The date of execution of this agreement is the date at which the Customer creates an account with CatchJS.
CatchJS by Lars Eidnes, a company incorporated in Norway (registration number 922 026 440) having its registered office at Ørjaveita 2, 7010 Trondheim, Norway (the "Provider"); and
The individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable (the "Customer").
In this Agreement:
"Access Credentials" means the usernames, passwords and other credentials enabling access to the Hosted Services, including both access credentials for the User Interface and any access credentials for APIs;
"Agreement" means this agreement including any Schedules, and any amendments to this Agreement from time to time;
"API" means any application programming interface for the Hosted Services defined by the Provider and made available by the Provider to the Customer;
"Business Day" means any weekday other than a bank or public holiday in Norway;
"Business Hours" means the hours of 09:00 to 17:00 CET on a Business Day;
"Charges" means the following amounts:
the amounts specified in Section 2 of Schedule 1 (Hosted Services particulars); and
such amounts as may be agreed in writing by the parties from time to time;
"Customer Confidential Information" means:
any information disclosed by or on behalf of the Customer to the Provider during the Term (whether disclosed in writing, orally or otherwise) that at the time of disclosure:
was marked or described as "confidential"; or
should have been reasonably understood by the Provider to be confidential;
"Customer Data" means all data, works and materials: uploaded to or stored on the Platform by the Customer; transmitted by the Platform at the instigation of the Customer; supplied by the Customer to the Provider for uploading to, transmission by or storage on the Platform; or generated by the Platform as a result of the use of the Hosted Services by the Customer (but excluding analytics data relating to the use of the Platform and server log files);
"Customer Personal Data" means any Personal Data that is processed by the Provider on behalf of the Customer in relation to this Agreement, but excluding personal data with respect to which the Provider is a data controller;
"Data Protection Laws" means the EU GDPR and all applicable Norwegian laws relating to the processing of Personal Data;
"Documentation" means the documentation for the Hosted Services produced by the Provider and delivered or made available by the Provider to the Customer;
"Effective Date" means the date of execution of this Agreement;
"EU GDPR" means the General Data Protection Regulation (Regulation (EU) 2016/679) and all other EU laws regulating the processing of Personal Data, as such laws may be updated, amended and superseded from time to time;
"Force Majeure Event" means an event, or a series of related events, that is outside the reasonable control of the party affected (including failures of the internet or any public telecommunications network, hacker attacks, denial of service attacks, virus or other malicious software attacks or infections, power failures, industrial disputes affecting any third party, changes to the law, disasters, epidemics, pandemics, explosions, fires, floods, riots, terrorist attacks and wars);
"Hosted Services" means CatchJS, as specified in the Hosted Services Specification, which will be made available by the Provider to the Customer as a service via the internet in accordance with this Agreement;
"Hosted Services Specification" means the specification for the Platform and Hosted Services set out in Section 1 of Schedule 1 (Hosted Services particulars) and in the Documentation;
"Intellectual Property Rights" means all intellectual property rights wherever in the world, whether registrable or unregistrable, registered or unregistered, including any application or right of application for such rights (and these "intellectual property rights" include copyright and related rights, database rights, confidential information, trade secrets, know-how, business names, trade names, trade marks, service marks, passing off rights, unfair competition rights, patents, petty patents, utility models, semi-conductor topography rights and rights in designs);
"Personal Data" means personal data under any of the Data Protection Laws;
"Platform" means the platform managed by the Provider and used by the Provider to provide the Hosted Services, including the application and database software for the Hosted Services, the system and server software used to provide the Hosted Services, and the computer hardware on which that application, database, system and server software is installed;
"Schedule" means any schedule attached to the main body of this Agreement;
"Services" means any services that the Provider provides to the Customer, or has an obligation to provide to the Customer, under this Agreement;
"Support Services" means support in relation to the use of, and the identification and resolution of errors in, the Hosted Services, but shall not include the provision of training services;
"Term" means the term of this Agreement, commencing in accordance with Clause 2.1 and ending in accordance with Clause 2.2;
"User Interface" means the interface for the Hosted Services designed to allow individual human users to access and use the Hosted Services.
This Agreement shall come into force upon the Effective Date.
This Agreement shall continue in force until the Agreement is terminated in accordance with Clause 16 or any other provision of this Agreement.
The Provider shall provide, or shall ensure that the Platform will provide, to the Customer upon the Effective Date the Access Credentials necessary to enable the Customer to access and use the Hosted Services.
The Provider hereby grants to the Customer a worldwide, non-exclusive licence to use the Hosted Services by means of the User Interface and the API for the internal business purposes of the Customer in accordance with the Documentation during the Term.
Except to the extent expressly permitted in this Agreement or required by law on a non-excludable basis, the licence granted by the Provider to the Customer under Clause 3.2 is subject to the following prohibitions:
the Customer must not sub-license its right to access and use the Hosted Services; and
the Customer must not permit any unauthorised person or application to access or use the Hosted Services.
The Customer shall implement and maintain reasonable security measures relating to the Access Credentials to ensure that no unauthorised person or application may gain access to the Hosted Services by means of the Access Credentials.
The Provider shall use reasonable endeavours to maintain the availability of the Hosted Services to the Customer at the gateway between the public internet and the network of the hosting services provider for the Hosted Services, but does not guarantee 100% availability.
For the avoidance of doubt, downtime caused directly or indirectly by any of the following shall not be considered a breach of this Agreement:
a Force Majeure Event;
a fault or failure of the internet or any public telecommunications network;
a fault or failure of the Customer's computer systems or networks;
any breach by the Customer of this Agreement; or
scheduled maintenance carried out in accordance with this Agreement.
The Customer must comply with Schedule 2 (Acceptable Use Policy), and must ensure that all persons using the Hosted Services with the authority of the Customer or by means of the Access Credentials comply with Schedule 2 (Acceptable Use Policy).
The Customer must not use the Hosted Services in any way that causes, or may cause, damage to the Hosted Services or Platform or impairment of the availability or accessibility of the Hosted Services.
The Customer must not use the Hosted Services in any way that uses excessive Platform resources and as a result is liable to cause a material degradation in the services provided by the Provider to its other customers using the Platform; and the Customer acknowledges that the Provider may use reasonable technical measures to limit the use of Platform resources by the Customer for the purpose of assuring services to its customers generally.
The Customer must not use the Hosted Services:
in any way that is unlawful, illegal, fraudulent or harmful; or
in connection with any unlawful, illegal, fraudulent or harmful purpose or activity.
The Provider may suspend the provision of the Hosted Services if any amount due to be paid by the Customer to the Provider under this Agreement is overdue, and the Provider has given to the Customer at least 7 days' written notice, following the amount becoming overdue, of its intention to suspend the Hosted Services on this basis.
The Provider may from time to time suspend the Hosted Services for the purposes of scheduled maintenance to the Platform.
The Provider shall provide the Support Services to the Customer during the Term.
The Provider shall provide the Support Services in accordance with the standards of skill and care reasonably expected from a leading service provider in the Provider's industry.
The Provider may suspend the provision of the Support Services if any amount due to be paid by the Customer to the Provider under this Agreement is overdue, and the Provider has given to the Customer at least 7 days' written notice, following the amount becoming overdue, of its intention to suspend the Hosted Services on this basis.
The Customer hereby grants to the Provider a non-exclusive licence to copy, reproduce, store, distribute, publish, export, adapt, edit and translate the Customer Data to the extent reasonably required for the performance of the Provider's obligations and the exercise of the Provider's rights under this Agreement. The Customer acknowledges that hosting, connectivity and telecommunications service providers are needed for the Provider to perform its obligations under this agreement, and the Customer also grants to the Provider the right to sub-license these rights to these service providers, to extent reasonably required for the performance of the Provider's obligations and the exercise of the Provider's rights under this Agreement, subject to any express restrictions elsewhere in this Agreement.
The Customer warrants to the Provider that the Customer Data when used by the Provider in accordance with this Agreement will not infringe the Intellectual Property Rights or other legal rights of any person, and will not breach the provisions of any law, statute or regulation, in any jurisdiction and under any applicable law.
No assignment of Intellectual Property Rights
Nothing in this Agreement shall operate to assign or transfer any Intellectual Property Rights from the Provider to the Customer, or from the Customer to the Provider.
The Customer shall pay the Charges to the Provider in accordance with this Agreement.
The Provider may elect to vary any element of the Charges by giving to the Customer not less than 30 days' written notice of the variation expiring on any anniversary of the date of execution of this Agreement, providing that no such variation shall constitute a percentage increase in the relevant element of the Charges that exceeds 10 percentage points over the percentage increase, since the date of the most recent variation of the relevant element of the Charges under this Clause 8.2 (or, if no such variation has occurred, since the date of execution of this Agreement), in the Consumer Price Index published by Statistics Norway.
The Provider shall issue invoices for the Charges to the Customer on or after the invoicing dates set out in Section 2 of Schedule 1 (Hosted Services particulars).
At the invoicing date, the Provider will charge the payment method on file with the Providers payment processor.
The Customer must pay the Charges to the Provider within the period of 7 days following the issuance of the invoice in accordance with this Clause 9
The Customer must pay the Charges by a payment method supported by the Providers payment processor.
Provider's confidentiality obligations
The Provider must:
keep the Customer Confidential Information strictly confidential;
not disclose the Customer Confidential Information to any person without the Customer's prior written consent;
use the same degree of care to protect the confidentiality of the Customer Confidential Information as the Provider uses to protect the Provider's own confidential information of a similar nature, being at least a reasonable degree of care; and
act in good faith at all times in relation to the Customer Confidential Information.
Notwithstanding Clause 10.1, the Provider may disclose the Customer Confidential Information to the Provider's officers, employees and subcontractors who have a need to access the Customer Confidential Information for the performance of their work with respect to this Agreement and who are bound by a written agreement or professional obligation to protect the confidentiality of the Customer Confidential Information.
This Clause 10 imposes no obligations upon the Provider with respect to Customer Confidential Information that:
is known to the Provider before disclosure under this Agreement and is not subject to any other obligation of confidentiality; or
is or becomes publicly known through no act or default of the Provider.
The restrictions in this Clause 10 do not apply to the extent that any Customer Confidential Information is required to be disclosed by any law or regulation, by any judicial or governmental order or request, or pursuant to disclosure requirements relating to the listing of the stock of the Provider on any recognised stock exchange.
The provisions of this Clause 10 shall continue in force indefinitely following the termination of this Agreement.
The Provider shall comply with the Data Protection Laws with respect to the processing of the Customer Personal Data.
The Customer warrants to the Provider that it has the legal right to disclose all Personal Data that it does in fact disclose to the Provider under or in connection with this Agreement.
The Customer shall only supply to the Provider, and the Provider shall only process, in each case under or in relation to this Agreement:
the Personal Data of data subjects falling within the categories specified in Section 1 of Schedule 3 (Data processing information) (or such other categories as may be agreed by the parties in writing); and
Personal Data of the types specified in Section 2 of Schedule 3 (Data processing information) (or such other types as may be agreed by the parties in writing).
The Provider shall only process the Customer Personal Data for the purposes specified in Section 3 of Schedule 3 (Data processing information).
The Provider shall only process the Customer Personal Data during the time the Customer has an account on the Platform, and for not more than 30 days following the removal of the Customer's account on the Platform, subject to the other provisions of this Clause 11.
The Provider shall only process the Customer Personal Data on the documented instructions of the Customer (including with regard to transfers of the Customer Personal Data to a third country under the Data Protection Laws), as set out in this Agreement or any other document agreed to by the parties.
The Customer hereby authorises the Provider to make the following transfers of Customer Personal Data:
the Provider may transfer the Customer Personal Data internally to its own employees, offices and facilities; and
the Provider may transfer the Customer Personal Data to its third party processors in the jurisdictions identified in Section 5 of Schedule 3 (Data processing information) and may permit its third party processors to make such transfers, providing that such transfers must be protected by any appropriate safeguards identified therein.
The Provider shall promptly inform the Customer if, in the opinion of the Provider, an instruction of the Customer relating to the processing of the Customer Personal Data infringes the Data Protection Laws.
Notwithstanding any other provision of this Agreement, the Provider may process the Customer Personal Data if and to the extent that the Provider is required to do so by applicable law. In such a case, the Provider shall inform the Customer of the legal requirement before processing, unless that law prohibits such information.
The Provider shall ensure that persons authorised to process the Customer Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
The Provider and the Customer shall each implement appropriate technical and organisational measures to ensure an appropriate level of security for the Customer Personal Data, including those measures specified in Section 4 of Schedule 3 (Data processing information).
The Provider must not engage any third party to process the Customer Personal Data without the prior specific or general written authorisation of the Customer. In the case of a general written authorisation, the Provider shall inform the Customer at least 14 days in advance of any intended changes concerning the addition or replacement of any third party processor, and if the Customer objects to any such changes before their implementation, then the Customer may terminate this Agreement on 7 days' written notice to the Provider, providing that such notice must be given within the period of 7 days following the date that the Provider informed the Customer of the intended changes. The Provider shall ensure that each third party processor is subject to the same legal obligations as those imposed on the Provider by this Clause 11.
As at the Effective Date, the Provider is hereby authorised by the Customer to engage, as sub-processors with respect to Customer Personal Data, the third parties identified in Section 5 of Schedule 3 (Data processing information).
The Provider shall, insofar as possible and taking into account the nature of the processing, take appropriate technical and organisational measures to assist the Customer with the fulfilment of the Customer's obligation to respond to requests exercising a data subject's rights under the Data Protection Laws.
The Provider shall assist the Customer in ensuring compliance with the obligations relating to the security of processing of personal data, the notification of personal data breaches to the supervisory authority, the communication of personal data breaches to the data subject, data protection impact assessments and prior consultation in relation to high-risk processing under the Data Protection Laws.
The Provider must notify the Customer of any Personal Data breach affecting the Customer Personal Data without undue delay.
If any changes or prospective changes to the Data Protection Laws result or will result in one or both parties not complying with the Data Protection Laws in relation to processing of Personal Data carried out under this Agreement, then the parties shall use their best endeavours promptly to agree such variations to this Agreement as may be necessary to remedy such non-compliance.
The Provider warrants to the Customer that:
the Provider has the legal right and authority to enter into this Agreement and to perform its obligations under this Agreement;
the Provider will comply with all applicable legal and regulatory requirements applying to the exercise of the Provider's rights and the fulfilment of the Provider's obligations under this Agreement; and
the Provider has or has access to all necessary know-how, expertise and experience to perform its obligations under this Agreement.
The Provider warrants to the Customer that:
the Platform will incorporate security features reflecting the requirements of good industry practice.
If the Provider reasonably determines, or any third party alleges, that the use of the Hosted Services by the Customer in accordance with this Agreement infringes any person's Intellectual Property Rights, the Provider may at its own cost and expense modify the Hosted Services in such a way that they no longer infringe the relevant Intellectual Property Rights.
The Customer warrants to the Provider that it has the legal right and authority to enter into this Agreement and to perform its obligations under this Agreement.
All of the parties' warranties and representations in respect of the subject matter of this Agreement are expressly set out in this Agreement. To the maximum extent permitted by applicable law, no other warranties or representations concerning the subject matter of this Agreement will be implied into this Agreement or any related contract.
Acknowledgements and warranty limitations
The Customer acknowledges that complex software may never be wholly free from defects, errors and bugs; and subject to the other provisions of this Agreement, the Provider gives no warranty or representation that the Hosted Services will be wholly free from defects, errors and bugs.
The Customer acknowledges that complex software may never be entirely free from security vulnerabilities; and subject to the other provisions of this Agreement, the Provider gives no warranty or representation that the Hosted Services will be entirely secure.
The Customer acknowledges that the Provider will not provide any legal, financial, accountancy or taxation advice under this Agreement or in relation to the Hosted Services; and, except to the extent expressly provided otherwise in this Agreement, the Provider does not warrant or represent that the Hosted Services or the use of the Hosted Services by the Customer will not give rise to any legal liability on the part of the Customer or any other person.
Limitations and exclusions of liability
Nothing in this Agreement will:
limit or exclude any liability for death or personal injury resulting from negligence;
limit or exclude any liability for fraud or fraudulent misrepresentation;
limit any liabilities in any way that is not permitted under applicable law; or
exclude any liabilities that can not be excluded under applicable law.
The limitations and exclusions of liability set out in this Clause 14 and elsewhere in this Agreement:
are subject to Clause 14.1; and
govern all liabilities arising under this Agreement or relating to the subject matter of this Agreement, including liabilities arising in contract, in tort (including negligence) and for breach of statutory duty, except to the extent expressly provided otherwise in this Agreement.
The Provider shall not be liable to the Customer in respect of any losses arising out of a Force Majeure Event.
The Provider shall not be liable to the Customer in respect of any loss of profits or anticipated savings.
The Provider shall not be liable to the Customer in respect of any loss of revenue or income.
The Provider shall not be liable to the Customer in respect of any loss of use or production.
The Provider shall not be liable to the Customer in respect of any loss of business, contracts or opportunities.
The Provider shall not be liable to the Customer in respect of any loss or corruption of any data, database or software.
The Provider shall not be liable to the Customer in respect of any special, indirect or consequential loss or damage.
The aggregate liability of the Provider to the Customer under this Agreement shall not exceed the greater of:
100 US dollars; and
the total amount paid and payable by the Customer to the Provider under this Agreement in the 3 month period preceding the commencement of the event or events.
Force Majeure Event
If a Force Majeure Event gives rise to a failure or delay in either party performing any obligation under this Agreement (other than any obligation to make a payment), that obligation will be suspended for the duration of the Force Majeure Event.
A party that becomes aware of a Force Majeure Event which gives rise to, or which is likely to give rise to, any failure or delay in that party performing any obligation under this Agreement, must:
promptly notify the other; and
inform the other of the period for which it is estimated that such failure or delay will continue.
A party whose performance of its obligations under this Agreement is affected by a Force Majeure Event must take reasonable steps to mitigate the effects of the Force Majeure Event.
The Customer may cancel their CatchJS subscription at any time on their accounts settings page, available at https://catchjs.com/Account/Settings .
When a subscription that is cancelled has remaining time on its current subscription period, and this period has been paid for by the Customer, the Hosted Services will remain available to the Customer until their current subscription period expires.
When a CatchJS subscription expires, this Agreement is terminated.
The Provider may cancel a Customers subscription at any time.
The Provider may terminate this Agreement at any time if the other party commits a material breach of this Agreement.
Subject to applicable law, either party may terminate this Agreement immediately by giving written notice of termination to the other party if:
the other party:
ceases to conduct all (or substantially all) of its business;
is or becomes unable to pay its debts as they fall due;
is or becomes insolvent or is declared insolvent; or
an administrator, administrative receiver, liquidator, receiver, trustee, manager or similar is appointed over any of the assets of the other party;
an order is made for the winding up of the other party, or the other party passes a resolution for its winding up (other than for the purpose of a solvent company reorganisation where the resulting entity will assume all the obligations of the other party under this Agreement); or
if that other party is an individual:
that other party dies;
as a result of illness or incapacity, that other party becomes incapable of managing his or her own affairs; or
that other party is the subject of a bankruptcy petition or order.
Effects of termination
Upon the termination of this Agreement, all of the provisions of this Agreement shall cease to have effect, save that the following provisions of this Agreement shall survive and continue to have effect (in accordance with their express terms or otherwise indefinitely): Clauses 1, 10, 11, 14, 17, 20 and 21.
Except to the extent expressly provided otherwise in this Agreement, the termination of this Agreement shall not affect the accrued rights of either party.
Any notice from one party to the other party under this Agreement must be given by one of the following methods (using the relevant contact details set out in Clause 18.2 and Section 3 of Schedule 1 (Hosted Services particulars)):
delivered personally or sent by courier, in which case the notice shall be deemed to be received upon delivery; or
sent by email, in which case the notice shall be deemed to be received 2 Business Days following sending,
providing that, if the stated time of deemed receipt is not within Business Hours, then the time of deemed receipt shall be when Business Hours next begin after the stated time.
The Provider's contact details for notices under this Clause 18 are as follows: contactcatchjs.com CatchJS by Lars Eidnes, Ørjaveita 2, 7010 Trondheim, Norway.
The addressee and contact details set out in Clause 18.2 and Section 3 of Schedule 1 (Hosted Services particulars) may be updated from time to time by a party giving written notice of the update to the other party in accordance with this Clause 18.
Subject to any express restrictions elsewhere in this Agreement, the Provider may subcontract any of its obligations under this Agreement.
The Provider shall remain responsible to the Customer for the performance of any subcontracted obligations.
Notwithstanding the provisions of this Clause 19 but subject to any other provision of this Agreement, the Customer acknowledges and agrees that the Provider may subcontract to any reputable third party hosting business the hosting of the Platform and the provision of services in relation to the support and maintenance of elements of the Platform.
No breach of any provision of this Agreement shall be waived except with the express written consent of the party not in breach.
If any provision of this Agreement is determined by any court or other competent authority to be unlawful and/or unenforceable, the other provisions of this Agreement will continue in effect. If any unlawful and/or unenforceable provision would be lawful or enforceable if part of it were deleted, that part will be deemed to be deleted, and the rest of the provision will continue in effect (unless that would contradict the clear intention of the parties, in which case the entirety of the relevant provision will be deemed to be deleted).
Subject to Clause 14.1, this Agreement shall constitute the entire agreement between the parties in relation to the subject matter of this Agreement, and shall supersede all previous agreements, arrangements and understandings between the parties in respect of that subject matter.
This Agreement shall be governed by and construed in accordance with Norwegian law.
The courts of Trondheim, Norway shall have exclusive jurisdiction to adjudicate any dispute arising under or in connection with this Agreement.
The Clause headings do not affect the interpretation of this Agreement.
References in this Agreement to "calendar months" are to the 12 named periods (January, February and so on) into which a year is divided.
In this Agreement, general words shall not be given a restrictive interpretation by reason of being preceded or followed by words indicating a particular class of acts, matters or things.
The parties have indicated their acceptance of this Agreement when the Customer has created an account the Platform.
Schedule 1 (Hosted Services particulars)
Specification of Hosted Services
The amount of data that can be logged by the Customer is limited by various quotas associated with the Customers account. The quotas for each account type are defined in the product documentation.
The service is paid for in advance on a monthly or yearly basis, according to prices advertised on catchjs.com at the time of the execution of this agreement (subject to changes regulated by Clause 8). If a free trial is advertised on catchjs.com, no payment is required until the expiry of this free trial, and no charge will occur if the subscription is cancelled in the trial period. As an example, if a 14 day free trial is advertised, a montly plan is chosen, and a user creates an account on the 1st of January, the first charge will happen on 15th of January and will be for the period from the 15th of January to 15th of February, the next charge will be on the 15th of February and so on.
The Provider can be reached via email:
And via post to:
CatchJS by Lars Eidnes
Schedule 2 (Acceptable Use Policy)
This acceptable use policy (the "Policy") sets out the rules governing:
the use of the website at https://catchjs.com, any successor website, and the services available on that website or any successor website (the "Services"); and
the transmission, storage and processing of content by you, or by any person on your behalf, using the Services ("Content").
References in this Policy to "you" are to any customer for the Services and any individual user of the Services (and "your" should be construed accordingly); and references in this Policy to "us" are to CatchJS by Lars Eidnes (and "we" and "our" should be construed accordingly).
By using the Services, you agree to the rules set out in this Policy.
We will ask for your express agreement to the terms of this Policy before you create an account with CatchJS.
You must be at least 18 years of age to use the Services; and by using the Services, you warrant and represent to us that you are at least 18 years of age.
General usage rules
You must not use the Services in any way that causes, or may cause, damage to the Services or impairment of the availability or accessibility of the Services.
You must not use the Services:
in any way that is unlawful, illegal, fraudulent, deceptive or harmful; or
in connection with any unlawful, illegal, fraudulent, deceptive or harmful purpose or activity.
You must ensure that all Content complies with the provisions of this Policy.
Content must not be illegal or unlawful, must not infringe any person's legal rights, and must not be capable of giving rise to legal action against any person (in each case in any jurisdiction and under any applicable law).
Content, and the use of Content by us in any manner licensed or otherwise authorised by you, must not:
be libellous or maliciously false;
be obscene or indecent;
infringe any copyright, moral right, database right, trade mark right, design right, right in passing off, or other intellectual property right;
infringe any right of confidence, right of privacy or right under data protection legislation;
constitute negligent advice or contain any negligent statement;
constitute an incitement to commit a crime, instructions for the commission of a crime or the promotion of criminal activity;
be in contempt of any court, or in breach of any court order;
constitute a breach of racial or religious hatred or discrimination legislation;
constitute a breach of official secrets legislation; or
constitute a breach of any contractual obligation owed to any person.
You must ensure that Content is not and has never been the subject of any threatened or actual legal proceedings or other similar complaint.
Schedule 3 (Data processing information)
Categories of data subject
The data subject whose Personal Data may be processed under this agreement is the Customer.
Types of Personal Data
The Personal Data to be processed includes the name, email address, phone number, post address and payment method information that is given by the Customer upon signing up the CatchJS service.
This data may be correlated with usage data related the Customer's account, such as quota usage, pages visited, errors encountered etc.
Purposes of processing
The processing is done in order to
ensure that the user can log in to the service;
facilitate the correct billing and processing of payments;
enable the delivery of email notifications from the service;
ensure the correct and useful operation of the service;
inform design decisions made by the Provider; and
facilitate support of the product.
Security measures for Personal Data
CatchJS will implement and maintain appropriate technical and organizational measures to ensure the security of personal data, in accordance with the standards of skill and care reasonably expected from a leading service provider in the Provider's industry.
Sub-processors of Personal Data
The CatchJS service is hosted on Microsoft Azure, a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, United States and Microsoft Ireland Operations Ltd, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.
Data transfered to Microsoft Azure may be located on servers in the United States. Microsoft will comply with applicable laws to provide an adequate level of data protection for the transfer of the Customer's Personal Data to the US, including being bound by the Standard Contractual Clauses defined by the EU Commision.
Payments are processed by Stripe Payments Europe, Limited, an Irish company located at The One Building, Lower Grand Canal St, Dublin 2, Ireland, registration number 513174. The Customer's name, email address, post address and payment method information is sent to Stripe for the purpose of processing payments, including fraud detection and prevention, optimizing valid transactions, communications regarding such payments, and related customer service. Credit and debit card numbers are sent directly to Stripe, and are never seen nor stored by CatchJS.
For the above purpose, Stripe may transfer Customer Personal Data to countries other than the Customer's own country, including to the United States. For Customers located in the European Economic Area (“EEA”), the UK or Switzerland, Stripe will comply with applicable laws to provide an adequate level of data protection for the transfer of the Customer's Personal Data to the US. Where applicable law requires the presence of a data transfer legal mechanism, Stripe uses one or more of the following: EU Commission's Standard Contractual Clauses with a data recipient outside the EEA or the UK, verified implementations of Binding Corporate Rules, or other legal methods available to Stripe under applicable law.
Emails are sent via Twilio SendGrid, a service provided by Twilio Ireland Limited, 25-28 North Wall Quay, Dublin 1, Ireland (EEA) and Twilio Inc., 375 Beale Street, Suite 300, San Francisco, CA 94105, United States.
In the process of sending emails, names and email addresses may be transferred to the United States, where Twilio's main processing facilities are located. Twilio employs appropriate safeguards for cross-border transfers of personal data, as required by applicable local law, including being bound by the Standard Contractual Clauses defined by the EU.
The Customer provides a general authorization for Twilio to engage onward sub-processors of Customer Data, that is conditioned on the following requirements:
Twilio will restrict the onward sub-processor's access to Customer Data only to what is strictly necessary to provide the sending of emails, and Twilio will prohibit the sub-processor from processing the personal data for any other purpose.
Twilio imposes contractual data protection obligations, including appropriate technical and organizational measures to protect personal data, on any sub-processor it appoints that require such sub-processor to protect Customer Data to the standard required by applicable data protection law, including the requirements set forth in Schedule 4 (Jurisdiction Specific Terms) of Twilios Data Protection Addendum; and
Twilio will remain liable for any breach of Twilios Data Protection Addendum that is caused by an act, error, or omission of its sub-processors.