Terms and Conditions of Use

 

Please note, these Terms and Conditions are a translation of the ‘Gebruiksvoorwaarden’ as available on this website in Dutch language. In case of conflict the Dutch ‘Gebruiksvoorwaarden’ take precedence over the English ‘Terms and Conditions of Use’.

 

31 January 2023

The service ‘askemo‘ is offered to you via the Internet as a Software-as-a-Service by the company askemo BV,

The use of askemo is subject to the following conditions. Your use of askemo constitutes your acceptance thereof. No derogation from these terms of use shall be binding unless agreed in writing by askemo BV.

 

Article 1. Definitions

1.1. askemo BV: established in ‘s-Hertogenbosch and registered with the Chamber of Commerce under registration number 77225090.

1.2 Website: askemo’s website, accessible via https://www.askemo.nl and all associated sub-domains.

1.3 Customer: Customer of goods or services from askemo.

1.4 Agreement: Any understanding or agreement between askemo BV and the Customer, of which the Terms and Conditions of Use form an integral part.

1.5 Terms and Conditions: the present Terms and Conditions of Use including annex “Data Processing Agreement”.

 

Article 2. Use of the service

2.1. Askemo offers you the possibility via the Internet (https://www.askemo.nl and all associated sub-domains): (a) to design forms; (b) to let third parties fill in these forms; and (c) to process and view the results. You decide what information you want to have filled in and what you do with the results.

2.2. In order to use askemo, you must first register. Once your registration is complete, you can log in directly to your account and use the service.

2.3. You must protect access to your account from unauthorised persons by means of your user name and password. In particular, you must keep the password strictly confidential. Askemo BV may assume that everything that happens from your account after login with your user name and password happens under your direction and supervision. You are therefore liable for all such actions, unless you have reported to askemo BV that someone else knows your password.

2.4. Askemo BV processes personal data (name and address details, e-mail address and possibly mobile phone number). Askemo BV hereby acts as a Processor within the meaning of the General Data Protection Regulation (GDPR). Askemo BV processes all personal data in accordance with the Data Processor Agreement and Privacy Policy. You will indemnify askemo BV from any claims by data subjects under this law.

 

Article 3. Rules of use

3.1. It is prohibited to use askemo for acts that are in breach of Dutch or other applicable laws and regulations. This includes the storage or distribution via the service of information that is defamatory, libellous or racist.

3.2. In particular, it is prohibited to ask for personal data without having published an adequate privacy policy. You must also comply with the General Data Protection Regulation when processing any other personal data.

3.3. It is also forbidden to violate the privacy of third parties at askemo, for instance by distributing the personal data of third parties without authorisation or necessity, or by repeatedly harassing third parties with communications they do not want to receive, as well as to do anything that violates netiquette.

3.4. If askemo BV discovers that you are violating the aforementioned terms and conditions, or receives a complaint in this respect, it will warn you. If this does not lead to an acceptable solution, askemo BV may intervene to put an end to the breach. In urgent or serious cases, askemo BV may intervene without warning.

3.5. If, in the opinion of askemo BV, there is any hindrance, damage or other risk to the functioning of the computer systems or network of askemo BV or third parties and/or the provision of services via the Internet, in particular as a result of the excessive sending of e-mail or other data, the leaking of personal details or the activities of viruses, Trojans and similar software, askemo BV is authorised to take all such measures as it deems reasonably necessary in order to avert or prevent this risk.

3.6. Askemo BV is at all times authorised to report any observed criminal offences.

3.7. Askemo BV can claim damages from you for any breaches of these rules of conduct. You shall indemnify askemo BV against all third-party claims relating to damage caused by breaches of these rules of conduct.

 

Article 4. Availability and maintenance

4.1. askemo BV makes every effort to ensure that the service is available, and guarantees 99% availability. This guarantee is independent of any down-time of the hosting service as well as the backup hosting service, as a result of which ‘Website’ may be unreachable.

4.2. Askemo BV actively maintains askemo. If maintenance is expected to result in reduced availability, askemo BV will carry this out if use of the service is relatively low. Maintenance will be announced in advance where possible. Emergency maintenance can be performed at any time and will not be announced in advance.

4.3. Askemo BV may adjust the functionality of askemo from time to time. Your feedback and suggestions are welcome but, ultimately, askemo BV itself will decide what changes to make.

 

Article 5. Intellectual property

5.1. The askemo service, the associated software as well as all information and pictures on the web site are the intellectual property of askemo BV. They may not be copied or used in any way whatsoever without the separate written consent of askemo BV, except in situations where this is permitted by law.

5.2. Information which you store or process through the Service is and remains your property (or that of your suppliers). Askemo BV has a limited right of use to use this information for the service, including future aspects of it. You may revoke this right of use by deleting the information in question and/or by terminating the agreement.

5.3. If you send information to askemo BV, for instance feedback on an error or a suggestion for improvement, you grant it an unrestricted and perpetual right of use to use this information for the service. This does not apply to information which you expressly mark as confidential.

5.4. Askemo BV will not take knowledge of any data you store and/or disseminate through askemo, unless this is necessary for the proper provision of services or askemo BV is required to do so by law or court order. In such case askemo BV will make an effort to limit the access to the data as much as possible within its power.

 

Article 6. Fee for the service

6.1. The use of askemo may incur a fee for the use of certain functionalities. You will be informed of the costs for the relevant functionalities. The fee is payable monthly or annually and in advance, unless customer and askemo BV agree otherwise in writing.

6.2. Payment can be made via payment instructions on the website, unless customer and askemo BV agree otherwise in writing.

6.3. Because the service is provided directly, and at your express request, it is not possible to reverse a payment by invoking the Wet Koop op Afstand.

 

Article 7. Liability

7.1. Except in the event of wilful intent or gross negligence, askemo BV’s liability shall be limited to the amount paid by you in the twelve months preceding the date of the harmful event.

7.2. Askemo BV is explicitly not liable for indirect damage, consequential damage, loss of profit, lost savings and damage as a result of business interruption.

7.3. Any right to compensation depends on your reporting the loss to askemo BV in writing within two months of its discovery.

7.4. In the event of force majeure, askemo BV shall under no circumstances be obliged to compensate any damage or loss suffered by you as a result thereof. Force majeure includes, but is not limited to, internet malfunctions or outages, telecommunications infrastructure, power failures, civil commotion, virus outbreaks, mobilisation, war, transport bottlenecks, strikes, lockouts, business interruptions, supply bottlenecks, fire and flooding.

 

Article 8. Duration and termination

8.1. This Agreement shall commence upon your first use of the Service by registering and shall continue for an indefinite period.

8.2. You may terminate the agreement at any time; termination is effective upon expiry of the subscription period, either monthly or annually.

8.3. askemo BV may terminate the agreement if you have not logged in for eighteen months. In that case, it will first send a reminder e-mail to the e-mail address linked to your account.

8.4. On request and at an additional cost, askemo BV can provide you with a copy of the stored data. Please enquire about the possibilities and costs.

 

Article 9. Changes to these terms

9.1. Askemo BV may amend these terms and conditions and prices at any time.

9.2. Askemo BV will announce any amendments or additions at least thirty days before they take effect, via the service, so that you can take note of them.

9.3. If you do not wish to accept an amendment or addition, you may give notice of termination of the agreement up to the date on which it takes effect. Use of the service after the date of entry into force is deemed to be acceptance of the amended or supplemented conditions.

 

Article 10. Other terms and conditions

10.1. This agreement is governed by Dutch law.

10.2. Insofar as the rules of mandatory law do not prescribe otherwise, all disputes in connection with askemo will be submitted to the competent Dutch court for the district in which askemo BV has its registered office.

10.3. Where a provision in these Terms and Conditions of Use requires that a communication be made ‘in writing’, this shall also be deemed to have been fulfilled if the communication is made by e-mail or communication via the service, provided that it is sufficiently certain that the message actually originates from the alleged sender and that the integrity of the message has not been compromised.

10.4. The version of communication or information as stored by askemo BV is deemed to be correct, unless you provide evidence to the contrary.

10.5. If any provision in these terms and conditions of use is found to be invalid, this shall not affect the validity of the entire terms and conditions of use. In that case, the parties will draw up (a) new provision(s) by way of replacement, which will give shape to the intention of the original provision to the greatest extent possible under the law.

10.6. Askemo BV is entitled to transfer its rights and obligations under the agreement to a third party who takes over askemo or the relevant business activity.

 

Annex: Data Processing Agreement

This Processor Agreement is an annex to the “Askemo Terms and Conditions of Use” (hereinafter: “Terms“) between the Customer (hereinafter: “Controller“) and askemo BV (hereinafter: “Processor“). Acceptance of the Terms and Conditions also constitutes acceptance of this Processing Agreement by the parties.

 

Article 1. Purposes of processing

1.1. Under the terms of this Processing Agreement, the Processor undertakes to process personal data on the instructions of the Controller. Processing will take place solely for the purposes of the agreement and for: (a) storing data of the Controller in the ‘cloud’ and related online services; (b) sending e-mails and/or newsletters on the instructions of the Controller; (c) managing the customer administration of the Controller within askemo; (d) plus any purposes reasonably related thereto or determined by further consent.

1.2. The personal data processed by Processor in the context of the activities referred to in the previous paragraph and the categories of data subjects from whom they originate are listed in Article 13. Processor shall not process the personal data for any purpose other than as determined by Processor. Controller shall inform Processor of the processing purposes to the extent they are not already mentioned in this Processor Agreement. However, Processor may use the personal data for quality purposes, such as conducting scientific or statistical research on the quality of its services, only if the personal data have been pseudonymised.

1.3. The personal data to be processed on the instructions of the Controller shall remain the property of the Controller and/or the data subjects concerned.

 

Article 2. Obligations of Processor

2.1. With regard to the processing referred to in Article 1, the Processor shall ensure compliance with the applicable laws and regulations, including in any case the laws and regulations in the field of personal data protection, such as the GDPR.

2.2. The Processor will inform the Controller, at the latter’s first request, of the measures it has taken with regard to its obligations under this Processing Agreement.

2.3. The obligations of the Processor that arise from this DPA also apply to those who process personal data under the authority of the Processor, including but not limited to employees, in the widest sense of the word.

2.4. Processor will notify Controller immediately if, in its opinion, an instruction from Controller is in breach of the legislation referred to in these Terms or Annex.

2.5. Insofar as it is within its power, the Processor will provide assistance to the Controller for the purposes of carrying out data protection impact assessments (DPIAs) and any necessary prior consultation with the Authority for the Protection of Personal Data.

2.6. In accordance with Article 30 of the GDPR, the Processor shall keep a register of all categories of processing activities that it carries out for the benefit of the Controller under this Processing Agreement. Upon request, the Processor shall allow the Controller to inspect this register.

 

Article 3. Transfer of personal data

3.1. Processor may process the personal data in countries within the European Union.

3.2. Transfer to countries outside the European Union is prohibited.

 

Article 4. Allocation of responsibility

4.1. For the purposes of the processing, Processor shall make available ICT resources that can be used by Controller for the purposes referred to above. Processor shall only carry out processing activities itself on the basis of separate agreements.

4.2. The processor is solely responsible for processing the personal data under this Processing Agreement, in accordance with the instructions of the Controller and under the explicit (final) responsibility of the Controller.

4.3. The Controller guarantees that the content, use and instruction of the processing of the personal data referred to in this Processing Agreement are not unlawful and do not infringe any rights of third parties.

 

Article 5. Use of third parties or subcontractors

5.1. The Processor may use third parties in the context of this Processing Agreement. The Controller may object if the use of a specific reported third party is unacceptable to it.

5.2. In any event, the Processor shall ensure that these third parties undertake in writing at least the same obligations as those agreed between the Controller and the Processor. The Controller is entitled to inspect the agreements that may be involved.

5.3. The Processor guarantees that these third parties will correctly fulfil their obligations under this Processor Agreement and, in the event of errors by these third parties, is liable for all damage as if it had made the error(s) itself.

 

Article 6. Security

6.1. Processor shall make an effort to take sufficient technical and organisational measures regarding the processing of personal data to be carried out, against loss or against any form of unlawful processing (such as unauthorised access, impairment, alteration or disclosure of the personal data).

6.2. Processor does not guarantee that the security is effective in all circumstances. If there is no explicit description of the security measures in the Processing Agreement, the Processor will endeavour to ensure that the security measures meet a level which is not unreasonable, given the state of the art, the sensitivity of the personal data and the costs involved in implementing the security measures.

 

Article 7. Reporting obligation

7.1. The Controller is responsible at all times for notifying the supervisory authority and/or the parties concerned of a security incident and/or data leak (which is understood to mean: a breach of security resulting in the accidental or unlawful destruction, loss, alteration or unauthorised disclosure of or access to data that has been transmitted, stored or otherwise processed). To enable Controller to comply with this legal obligation, Processor will inform Controller of the security incident and/or data leak within a reasonable period.

7.2. Notification must only be made in the case of high-impact events, and only if the event actually occurred.

7.3. The duty of notification includes in any case the reporting of the fact that a leak has occurred.

In addition, the duty of notification includes

a. the nature of the personal data breach, where possible stating the categories of data subjects and personal data concerned and, approximately, the number of data subjects and personal data concerned

b. the name and contact details of the data protection officer or other contact point where more information can be obtained

c. the likely consequences of the personal data breach

d. the measures proposed or taken by the Processor to address the personal data breach, including, where applicable, the measures to mitigate any adverse effects.

 

Article 8. Handling of requests from data subjects

8.1. In the event that a data subject makes a request to exercise his/her legal rights (Article 15-22 GDPR) to Processor, Processor shall forward the request to Controller, and Controller shall handle the request further. Processor may inform the data subject accordingly.

 

Article 9. Confidentiality and secrecy

9.1. All personal data that Processor receives from the Controller and/or collects itself in the context of this Processing Agreement is subject to an obligation of confidentiality vis-à-vis third parties. Processor shall not use this information for any purpose other than that for which it was obtained, not even if it is in such a form that it cannot be traced back to those involved.

9.2. This secrecy obligation does not apply if Controller has given explicit permission to provide the information to third parties, if providing the information to third parties is logically necessary in view of the nature of the assignment given and the execution of this Processing Agreement, or if there is a legal obligation to provide the information to a third party.

 

Article 10. Audit

10.1. The Controller is entitled to have audits carried out by an independent third party bound to secrecy to verify compliance with the security requirements, compliance with this agreement, with the general rules on processing personal data, misuse of personal data by employees of the Processor, and anything directly related to this.

10.2. This audit may take place:

a. upon concrete suspicion of misuse of personal data, non-compliance with this processor agreement and/or applicable laws and regulations; or,

b. up to once a year in the absence of a concrete suspicion of misuse referred to in Article 10.2a.

10.3. Processor shall cooperate with the audit and make all information, including supporting data such as system logs, and employees reasonably relevant for the audit available in as timely a manner as possible.

10.4. The findings of the audit will be assessed by the Parties in mutual consultation and, as a result, may or may not be implemented by one or both Parties jointly.

10.5. If the audit reveals material shortcomings on the part of Processor in relation to the obligations incumbent on Processor under this processor agreement, Processor shall bear the full (internal and external) costs of the audit insofar as they are related to the specific shortcoming. In other cases, the full costs of the audit shall be borne by Processor.

10.6. Any internal costs of Processor related to the audit are part of the audit costs and, if applicable, will be passed on to Processor at the applicable hourly rate.

 

Article 11. Liability

11.1. The parties explicitly agree that the provision of the Terms and Conditions of Use shall apply with regard to liability.

 

Article 12. Duration and termination

12.1. This Processing Agreement shall come into effect upon completion fo registration for the askemo services on the date of registration.

12.2. This Processing Agreement is entered into for the duration as specified in the agreement between the Parties and, in the absence thereof, in any event for the duration of the co-operation.

12.3. As soon as the Processing Agreement is terminated, for whatever reason and in whatever way, the Processor will – at the request of the Controller – return all personal data in its possession in original or copy form to the Controller , and/or remove and/or destroy these original personal data and any copies thereof.

12.4. This Processing Agreement may be amended in the same way as the Terms and Conditions.

 

Article 13. Specification of personal data and data subjects

Categories of data subjects and personal data of different purposes
Processor shall, within the scope of Article 1.1 of the Processor Agreement, process the following (special) personal data of the aforementioned categories of data subjects on behalf of Processor:

Customer and/or member records in askemo (until end of contract)
Employees: name and address details, telephone number & e-mail address
Suppliers: name and address details, telephone number & e-mail address
Customers: Name details, Phone number & Email address

Cloud storage of data (until end of contract)
Employees: name and address, telephone number & e-mail address
Suppliers: name and address details, telephone number & e-mail address
Customers: Name details, Telephone number & E-mail address

Processor guarantees that the personal data and categories of data subjects described in this article are complete and correct, and indemnifies Processor against any defects and claims resulting from an incorrect representation by Processor.