We last updated this policy May 15, 2018.
Please read this Agreement carefully before accessing or using the Service. By subscribing or by making an online payment for any part of our Service, you agree to become bound by the terms and conditions of this agreement. If you do not agree to all the terms and conditions of this agreement, you must not access or use any of our services. If these terms and conditions are considered an offer by AP, acceptance is expressly limited to these terms. The Service is available only to at least 16 years old individuals.
Note: Apple recently changed its iTunes App Store regulations, which can affect some no-code app makers. The regulation says, “Apps created from a commercialized template or app generation service will be rejected unless they are submitted directly by the provider of the app’s content. These services should not submit apps on behalf of their clients and should offer tools that let their clients create customized, innovative apps that provide unique customer experiences.” The purpose is to eliminate clones and spam apps that can be quickly created, but it may have an effect on Apps of small businesses who have not differentiated their Apps enough. Apple doesn’t disclose which apps have been rejected or ejected from the App.
1.1 Your AP Account and Site
If you create a social network or mobile application on the Service, you are responsible for maintaining the security of your account and blog, and you are fully responsible for all activities that occur under the account and any other actions taken in connection with the blog. You must not describe or assign keywords to your social network in a misleading or unlawful manner, including in a manner intended to trade on the name or reputation of others. AP may change or remove any description or keyword that it considers inappropriate or unlawful, or otherwise likely to cause AP’s liability. You must immediately notify AP of any unauthorized uses of your social network, your mobile application, your account or any other breaches of security. AP will not be liable for any acts or omissions by You, including any damages of any kind incurred as a result of such acts or omissions.
1.2 Responsibility of Contributors
If you operate a social network, operate a mobile application, post material to the Service, post links on the Service, or otherwise make (or allow any third party to make) material available by means of the Service (any such material, “Content”) or other services, you are entirely responsible for the content of, and any harm resulting from, that Content. That is the case regardless of whether the Content in question constitutes text, graphics, an audio or video file, or computer software. By making Content available, you represent and warrant that:
- the downloading, copying and use of the Content will not infringe the proprietary rights, including but not limited to the copyright, patent, trademark or trade secret rights, of any third party;
- if your employer has rights to intellectual property you create, you have either (1) received permission from your employer to post or make available the Content, including but not limited to any software, or (2) secured from your employer a waiver as to all rights in or to the Content;
- you have fully complied with any third-party licenses relating to the Content, and have done all things necessary to successfully pass through to end users any required terms;
- the Content does not contain or install any viruses, worms, malware, Trojan horses or other harmful or destructive content;
- the Content is not spam, is not machine- or randomly-generated, and does not contain unethical or unwanted commercial content designed to drive traffic to third party sites or boost the search engine rankings of third party sites, or to further unlawful acts (such as phishing) or mislead recipients as to the source of the material (such as spoofing);
- the Content is not pornographic, libelous or defamatory, does not contain threats or incite violence towards individuals or entities, and does not violate the privacy or publicity rights of any third party;
- your social network or mobile application is not getting advertised via unwanted electronic messages such as spam links on newsgroups, email lists, blogs and web sites, and similar unsolicited promotional methods;
- your social network or mobile application is not named in a manner that misleads your readers into thinking that you are another person or company. For example, your social network’s URL or name is not the name of a person other than yourself or company other than your own; and
- you have, in the case of Content that includes computer code, accurately categorized and/or described the type, nature, uses and effects of the materials, whether requested to do so by social network or otherwise.
By submitting Content to AP for inclusion on any services or applications provided by AP, you grant AP a world-wide, royalty-free, and non-exclusive license to reproduce, modify, adapt and publish the Content solely for the purpose of displaying, distributing and promoting your mobile application. If you delete Content, AP will use reasonable efforts to remove it from the Service, but you acknowledge that caching or references to the Content may not be made immediately unavailable. Without limiting any of those representations or warranties, AP has the right (though not the obligation) to, in AP’s sole discretion (1) refuse or remove any content that, in AP’s reasonable opinion, violates any AP policy or is in any way harmful or objectionable, or (2) terminate or deny access to and use of the Service to any individual or entity for any reason, in AP’s sole discretion. AP will have no obligation to provide a refund of any amounts previously paid.
1.3 Subscription Billing, Termination, Cancellation and Refund on One-Month Subscriptions
AP offers one-month subscriptions, which entitle the original purchaser access to AP for a period of exactly 1 month from the date of purchase. AP also offers add-on plans for each app, which allows purchaser access to AP’s additional services, including unlimited push notifications, dedicated account manager, for a period of one month. The purchaser agrees to pay all fees in effect when incurred. You will be billed for your subscription in advance at the time of purchase and the subscription will automatically renew indefinitely until explicitly cancelled. If you cancel your services, your cancellation takes effect on your next billing cycle. This means we won’t be able to refund you for early contract cancellation. All AP accounts begin with an obligation-free trial which will allow you to evaluate the service. No credit card information is collected to initiate a trial account, and charges will only be applied after explicit account purchase. Please sign up for a monthly payment schedule if you are unsure of how long you will be using the service. If you have a question about charges made to your account, please contact us immediately. If the charges were made in error, we will immediately credit your account or credit card account for the appropriate amount. AP has a zero tolerance policy for chargebacks. Any customer who disputes a credit card payment that is found to be valid will be permanently blacklisted and barred from use of the Service. Any past due fees and costs will be sent to collections. If our collection efforts fail, unpaid debts will be reported to all available credit reporting agencies. If AP terminates your account because of a violation of our terms of service, AP will not refund any portion of your license fees. Refunds are not applicable on rejection of your mobile application from any App Store or marketplace. AP offers a 30-day money back guarantee on all Monthly Subscriptions, however this guarantee is valid only for the first app, and applicable on retail plans; and not on the Reseller & Educational Plans.
1.4 Subscription Billing, Termination, and Cancellation One-Year Subscriptions
AP offers one-year subscriptions, which entitle the original purchaser access to AP for a period of exactly 12 months from the date of purchase. AP also offers add-on plans for each app, which allows purchaser access to AP’s additional services, including unlimited push notifications, dedicated account manager, for a period of one year (12 months). The purchaser agrees to pay all fees in effect when incurred. You will be billed for your subscription in advance at the time of purchase and the subscription will automatically renew indefinitely until explicitly cancelled. If you cancel your services, your cancellation takes effect on your next billing cycle. This means we won’t be able to refund you for early contract cancellation. All AP accounts begin with an obligation-free trial which will allow you to evaluate the service. No credit card information is collected to initiate a trial account, and charges will only be applied after explicit account purchase. Please sign up for a monthly payment schedule if you are unsure of how long you will be using the service. If you have a question about charges made to your account, please contact us immediately. If the charges were made in error, we will immediately credit your account or credit card account for the appropriate amount. AP has a zero tolerance policy for chargebacks. Any customer who disputes a credit card payment that is found to be valid will be permanently blacklisted and barred from use of the Service. Any past due fees and costs will be sent to collections. If our collection efforts fail, unpaid debts will be reported to all available credit reporting agencies. If AP terminates your account because of a violation of our terms of service, AP will not refund any portion of your license fees. Refunds are not applicable on rejection of your mobile application from any App Store or marketplace. You can cancel your yearly plan any time; however, cancellation of a yearly plan will not result in a refund.
1.5 Billing, Termination, and Cancellation and Refund on Lifetime Plan (Perpetual License)
AP offers Lifetime Plan (Perpetual License), which will be perpetually active provided the client has paid the one-time upfront license fee and continues to pay the ongoing yearly fees towards app maintenance & updates, i.e. (5% of one-time upfront license fee). AP also offers add-on plans for each app, which allows purchaser access to AP’s additional services, including unlimited push notifications, dedicated account manager, for lifetime. Terms of lifetime plan are subject to additional conditions as outlined in this terms outlined below. Lifetime plan holders are guaranteed 5 years (60 months) of access to AP, however, in the event that AP discontinues the service or ceases to do business, or in the event of an acquisition, change of control, a significant merger, or other legal re-organization of AP, AP may terminate the Perpetual License by returning your purchase price less an amount computed by multiplying your purchase price by a fraction, the numerator of which is the number of complete months since your purchase of the lifetime plan and the denominator of which is 60. If AP terminates your account because of a violation of our terms of service, AP will not refund any portion of your license fees. Refunds are not applicable on rejection of your mobile application from any App Store or marketplace; AP may introduce additional services from time to time, which may be excluded from an existing lifetime plan without additional cost. If your AP lifetime plan account has no activity for a period of 3 years, we will consider that account dormant and will remove online access to the data. We will then keep the data for an additional one year, at which point we will delete your data. Activity is defined as a login to the AP App Builder. You can cancel your lifetime plan any time by contacting us; however, cancellation of a lifetime plan will not result in a refund.
1.6 Cancellation and Refund on Subscription Renewals
Your subscription will renew automatically, on your monthly & annual renewal date, until you cancel. Renewal rates are subject to change, but we’ll always notify you beforehand. If you cancel within 7 days of your renewal, you’ll be fully refunded. Should you cancel after 7 days of renewal, you’ll be charged 100% of your subscription obligation and your service will continue until the end of that month’s or year’s billing period. Cancellations can be made any time by visiting Billing Info page of your app or by contacting email@example.com .
1.7 Custom Mobile Apps Development
Payments for custom App design and development projects are made to us in increments as a courtesy to the client. Once a payment or deposit is made, it is non-refundable. If a project is cancelled or postponed, AP retains all monies paid and if applicable, a fee for all work completed beyond what was already paid for shall be paid by the client.
1.8 Build it for Me Plan
Payment of $499 towards Build it for me Plan is treated as a custom App design and development project. Hence once the payment of $499 is made, it is non-refundable. If a project is cancelled or postponed, AP retains all monies paid and if applicable, a fee for all work completed beyond what was already paid for shall be paid by the client.
1.9 Payment for Additional Services
AP offers additional Consumable in-app purchases that includes, but not limited to, App Hosting, App Bandwidth, Submission, Re-submission, Account Manager, Unlimited Push Notifications, Additional Drivers & Moderators, which you can select depending on your needs. Once a payment or deposit is made for these services, it is non-refundable. Consumable in-app purchases are depleted but can be upgraded on need basis and email notifications are sent to users when critical level thresholds are reached. It is pertinent to mention here that if Consumable in-app purchases are fully depleted and not upgraded, then this will lead to your app being locked for editing and viewing purposes.
1.10 Content Posted on Other Services
We have not reviewed, and cannot review, all of the material, including computer software, made available through the services and webpages to which AppyPie.com links, and that link to AppyPie.com. AP doesn’t have any control over those non-AP services and webpages, and is not responsible for their contents or their use. By linking to a non-AP website or webpage, AP does not represent or imply that it endorses such website or webpage. You are responsible for taking precautions as necessary to protect yourself and your computer systems from viruses, worms, Trojan horses, and other harmful or destructive content. AP disclaims any responsibility for any harm resulting from your use of non-AP websites and web pages.
1.11 Copyright Infringement and DMCA Policy
As AP asks others to respect its intellectual property rights, it respects the intellectual property rights of others too. If you believe that material located on or linked to by AppyPie.com or any AP social network or mobile application violates your copyright, you are encouraged to notify AP in accordance with AP’s Digital Millennium Copyright Act (”DMCA”) Policy. AP will respond to all such notices, including as required or appropriate by removing the infringing material or disabling all links to the infringing material. In the case of a visitor who may infringe or repeatedly infringes the copyrights or other intellectual property rights of AP or others, AP may, in its discretion, terminate or deny access to and use of the Service. In the case of such termination, AP will have no obligation to provide a refund of any amounts previously paid to AP. Intellectual Property. This Agreement does not transfer from AP to you any AP or third party intellectual property, and all right, title and interest in and to such property will remain (as between the parties) solely with AP, AppyPie.com, the AppyPie.com logo, and all other trademarks, service marks, graphics and logos used in connection with AppyPie.com, or the Service are trademarks or registered trademarks of AP’s licensors. Other trademarks, service marks, graphics and logos used in connection with the Service may be the trademarks of other third parties. Your use of the Service grants you no right or license to reproduce or otherwise use any AP or third-party trademarks.
AP reserves the right, at its sole discretion, to modify or replace any part of this Agreement. It is your responsibility to check this Agreement periodically for changes. Your continued use of or access to the Service following the posting of any changes to this Agreement constitutes acceptance of those changes. AP may also, in the future, offer new services and/or features through the Service (including, the release of new tools and resources and modification as well as termination of released features). Such new features and/or services shall be subject to the terms and conditions of this Agreement.
AP may terminate your access to all or any part of the Service at any time, with or without cause, with or without notice, effective immediately. If you wish to terminate this Agreement or your AppyPie.com account (if you have one), you may simply discontinue using the Service. AP can terminate the Service immediately as part of a general shut down of our service. All provisions of this Agreement which by their nature shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability.
If we receive a chargeback or payment dispute (i.e. PayPal Dispute) from a credit card company or bank, your service and/or project will be suspended without notice. A $100 chargeback fee (issued to recover fees passed on to us by the credit company), plus any outstanding balances accrued as a result of the chargeback(s) must be paid in full before service is restored, files delivered, or any further work is done. Instead of issuing a chargeback, please contact us to address any billing issues. Requesting a chargeback or opening a PayPal dispute for a valid charge from us is fraud, and is never an appropriate or legal means of obtaining a refund.
1.15 Disclaimer of Warranties
The Service is provided “as is”. AP and its suppliers and licensors hereby disclaim all warranties of any kind, express or implied, including, without limitation, the warranties of merchantability, fitness for a particular purpose and non-infringement. Neither AP nor its suppliers and licensors, makes any warranty that the Service will be error free or that access thereto will be continuous or uninterrupted. You understand that you download from, or otherwise obtain content or services through, the Service at your own discretion and risk.
1.16 Limitation of Liability
You expressly understand and agree that AP shall not be liable for any direct, indirect, incidental, special, consequential or exemplary damages, including but not limited to, damages for loss of profits, goodwill, use, data or other intangible losses (even if AP has been advised of the possibility of such damages), resulting from: (i) the use or the inability to use the service; (ii) the cost of procurement of substitute goods and services resulting from any goods, data, information or services purchased or obtained or messages received or transactions entered into through or from the service; (iii) unauthorized access to or alteration of your transmissions or data; (iv) statements or conduct of any third party on the service; (v) any bugs arising in the app; (vi) corruption of application, hacking attacks, security of the app or any other matter relating to the service; (vii) any rejection of your mobile application from any mobile application store or marketplace; (viii) for any amounts that exceed the fees paid by you to AP under this agreement during the twelve (12) month period prior to the cause of action. AP shall have no liability for any failure or delay due to matters beyond their reasonable control. The foregoing shall not apply to the extent prohibited by applicable law.
1.17 General Representation and Warranty
You agree to indemnify and hold harmless AP, its contractors, and its licensors, and their respective directors, officers, employees and agents, from and against any and all claims, damages, obligations, losses, liabilities, costs or debts, and expenses (including but not limited to attorney’s fees) arising from: (i) your use of and access to the Service; (ii) your violation of any term of these Terms; (iii) your violation of any third party right, including without limitation any copyright, intellectual property, or privacy right; or (iv) any claim that your Content caused damage to a third party; or (v) any rejection of your mobile application from any mobile application store or marketplace, for any reason whatsoever. This defense and indemnification obligation will survive these Terms and your use of the Service.
1.19 User Generated Apps
All apps created on our platform are User Generated Apps, AP does not endorse and has no control over User Generated Apps submitted by you or others and accepts no responsibility whatsoever in connection with or arising therefrom. User Generated Content App created through the Site is not necessarily reviewed by AP prior to posting in Market Place and does not necessarily reflect the opinions or policies of AP. If at any time AP chooses, in its sole discretion, to monitor the Marketplace, AP nonetheless assumes no responsibility for User Generated Apps, no obligation to modify or remove any inappropriate or inaccurate User Generated Apps, and no responsibility for the conduct of the user submitting any User Generated App. AP makes no warranties, express or implied, as to the suitability, accuracy or reliability of any Content and other materials on the Marketplace. Nonetheless, Administrator reserves the right to prevent you from submitting User Generated App and to edit, restrict or remove any User Generated App for any reason at any time. You agree that Administrator shall accept no liability if we prevent, in our sole discretion, your User Generated App from being submitted, or we edit, restrict or remove it. You also agree to permit any other user of this Site and any third-party website on which your User Generated App may be included, to access, view, store and reproduce the material for such user’s personal use.
1.20 Third-Party Services & Third-Party Application Providers
AP apps utilize multiple Third-Party services including but not limited to PubNub, Facebook, Google’s (YouTube, Maps, Firebase, Sheets, API.AI), Sinch, Vuforia, AWS, and others. You acknowledge that the license to each Third-Party Service that you obtain, is a binding agreement between you and the Application Provider. For Third-Party Apps, you acknowledge that (i) you are acquiring the license to each Third-Party App from the Application Provider; (ii) AP is not acting as agent for the Application Provider in providing each such Third-Party App to you; and (iii) AP is not a party to the license between you and the Application Provider with respect to that Third-Party App. The Application Provider of each Third-Party App is solely responsible for that Third-Party App, the content therein, any warranties to the extent that such warranties have not been disclaimed, and any claims that you or any other party may have relating to that Third-Party App. In the case of Third-Party Apps, the License Fee is set as the sole discretion of the Third-Party Application Provider and AP does not collect the License Fee on behalf of the Third-Party Application Provider, you will have to pay this directly to the Third-Party Application Provider. The Licensor may change the License Fee at any time.
1.21 Beta Features
Some AP platform releases contain beta features like (Taxi, Food Court, Augmented Reality, Messenger, Chatbot). We release these beta features to collect feedback on their implementation so that we can improve them. We value any feedback on these beta features, as it enables us to provide you with the best possible product. The availability of beta features will be documented in the release notes for every specific release. Other documentation will be available through the AP support section. Please consult the release notes and the documentation on how to enable and use these beta features.
Please take note of the following limitations regarding beta features:
- Beta features may be incomplete; future releases may include more functionality to complete the features
- Beta features may change in future releases, depending on the feedbacks
- Even though we aim for backwards compatibility, AP can’t guarantee backwards compatibility between monthly releases for beta features
- Beta features are not covered by any SLA and not part of our Reseller Platform
- We value feedback, including tickets describing problems with beta features, but these tickets will not be handled according to your SLA
- We cannot guarantee timely fixes for any problems you encounter with beta features
- Beta features should not be used for production applications
- Beta features may contain bugs, which could potentially lead to data corruption
1.22 Children’s Personal Information
AP doest not knowingly collect any personal information from children under the age of 16. If you are under the age of 16, please do not submit any personal information through our Websites or Apps. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Policy by instructing their children never to provide personal information through the Websites or Apps without their permission. If you have reason to believe that a child under the age of 16 has provided personal information to us through the Websites or Services, please contact us at firstname.lastname@example.org, and we will use commercially reasonable efforts to delete that information.
1.23 Data Ownership Rights
You Own the App, App data (content) and retain copyright and any other rights you already hold in Application that you create, submit, post, transmit or display on, or through, the Service, including any intellectual property rights which subsist in that Application and your User Content, and you are responsible for protecting those rights. However, we reserve rights to lock your app for further editing or updating, In case your subscription is cancelled.
1.24 Legal Issues & Jurisdiction
This agreement shall be governed by the laws of the Commonwealth of Virginia. In the event that any dispute should arise under this agreement, the parties agree to waive all jurisdictional and venue objections and to have all such disputes submitted to and heard before the Courts of Fauquier, Virginia. However, AP reserves the right to seek resolution in Fauquier County Small Claims Court for funds in dispute at or below the Small Claims’ Court Limit. Non-payment shall result in acceleration of the minimum value of this agreement being payable in full. You acknowledge that in the event of such acceleration, the minimum value of this agreement shall be due and payable as minimum liquidated damages because such balance will bear a reasonable proportion to AP’s minimum probable loss from your non-payment, the amount of AP’s actual loss being incapable to calculate. Client agrees to pay all costs and expenses, including but not limited to, attorney fees and court costs, for the collection and/or enforcement of any obligation under this agreement, whether or not a lawsuit or arbitration is commenced.
DATA PROCESSING ADDENDUM
(Rev. 16 May 2018)
This Data Processing Addendum (“DPA”) forms part of the Master Subscription Agreement or other written or electronic agreement between Appy Pie (“AP”) and Customer for the purchase of online services (including associated AP offline or mobile components) from AP (identified either as “Services” or otherwise in the applicable agreement, and hereinafter defined as “Services”) (the “Agreement”) to reflect the parties’ agreement with regard to the Processing of Personal Data.
By agreeing the Agreement, Customer enters into this DPA on behalf of itself and, to the extent required under applicable Data Protection Laws and Regulations, in the name and on behalf of its Affiliates, if and to the extent AP processes Personal Data for which such Affiliates qualify as the Controller. All capitalized terms not defined herein shall have the meaning set forth in the Agreement.
In the course of providing the Services to Customer pursuant to the Agreement, AP may Process Personal Data on behalf of Customer and the Parties agree to comply with the following provisions with respect to any Personal Data, each acting reasonably and in good faith.
HOW THIS DPA APPLIES
If the Customer entity signing this DPA is a party to the Agreement, this DPA is an addendum to and forms part of the Agreement. In such case, the AP entity that is party to the Agreement is party to this DPA.
If the Customer entity signing this DPA has executed an Order Form with AP or its Affiliate pursuant to the Agreement, but is not itself a party to the Agreement, this DPA is an addendum to that Order Form and applicable renewal Order Forms, and the Appy Pie entity that is party to such Order Form is party to this DPA.
If the Customer entity signing this DPA is neither a party to an Order Form nor the Agreement, this DPA is not valid and is not legally binding. Such entity should request that the Customer entity that is a party to the Agreement execute this DPA.
This DPA shall not replace any comparable or additional rights relating to Processing of Customer Data contained in Customer’s Agreement (including any existing data processing addendum to the Agreement).
“Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity. “Control,” for purposes of this definition, means direct or indirect ownership or control of more than
50% of the voting interests of the subject entity
“Controller” means the entity, which determines the purposes and means of the Processing of Personal Data.
“Customer Data” means what is defined in the Agreement as “Customer Data.” or “Your Data.”
“Data Protection Laws and Regulations” means all laws and regulations, including laws and regulations of the European Union, the European Economic Area and their member states, applicable to the Processing of Personal Data under the Agreement.
“Data Subject” means the individual to whom Personal Data relates.
“AP” means the Appy Pie entity which is a party to this DPA, as specified in the section “HOW THIS DPA APPLIES” above, Appy Pie LLC, a company incorporated in Delaware, U.S.A, Appy Pie LLP, a company incorporated in New Delhi, India, or Appy Pie Limited, a company registered in England and Wales, as applicable.
“AP Group” means AP and its Affiliates engaged in the Processing of Personal Data.
“GDPR” means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
“Personal Data” means any information relating to (i) an identified or identifiable natural person and, (ii) an identified or identifiable legal entity (where such information is protected similarly as personal data or personally identifiable information under applicable Data Protection Laws and Regulations), where for each (i) or (ii), such data is Customer Data.
“Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.
“Processor” means the entity which Processes Personal Data on behalf of the Controller.
“Sub-processor” means any Processor engaged by AP, by a member of the AP Group or by another Sub-processor.
“Supervisory Authority” means an independent public authority, which is established by a EU Member State pursuant to the GDPR.
2. PROCESSING OF PERSONAL DATA
2.1 Roles of the Parties. The parties acknowledge and agree that with regard to the Processing of Personal Data, Customer is the Controller, AP is a Processor and that AP or members of the AP Group will engage Sub-processors pursuant to clause 5 “Sub-processors” below.
2.2 Customer’s Processing of Personal Data. Customer shall, in its use of the Services, Process Personal Data in accordance with the requirements of Data Protection Laws and Regulations. For the avoidance of doubt, Customer’s instructions for the Processing of Personal Data shall comply with Data Protection Laws and Regulations. Customer shall have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which Customer acquired Personal Data.
2.3 AP’s Processing of Personal Data. AP shall treat Personal Data as Confidential Information and shall only Process Personal Data on behalf of and in accordance with Customer’s instructions for the following purposes: (i) Processing in accordance with the Agreement and applicable Order Form(s); (ii) Processing initiated by Users in their use of the Services; and (iii) Processing to comply with other reasonable instructions provided by Customer (e.g., via email) where such instructions are consistent with the terms of the Agreement.
2.4 Details of the Processing. The subject-matter of Processing of Personal Data by AP is the performance of the Services pursuant to the Agreement. The duration of the Processing, the nature and purpose of the Processing, the types of Personal Data and categories of Data Subjects Processed under this DPA are further specified in Schedule 3 (Details of the Processing) to this DPA.
3. RIGHTS OF DATA SUBJECTS
3.1 Data Subject Request. AP shall, to the extent legally permitted, promptly notify Customer if it receives a request from a Data Subject to access, correct or delete that person’s Personal Data or if a Data Subject objects to the Processing thereof (“Data Subject Request”). AP shall not respond to a Data Subject Request without Customer’s prior written consent except to confirm that such request relates to Customer to which Customer hereby agrees. To the extent Customer, in its use of the Services, does not have the ability to address a Data Subject Request, AP shall upon Customer’s request provide commercially reasonable assistance to facilitate such Data Subject Request to the extent AP is legally permitted to do so and provided that such Data Subject Request is exercised in accordance with Data Protection Laws and Regulations. To the extent legally permitted, Customer shall be responsible for any costs arising from AP’s provision of such assistance.
3.2 Data Subject Request. With effect from 25 May 2018, the following wording will replace Clause 3.1 (“Data Subject Request”) in its entirety: Data Subject Requests. AP shall, to the extent legally permitted, promptly notify Customer if AP receives a request from a Data Subject to exercise the Data Subject’s right of access, right to rectification, restriction of Processing, erasure (“right to be forgotten”), data portability, object to the Processing, or its right not to be subject to an automated individual decision making (“Data Subject Request”). Taking into account the nature of the Processing, AP shall assist Customer by appropriate technical and organizational measures, insofar as this is possible, for the fulfillment of Customer’s obligation to respond to a Data Subject Request under Data Protection Laws and Regulations. In addition, to the extent Customer, in its use of the Services, does not have the ability to address a Data Subject Request, AP shall upon Customer’s request provide commercially reasonable efforts to assist Customer in responding to such Data Subject Request, to the extent AP is legally permitted to do so and the response to such Data Subject Request is required under Data Protection Laws and Regulations. To the extent legally permitted, Customer shall be responsible for any costs arising from AP’s provision of such assistance.
4. AP PERSONNEL
4.1 Confidentiality. AP shall ensure that its personnel engaged in the Processing of Personal Data are informed of the confidential nature of the Personal Data, have received appropriate training on their responsibilities and have executed written confidentiality agreements. AP shall ensure that such confidentiality obligations survive the termination of the personnel engagement.
4.2 Reliability. AP shall take commercially reasonable steps to ensure the reliability of any AP personnel engaged in the Processing of Personal Data.
4.3 Limitation of Access. AP shall ensure that AP’s access to Personal Data is limited to those personnel who require such access to perform the Agreement.
4.4 Data Protection Officer. Members of the AP Group will appoint a data protection officer where Data Protection Laws and Regulations require such appointment. The appointed person may be reached at email@example.com.
5.1 Appointment of Sub-processors. Customer acknowledges and agrees that (a) AP’s Affiliates may be retained as Sub-processors; and (b) AP and AP’s Affiliates respectively may engage third-party Sub-processors in connection with the provision of the Services. AP or a AP Affiliate has entered into a written agreement with each Sub-processor containing data protection obligations not less protective than those in this Agreement with respect to the protection of Customer Data to the extent applicable to the nature of the services provided by such Sub-processor.
5.2 List of Current Sub-processors and Notification of New Sub-processors. A list of Sub-processors as of 16 May 2018 for the Services is annexed in Schedule 1. Upon request, AP shall make available to Customer an updated list of Sub-processors for the Services with the identities of those Sub-processors and their country of location (“Updated Sub-processor List”).
5.3 Objection Right for New Sub-processors. Customer may object to AP’s use of a new Sub-processor by notifying AP in writing within ten (10) business days after receipt of an Updated Sub-processor List. In the event Customer objects to a new Sub-processor, as permitted in the preceding sentence, AP will use reasonable efforts to make available to Customer a change in the Services or recommend a commercially reasonable change to Customer’s configuration or use of the Services to avoid Processing of Personal Data by the objected-to new Sub-processor without unreasonably burdening the Customer. If AP is unable to make available such change within a reasonable period of time, which shall not exceed thirty (30) days, Customer may terminate the applicable Order Form(s) with respect only to those Services which cannot be provided by AP without the use of the objected-to new Sub-processor, by providing written notice to AP. AP will refund to Customer any prepaid fees covering the remainder of the term of such Order Form(s) following the effective date of termination with respect to such terminated Services, without imposing a penalty for such termination on Customer.
5.4 Sub-processor Agreements. The parties agree that AP will provide the copies of the Sub-processor agreements only upon reasonable request by Customer.
5.5 Liability. AP shall be liable for the acts and omissions of its Sub-processors to the same extent AP would be liable if performing the services of each Sub-processor directly under the terms of this DPA, save as otherwise set forth in the Agreement.
6.1 Controls for the Protection of Personal Data. AP shall maintain administrative, physical and technical safeguards designed for protection of the security (including protection against unauthorized or unlawful Processing and against accidental or unlawful destruction, loss or alteration or damage, unauthorized disclosure of, or access to, Customer Data), confidentiality and integrity of Customer Data, including Personal Data.
6.2 SOC 1 Report. Upon Customer’s written request no more frequently than once annually, AP shall provide to Customer a copy of AP’s then most recent service organization controls (SOC) 1 report for the Services. AP may require Customer to sign a nondisclosure agreement reasonably acceptable to AP before AP provides a copy of such report to Customer.
7. SECURITY BREACH MANAGEMENT AND NOTIFICATION
AP maintains security incident management policies and procedures and shall notify Customer without undue delay after becoming aware of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Data, including Personal Data, transmitted, stored or otherwise Processed by AP or its Sub-processors of which AP becomes aware (a “Customer Data Incident”). AP shall make reasonable endeavors to identify the cause of such Customer Data Incident and take those steps as AP deems necessary and reasonable in order to remediate the cause of such a Customer Data Incident to the extent the remediation is within AP’s reasonable control. The obligations herein shall not apply to incidents that are caused by Customer or Customer’s Users.
8. RETURN AND DELETION OF CUSTOMER DATA
AP shall return Customer Data to Customer and, to the extent allowed by applicable law, delete Customer Data in accordance with the procedures and timeframes specified in the Agreement.
9. AUTHORIZED AAPILIATES
9.1 Contractual Relationship. The parties acknowledge and agree that, by executing the Agreement, Customer enters into the DPA on behalf of itself and, as applicable, in the name and on behalf of its Affiliates, thereby establishing a separate DPA between AP and each such Affiliate subject to the provisions of the Agreement, this Clause 9, and Clause 10 below. Each Affiliate agrees to be bound by the obligations under this DPA and, to the extent applicable, the Agreement. For the avoidance of doubt, an Affiliate is not and does not become a party to the Agreement, and is only a party to the DPA. All access to and use of the Services by Affiliates must comply with the terms and conditions of the Agreement, and Customer shall deem any violation of the terms and conditions of the Agreement by an Affiliate a violation.
9.2 Communication. The Customer that is the contracting party to the Agreement shall remain responsible for coordinating all communication with AP under this DPA and be entitled to make and receive any communication in relation to this DPA on behalf of its Affiliates
10. LIMITATION OF LIABILITY
Each party’s and all of its Affiliates’ liability, taken together in the aggregate, arising out of or related to this DPA, and all DPAs between Affiliates and AP, whether in contract, tort or under any other theory of liability, is subject to the “Limitation of Liability” clause of the Agreement, and any reference in such clause to the liability of a party means the aggregate liability of that party and all of its Affiliates under the Agreement and all DPAs together.
For the avoidance of doubt, AP’s and its Affiliates’ total liability for all claims from the Customer and all of its Affiliates arising out of or related to the Agreement and each DPA shall apply in the aggregate for all claims under both the Agreement and all DPAs established under this Agreement, including by Customer and all Affiliates, and, in particular, shall not be understood to apply individually and severally to Customer and/or to any Affiliate that is a contractual party to any such DPA. Also for the avoidance of doubt, each reference to the DPA in this DPA means this DPA including its Schedules thereto.
11. EUROPE-SPECIFIC PROVISIONS
11.1 GDPR. With effect from 25 May 2018, AP will Process Personal Data in accordance with the GDPR requirements directly applicable to AP’s provision of its Services.
11.2 Data Protection Impact Assessment. With effect from 25 May 2018, upon Customer’s request, AP shall provide Customer with reasonable cooperation and assistance needed to fulfill Customer’s obligation under the GDPR to carry out a data protection impact assessment related to Customer’s use of the Services, to the extent Customer does not otherwise have access to the relevant information, and to the extent such information is available to AP. AP shall provide reasonable assistance to Customer in the cooperation or prior consultation with the Supervisory Authority in the performance of its tasks relating to this Clause 9.2, to the extent required under the GDPR.
11.3 Transfer Mechanisms for Data Transfers. Subject to the terms of this DPA (including Clauses 11.4 and 11.5 below), AP makes available the transfer mechanisms listed below which shall apply, in the order of precedence as set out below in this Clause 11.3, to any online transfers of Personal Data under this DPA from the European Union, the European Economic Area and/or their member states, Switzerland and the United Kingdom to countries which do not ensure an adequate level of data protection within the meaning of Data Protection Laws and Regulations of the foregoing territories, to the extent such transfers are subject to such Data Protection Laws and Regulations:
- AP’S EU-U.S. and Swiss-U.S. Privacy Shield Framework self-certifications apply to the Services listed in Schedule 2 (EU-US and Swiss-US Privacy Shield Services) to this DPA (the “EU-US and Swiss-US Privacy Shield Services”), subject to the additional terms in Clause 11.4 below;
11.4 Additional Terms for EU-US and Swiss-US Privacy Shield Services. Appy Pie LLC self-certifies to and complies with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks, as administered by the US Department of Commerce, and Appy Pie LLC shall ensure that it maintains its self-certification to and compliance with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks with respect to the Processing of Personal Data that is transferred from the European Economic Area and/or Switzerland to the United States.
11.5 Additional Terms for Services offered by AP.
11.5.3 Appointment of New Sub-processors and List of Current Sub-processors. Customer acknowledges and expressly agrees that (a) AP’s Affiliates may be retained as Sub-processors; and (b) AP and AP’s Affiliates respectively may engage third-party Sub-processors in connection with the provision of the Services offered by AP. AP shall make available to Customer the current list of Sub-processors in accordance with Clause 5.2 of this DPA
11.5.4 Notification of New Sub-processors and Objection Right for New Sub-processors. Customer acknowledges and expressly agrees that AP may engage new Sub-processors as described in Clauses 5.2 and 5.3 of the DPA.
11.5.5 Copies of Sub-processor Agreements. The parties agree that AP will provide the copies of the Sub-processor agreements that have all commercial information only upon request by Customer.
11.5.6 Audits and Certifications. The parties agree that the audits shall be carried out in accordance with the following specifications: Upon Customer’s request, and subject to the confidentiality obligations set forth in the Agreement, AP shall make available to Customer (or Customer’s independent, third-party auditor that is not a competitor of AP and that has signed nondisclosure agreement reasonably acceptable to AP) information regarding the AP Group’s compliance with the obligations set forth in this DPA in the form of AP’s SOC 1 report and, for its Sub-processors and its subsidiaries, the third-party certifications and audits set forth in the appypie.com Security, Privacy and Architecture Documentation located at https://www.appypie.com/security & https://www.appypie.com/privacy-policy to the extent appypie.com makes them generally available to its customers. Following any notice by AP to Customer of an actual or reasonably suspected unauthorized disclosure of Personal Data, upon Customer’s reasonable belief that AP is in breach of its obligations in respect of protection of Personal Data under this DPA, or if such audit is required by Customer’s Supervisory Authority, Customer may contact AP in accordance with the “Notices” Clause of the Agreement to request an audit at AP’s premises of the procedures relevant to the protection of Personal Data. Any such request shall occur no more than once annually, save in the event of an actual or reasonably suspected unauthorized access to Personal Data. Customer shall reimburse AP for any time expended for any such on-site audit at the AP Group’s then-current professional services rates, which shall be made available to Customer upon request. Before the commencement of any such on-site audit, Customer and AP shall mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which Customer shall be responsible. All reimbursement rates shall be reasonable; taking into account the resources expended by AP. Customer shall promptly notify AP with information regarding any non-compliance discovered during the course of an audit.
11.5.7 Certification of Deletion. The parties agree that AP shall provide the certification of deletion of Personal only upon Customer’s request.
1. PARTIES TO THIS DPA
2. UNRESSOLVED PRIVACY OR DATA USE DISPUTES
In the event that AP was unable to satisfactorily address or resolve any privacy or data use concern then please contact AP’s U.S.-based third party dispute resolution provider Truste (for free) at https://feedback-form.truste.com/watchdog/request
3. LEGAL EFFECT
This DPA shall only become legally binding between Customer and AP (and Appy Pie LLC, if different) when the parties’ authorized signatories have duly executed this Agreement:
List of Schedules Annexed: