Customer is responsible for all content that is submitted and disseminated via the Services and retains ownership and copyright of all the material submitted by the Customer. Everything published on the Service must be in accordance with current legislation. This includes that the Customer undertakes not to make available or store content that is threatening or offensive, falsify senders, send spam and chain letters, spread viruses, break into ITassist or other servers or store personal data in violation of applicable law. Any breach of this may result in ITassist closing the Service immediately and terminating the Agreement. ITassist may access and copy the Customer's stored data when there is a suspicion that the Customer is sending or publishing illegal or inappropriate content via the Service. The Customer is obliged to store the username and password of the Service in such a way that no one other than the Customer has access to it. The customer is obliged to report immediately in the event of suspected loss. The Customer is responsible for the use and misuse of the Service performed using the Customer's access information.
1.1 CONDITIONS RELATED TO THIRD PARTY FUNCTIONALITY
Where functionality in a Service depends on third party software, platform, service or other form of performance ("Third Party Functionality"), ITassist is not responsible for errors or omissions due to changes in or loss of Third Party functionality occurring after the earliest time of that a binding offer was made by ITassist or a binding agreement was entered into for the performance of the Service. All work performed by ITassist to restore functionality in the Service that has been changed or lapsed as a result of such changes in Third Party functionality, is performed without special agreement on an hourly basis to ITassist at any time applicable standard hourly rates.
1.2 INTELLECTUAL PROPERTY RIGHTS
No copyrights or other intellectual property rights are transferred to the Customer upon the conclusion or implementation of this Agreement. The Customer has only the right to use intellectual property rights developed and / or made available to the Customer in connection with the Services for the agreed number of users and within the limits of this Agreement. The right of use is conditional on the Customer complying with this Agreement. The customer undertakes not to copy / transfer templates and documentation to third parties.
If a third party claims that the Service infringes its copyright or other intellectual property rights, and this is due to circumstances for which ITassist is responsible, ITassist may, at its own discretion, choose to provide the Customer with the right to continued use, or make replacements or changes so that the right not violated. If, in ITassist's opinion, none of these alternatives can reasonably be applied to the Service, the Customer may not assert any liability to ITassist as a result of a breach of third party's copyrights or other intellectual property rights.
1.3 THE SERVICE
In the event of non-payment or delayed payment beyond 30 days after due date, ITassist may terminate the Agreement with immediate effect and claim compensation for its financial loss. In the event of non-payment beyond 30 days after due date, the service may be closed without notice.
The number of named users of the solution is revised on 1 December each year. In accordance with the license agreement with the customer, the license costs for the next 12 months are revised based on this measurement. In the event of a larger increase than 10% of the user base since the previous license review, the customer is obliged to notify ITassist, so that a new license agreement can be prepared based on new license figures. The customer can not demand a reduced license cost in the period up to 1 December.
ITassist will perform sporadic measurements of the number of named users, and will inform the customer of any findings that may affect the license costs. It is not allowed to create more users than you have acquired the license for. A user license is also unique and cannot be used by others.
Unless otherwise expressly agreed, ITassist services will run for a minimum of 12 months after the end of the year in which Delivery Date occurred. Thereafter, the Service continues for one year at a time with a 3-month mutual notice period before the end of the period. Upon termination of the Agreement, the Services with content will not be supported and content may be deleted by ITassist to the extent that the information is on ITassist's servers. Any agreements entered into with third parties continue to run independently of this Agreement on the terms that apply in relation to the third party in question.
1.6 CANCELLATION AND REPLACEMENT
ITassist is only liable for direct losses due to negligence and indirect losses due to gross negligence or intentional circumstances on the part of ITassist. ITassist's total liability is limited to 25% of the original contract value (estimated cost for performing the Service excluding VAT and any ongoing maintenance fee for 12 months, or actual cost, if this is less).
Neither the Customer nor any Customer is responsible for, shall exploit any security holes or weaknesses in the Service to cause damage or increase the risk of damage occurring. If such conditions are discovered or if the Customer suspects that the username / password has gone astray, the Customer is obliged to report to ITassist immediately. Continued use after such discovery is considered a material breach of contract. The Customer shall indemnify ITassist for losses ITassist may incur as a result of the Customer or someone the Customer is responsible for, using the Service in violation of what follows from the Agreement. The customer's significant breach of contract entitles ITassist to terminate the Agreement with immediate effect.
1.8 DEFICIENCY AND COMPLAINTS
ITassist strives to deliver a good and reliable Service that meets the Customer's needs and is of a good technical standard. It can be considered a defect if the Service deviates significantly from the Agreement. However, ITassist cannot guarantee that the Service is faultless or that there will be no interruption of operations. The service is not scaled for operation and maintenance of mission-critical systems or specially developed software, and ITassist disclaims any responsibility for losses related to this.
The following conditions are considered to constitute a defect: a. Significant performance problems with the Service, when this is not related to the Customer's use of the Service or conditions on the Customer's side (for example use of less common browsers and / or target languages or due to Third Party functionality). b. Upgrades to the Software that have significant negative consequences for the Service provided that the templates used, operating system, integrations or code libraries are newer than 2 years or the browser is not more than one main version older than the latest version. ITassist has the right and duty to remedy deficiencies that are notified without undue delay, provided that there is a valid agreement and the agreed remuneration for the Service has been paid. If the defect is insignificant for the Customer's use of the Service, ITassist waives the obligation to remedy the defect. Troubleshooting and error correction are invoiced according to the hourly rate if it turns out that the error is not due to an error or defect for which ITassist is responsible.
1.9 OPERATION AND MAINTENANCE
ITassist will operate the Services on servers with a subcontractor to ITassist if this is stated in the agreement. (If the customer has a local installation, a separate point will have to be made for regulation of operation and maintenance.) Operation includes commissioning of standard software at ITassist, access and operation of agreed capacity, non-exclusive use rights, error correction of significant errors, and free user support according to the agreement, provided that the agreed remuneration has been paid. ITassist makes a daily backup of content stored on ITassist's servers to ensure the most stable service possible, but ITassist recommends that the Customer backs up important content and important files as manual retrieval of deleted content is not included in the Service. The service has a planned maintenance / backup period between 02.00 and 05.00 every night, beyond this the solution will be up. Due to planned maintenance and backup, this can lead to inertia and instability in the solution. ITassist will also monitor and seek to resolve errors in the Service as soon as these are discovered. In local operations, the company is responsible for backup, security and compliance with privacy legislation.
2.0 Other conditions
The customer may not transfer his rights and obligations covered by the Agreement without the prior written consent of ITassist.
2.1 Norwegian law
The agreement complies with Norwegian law in the event of disputes and disagreements.
3.0 PRIVACY LEGISLATION
Sources: Act on the processing of personal data (Personal Data Act) ( https://lovdata.no/dokument/NL/lov/2018-06-15-38 ) and New Personal Data Act valid from 20 July 2018 ( https: //www.government .no / no / theme / state-administration / privacy / new-personal-information-law / id2340094 / )
This clause 2.1 regulates the parties' rights and obligations with regard to the Processing of Personal Data under the Agreement. By Data Processor Agreement is meant this section 2.1 of the Agreement. The purpose of the Data Processor Agreement is to ensure that Personal Data is processed in accordance with the requirements of the Privacy Act (the Personal Data Act of 14 April 2000 no. 31, the Personal Data Regulations of 15 December 2000 no.
1265 and the EU General Privacy Regulation no. 2016/679 (GDPR) and subsequent legislation replacing or supplementing them). The Customer is responsible for the processing of the Personal Data Processed under the Agreement and ITassist is the Data Processor. Words written in capital letters under this section 2.1 with sub-clauses shall be understood as defined in the Privacy Act, unless it is defined in the Agreement.
3.0.1 Description of the Treatment
Personal information Processed for the purpose of being able to deliver the Services requested by the Customer. Which Personal Data is Processed depends on which Services ITassist is to provide under the Agreement, as well as to a certain extent on which the Customer makes use of the relevant Service.
The categories are the Customer's representatives, partners, employees, customers and end users. The processing includes types of personal information such as name, e-mail, telephone number and other contact information, username and password.
3.0.2 The customer's duties
The Customer warrants that ITassist can Process Personal Information about End Customers in connection with the Services provided under the Agreement. The customer must have established internal routines that meet the requirements set for the Data Controller in the Privacy Act. The customer shall generally act loyally to ITassist and immediately inform ITassist of matters that may be relevant to the Processing of Personal Data under the Agreement.
3.0.3 ITassist's duties
Internal control: ITassist has established technical and organizational measures to ensure that the Personal Data is Processed in accordance with the provisions of the Privacy Act, including GDPR Article 32, and the terms of this Data Processor Agreement. ITassist is obliged to ensure that data processor agreements are in place with subcontractors that ensure that the Personal Data is Processed in accordance with what is stipulated in this section 2.1.3 of the Agreement.
Assistance to the Customer: ITassist shall, taking into account the nature of the processing and to the extent possible, assist the Customer, by means of appropriate technical and organizational measures, in fulfilling the obligation to respond to requests from the data subjects for the exercise of their rights. . Taking into account the nature of the processing and the information available to ITassist, ITassist shall assist the Customer in ensuring compliance with the obligations under Articles 32-36 of the GDPR. Assistance under this agreement point is performed on an hourly basis to ITassist at any time applicable standard hourly rates.
Limitation of availability and instruction authority: ITassist shall only Process the Personal Data in accordance with this Data Processor Agreement which shall be regarded as an exhaustive expression of the Customer's instructions. If ITassist Processes the Personal Data in violation of this
Data Processor Agreement, or in violation of provisions in the Privacy Act, the Customer may order ITassist to stop the further Processing of the Personal Data, unless ITassist is considered to be responsible for the processing of this relevant Processing.
Disclosure and duty of confidentiality: ITassist shall not disclose the Personal Information without the Customer's express prior permission, or there is a statutory obligation for such disclosure. Disclosure pursuant to this provision does not mean that authorized personnel at ITassist or ITassist's subcontractors are given access to Personal Information that is necessary to implement the Agreement. ITassist shall ensure that persons who are given access to the Personal Data have a duty of confidentiality. If there is no statutory duty of confidentiality, these persons shall instead submit a declaration of confidentiality. This provision also applies after the Treatment has ceased.
Use of subcontractors: ITassist may use subcontractors to deliver Service to the Customer. ITassist will notify the Customer 14 days before the change of subcontractor. If the Customer does not accept a change of subcontractor, this must be submitted in writing to ITassist
within 7 days after the Customer has received notification of a change of subcontractor. If the parties do not agree, the Customer has the right to terminate the Agreement. ITassist enters into written data processor agreements with the subcontractors, which impose on the subcontractors the same obligations as ITassist has pursuant to this Data Processor Agreement. ITassist is responsible for the Processing that the subcontractors do.
ITassist uses Terrahost in Sandefjord (org. No .: 995474921) to operate its cloud-based solutions. ITassist is responsible for technical support and user support.
Transfer to Third Countries: Personal data will not be transferred to a country outside the EU / EEA that does not ensure proper Processing of Personal Data ("Third Countries") without a valid transfer basis established in advance. If delivery of the Services requires the Processing of Personal Data by a subcontractor in a Third Country, the Customer will be asked to sign the EU standard agreement for the transfer of Personal Data to Third Countries if there is no other legal basis for the transfer in question, such as EU-US Privacy Shield for transfers to the United States.
Information security: ITassist undertakes, through data processor agreements with its subcontractors, to require them to establish appropriate technical and organizational information security measures, which are in a reasonable proportion to the risk that the Processing represents. This also includes measures to ensure that persons who have authorized access to the Personal Data only Process these in accordance with this Data Processor Agreement and the Customer's instructions. The measures must be documented.
Deviation notification in the event of a security breach: ITassist instructs its subcontractors to report to ITassist any security breach that has resulted in an illegal destruction, loss, change, unauthorized disclosure of or access to the Personal Data Processed under the Agreement. ITassist undertakes to pass on such message to the Customer without undue delay. Access to information and security audits: ITassist shall, upon request, as far as possible, provide the Customer with access to all information necessary to demonstrate that the Processing takes place in accordance with this Data Processor Agreement. The customer has the right, upon request, to receive audit reports from ITassist's subcontractors, unless special circumstances prevent this. The customer has the right, himself or through an independent third party, to carry out an audit of ITassist's compliance with this Data Processor Agreement. ITassist can be assigned a maximum of one audit a year. The Customer covers own costs related to audits performed by the Customer or by a third party on behalf of the Customer.
The software in the Service is delivered as English and Norwegian.
3.2 COMPATIBILITY REQUIREMENTS
The software in the Service is certified to support the Firefox browser in all places where the solution requires processing / searching of data. In the event of any claims for bug fixes / guarantees on browsers other than Firefox, an attempt will be made to improve this, but no guarantee is given.
3.3 CONFLICT RESOLUTION
Disagreements or conflicts between the parties regarding the content and implementation of this agreement shall be resolved through negotiations. If such negotiations do not proceed within 30 days, each of the parties may demand that the case be decided by arbitration in accordance with the Civil Procedure Act of 13 August 1915, no. 6, chapter 32.
3.4 DELETE OF DATA
If the customer wishes to have data deleted that the customer believes violates privacy legislation, an e-mail is sent to email@example.com