General terms and conditions

5 January 2021

1. Concepts

1.1 Service provider

Under the Service Provider, AsiaHabit Digital Co., Ltd. understandable, defined in Privacy Policy.

1.2 Service

All the activities provided by the Service Provider in support of the Subscriber's business processes, including consultancy, training, troubleshooting and other business and administrative consultancy, assistance, data processing activities related to the creation and operation of IT systems, the selection, design, creation or use of IT solutions. A list and description of the standard Services is available on the Service Provider's Website. The Service Provider shall also provide individual, additional and Intermediated Services, the list and detailed definition of which, as well as the conditions and method of their use, shall be set out in an individual offer.

1.3 Intermediated service

A service purchased by the Service Provider on its own behalf and resold (re-invoiced), in whole or in part, but in unchanged form and not necessarily at unchanged price, under the Contract, as provided for in the Contract.

1.4 Ancillary service

Related services to be performed by the Service Provider under the Contract, such as data migration, integration, implementation, consulting, training, installation, testing.

1.5 Service launch

A one-time service of the Service Provider, which may include the following services, at the Subscriber's request, subject to the agreement between the Parties:

The Service Provider shall review with the Subscriber the Subscriber's processes and operations
Service Provider outlines the best solution and configuration options to fit Subscriber's processes
The Service Provider will advise on the optimal adaptation of the Subscriber's processes, if necessary
Service Provider will take up specific requests for customisation, if any (implementation of which is a chargeable service)
The Parties will jointly finalise the best solutions to fit the Subscriber's processes
Supplier makes the necessary adjustments
Service Provider will carry out training of the designated users

Meetings are held using online telecommunication tools. A one-off Introduction Fee is included in the Individual Contract.

1.6 Expert Advice

Service provided by the Service Provider to understand and review Subscriber's existing system, assess Subscriber's needs, provide expert advice, suggest solutions, provide advice, create or optimize processes, prepare an improvement plan, or perform other tasks. The one-off fee for the Expert Advice is included in the Individual Contract.

1.7 Service Provider's Client Portal

A function of the business management system operated by the service provider that is capable of performing full notification and error reporting activities. The login details are included in the Individual Contract.

1.8 Service provider's website

The Service Provider's website is available at the following URL: https://asiahabit.com/

1.9 Subscriber

Any legal person or unincorporated business entity that contractually or implicitly uses the service described in these GTC or any other contract based on these GTC.

1.10 Subscriber-side device

Hardware and software devices provided by the Subscriber, such as workstation, server, operating system, software, internet browser, internet connection, etc.

1.11 Individual contract

A contract containing specific provisions relating to the Subscriber's person and use of the Services, which shall be read in conjunction with the GTC in force at the time. The Individual Contract may validly contain specific provisions other than the GTC.

1.12 Contract

The GTC, the Individual Contract, and the Indexation Notice for the current Service Period together.

1.13 Party and Parties

Service Provider and Subscriber, separately or jointly.

1.14 Service Level Agreement

The Service Provider shall, as part of the Individual Contract, propose a Service Level Agreement (SLA) at the time of conclusion of the Individual Contract, which shall be appropriate to the Subscriber's expected needs and customer category. The Subscriber may choose a higher SLA level than the recommended one for an additional charge. The Service Provider does not undertake to provide a lower SLA level than the recommended one. There are three service levels.

1.15 Availability

Availability is the ratio of the actual service time to the total annual uptime for that service, expressed as a percentage. Availability refers only to a full calendar year, not to a fractional year. The level of SLA undertaken by the Service Provider is determined by the SLA level set out in the Individual Contract.

1.16 Shared Task

Service task of the Service Provider that is performed in conjunction with the Subscriber or a third party contracted by the Subscriber. The list of Shared Tasks, if any, is set out in the Specific Contract.

1.17 Service Charges

The price for the provision of Services, Intermediary Services and Ancillary Services as set out in the Individual Contract, excluding any compensation for damages caused to the Service Provider by the Subscriber in breach of the Contract or otherwise.

1.18 Tariff Package

Package of services formed by the Service Provider, in which the Service Provider determines the conditions of use and the charges in relation to each other.

1.19 Indexing

The Service Provider shall determine its applicable service charges annually, taking into account the expected direct and indirect costs associated with the provision of the Service and the rate of inflation. Information sent to the Subscriber on the indexation for the current Service Period shall form part of the Contract.

1.20 Travel Charges

Travel hourly rate for the Service Provider's representative when the Service Provider provides a Service outside its own registered office or premises, provided that travel is not included in the Service. The hourly rate for travel is THB 2,000 per hour. In the case of travel by air, the travel time shall be calculated from the time of arrival at the airport of departure until the time of departure from the airport of arrival.

1.21 Travel expenses

Travel expenses incurred by a person acting on behalf of the Service Provider when travelling to a location specified by the Subscriber. This includes non-premium airfare, taxi fares and accommodation.

1.22 Invoice

For administrative identification purposes, any paper or electronically issued receipt that complies with the legal requirements in both the Subscriber's and the Service Provider's countries.

1.23 Working day

A working day in the country of the Subscriber's residence.

1.24 Software support

An ongoing service provided by the service provider, which may be linked to a software development service and includes the following services:

Legislative compliance: ongoing compliance with the legislation in force in the Subscriber's country of residence;
Software Update Provision: bug fixes, security bug fixes and technology enhancements that are essential to keep the Software running error-free and secure and to keep the Software in compliance with ever-changing technology requirements;
Product support: technical assistance related to the use of the Software.

1.25 Training

A one-off service provided by the Service Provider, which may include, at the Subscriber's request, the following services, within the framework of discussions between the Parties: the Service Provider shall explain the functionality of the Software and the programmed processes and shall help the designated users to master the use of the Software. The Training does not include any Additional Services other than those mentioned above. In the case of Software Training, the Service Provider shall only provide the Service as agreed between the Parties. The Parties shall, subject to their agreement, conduct the Software Training in person or by means of telecommunication. The one-off fee for Software Training is set out in the Individual Contract.

1.26 Data Migration

The existing structured data of the Subscriber shall be merged by the Service Provider into the database of the provided system using a dedicated program. Data Migration includes the following services:

reconciliation with the Subscriber and understanding of the data structure;
preparing and running the data migration program;
testing the data migration;
performing maintenance and corrections.

The one-time fee for the Data Migration, which depends on the complexity of the task, is included in the Individual Contract.

1.27 Documentation

Written text and/or illustrations that accompany the computer software or are embedded in the source code. Documentation explains the operation and/or use of the software.

1.28 Requirements specification

The Subscriber's description of the problem to be solved, for which a solution is sought. It is characterized by plain language.

1.29 Functional specification

The functional specification is prepared by the Subscriber with the aim of clearly describing the expected functionality and requirements of the product or service to be developed. The specification need not, of course, cover how the functions are to be implemented. For complex systems, there may be multiple levels of functional specification at system, module and object level. Without a specification, or with an imprecise description, it is impossible to map the task accurately and schedule it reliably. The Service Provider shall not be liable for any damage caused by an inaccurate or incomplete functional specification. Example of a typical functional specification structure:

Overview: objectives, main functions, target audiences, environment, constraints, groupings, etc.
Functions: clear, non-contradictory and detailed description of expected functionality, rules
Interfaces: descriptions of external interfaces
Nonfunctional requirements: define the quality of the system as a whole, such as usability, performance, reliability, etc.

1.30 Testing

A one-off service provided by a service provider to test the suitability of an online platform for a purpose specified by the Subscriber. The one-off fee for Testing is included in the Individual Contract.

1.31 Troubleshooting

The Service Provider reserves the right to decide the order of repair of faults in the same category, but will take into account any priority requests by the Subscriber. Details about Bug Bounty program.

Code	Description	Begin correction High-SLA	Start correction Normal-SLA	Start repair Low-SLA
Critical	Unable to use basic function	immediately	within 2 working hours	6 working hours
High	obstacle making it difficult or delaying the use of a basic function	within 1 hour	within 4 working hours	8 working hours
Normal	Bugs not affecting basic functions	4 hours	6 working hours	12 working hours
Low	Suggestions, new features, appearance, etc.	No deadline	no deadline	no deadline

1.32 Responsive web design

Providing an optimal look and feel (easy readability, easy navigation, good user experience) on as many different sized devices as possible, such as desktop, tablet, mobile phone, so that the responsive look and feel is perfectly adapted to the display device. The higher cost of a responsive display is justified by the need to create a separate display for different display sizes to achieve the best results. Creating multiple looks and seamless interoperability between looks is obviously more resource intensive than managing a non-responsive (adaptive) look.

2. Order

A Contract Order may be placed in writing addressed to the Service Provider. In addition to the subscriber data required to conclude the contract, the Order must contain the data required to establish or provide the service. The Service Provider shall be entitled to refuse the Order, in particular if the Customer has outstanding charges due to the Service Provider under any legal relationship. When placing an Order with the Service Provider, the Customer shall provide true and correct information, and the Customer shall be fully responsible for the accuracy of such information.

3. concluding a contract

3.1 Contract history

If there was a previous contract between the Service Provider and the Subscriber for the same service, the newly concluded contract shall replace the previous contract for any overlapping service period. In this case, the charges already paid for the overlapping period shall be set off.

3.2 List of subscriber data required to conclude a contract

Name of subscriber, company name
Place of establishment of the subscriber
Registration number, other registration number of the subscriber
Tax number of the payer
Payor's representative
Name of the financial contact of the payer
Mailing address of financial contact
Phone number of financial contact
Financial contact e-mail address
Name of the payer's Professional Contact
Professional contact telephone number
Professional contact e-mail address

3.3 List of documents to be presented or attached by the Subscriber at the conclusion of the Contract

The Service Provider may request the Subscriber to provide a specimen signature (or a document proving the right to sign) and a copy of the registration decision of the competent court or a copy of the company certificate not older than 30 (thirty) days.

3.4 Establishment of the subscriber relationship

By signing the individual Contract, the Subscriber acknowledges that he/she has read, understood and accepted the terms and conditions of the GTC and that he/she has verified, by using the Service Provider's Website and/or other free of charge facilities or by requesting information, that the service is suitable for the purposes he/she wishes to achieve. A legal relationship may be established between the Parties in such a way that

the individual contract is returned to the Service Provider by the Subscriber, duly completed, signed and returned in person, by post or by e-mail, and signed by the Service Provider,
the Subscriber uses the service before signing the individual Contract (impulsive behaviour),
after oral communication by the Subscriber by means of an oral statement (oral Order),
online Order.

In the event that the Subscriber fails to send the individual Contract to the Service Provider within 8 (eight) calendar days from the date of commencement of the provision of the service, the Service Provider shall be entitled to terminate the provision of the service and in such case the Subscriber relationship shall be established only for the duration of the provision of the service. In this case, the Subscriber shall be obliged to pay the pro rata temporis price of the service used against the invoice of the Service Provider.

3.5 Service period

The first Service Period of the Contract shall run from the date of signature until the last day of the current year. Subsequent Service Periods shall be for calendar years.

3.6 Duration of the Contract

The Contract is concluded for a fixed term as indicated as a Service Period in the Specific Contract or the Indexing Prospectus. The individual Contract may validly deviate from this (even in the form of a contract for an indefinite period).

3.7 Contract extension

At least 60 days before the end of the current Service Period of the Contract, the Service Provider shall notify the Subscriber of the charges payable for the next Service Period (Indexation Notice). The Subscriber has 30 days to initiate the modification or termination of the Contract, otherwise the contents of the Indexation Notice will be deemed accepted and the Contract will be automatically extended for the next Service Period.

4. contract amendment

4.1 General provisions

The Contract may be amended by modifying the individual Contract, the Service Provider's prospectus or the GTC by unilateral modification by the Service Provider. The Service Provider is entitled to unilaterally transfer the Contract to a third party that is able to provide the service to the Subscriber under the terms and conditions set out in the Contract. The Service Provider shall give the Subscriber prior written notice of the assignment of the Contract.

4.2 Certain cases of amendment of an individual contract, conditions for amendment of the contract

The Parties may amend the individual Contract at any time by mutual agreement. The amendment shall be valid only in writing. The Subscriber shall notify the Service Provider in writing, with identifiable details, of any change in the sales and billing data within 15 (fifteen) days of the change in the data. Failure to notify and the Subscriber's delay in doing so shall give rise to the payment of interest on arrears.

4.3 Unilateral modification of the contract by the Service Provider and information to the Subscriber

At least once a year, the Service Provider shall review the Service Charges set out in the Contract and may, if necessary, unilaterally modify them (indexation), while informing the Subscriber at the same time. The Service Provider is entitled to unilaterally modify the GTC, the Specific Contract, the Service Charges and the Fee Packages, effective after prior notification to the Subscriber, in the following cases:

changes in the direct and indirect costs of providing the service
changes in suppliers' contractual conditions
changes in the technical conditions for the provision of the service
changes to the Service Provider's service portfolio
the legislation applicable to the provision of the service changes
because of a decision by any competent authority affecting the service, in particular if that authority imposes new obligations on the Service Provider or modifies obligations imposed on suppliers (approves different cost charges or reference offer, sets different charges, changes the conditions for sharing facilities and space, etc.)
other material changes in circumstances warrant it

In the event of a change to the Service Charges, the change shall not affect the Subscriber's prepaid Service Charges, only the next payment period. If the Service Provider intends to unilaterally modify the terms and conditions of the Contract, the Service Provider shall publish the changes on the Service Provider's Website at least 30 (thirty) days before the planned modification takes effect. The Service Provider shall not apply the notification period set out in this clause to amendments to the GTCs where the amendment to the GTCs is necessary due to the introduction of a new service and the amendment does not affect the contractual terms and conditions applicable to the services already provided, or where the amendment only results in a reduction of the Service Charges or other fees payable by a Subscriber.

5. Start using the service

5.1 General provisions

The Service Provider shall provide the Service within the time/period specified in the Specific Contract. Service Provider shall provide the Subscriber's service based on the information specified by the Subscriber. If no specified request is received for a parameter, the Service Provider shall provide the service according to its industry standard.

5.2 Establishment of the service

The service is considered to be established (made available to the Subscriber) after commissioning, installation, initial configuration according to the service specification, start of operation, execution of functional tests of the service and handover to the Subscriber. There may be some sub-performance in the process of provisioning, typically where the provisioning process is influenced by factors outside the control of the Service Provider, which the Service Provider will inform the Subscriber of in an individual offer.

6. Service interruption

6.1 General provisions

If the provision of the service is temporarily prevented, the service shall be interrupted. The interruption does not affect the continuity of the legal relationship.

6.2 Cases of interruption in the interest of the service provider

Service may be interrupted: (a) with at least 3 (three) calendar days' notice to the Subscriber, for the purpose of system modification, renovation, upgrade, replacement, maintenance; (b) for extraordinary maintenance to preserve the integrity of the system, which the Service Provider is entitled to perform without prior notice; (c) for any other reason unforeseen by the Service Provider. If the interruption is due to a cause in the interest of the Service Provider, the duration of the interruption shall reduce the Availability Period.

6.3 Interruption at Subscriber's request

The Subscriber may request the interruption in writing at least 30 (thirty) days prior to the beginning of the interruption. The maximum duration of the interruption that the Subscriber may request is 90 (ninety) days and may be requested only once within 1 (one) year. The duration of the interruption shall not be counted towards the fixed term of the Contract. During the period of suspension, the Subscriber shall pay 0% of the Service Charge, which may, however, be increased by the Service Provider in justified cases. After the end of the suspension period, the Service shall resume without notice and the Subscriber shall be subject to all obligations under the Contract and shall pay the full Service Charge for the subsequent period. The Subscriber may request in writing the extraordinary termination of the interruption of the Service.

6.4 Interruption for reasons beyond the control of both parties

Neither Party shall be liable for non-performance, defective performance or delay in performance of its obligations under the contractual relationship if caused by a Force Majeure Event. In the event of a Force Majeure Event, the Party concerned shall immediately notify the other Party in writing of the expected duration of the Force Majeure Event and its effect on the performance of its obligations under the Contract. During the duration of the Force Majeure Event, the Contract shall be suspended to the extent that the performance of the contractual relationship is not possible due to the Force Majeure Event. The reasons for suspension under this clause shall not affect the duration of the Availability Period.

7. Cases and conditions for limitation of service

The Service Provider shall be entitled to limit the use of all services provided to the Subscriber or to suspend the provision of such services, or to reduce the quality or other characteristics of the services in the following cases:

The Subscriber is in default of payment for at least 20 (twenty) calendar days
The Subscriber interferes with or jeopardizes the proper functioning of the Service Provider's system, in particular if there is an attack from or towards the Subscriber's device;
the Subscriber's device contains infringing content;
the Subscriber injects any infringing content into the Service Provider's system and/or uses illegal software
the Subscriber has exceeded the resource or charge limits, if any, set out in the GTC or in the individual Contract, for his/her subscription when using the Service;
if it is likely, on the basis of the data and information available to the Service Provider, that the Subscriber has misled the Service Provider with regard to a material fact, in particular personal/company data, for the purpose of concluding a contract or using a service

If the Subscriber has more than one Contract with the Service Provider or uses more than one service from the Service Provider and the Subscriber is in breach of its payment or other obligations in respect of any Contract or service, the Service Provider shall be entitled to limit any service to any extent, including the limitation of all services. The extent of the limitation shall be determined by the Service Provider in accordance with the amount of the invoice. The Service Provider shall use its best endeavours to remove the restriction as soon as possible, but not later than 48 hours, if the Subscriber removes the reason for the restriction and the Subscriber informs the Service Provider thereof in a credible manner or the Service Provider obtains credible knowledge thereof or if the authority imposing the restriction so orders. The Service Provider shall charge a one-off fee for ensuring that the service can be used again. For the duration of the restriction, the Subscriber shall not be entitled to any fee credit.

8. Contract termination and cancellation

8.1 Termination of contract

The Contract and the rights and obligations set out therein shall terminate without further notice in the following cases:

Dissolution of the Service Provider without legal succession; in this case, the Service Provider shall notify the Subscriber at least 30 (thirty) days before the planned date of termination
Termination of the service provider's entitlement to provide services
Subscriber's termination without legal succession
expiry of the fixed term

Neither the Service Provider nor the Subscriber may terminate a fixed-term Contract by giving notice of termination during the fixed term.

8.2 Extraordinary termination of the Contract

The Subscriber is entitled to terminate both the fixed-term and the open-ended Contract with immediate effect (extraordinary termination by the Subscriber) in the following cases:

The Service Provider is more than 30 (thirty) days late in starting the Service and the Subscriber does not set an extension period
The Service Provider fails to remedy the repeated serious breach of contract within 15 (fifteen) days despite the Subscriber's written notice
The Provider is declared bankrupt or is being wound up by a court order

The service provider is entitled to terminate both the fixed-term and the open-ended contract with immediate effect by giving extraordinary notice (extraordinary termination of the service provider) in the following cases:

Serious breach by the subscriber of the provisions of the Contract (a serious breach is a breach of the Contract in respect of which the Service Provider cannot be expected to maintain the Contract)
The Subscriber is in breach of the terms of the Contract, which is not a serious breach of the Contract within the meaning of point (a), and the breach is not remedied within 15 (fifteen) days of the date of the Provider's request to that effect
The Subscriber obstructs or jeopardises the proper functioning of the Service Provider's system and fails to remedy the breach within 3 (three) days of the notice of the consequences
The subscriber fails to allow the Service Provider to carry out the necessary on-site inspections to investigate and remedy the reported or detected fault after the notice of legal consequences
The subscriber uses the service in a manner or for purposes that are unlawful, or engages in any unlawful conduct
The subscriber has not paid the fee due within 15 (fifteen) calendar days after the first notice of legal consequences was sent

If the reason for termination is the Subscriber's breach of contract and the Subscriber ceases the breach of contract during the notice period and gives credible notice thereof to the Service Provider, and such notice is received by the Service Provider by the end of the notice period, the Contract shall not terminate upon the Service Provider's termination. The Subscriber acknowledges that if the Subscriber commits a breach of contract giving rise to extraordinary termination twice within a calendar year, the Service Provider shall be entitled to extraordinary termination of the Contract on the third occasion even if the Subscriber remedies the breach during the extraordinary termination period. The Service Provider shall give notice of termination of the Contract primarily in writing, by e-mail and/or by registered letter. The notice of termination shall contain. The Service Provider shall be entitled to request security or to limit the scope or use of the Services in lieu of termination of the Contract. If the Subscriber does not remove the reason for the restriction within thirty (30) days, the restriction shall not be a bar to termination if the conditions for termination otherwise apply.

8.3 Obligations in the event of termination of the Contract

In the event of termination of the Contract for any reason, the Subscriber shall not be relieved of the obligation to pay any debts arising from the Subscriber relationship before or after the date of termination. The Subscriber shall pay any charges incurred up to the date of termination of the Contract. If the Subscriber does not terminate the fixed-term Contract before the expiry of the fixed term by giving notice of termination, or if the fixed-term Contract is terminated by the Service Provider by giving notice of termination, the Service Provider may demand payment of the regular fees due in one lump sum. The Service Provider shall store the Subscriber's data for a period of 15 (fifteen) calendar days from the date of termination of the Contract, unless otherwise provided by law. However, the Subscriber shall be responsible for the possible transfer and further storage of the data. After 15 (fifteen) days, the data will be deleted.

8.4 Ordinary termination of a Contract of indefinite duration by the parties

A Contract concluded for an indefinite period or which has become indefinite in duration may be terminated by either the Service Provider or the Subscriber at any time by giving thirty (30) days' written notice without giving any reason.

9. The procedure for rectifying a service failure

9.1 Reporting an error in the Service Provider's Client Gateway system

The subscriber may report the fault through the Service Provider's Customer Gateway system or by e-mail, after which the Service Provider will immediately take the necessary measures to rectify the fault. The report must include a detailed description of the fault event, including the data necessary to reproduce the fault.

9.2 The agreed target for the elimination of the fault

Service provider shall start troubleshooting within a specified timeframe for each service after the fault has been reported. The Service Provider shall make every reasonable effort to ensure that, where the fault is in the Service Provider's interest (e.g. caused by equipment used in the Service Provider's system), the fault is rectified within the timeframe from the notification of the fault to which it has committed itself in the annual Availability Commitment for each Service. If the investigation or repair is possible only in the presence of the Subscriber or at a time specified by the Subscriber, or if the repair was not possible at a time agreed between the Service Provider and the Subscriber for reasons beyond the control of the Service Provider, the time limit specified above shall be extended by the duration of the outage. On the basis of the inspection carried out, the Service Provider shall immediately notify the Subscriber, stating the reasons, that (a) the fault was not detectable during the inspection or the fault was due to a cause within the Subscriber's control; (b) the fault has been rectified; (c) the fault cannot be rectified temporarily (for a specified period) or permanently.

10. Operation of customer service, handling of subscriber complaints

10.1 Operation of customer service

In order to provide its Subscribers with appropriate information and to satisfy their needs in relation to the service, the Service Provider operates an online Customer Portal and a Customer Service for the purpose of contracting, tendering, information, modification of offers and financial complaints, the contact details of which are provided in these GTC and in the Individual Contract (Financial Contact).

10.2 Dispute Resolution

The Parties shall endeavour to settle disputes relating to the provision of the Services amicably through negotiation. In case of failure to do so, the Subscriber may apply to the following bodies.

11. Subscriber's rights in the event of defective performance of the service

11.1 Crediting

Credit is based on the number of days overdue. A delayed day is a day on which the service cannot be used for reasons attributable to the Service Provider beyond the period of time allowed according to the annual availability of each service from the date of notification of the fault. For the day of delay, the Service Provider is obliged to credit the charges for the service in question. The amount of the credit for each day of delay shall be the amount per day of the Subscriber's charges paid under the Contract for the service (used in the case of a prepaid service) during the period in which the fault was reported. In addition to the payment of the credit, the Service Provider shall not be liable for any other financial liability (loss of profit, other costs incurred, etc.) due to the loss of service. The credit will be deducted by default from the fee for the next Service period and refunded in the event of termination of the contract.

11.2 Subscriber-caused failure

The Service Provider shall not be liable and shall not be responsible for any failure of the Service due to: (a) failure or inadequacy of the infrastructure (hardware, software, network, etc.) provided by the Subscriber; (b) improper or inappropriate use of the technical equipment or the Service; (c) breach by the Subscriber of any obligation under the Contract or any legal requirement (including the violation of the legally protected interests of the software right holder, e.g. (d) interruption or limitation of service due to interruption of local access or connection by another service provider; (e) improper configuration of software or equipment by a non-Supplier.

12. Data management, data security

12.1 Data management

The Parties agree that, in relation to the personal data contained in the Contract concluded under this GTC and other related documents (e.g. contact details) or processed in the course of the Parties' cooperation for the purpose of performance (e.g. Subscriber's employee details, information security managers' details, etc.), if the data is processed, both Parties are considered as data controllers.

Legal basis for processing. Controllers are independently responsible for carrying out and documenting the balancing of interests test necessary for the application of the legitimate interest.

The purposes of the processing are: a) to maintain contact with the Subscriber; b) to provide the Service used by the Subscriber, to perform the Contract; c) to invoice the Subscriber, to collect the fee (consideration) for the Service; d) to contact the Subscriber for the purposes of the Service Provider's marketing activities or to present the Subscriber as a reference when presenting the Services. Marketing solicitation may be based on consent.

Recipients of data processing: contact employees of the Service Provider.

Duration of data processing.

Categories of data processed:

For the purpose of contacting the Subscriber, the Service Provider processes the following data: a) name, position, postal address, e-mail address and telephone number of the Subscriber's contact person, online identifier.
For the purposes of providing the Service to the Subscriber, the Service Provider may process the following data, if the Subscriber is a legal person or an unincorporated business or other entity: a) Names, email addresses, online identifiers of users who are registered as users in the Software; b) Attendance sheet and minutes of the software training required for the implementation of the Software.
The Service Provider may process the following data for the purpose of billing the Subscriber and collecting the related fees: a) Name, title, postal address, email address and telephone number of the Subscriber's representative and financial contact, online identifier.
The Service Provider may, subject to the Subscriber's consent, process the following data for its own marketing purposes: a) the name, position, postal address, e-mail address, telephone number and online identifier of the Subscriber's representatives and contact persons.

Subscriber's rights The Subscriber has the right to request the Service Provider, as data controller, to access, rectify, erase or restrict the processing of personal data concerning him/her and to object to the processing of such personal data. The Subscriber may exercise his/her rights only through the contact person or contact persons designated in the Contract, or the Service Provider shall only fulfil requests made through designated contact persons. The Subscriber shall have the right to receive personal data concerning him/her provided by him/her to a controller in a structured, commonly used, machine-readable format and the right to transmit such data to another controller without hindrance by the Service Provider. The subscriber shall have the right to withdraw consent at any time, without prejudice to the lawfulness of the processing carried out on the basis of the consent prior to its withdrawal. The subscriber has the right to lodge a complaint with the supervisory authority. The provision of personal data is a precondition for the conclusion of the Contract. The Subscriber is obliged to provide the personal data listed in this Chapter. Failure to provide the data may result in the Contract not being concluded, the Service Provider not being able to provide the Service, and it not being possible to contact the Service Provider. The Service Provider's processing of data for marketing purposes is not a prerequisite for the conclusion of the Contract, and the Subscriber is not obliged to provide such personal data. The consequence of not providing the data is that the Service Provider does not provide information for marketing purposes. If the Service Provider intends to further process the personal data for a purpose other than the purpose for which they were collected, it must inform the Subscriber of this other purpose and any relevant additional information before further processing.

12.2 Data processing

The Service Provider shall process the personal data (e.g. Subscriber's customer data) processed for the performance of the contract as a data processor, in accordance with the instructions of the Subscriber as data controller. Unless otherwise provided in writing by the Subscriber, by signing the Contract, the Subscriber, as data controller, specifies the data processing purposes related to the performance of the Contract: the data processing purposes of the persons registering, enrolling and related to them (e.g. The processing of personal data provided by the Subscriber to the Subscriber to register, subscribe, register and subsequently during the subscription period, to pay the fees, to rent and renew services and to ensure and monitor the use of the services, to enable or facilitate the maintenance of contacts, to provide information on the services, to enforce any claims for compensation and to ensure that any checks can be carried out. The data subjects concerned by the processing are: those who enrol or register at the institution, their legal representatives, guarantors, sureties, proxies and those who use the services without enrolment, as well as the staff of the institution, and the types of personal data that they may provide: personal data that allow identification and contact and personal data that allow the performance of their work. The activities carried out by the Service Provider in relation to the personal data described in this point are the data processing operations carried out in the context of the operation of the system necessary to provide the Service, troubleshooting: storage, consultation, deletion, backup, updating, etc. The Service Provider shall take measures to ensure that persons under its control who have access rights to personal data, including any additional processors, may process them only in accordance with the Subscriber's instructions. The Subscriber may also determine the way in which the data are processed for each category or case of data in general. The Subscriber shall be responsible for the lawfulness of the instructions given by the Subscriber in relation to the tasks specified in the contract, but the Service Provider shall bring them to the attention of the Subscriber without delay, before carrying out the instruction, if it considers that the Subscriber has given an inappropriate, unprofessional or unlawful instruction. The Service Provider shall do its utmost to ensure the security of the personal data processed by it within the framework of the Contract and to reduce the risks associated with the processing of such data, in accordance with Article 32 of the GDPR and the regulations on electronic information security of public and municipal bodies, and shall receive and comply with the Subscriber's instructions to this effect. The Service Provider shall implement technical and organisational measures to achieve and maintain (guarantee) an appropriate level of data and information security, including, but not limited to:

taking all necessary measures against the loss, misuse, disclosure, alteration or deletion of the data of the data subject
process personal data on physically and logically secure systems (servers) with restricted access
ensure that access to the stored data is restricted, either through internal systems or by direct access, to authorised persons and only in relation to the purposes for which the data are processed
ensure the necessary regular maintenance, development and security updates of the tools used
ensure that data stored in different registers cannot be directly linked and attributed to the data subject

The Service Provider shall not use personal data for its own purposes or for purposes other than those specified by the Subscriber. In its activities, the Service Provider shall comply with the GDPR, PDPA and other data protection legislation, in accordance with established case law and taking into account international recommendations. Any data (including personal data), information, or any personal data, information or data or information entered into the Software by the Subscriber or by persons acting on behalf of the Subscriber in the course of providing the Service for the performance of this Agreement shall be the property of the Subscriber. The Subscriber shall be entitled to record such data, personal data or information in another system at any time, and the Service Provider shall be obliged to provide them to the Subscriber in a generally processable format at a time agreed by the Parties prior to the termination of the contract, and to permanently delete them from its systems and destroy the paper copies within 30 days of the termination of the contract, and shall declare this fact to the Subscriber by issuing a private document with full probative value. The Parties stipulate that, in view of the fact that the tasks specified as the subject matter of the contract are data processing tasks and operations, the consideration for the contract also serves to compensate for the tasks arising from the capacity of data processor.

12.3 Data security

The Service Provider is obliged to provide to the competent authority, in the manner and in the cases provided for by law, data relating to the Service which are necessary for the use of the Service and for the performance of the tasks of the competent authority, even if they are considered business secrets. The Service Provider may only know the content of the data handled or transmitted by it or through the use of its Software to the extent necessary for the performance of the Service. If the Service Provider has obtained knowledge of personal data in the course of the performance of the Service, it may not disclose the content of such data to any other person. The Service Provider shall be entitled to verify the data uploaded by the Subscriber in connection with the Service in the event of suspected infringement or breach of contract. However, the Service Provider shall not be obliged to check the content of the data transmitted, stored or made available by it in advance and on a regular basis, nor shall it be obliged to search for facts or circumstances that indicate the performance of unlawful activities. The Service Provider shall not be liable for any damage or loss caused by information transmitted, stored or made available by the Subscriber which contains illegal content. Except in the case of national security services and investigative authorities as provided for by law, the Service Provider shall not, without the consent of the Subscriber concerned, monitor, store or interfere with the data, except for the following measures taken in the interest of Subscribers:

The Service Provider shall regularly back up the data within the scope of the Service. The Service Provider shall keep the backups confidential and shall use them only to restore data resulting from a failure.
The Service Provider may perform automatic filtering of e-mails sent via the Software without human intervention to protect its own and the Subscriber's data and system resources. The Service Provider shall apply filtering to the transmitted e-mails only in cases where its customers are generally affected or the operation of the Service Provider's systems is seriously compromised (in particular, but not exclusively, filtering of large volumes of spam or viruses affecting many users)
The Service Provider may use the data processed or transmitted by its Software and Services for service improvement and statistical purposes, but only in an anonymous manner.

The filtering process used by the Service Provider may not provide complete and flawless protection, and therefore the user may receive a virus mail or a non-virus mail may be detected as a virus by the system. The service provider is not liable for any damage resulting from the appearance of viruses or the loss of mail detected as viruses or spam by the filtering process.

The data processed by the Service Provider may be transferred to those who:

perform billing, claims management, distribution management or customer information on behalf of the Service Provider
to bodies authorised by law to settle billing and distribution disputes
operate, monitor, backup and provide other administrative services on the Service Provider's servers
to the competent national security bodies, investigative authorities and courts for the purpose of protecting national security, defence and public safety, and prosecuting criminal offences

The service provider is entitled to transfer to a third party the data relating to the Subscriber which are necessary for the collection of the debts of the Subscriber and which are not settled by the due date, and this third party may store the data transferred until the debt is settled at the latest.

13. Rights and obligations of the Subscriber

13.1 Subscriber's rights

The Subscriber has the right to use the Services under the conditions set out in the GTC and the Specific Contract. The Subscriber is entitled to take away the data and information entered, recorded, uploaded or generated by the Service Provider in the course of using the Services on physical or virtual server storage locations, systems, software and databases provided by the Service Provider.

13.2 Subscriber's liability

The Subscriber shall use the service as intended. The Subscriber is responsible for the misuse of the service. The Subscriber undertakes to provide the necessary cooperation in connection with the establishment and provision of the service. The Subscriber may not transfer the service to a third party without the written consent of the Service Provider. The Subscriber warrants that he/she is entitled to the lawful use of the applications and software running in connection with the Service. The Subscriber may use the Service Provider's servers only for the transmission of information that does not violate the law, in particular the Service Provider's reputation and fair business practices. The Subscriber Side Tools necessary for the operation of the service shall be operated according to the Subscriber's needs. The Subscriber shall ensure that the Subscriber Side Equipment is procured for its intended purpose and is operated in a faultless and safe manner. The Subscriber shall be liable for any damage to or loss of data on the Subscriber Site Facilities. The Subscriber shall ensure that the Subscriber's Site Facilities are operated free of malicious programs (viruses, Trojan horses, etc.). The Subscriber shall be liable for any damage to the Subscriber's Site Facilities caused by malicious software. The Subscriber is liable to the Service Provider if the infection of malicious software originating from the Subscriber's Site Tools causes damage to the Subscriber's data that goes beyond the scope of the Subscriber's liability.

13.3 Security

Subscriber shall implement appropriate security measures to prevent or minimize unauthorized use of the Service by taking steps to ensure that unauthorized persons do not have access to the Service. Subscriber shall not use the Service to intentionally cause or attempt to cause damage. Sharing the Service with unauthorised users is not permitted. It is the Subscriber's responsibility to keep passwords confidential.

14. Provider's rights and obligations

The service provider is entitled to check the data uploaded by the subscriber in connection with the service if there is a suspicion of infringement or breach of contract. However, the Service Provider is not obliged to check in advance and on a regular basis the content of the information that it has only transmitted, stored or made available, nor is it obliged to search for facts or circumstances that indicate the carrying out of illegal activities. The Service Provider expressly disclaims all liability, whether express or implied, including, in particular, liability for the fitness for a particular purpose and for any commercial use. The Service Provider is entitled to use a subcontractor. The Service Provider shall be liable for the conduct of the subcontractor as if it had acted itself.

The Service Provider shall not be liable for any damage or loss caused by the content of the information transmitted if:

the Service Provider does not initiate the transmission of the information
the Service Provider does not choose the recipient of the transmission
the Service Provider does not select or modify the information to be transmitted

In the event that the Service Provider stores information provided by the Subscriber, the Service Provider shall not be liable for any damage caused by the content of the information provided by the Subscriber if:

is not aware of any unlawful conduct in relation to the information or that the information infringes the rights or legitimate interests of any person
not knowing of any facts or circumstances which would make it likely that the information is about to be disclosed, or of any unlawful conduct or that the information would prejudice the rights or legitimate interests of any person
as soon as he/she becomes aware of the facts referred to in points (a) and (b), he/she shall promptly remove the information or not provide access to it

If the Service Provider provides the Subscriber with an information retrieval service, the Service Provider shall not be liable for any damage caused by making the information available in this way if:

is not aware of any unlawful conduct relating to the information or that the information infringes the rights or legitimate interests of any person
is not aware of any facts or circumstances which would make it likely that the information will be unlawful or that it would prejudice the rights or legitimate interests of any person
as soon as he/she becomes aware of the facts referred to in points (a) and (b), he/she shall take immediate steps to remove or disable access to the access information

15. Intellectual property

The Service Provider's "Intellectual Property" includes: (a) the Services, including the Service Provider's proprietary software and third party closed source software, that the Service Provider provides to the Subscriber in the course of the Subscriber's use of the Services; (b) all software, software solutions, technologies, technical information, discoveries, ideas, theories, developments, designs, original works of authorship, processes, algorithms, inventions, know-how, processes and other information developed or used by the Service Provider; (c) all documentation, program material, marketing material, flowcharts, notes, sketches and other information provided by the Service Provider in connection with the Contract and the Services; (d) the Service Provider's trade secrets and any other confidential and/or proprietary information of value.

Unless otherwise provided for in the Individual Contract, the Contract does not create any right or title other than a right of use by the Subscriber to the Service Provider's Intellectual Property or to the Intellectual Property of any third party used for the Service. The Provider's and third party Intellectual Property used for the Service: (a) rent, lease, loan, charge, pledge, copy, make available or distribute; (b) transfer to a third party; (c) alter or consent to the alteration of the same; (d) copy or consent to the copying or distribution of the same; (e) engage in any intentional conduct that would jeopardize the Service Provider's ownership of the Service Provider Intellectual Property; (f) acquire or seek to acquire ownership of the Service Provider Intellectual Property; (g) reverse engineer, decompile, disassemble or otherwise attempt to obtain the source code or database structure of the Service Provider Intellectual Property; (h) remove, modify or overwrite any copyright, trademark or other intellectual property mark displayed on or appearing in the Service Provider Intellectual Property or in the course of using the Service Provider Intellectual Property.

The Service Provider is entitled to unilaterally change, improve or develop the software necessary for the provision of the service, if this is necessary for maintenance or to increase the level of service. If the Subscriber modifies the software or other elements of the services without being entitled to do so under the Contract, the Service Provider shall not be liable for any failure of the software or services resulting from such modification. The Subscriber may not use the software, know-how and other intellectual property installed by the Service Provider for any purpose other than the use of the Service, nor may he copy them from the system, nor may he transfer them to third parties or grant them access. The Subscriber shall indemnify the Service Provider against all damages, costs and claims arising from any breach of this provision. Data and information entered, recorded or uploaded by the Subscriber to physical or virtual server storage space, systems, software and databases provided by the Service Provider in the course of using the Services shall constitute the intellectual property of the Subscriber, unless otherwise provided by law, contract or other legal relationship.

16. Remuneration

16.1 One-off fees

In addition to the regular fee, the Service Provider may charge a one-off fee for the installation, start-up and related tasks (data migration, data cleaning, integration, reconnection, etc.), the amount of which shall be specified in the Specific Contract. These charges will be invoiced by the Service Provider after the service has been provided. Service Provider's license fees will be invoiced after the start of the entitlement. The start date of the entitlement is the date of signing the relevant contract, which is independent of the date of performance of any associated installation service.

16.2 Regular fees

Subscriber shall pay a periodic (optionally monthly, quarterly, semi-annual or annual) fee for the Service, the rate and frequency of which shall be specified in the Individual Contract. Monthly, quarterly and semi-annual billing is not optional if it would result in gross invoices of less than HUF 50,000 or EUR 150 or THB 5,000. The Service Provider shall invoice the due fees per fee payment period, prior to the current period, and send the invoice to the Subscriber.

16.3 Discounts

If the Subscriber uses a service in conjunction with a conditional discount, the use of the discount is further subject to the condition that, for a limited period of time from the entry into force of the Contract and specified by the Service Provider, the service provided is not restricted, suspended or terminated for reasons on the part of the Subscriber, and that the Subscriber is not in default with the payment of the charges.

16.4 Method of payment and billing

The charges are based on the service charges set out in the Individual Contract or the Annual Indexation Prospectus. The due date for payment of the ad hoc, monthly, quarterly and semi-annual invoices is 10 calendar days from the date of issue. The payment deadline for annual invoices is 10 January of the year of the service period. The Subscriber shall pay the invoice by bank transfer to the Service Provider's bank account no later than the payment deadline specified on the invoice. If the Subscriber does not receive the invoice by the 15th day of the month of the beginning of the relevant tariff period, he/she shall notify the Service Provider. The Subscriber shall pay interest on late payment if the amount of the invoice is not paid by the date indicated on the invoice. The Service Provider shall send the invoices issued by it electronically to the e-mail address of its Financial Contact specified in the Single Contract, instead of by post. (This does not mean electronic billing, only electronic invoice transmission.) The Subscriber is entitled to request that the original invoice issued by the Service Provider be sent again in electronic form (invoice copy). The issuing of a copy of the invoice is subject to a fee.

16.5 Assignment of financial claims

The Service Provider shall be entitled to assign its financial claims against the Subscriber to a third party at any time without the Subscriber's prior consent, and shall inform the Subscriber thereof in writing.

17. Miscellaneous provisions

17.1 Governing law

The interpretation of the Contract and any matters not covered by the Contract shall be governed by the law of the Subscriber's place of residence.

17.17.1.

17.2 Confidentiality

The Parties agree that the contents of this Agreement and the documents relating to it, as well as technical, economic, financial, personal, labour or business data and information concerning the other Party which they have obtained in connection with the service relationship, may be disclosed or made public to third parties without the prior written consent of the Party concerned only if required by law or by a court or administrative decision. The Parties shall, within their respective spheres of competence, use and ensure all necessary means to prevent any unintended disclosure of information. The Parties shall be bound by a duty of confidentiality with regard to any facts, data or information coming to their knowledge in the course of the performance of the contract or in the interests thereof, and any conclusions which may be drawn therefrom, and shall use them only to the extent necessary for the performance of the contract. The obligation of confidentiality shall continue during the term of this contract and after its termination, without any time limitation. Before processing the Subscriber's data or data relating to the Subscriber, persons acting on behalf of the Service Provider shall be required to sign a confidentiality declaration, the existence of which shall be declared by the Service Provider in a private document with full probative value, if so requested by the Subscriber. In the event of a suspected breach of confidentiality, the Service Provider shall cooperate with the Subscriber in every possible way to clarify the circumstances and prevent any further breach of confidentiality. The Service Provider shall be fully liable for any moral and material damage caused by any breach of confidentiality by persons acting on its behalf.

17.3 Notifications

Where the Contract provides for written notices in general, such notices shall be deemed to be sent by post, e-mail or by an entry on the Customer Portal. Written notices sent by the Parties shall be deemed to have been served as follows:

all notices sent to the registered office of a Party shall be deemed to have been delivered on the 15th (fifteenth) Business Day following the date of posting
Shipments delivered directly by either Party shall be deemed to have been delivered on the date of receipt
in the case of notification by e-mail, on the working day following the day on which the e-mail is sent
In the case of notification by means of a gateway, on the working day following the day on which the entry is made

Notices and invoices relating to the Contract shall be sent to the Financial Contact email address specified in the Individual Contract. If the Individual Contract does not contain such a notification address, notifications shall be sent to the address of the registered office or residence.

If the subject matter of the notification is an amendment to these GTC, the Service Provider shall comply with its notification obligation by publishing the notification on the Service Provider's Website.