You may use the Site without registration however, to participate in certain activities of the Site you may be required to create an account. In the event you wish to create an account with us you may do so by completing the registration process. You agree to a) provide true, accurate, correct and complete information as prompted by the applicable registration form b) maintain and update true, accurate, correct and complete information provided by you during the registration process. You may be required to choose a password and user name. You are solely responsible for maintaining the confidentiality of your password and account.
If at any time Company believes that your account and password is being misused in any manner, or that the information provided by you during the registration process is not true, inaccurate or incomplete the Company reserves the right to cancel your account and block your access to Site.
You are entirely responsible for any and all activities that occur under your account. You agree to notify the Company of any unauthorised use of your account or any breach of security. Company will not be liable for any loss that you may incur as a result of someone else using your password or account or your failure to comply with this section.
All materials provided on this site, including but not limited to all information, materials, functions text, logos, designs, graphics, images, sounds, software, documents, products and services (collectively, the “Materials”), and the selection, arrangement and display thereof, are the copyrighted works of the Company/or its vendors or supplier or customers. All Materials herein and all Company software are proprietary to Company and protected by worldwide copyright and other intellectual property laws. Except as stated herein, none of the Materials may be modified, copied, reproduced, distributed, republished, downloaded, displayed, sold, compiled, posted or transmitted in any form or by any means, including but not limited to, electronic, mechanical, photocopying, recording or other means, without the prior express written permission of the Company.
Except as expressly provided above, nothing contained herein shall be construed as conferring, by implication, estoppel or otherwise, any license or right under any patent, trademark or copyright of the Company.
If you are a data controller using this site for any purpose, terms and conditions mentioned on https://firsthive.com/dpa for Data Processing Agreement shall be followed.
Use of the Site is available only to persons who can form legally binding contracts as per the applicable law. If you are a minor and wish to use or transact on the Site, such use or transaction may be made by your legal guardian or parents who are registered as users of the Site.
When you use the Site or send emails or other data, information or communication to us, You agree and understand that you are communicating with us through electronic records and You may receive communications via electronic records from us periodically and as and when required. We may communicate with you by email or by such other mode of communication, electronic or otherwise.
The Site is platform powered and managed by the Company that helps in capturing your customer or your channel interactions with your brand across various transaction, and presents metrics that may be of use to you (“Services”).
You shall not, display, upload, modify, publish, transmit, update or share any information on the Site, that —
- belongs to another person and to which you do not have any right;
- is grossly harmful, harassing, blasphemous, defamatory, obscene, pornographic, paedophilic, libellous, invasive of another’s privacy, hateful, or racially, ethnically objectionable, disparaging, relating or encouraging money laundering or gambling, or otherwise unlawful in any manner;
- involves the transmission of “junk mail,” “chain letters,” or unsolicited mass mailing or “spamming” or unsolicited commercial advertisement.
- harm minors in any way;
- infringes any patent, trademark, copyright or other proprietary rights;
- violates any law for the time being in force;
- deceives or misleads the addressee about the origin of such messages or communicates any information which is grossly offensive or menacing in nature;
- impersonate another person
- contains software viruses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer resource;
Unless otherwise stated, copyright and all intellectual property rights in all Materials on the Site (including but not limited to text, audio, video or graphical images, or technology, the look and feel of the Site), trademarks and logos appearing on this Site are the property of the Company and are owned and controlled by us or by other parties that have licensed their material to us. Materials on the Site are solely for your personal, non-commercial use. You must not copy, reproduce, republish, upload, post, transmit or distribute such material in any way, including by e-mail or other electronic means and whether directly or indirectly and you must not assist any other person to do so. Without the prior written consent of the owner, modification of the Materials, use of the Materials on any other web site or networked computer environment or use of the Materials for any purpose other than personal, non-commercial use is a violation of the copyrights, trademarks and other proprietary rights, and is prohibited. Any use for which you receive any remuneration, whether in money or otherwise, is a commercial use for the purposes of this clause. You agree not to use any framing techniques to enclose any trademark or logo or other proprietary information of Company or remove, conceal or obliterate any copyright or other proprietary notice or any credit-line or date-line on other mark or source identifier included on the Site, including without limitation, the size, colour, location or style of all proprietary marks. Any infringement shall be vigorously defended and pursued to the fullest extent permitted by law.
We respect other people’s intellectual property rights and if you believe that any content or material on the Site infringes on your intellectual property rights you can write to us at firstname.lastname@example.org
The Site, all the Materials and products (including but not limited to software) and any services, included on or otherwise made available to you through this Site are gathered from a variety of sources and are intended solely as general information and provided on “as is” and “as available” basis without any representation or warranties, express or implied except otherwise specified in writing. They do not constitute advice and should not be relied upon in making (or refraining from making) any decision. Any specific advice or replies to queries in any part of the Site is/are the personal opinion of such experts/consultants/persons and does not constitute or indicate our endorsement, representation or warranty of such information and are not subscribed to by this Site. Without prejudice to the forgoing paragraph, Company does not warrant that:
- The Site will be constantly available, or available at all; or
- The information on the Site is complete, legal, true, accurate or non-misleading.
- Any Services provided will meet your requirements, is suitable for your purpose, accurate, complete, true or non-misleading.
Company may establish on the Site a hypertext link to a third party website from time to time. Such link is provided for information and convenience of the users and does not state or imply any sponsorship or endorsement of third party website by Company. Company has no control over such third party website and your use of such third party website or any offsite dealings with such third parties is at your own risk.
Some part of the Site may contain advertising information or promotion material or other material submitted to Company by third parties. Responsibility for ensuring that the material submitted for inclusion on Site complies with applicable law is exclusively on the party providing the information/material. Your correspondence or business dealings with, or participation in promotions of advertisers or including payment and delivery of related goods or services, and any other terms, conditions, warranties or representations associated with such dealings, are solely between You and such advertiser. Company will not be responsible or liable for any claim, error, omission, inaccuracy in advertising material or any loss or damage of any sort incurred as the result of any such dealings or as the result of the presence of such advertisers on the Site. Company reserves the right to omit, suspend or change the position of any advertising material submitted for insertion
This Site is controlled and operated from within India. Company makes no representation that the Site is appropriate or available in locations outside the India. Those who choose to access the Site from other locations do so at their own risk and are responsible for compliance with applicable laws.
YOU AGREE THAT COMPANY SHALL NOT BE LIABLE FOR ANY DIRECT, SPECIAL, INCIDENTAL, INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND IN CONNECTION WITH THIS AGREEMENT OR YOUR USE OF SITE, EVEN IF COMPANY HAS BEEN INFORMED IN ADVANCE OF THE POSSIBILITY OF SUCH DAMAGES.
This Agreement shall be governed by and interpreted and construed in accordance with the laws of India. The place of jurisdiction shall be exclusively in Bangalore. Notwithstanding the foregoing, we reserve the right to pursue any action or claim against you in any court of competent jurisdiction which we believe is the most appropriate to seek any relief.
FirstHive understands that Your privacy is important to You and that You care about how Your information is used and shared online. We respect and value the privacy of everyone who visits Our Site and will only collect and use information in ways that are useful to You and in a manner consistent with Your rights and Our obligations under the law.
1. DEFINITIONS AND INTERPRETATION
In this Policy the following terms shall have the following meanings:
|“Account”||means an account required to access and/or use certain areas and features of Our Site.|
|“Cookie”||means a small text file placed on Your computer or device by Our Site when You visit certain parts of Our Site and/or when You use certain features of Our Site. Details of the Cookies used by Our Site are set out in Section 11, below.|
|“Our Site”||means this website, www.firsthive.com, its subdomains, and www.firsthive.tech, and its subdomains|
|“Privacy Law”||where shall mean, to the extent applicable, the laws governing handling personal data in the territory of India.|
|“We/Us/Our”||means FirstHive Tech Corporation, Sunnyvale CA and its subsidiaries|
|“Personal Data”||means data relating to a living individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, the possession of the data controller.|
|“Services”||shall mean Your use of the Our Site and any products, channels, software, data feeds and services, including Our Site.|
2. INFORMATION ABOUT US
1. Our Sites, www.firsthive.com, www.firsthive.tech and its subdomains are owned and operated by FirstHive Tech Corporation, Sunnyvale CA.
3. SCOPE – WHAT DOES THIS POLICY COVER?
3. WHAT DATA DO WE COLLECT?
2. Depending upon Your use of Our Site, We may collect some or all of the following data, when You sign-up on Our Site:
1. Your name;
2. Website URL;
3. contact information such as email addresses and telephone numbers;
4. web browser type and version (automatically collected);
5. IP address of signup (automatically collected); and
6. operating system (automatically collected).
4. HOW DO WE USE YOUR DATA?
1. All personal data is stored securely in compliance with the applicable Privacy Law.
2. We use Your data to provide the best possible products and services to You. This includes:
1. Providing and managing Your Account;
2. Providing and managing Your access to Our Site;
3. Personalising and tailoring Your experience on Our Site;
4. Supplying Our products and Services to You;
5. Personalising and tailoring Our products and Services for You;
6. Sending and responding to communications from You;
3. In some cases, the collection of data may be a statutory or contractual requirement, and We will be limited in the products and services We can provide You, without Your consent for Us to be able to use such data.
4. With Your permission and/or where permitted by law, We may also use Your data for marketing purposes which may include contacting You by digital communications or web push notification with information, news and offers on Our products. We will not, however, send You any unsolicited marketing or spam and will take all reasonable steps to ensure that We fully protect Your rights and comply with Our obligations under the applicable Privacy Law.
5. We will endeavour to ensure that Your personal data is processed lawfully, fairly, and transparently, without adversely affecting Your rights. We will only process Your personal data if at least one of the following basis applies:
a) You have given consent to the processing of Your personal data for one or more specific purposes;
b) processing is necessary for the performance of a contract to which You are a party or in order to take steps at the request of You prior to entering into a contract;
c) processing is necessary for compliance with a legal obligation to which We are subject to;
d) processing is necessary to protect the vital interests of You or of another natural person;
e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; and/or
f) processing is necessary for the purposes of the legitimate interests pursued by Us or by a third party, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
5. HOW AND WHERE DO WE STORE AND SECURE YOUR DATA?
1. We only keep Your data for as long as We need to in order to use it as described above in Section 5, and/or for as long as We have Your permission to keep it. In any event, We will conduct an annual review to ascertain whether We need to keep Your data.
2. Data security is of great importance to Us, and to protect Your data. We use appropriate technical and organizational measures to protect the Personal Data that We collect and process. The measures We use, are designed to provide a level of security appropriate to the risk of processing Your Personal Data.
6. DO WE SHARE YOUR DATA?
1. We may contract with third parties to supply products and services to You on Our behalf. These may include payment processing, delivery of goods, search engine facilities, advertising and marketing. In some cases, the third parties may require access to some or all of Your data. Where any of Your data is required for such a purpose, We will take all reasonable steps to ensure that Your data will be handled safely, securely, and in accordance with Your rights, Our obligations, and the obligations of the third party under the law.
2. In certain circumstances We may be legally required to share certain data held by Us, which may include Your personal information, for example, where We are involved in legal proceedings, where We are complying with the requirements of legislation, a court order, or a governmental authority. We do not require any further consent from You in order to share Your data in such circumstances and will comply as required with any legally binding request that is made of Us.
7. WHAT HAPPENS IF OUR BUSINESS CHANGES HANDS?
2. In the event that any of Your data is to be transferred in such a manner, You will be contacted in advance and informed of the changes.
8. HOW CAN YOU CONTROL YOUR DATA?
1. When You submit information via Our Site, You may be given options to restrict Our use of Your data. We aim to give You controls on Our use of Your data including the ability to opt-out of receiving emails from Us which You may do by unsubscribing using the links provided in Our emails and by managing it through Your preferences in Your account
9. YOUR RIGHT TO WITHHOLD INFORMATION AND YOUR RIGHT TO WITHDRAW INFORMATION AFTER YOU HAVE GIVEN IT
1. You may access marketing portions of Our Site without providing any data at all. However, to use all features and functions available on Our Site, and open and account with Us, You may be required to submit or allow for the collection of certain data.
3. You may withdraw Your consent for Us to use Your personal data as set out in Section in 5 at any time by contacting Us using the details set out in Section 15, and We will delete Your data from our systems within a reasonable period of time, and/or share steps on how to unsubscribe. However, You acknowledge this may limit Our ability to provide the best possible products and services to You.
10. HOW CAN YOU ACCESS YOUR DATA?
1. You have the legal right to ask for a copy of any of your personal data held by Us (where such data is held). Please contact Us for more details at email@example.com, or using the contact details below in Section 13. If You are a web push, mobile push, email, SMS, programmatic, social subscriber to Our service, please refer to Your controller i.e. website at which You subscribed to such notifications/ communications, to provide You these details.
11. YOUR RIGHTS TOWARDS THE PERSONAL DATA SHARED WITH US
1. In light of the recent changes to the privacy law in the international scenario, we provide You with certain rights:
1. the right to request access to, deletion of or correction of, Your personal data held by Us;
2. the right to complain to a supervisory authority in event of breach of any of Our obligations towards the Personal Data under the applicable Privacy Law;
3. be informed of what data processing is taking place;
4. the right to restrict processing;
5. the right to data portability;
6. object to processing of Your Personal Data;
7. rights with respect to automated decision-making and profiling (see Section 13 below).
3. If You seek access to, or wish to correct, update, modify or delete Personal Data (hereinafter referred to as a “Request”) which forms a part of the Personal Data collected by Us, please contact us at firstname.lastname@example.org. We respond to all requests We receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
12. AUTOMATED DECISION-MAKING AND PROFILING
1. In the event that We use Personal Data for the purposes of automated decision-making and those decisions have a legal (or similarly significant effect) on You, You may write to Us at [insert link of email address for contacting the company], requesting human intervention in such data processing, and obtaining an explanation of the decision from Us.
2. The option available to You under Section 13.1 does not apply in the following circumstances:
a) The decision is necessary for the entry into, or performance of, a contract between the You and Us;
b) The decision is authorised by law; or
c) You have given Your direct consent.
13. CHILDREN’S PERSONAL DATA
1. Our services are not intended for use by children. We do not knowingly collect any Personal Data from children under the age of 16. If You are under the age of 16, please do not submit any Personal Data through Our Site or Service(s). We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this notice by instructing their children never to provide Personal Data through Our Service(s) or Our Sites without their permission. If You have reason to believe that a child under the age of 16 has provided Personal Data to Us through Our Site or Service(s), please contact Us and We will delete that information and terminate the child’s account from Our databases and if it is discovered that We have collected Personal Data from someone under the age of 16, we will delete that information immediately.
14. CONTACTING US
2. If You have any support requests, please contact us at email@example.com
DATA PROCESSING AGREEMENT
This DATA PROCESSING AGREEMENT (this “Agreement“) executed between:
1.1. This Agreement is applicable insofar as in providing the Services and consequently carrying out of one or more Processing Operations.
1.2. The processing of personal data which is carried out in providing the Services are further herein referred to as the “Processing Operations”. The personal data processed
in this connection are the “Personal Data”.
1.3. It shall be the obligation the Controller to ensure that all Personal Data provided to the Processor for carrying out of Processing Operation is carried out in complete compliance of the relevant applicable law governing the collection of Personal Data by the Controller, and the transfer of the Personal Data from the Controller to the Processor.
1.4. With regard to the Processing Operations the Controller is the party responsible for the Processing Operations and the Processor is the party processing them. The natural persons who are actually using the Services of the Processor and their representatives, if any, are further herein also referred to as the “End Users”.
2.1. The Processor shall be responsible for processing the Personal Data on behalf of the Controller on the written and explicit instructions of the Controller. Further provided that, the Controller has and shall retain full control of the Personal Data provided to the Process.
2.2. The Processor, shall not without the prior consent of the Controller, transfer any Personal Data to any country, where the Processor is required to take consent subject to the applicable Privacy law.
2.3. The Processing Operations are only carried out in connection with the Services. The Processor shall not process Personal Data other than as required for the provision of the Services.
2.4. The Processor will perform the Processing Operations in a proper way and with due care.
3 SECURITY MEASURES
3.1. The Processor shall take all the technical and organizational security measures as maybe required subject to the provisions of the Privacy Law, to ensure protection of the Personal Data to be processed subject to this Agreement.
3.2. The Processor shall ensure that persons, not limited to employees, who participate in Processing Operations at the Processor duly execute a confidentiality agreement with respect to the protection of Personal Data.
3.3. The Processor has appointed an officer (“Officer“), to facilitate and ensure due protection to the Personal Data. The Controller may reach out to the Officer, at firstname.lastname@example.org.
4 DATA LEAKS & PRIVACY IMPACT ASSESSMENT
4.1. The Processor shall notify the Controller of any “personal data breach” within a reasonable period of time. Such a breach shall hereafter be referred to as a “Data Leak”.
4.2. The Processor will provide the Controller, within a reasonable time period, all the information in his possession and where such information is required to be provided to the Controller to enable the Controller to inform the applicable governmental authority. Such information shall be provided in a standard format, as may be determined by the Processor.
4.3. The Processor shall not be under the obligation to inform the Controller of a Data Leak where the Processor, in good faith, determines that the Data Leak shall not pose a risk to the rights and freedoms of natural persons and/or Personal Data. In an event where a Data Leak may affect the rights and freedoms of the natural persons and/or Personal Data, the Processor shall inform the Controller. The Processor shall document all Data Leaks, also those which may not have been reported to the Controller and provide the Controller with a written report mentioning such Data Leaks on a quarterly basis.
4.4. It is exclusively up to the Controller to determine whether a Data Leak established at the Processor is to be reported to the supervisory authority and/or to the persons involved.
4.5. The Processor will assist the Controller insofar as is reasonably possible and taking into account the nature of the Processing Operations and the latest technology.
5 ENGAGEMENT OF SUB-PROCESSORS
5.1. In performing the Processing Operations, the Processor may engage a third party as the sub-processor (“Sub-Processors“). However, the Processor shall be liable to disclose to the Controller, within a reasonable period of time, the name of Sub-Processor and nature of activities carried by the Sub-Processer, upon the Controller making a written request.
5.2. The Processor shall ensure that the Sub-Processors enter into an agreement in which he at least observes the same legal obligations and any additional obligations as those the Processor has under this Agreement. If a Sub-Processor does not want to accept the additional obligations under this Agreement, the Controller can request the Processor to cease carrying out the Processing Operation via the said Sub-Processor.
6 CONFIDENTIALITY OBLIGATION
6.1. The Processor shall keep the Personal Data confidential. The Processor shall further ensure that the Personal Data shall not, directly or indirectly, become available to any third-parties. This prohibition does not apply if provisions to the contrary are laid down in this Agreement and/or insofar as a statutory regulation or judgment requires any disclosure.
6.2. The Processor shall inform the Controller of any request for access to, provision of or other form of requesting and communicating Personal Data contrary to the confidentiality obligation included in this clause.
7 RETENTION PERIODS AND DELETION
7.1. Unless otherwise agreed in writing by the Controller and the Processor, the Personal Data and other data collected from the End-Users and /or the Controller shall be retained by the Processor as per the retention period specified below.
7.2. The Controller shall be responsible for informing the Processor at least thirty (30) days prior to the end of the current retention period with respect to any amendment/changes the Controller may require in the retention period. .
7.3. The Controller shall further request the Processor to change/amend the retention period of any Personal Data accessed/collected by the Processor upon issuing a thirty (30) days prior written notice to the Processor.
7.4. The Processor shall ensure that all such Personal Data, for which a deletion request has been made by the Controller, is deleted within one-hundred and eight (180) days of such request being made by the Controller. The Processor shall not be under an obligation to delete the Personal Data, if such Personal Data shall have to be retained longer subject to the statutory obligations of the Processor, or at the request of the Controller that Personal Data may be retained for a longer period of time, subject to a mutual agreement in writing between the Parties.
7.5. Any transfer/ extended retention of the data specified below or the Personal Data upon the request of the Controller shall be at the expense of the Controller.
7.6. Unless otherwise agreed by the Parties in writing, the Controller shall be responsible for all back-up of the Personal Data.
8 RIGHTS OF PERSONS INVOLVED
8.1. The Processor follows the document retention procedures outlined below. The documents that are not listed but are substantially similar to those listed in the below table will be retained for the same period.
8.2. The Processor is under no obligation to retain any data specified below or the Personal Data accessed/collected during the existence of the engagement upon the termination of the Controller’s account with the Processor. The Controller shall be responsible for all back-up of the Personal Data provided by the Controller.
|S.No.||Type of Data||What does this cover||Retention Period|
|1||Consolidated tracking||Impacts aggregate dashboards like FH (First Hive) Central, Campaign Analytics, underlying data for microsites, reporting et al. Thus, in the default dashboards, data only upto the last 1 year is accessible.||12 months from the date of access and which is extendable up to 24 months|
|2||Delivery logs||Campaign delivery and response data mapped to unique customer records||12 months from the date of access extendable up to 24 months
|3||Tracking Logs||Any campaign tracking will be done by default for 1 month, viz. any open or clicks would only be recorded in that period, calculated from campaign send. Also includes all short URLs created.||3 months from the date of access|
|4||Events||Clickstream behavioural data on web or mobile analytics. Certain data can still be made available for segmentation, but analytics view would be curtailed.||1month from the date of access extendable up to 12 months|
|5||Archived segments/ campaigns||Any segments or campaigns that are archived in the platform. Any campaign/ segment not utilized post build in last 3 months will be auto archived.||3 months from the date of access|
|6||Transaction data||Includes any code scan, transaction, or similar data. Also covers data on which segmentation can be carried out.||6 months from the date of access extendable up to 36 months|
|7||WS Redemption||Any redemption data done by any program user||24 months from the date of access extendable up to 36 months|
|8||Master Code data||Any codes generated for SKU (stock keeping units) tracking||24 months from the date of access extendable up to 36 months|
|9||System Data||Any data used by the system for data or campaign processing but not used for any analytics||1 month from the date of access|
|10||Retention of FTP data||Any images, attachments, etc. uploaded on the platform||1 month from the date of access|
9.1. In event of the Controller having access to the Personal Data, the Controller shall be responsible for complying with all requests by the natural persons with respect to the Personal Data. The Processor shall, within reasonable time, pass on to the Controller any requests received by the Processor.
9.2. In the event, that the Parties are unable to comply with the provisions of Clause 9.1, the Processor shall provide its full cooperation to the Controller to:
- Provide the natural persons with access to their respective Personal Data after approval from and on the instructions of the Controller,
- Remove or correct Personal Data,
- Demonstrate that Personal Data has been removed or corrected (or, in the event where the Controller does not agree that the Personal Data are incorrect, the Controller shall record that the natural person considered its Personal Data to be incorrect),
- Provide the Controller or the third party appointed by the Controller with the respective Personal Data in a structured, usual and machine-readable form, and
- Enable the Controller otherwise to comply with his obligations under the Privacy Law or other applicable legislation in the area of processing Personal Data.
9.3. The costs of and requirements, to enable compliance with the aforementioned Section 9.2, shall be jointly determined by the Parties. However, in the absence of any agreements to this respect, the costs will be borne by the Controller.
10.1. The Controller will indemnify the Processor in respect of all direct liabilities, costs and expenses suffered or incurred by the Processor in its capacity as the processor of the data of the controller, arising from any security breach in the terms of this agreement, or any negligent act or omission by the controller in the exercise of the rights granted to it under the applicable law provided:
- The Processor within reasonable time, notifies the Controller of any actions, claims or demands brought or made against it concerning any security breach;
- The Processor will not compound, settler or admit to any actions, claims or demi settle of demands without the consent of the Controller except by the order of a court of competent jurisdiction;
- The Controller will be entitled at its own cost to defend or settle any proceedings;
- The Processor shall not have acted on its own accord and independently of the instructions given to it by the Controller in its role as a data processor in accordance with the provisions of this Agreement;
- This indemnity shall exclude any loss that has arisen out of negligence or willful act, default or omission of the Processor, its employees, contractors, or sub-contractors;
- Nothing in this agreement shall restrict or interfere with the Controller’s rights against the Processor or any person in respect of contributory negligence.
10.2. The Processor’s right to claim damages shall be forfeited if the Processor fails to give written notice of any damages that may be sustained as aforesaid within 30 business days, from the occurrence thereof or commences to make good such damages before written notice is given as aforesaid.
10.3. The Processor will indemnify the Controller in respect of all direct liabilities, costs and expenses suffered or incurred by the Controller in its capacity as controller of the data of the processor arising from any security breach in terms of this agreement or negligent act or omission by the Processor in the exercise of the rights granted to it under the Applicable Law provided that:
10.4. The Controller within reasonable time notifies the Processor of any actions, claims or demands brought or made against it concerning any alleged security breach.
11.1. The Controller shall be entitled to verify the compliance with the provisions of this Agreement once every year at his own expense or to have them verified by an independent registered auditor or registered informatics professional.
11.2. The investigation of the Controller shall always be limited to the systems of the Processor being used for the Processing Operations. The information obtained during the verification shall be dealt with confidentially by the Controller and only be used to verify the compliance of the Processor with the obligations under this Agreement and the information or parts of it will be deleted as soon as possible. The Controller warrants that any third parties engaged will also undertake these obligations.
11.3. Before the commencement of any such audit, Controller and Processor shall mutually agree upon the scope, timing, and duration of the audit, in addition to the reimbursement rate for which Controller shall be responsible.
12 OTHER PROVISIONS
12.1. The Processor, may modify this Agreement from time to time, as it may deem necessary, or where required by law. Any such changes shall be immediately posted on our website. The Processor shall further inform the Controller immediately after making any changes to this Agreement. The Controller shall deemed to have accepted the amended terms of this Agreement, if the Controller continues to use the Services.
12.2. Neither Party shall assign any part of this Agreement, without the prior written consent of the other Party.
12.3. The Processor shall not sub-contract to any third party any of its rights or obligations under this Agreement save for where permitted by the Parties under this Agreement.
12.4. Except as expressly provided in this agreement, the rights and remedies provided under this agreement are in addition to, and not exclusive of, any rights or remedies provided by law.