Acceptance of Terms of Service : www.procuassure.com
Changes to Terms of Service
Right to Change Terms. The Company reserves the right, in its sole discretion, to change these Terms of Service ("Updated Terms") from time to time.
Notice of Updated Terms. Unless the Company makes a change for legal or administrative reasons, the Company will provide reasonable advance notice before the Updated Terms become effective. You agree that the Company may notify you of the Updated Terms by posting them on the Site.
Acceptance of Updated Terms. Your use of the Site after the effective date of the Updated Terms constitutes your agreement to the Updated Terms. You should review these Terms of Service and any Updated Terms before using the Site.
Effective Date of Updated Terms. The Updated Terms will be effective as of the time of posting, or such later date as may be specified in the Updated Terms, and will apply to your use of the Site from that point forward.
Account Creation. You must complete the registration process by providing the Company with current, complete, and accurate information as prompted by the applicable registration form. You also will choose a password and a user name.
Responsibility for Account. You are entirely responsible for maintaining the confidentiality of your password and account. Furthermore, you are entirely responsible for any and all activities that occur under your account. You agree to notify the Company immediately of any unauthorised use of your account or any other breach of security.
Liability for Account Misuse. The Company will not be liable for any loss that you may incur as a result of someone else using your password or account, either with or without your knowledge. You could be held liable for losses incurred by the Company or another party due to someone else using your account or password.
Use of Other Accounts. You may not use anyone else's account at any time, without the permission of the account holder.
Account Security. The Company cares about the integrity and security of your personal information. However, the Company cannot guarantee that unauthorised third parties will never be able to defeat the Site's security measures or use any personal information you provide to us for improper purposes. You acknowledge that you provide your personal information at your own risk.
License. During the term of this agreement, the Company grants you a limited, non-exclusive, non-transferable license to access the Site for your personal and non-commercial use in accordance with the Terms of Service.
Intellectual Property Rights. The design, trademarks, service marks, and logos of the Site ("Marks"), are owned by or licensed to the Company, subject to copyright and other intellectual property rights under international conventions. The Company reserves all rights not expressly granted in and to the Site. You agree to not engage in the use, copying, or distribution of any of the Site other than expressly permitted.
You may not engage in any of the following prohibited activities:
copying, distributing, or disclosing any part of the Site in any medium, including without limitation by any automated or non-automated "scraping",
using any automated system, including without limitation "robots," "spiders," "offline readers," etc., to access the Site,
transmitting spam, chain letters, or other unsolicited email,
attempting to interfere with, compromise the system integrity or security of, or decipher any transmissions to or from the servers running the Site,
taking any action that imposes or may impose, at our sole discretion, an unreasonable or disproportionately large load on Site infrastructure,
uploading invalid data, viruses, worms, or other software agents through the Site,
collecting or harvesting any personally identifiable information, including account names, from the Site,
using the Site for any commercial solicitation purposes,
impersonating another person or otherwise misrepresenting your affiliation with a person or entity, conducting fraud, hiding or attempting to hide your identity,
interfering with the proper working of the Site,
accessing any content on the Site through any technology or means other than those provided or authorized by the Site, or
bypassing the measures we may use to prevent or restrict access to the Site, including without limitation, features that prevent or restrict use or copying of any content or enforce limitations on use of the Service or the content.
Content Ownership. You retain all ownership rights to content uploaded to the Site.
Content License. By submitting content to the Site, you grant the Company a worldwide, non-exclusive, royalty-free, sublicenseable, and transferable license to use, reproduce, distribute, prepare derivative works of, display, and perform the content in connection with the Site and the Company's (and its successors' and affiliates') business, including without limitation for promoting and redistributing part or all of the Site (and derivative works thereof) in any media formats and through any media channels.
Third Party Content. Through the Site, you will have the ability to access and/or use content provided by third parties. The Company cannot guarantee that such third party content will be free of material you may find objectionable or otherwise. The Company disclaims any responsibility or liability related to your access or use of any third party content.
Links to other Websites
Links. The Site may contain links to third-party websites or resources. You acknowledge and agree that ProcAssure is not responsible or liable for:
the availability or accuracy of such websites or resources; or
the content, products, or services on or available from such websites or resources.
No Endorsement. Links to such websites or resources do not imply any endorsement by ProcAssure of those websites or resources.
Assumption of Risk. You acknowledge sole responsibility for and assumes all risk arising from your use of any such websites or resources.
Copyright Policy. The Company respects the intellectual property rights of others and expects users of the Service to do the same. We will respond to notices of alleged copyright infringement that comply with applicable law and are properly provided to us. If you believe that your Content has been copied in a way that constitutes copyright infringement, please provide the following information:
a physical or electronic signature of the copyright owner or a person authorised to act on their behalf,
identification of the copyrighted work claimed to have been infringed,
identification of the material that is claimed to be infringing or to be the subject of infringing activity and that is to be removed or access to which is to be disabled, and information reasonably sufficient to permit us to locate the material,
your contact information, including your address, telephone number, and an email address,
a statement by you that you have a good faith belief that use of the material in the manner complained of is not authorised by the copyright owner, its agent, or the law, and
a statement that the information in the notification is accurate, and, under penalty of perjury, that you are authorised to act on behalf of the copyright owner.
Termination on Notice. ProcAssure may terminate this agreement for any reason without notice.
Disclaimers. The Site is provided "as is," without any warranties of any kind. To the fullest extent permissible under applicable Law, the Company disclaims all such warranties, express or implied, including, but not limited to, warranties of merchantability, fitness for a particular purpose, non-infringement, accuracy, freedom from errors, suitability of content, or availability.
Limitation on Liability. Neither party will be liable for breach-of-contract damages that are remote or speculative, or that the breaching party could not reasonably have foreseen on entry into this agreement.
Feedback. We welcome any comment, question, and communication at www.procassure.com.
By accessing the website, you agree to the terms of this policy.
a) We respect your privacy.
b) Security is important to us. We strive to use commercially acceptable means to protect your information, but we cannot guarantee its absolute security.
d) We may use your information to improve the performance and accuracy of our website and system. We will only do so if we can preserve the confidentiality of user identifiable information.
e) If you choose to post publicly on our blog or otherwise explicitly give us permission to share your identifiable information with others, this information may become public.
f) You can opt out of marketing communications we send.
g) We will not sell your information to a third party.
h) We may link to other websites. We cannot vouch for their privacy policies.
k) Please contact us if you would like to learn more about our company and our policies.
1. Information Collection
1.1 Information ProcAssure Collects. ProcAssure may collect information that identifies Users when accessing the Website (collectively, "Information"), which includes
a. user names, names and email addresses ("Personally Identifiable Information"),
b. other information Users provide to ProcAssure but that does not identify Users personally, such as records of User visits, and information Users submit when using the Website,
c. information from third parties, and
d. traffic and usage information generated from User visits to the website, including traffic data and the type of device that Users use to access the Website.
1.2 Tracking Technologies ProcAssure Uses. ProcAssure may use a variety of technologies to collect Information, including cookies, flash cookies, general log information, and referral information from third party websites.
2. No Information Collected from Children
2.1 Website Not Intended for Children. ProcAssure does not
a. intend that the Website or its content are used by children under the age of 13, or
b. direct the Website or its content at children under the age of 13.
2.2 No Information Intentionally Collected from Children. ProcAssure will not, without parental consent, intentionally
a. collect or solicit any Information from anyone under the age of 13, or
b. allow people under the age of 13 to register for the Website.
2.3 In Case of Unintended Collection. If ProcAssure learns from any Person that it has collected Information from a child under age 13 without parental consent, ProcAssure shall promptly delete that Information.
3. How ProcAssure Uses Information. ProcAssure may use the Information its collects to
3.1 provide, operate, maintain, improve, and promote, the Website,
3.2 enable Users to access and use the Website, including uploading, downloading, collaborating on, and sharing content,
3.3 process and complete transactions, and send Users related information, including purchase confirmations and invoices,
3.4 send transactional messages, including responding to User comments, questions, and requests, providing User service and support, and sending Users technical notices, updates, security alerts, and support and administrative messages,
3.5 send promotional communications, such as providing Users with information about services, features, newsletters, offers, promotions, contests, events, and sending updates about User team and chat rooms,
3.6 monitor and analyse trends, usage, and activities in connection with the Website and for marketing or advertising purposes,
3.7 investigate and prevent fraudulent transactions, unauthorized access to the Website, and other illegal activities,
3.8 personalize the Website content, features, or advertisements, and
3.9 enable Users to share content with other Users they designate.
4. Accessing and Correcting User Information
4.1 Opportunity to Request Corrections and Deletions. Subject to paragraph 4.2, ProcAssure shall provide Users with the opportunity to request that ProcAssure
a. correct inaccurate Personally Identifiable Information ProcAssure holds, and
b. delete Information ProcAssure is not required to retain by Law or for legitimate business purposes.
4.2 Discretion Over Corrections and Deletions. ProcAssure will have the sole discretion to adhere to or decline User requests to correct or delete Information that are frivolous or vexatious, jeopardise the privacy of others, are extremely impractical, or not otherwise required by Law.
5. No Security Guarantees. ProcAssure does not guarantee against all unauthorized disclosure, alteration, or destruction or Information.
6. Changes to Policy
6.1 Discretion to Make Changes. ProcAssure may change this policy at its discretion.
6.2 Notice of Changes. ProcAssure shall provide reasonable notice of any such changes on the Website.
6.3 Acceptance of Changes. Users' continued use of the Website after notice of the changes has been posted to the Website will be deemed acceptance of the changes, if
a. a reasonable time has passed in which Users could review the changes, but
b. regardless as to whether the User actually did review the changes.
7. Links to Other Websites. ProcAssure will not be responsible for the content on or privacy practices of third party sites linked to from the Website.
8. Contact. Users may contact ProcAssure by email at firstname.lastname@example.org.
"Effective Date" is defined as 1st May 2020.
"Information" is defined in section 1.
(a) any law (including the common law), statute, bylaw, rule, regulation, order, ordinance, treaty, decree, judgment base on the laws of England and Wales, and
(b) any official directive, protocol, code, guideline, notice, approval, order, policy, or other requirement of any Governmental Authority having the force of law
"Personally Identifiable Information" is defined in section 1.
"User" is defined in the introduction to this policy.
"Website" is defined in the introduction to this policy.
Fraud Risk Register (Free) Software as a Service Terms of Service
These Terms of Service (“Terms”) form a contract between
(1) ProcAssure, 86-90 Paul Street, London, EC2A 4NE United Kingdom ("ProcAssure"), and
(2) the company or other legal entity accepting these Terms (“Customer”)
that governs the Customer’s access to and use of the Fraud Risk Register (Free) solution ("Service") provided by ProcAssure for logging and maintaining a register of fraud risks and controls ("Content"). These Terms also govern ProcAssure and the Customer’s obligations with respect to the security and processing of personal data when using the Service. Terms relating to the processing of Personal Data are incorporated into these Terms and attached as “Annex 1: Data Protection Terms.” These Terms apply equally to any software that is used to provide the Service or made available to the Customer in order to facilitate the Service (“Software”).
Modifications or additions to these Terms may happen from time and time and will be updated on this website.
1. ACCESS TO THE SERVICE
The Customer may use the Service only for business purposes and only within the range of the Customer’s normal business activities, on a non-exclusive basis, solely in strict compliance with these Terms, the documentation that accompanies the Service (the “Documentation”), and all applicable laws, including without limitation, data privacy laws and regulations applicable to the Customer.
2. USER ACCOUNTS
All access to the Service must happen through personal user accounts. When registering a personal user account, the Customer shall provide correct, accurate, current, and complete information about each user through the Service’s registration form and maintain and promptly update the registered data to keep it true, accurate, and complete.
User accounts are personal and must not be shared between individuals. Account information and passwords shall be kept confidential.
The Customer is fully responsible for any use of the Service that is conducted through personal user accounts created by the Customer or anyone working for the Customer, regardless of whether or not the Customer is aware of, or have consented to, such use.
The Customer is responsible for informing anyone who uses the Service for or on behalf of the Customer of the above obligations.
The Customer is obligated to notify ProcAssure immediately of any known or suspected unauthorised use of the Service.
3. CONTACT PERSON
The Customer is responsible for updating ProcAssure of reassignment of this role, and/or any changes in email information. ProcAssure is not liable for any results of communication not reaching its intended recipient as a result of this information being out-of-date.
4. CUSTOMER CONTENT AND DATA
ProcAssure does not claim ownership of any data that is transmitted, stored, created, or processed through any personal user accounts. ProcAssure does not control, verify, or endorse the Content or data in any way.
ProcAssure provides a library of data which the Customer can copy and use, however ProcAssure retains ownership of this data and permits the Customer to use this royalty free.
The Customer represents and warrants that it has all the rights to the data necessary for the Customer to use the Service and grant the rights in this provision, and that the transmission, storage, or use of the content doesn't violate any law or these Terms.
5. RETRIEVAL OF DATA
If the Customer cancels the Service, the Customer must download their data prior to cancelling the Service. Once the Service is cancelled or a user account expires, all data will be deleted.
6. STORAGE OF CONTENT AND DATA
ProcAssure will store the data in any of the following locations: United Kingdom, Australia or United States of America. ProcAssure stores the Customer’s Content and data in accordance with best industry practices and applicable information security laws and regulations, and keeps at least 1 copy of the Customer’s data to protect from data loss. ProcAssure provides not warranty against data loss for the Fraud Risk Register (Free) service. Customers should keep a copy of their own data. If the Service is cancelled, ProcAssure may store the Customer’s Content and data for up to 90 days before it is permanently deleted from all ProcAssure’s systems.
The Customer should not store any Personal Data in the Service, other than the basic information required to create an account to access the service (email and name).
7. TECHNICAL SUPPORT
The Service includes does not include technical support.
8. SERVICE AVAILABILITY
ProcAssure makes no guarantees as to the availability or uptime of the Service, but will at all times use reasonable efforts to maintain the performance, stability, and uptime of the Service.
9. FAIR USE POLICY
ProcAssure does not charge for network traffic costs incurred as a result of using the Service, and assigns each account a monthly network quota. We reserve the right to suspend the Service should network traffic exceed fair use for a significant period of time. Before suspending the Customer’s account(s), we will reach out to notify the Customer of the excessive use, and offer an upgrade of the Fraud Risk Register (Free) to a paid service.
10. ACCEPTABLE USE POLICY ('AUP')
This provision (“AUP”) sets out the rules governing the Customer’s use of the Service. In the event that ProcAssure suspects that the Customer is in breach of this AUP, ProcAssure may suspend the Customer’s access to the Service without notice. The Customer shall not use the Service to harm others or the Service. For example, the Customer shall not use the Service to harm, threaten, or harass another person, organisation, or ProcAssure. You may not use the Service to attempt to build a similar service or website or to build a product using similar features or functions.
In addition, the Customer shall not, and shall not assist or encourage any third party to:
• Access or use the Service in any way intended to improperly avoid exceeding user limits or quotas
• Share passwords or other access information or devices, or otherwise authorise any third party to access or use the Software or the Service
• Use the Service to engage in any unlawful or fraudulent activity
• Use the Service in connection with or operation of facilities, systems, devices, or in other situations in which the failure of the Service could lead to death, personal injury, or physical property and/or environmental damage
• Sell, lend, rent, resell, lease, sublicense, or otherwise transfer any of the rights granted to the Customer with respect to the Service to any third party
• Modify, alter, tamper with, repair or otherwise create derivative works of the Service or any Software that accompanies the Service
• Use any unauthorised means to modify, reroute, or gain access to the Service or attempt to carry out these activities
• Use any automated process or service (such as a bot, a spider, or periodic caching of information stored by ProcAssure) to access or use the Service
• Damage, disable, or impair the Service (or any network connected to the Service)
• Reverse engineer, disassemble, or decompile the Software used to access the Service
• Access or attempt to access ProcAssure’s other accounts, computer systems, or networks not covered by the Terms
• Cause inordinate burden on the Service or ProcAssure’s system resources or capacity
• Remove, obscure, or alter any proprietary rights notices pertaining to the Service
ProcAssure reserves the right, in its sole discretion, to determine whether and what action to take in response to each such notification, and any action or inaction in a particular instance will not dictate or limit ProcAssure’s response to a future complaint.
11. FEES AND PAYMENTS
The Service is offer free of charge at ProcAssure’s discretion.
12. ACCOUNT EXPIRY
Accounts and data will be deleted after a period of inactivity of 6 months. Customers will receive 1 email notifying them of the account deletion.
13. UPDATES TO THE SERVICE
ProcAssure reserves the right, at its sole discretion, to make necessary unscheduled deployments of changes, updates, or enhancement to the Service at any time.
ProcAssure may add or remove functionality or features and suspend or stop a Service.
14. INTELLECTUAL PROPERTY RIGHTS
All intellectual property rights in and to the Service, Software and Documentation, including without limitation to user interfaces, logos, trademarks, product or service names, belong solely to ProcAssure or ProcAssure’s licensors, as the case may be. This contract and the provision of the Service to you does not grant you any rights in or to the Service, Software or Documentation, except to the extent that these Terms explicitly set forth.
Information that the Customer gains access to in connection with the Service shall be treated as confidential information and shall not be disclosed to any third party without the consent of ProcAssure.
The confidentiality obligations set out in this provision shall not prevent the disclosure of information if the Customer is obligated by law to disclose information. ProcAssure shall, if possible, be notified prior to such disclosure.
Information shall not be considered confidential to the extent that the information was already known to the Customer or is accessible to the public.
The Customer undertakes to take all necessary precautions to prevent unauthorised persons from gaining access to, or knowledge of, confidential information. The confidentiality obligation shall apply to the Customer’s employees, subcontractors and other third parties who act on behalf of the Customer.
The confidentiality obligation shall continue to apply after the expiry or termination of a customer relationship.
16. DISCLAIMER OF WARRANTY
ProcAssure provides the service "as-is" and "as available". ProcAssure makes no representations or warranties of any kind, and all express or implied conditions, representations, and warranties including, without limitation, any implied warranty or condition of merchantability, fitness for a particular purpose, non-infringement, satisfactory quality, non-interference, accuracy of informational content, or arising from a course of dealing, law, usage or trade practice are hereby excluded to the extent allowed by applicable law and are expressly disclaimed by ProcAssure, its suppliers and licensors.
The Customer shall defend and indemnify ProcAssure against any cost, loss, damage, or other liability arising from any third party demand or claim that any Customer Data, or the Customer’s use of the Service in breach of these Terms: (a) infringes a registered patent, registered trademark, or copyright of a third party, or misappropriates a trade secret (to the extent that such misappropriation is not the result of ProcAssure’s actions); or (b) violates applicable law.
ProcAssure shall defend and indemnify the Customer from any claim that the Service as such infringes the intellectual property rights of a third party. If such claim is set forth, ProcAssure shall have the option, in ProcAssure’s discretion, to either settle the claim immediately, procure for the Customer the continued and uninterrupted use of the Service, or replace the allegedly infringing part of the Service with a non-infringing part of equal functionality.
The Customer is obligated to notify FotoWare if the Customer receives a claim or demand that is subject to FotoWare’s indemnification obligation, and FotoWare shall have the same obligation towards the Customer.
ProcAssure may terminate the contract with immediate effect at any time.
19. LIMITATION OF LIABILITY
Notwithstanding anything else in these terms of service to the contrary, the aggregated maximum liability in relation to the services of ProcAssure, its affiliates, officers, employees, agents, suppliers and licensors collectively, to customer or any other person or entity using the Service, whether in contract, tort (including negligence), breach of warranty or otherwise, shall be limited to GBP 0.
Regardless of whether any remedy set forth herein fails of its essential purpose or otherwise, in no event will ProcAssure or its suppliers be liable for any lost revenue, profit, or lost or damaged data, business interruption, loss of capital, or for special, indirect, consequential, incidental or punitive damages however caused and regardless of the theory of liability or whether arising out of the use of or inability to use software or otherwise and even if ProcAssure or its suppliers or licensors have been advised of the possibility of such damages.
20. ASSIGNMENT AND TRANSFER
Neither party may transfer or assign its rights and obligations under this contract without the other party’s prior written consent, which shall not be unreasonably withheld. The same shall apply if a party is demerged into several companies or in case of assignment to a subsidiary or another company within the same group, but not if a party is merged with another company.
21. GOVERNING LAWS; DISPUTES
These Terms shall be governed by and interpreted in accordance with the law of England and Wales. In case of a dispute between the parties which cannot be solved by negotiations, either party shall be entitled to have such dispute finally decided by the courts of England and Wales. Nevertheless, ProcAssure has the right to instigate legal proceedings in the country where you have your place of residence or perform business activities.
22. CHANGES TO THESE TERMS
FotoWare will revise these Terms from time to time, and these Terms shall at all times apply as they are available on www.procassure.com/terms-and-conditions
Should you have any questions concerning these Terms, please get in touch with us: contact(at)procassure.com
ANNEX 1: DATA PROTECTION TERMS
The terms in this Annex (“Data Protection Terms”) govern the processing of Personal Data when the Customer utilises Fraud Risk Register (Free).
The Customer should not store any Personal Data in the Service, other than the basic information required to create an account to access the service (email and name).
“General Data Protection Regulation” or “GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
“Personal Data” means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Privacy Laws” means European Data Protection Laws, including the GDPR and any national Data protection laws implementing the European Data Protection Laws which applies to the Customer.
“Standard Contractual Clauses” means the standard data protection clauses for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection, as described in Article 46 of the GDPR.
“Subprocessor” means other processors used by ProcAssure to process data.
The terms “data subject”, “processing”, “processor”, and “supervisory authority” as used herein have the meanings given in the GDPR and the terms “data importer” and “data exporter” have the meanings given in the Standard Contractual Clauses.
3. Processing of Personal Data
4. Processor and controller responsibilities
The Customer and ProcAssure agree that the Customer is the controller of Personal Data and ProcAssure is the processor of such data, except when (a) the Customer acts as a processor of personal data, in which case ProcAssure is a subprocessor. ProcAssure will process Personal Data only on documented instructions from the Customer. If the Customer is a processor, the Customer warrants to ProcAssure that the Customer’s instructions, including appointment of ProcAssure as a processor or subprocessor, have been authorised by the relevant controller.
ProcAssure may process Personal Data otherwise than on the Customer’s instructions if ProcAssure is required to do so by law to which ProcAssure is subject. In such a case, ProcAssure shall inform the Customer of that legal requirement before processing, unless that law prohibits such information on important grounds of public interest.
As a controller, the Customer is solely responsible for making an independent determination as to whether the technical and organisational measures for a Service meets the Customer’s requirements, including any of its security obligations under the GDPR or other applicable Privacy Laws and regulations.
The Customer represents and warrants that it has a legal basis to process the relevant personal data. Furthermore, the Customer represents and warrants that the Content is not unlawful and do not infringe any rights of a third party. In this context, the Customer indemnifies ProcAssure of all claims and actions of third parties related to the processing of Personal Data without a legal basis under the Terms.
5. Compliance with Privacy Laws
ProcAssure shall inform the Customer without undue delay if he considers that the processing of Personal Data in accordance with these Data Protection Terms violates at any time applicable Privacy Laws. The Customer shall then be entitled to suspend the execution of the processing of Personal Data until ProcAssure confirms or changes them.
ProcAssure will provide such reasonable assistance as and information to the Customer, as ProcAssure is obliged to under applicable Privacy Laws. This includes a duty to provide assistance and information with respect to the Customer’s security of processing, personal data breach notification and communication to the Data Subject, data protection impact assessment and prior consultation to the relevant supervisory authority.
6. Processing details
The parties acknowledge and agree that:
• The duration of the processing shall be for the duration of the Customer’s right to use the Service and until all Personal Data is deleted or returned in accordance with Customer instructions or the Terms;
• The nature and purpose of the processing shall be to provide the Service pursuant to Terms and/or Order Form, and may include structuring, storage, retrieval, disclosure by transmission, restriction, and erasure of Personal Data;
• The types of Personal Data processed by the Service include files such as text uploaded by the Customer; and
• The categories of data subjects are Customer’s representatives and end users, such as employees and collaborators.
7. Data Subject Rights
ProcAssure shall comply with the Customer’s reasonable requests to assist with requests from data subjects. If ProcAssure receives a request from Customer’s data subject to exercise one or more of its rights under the GDPR in connection with a Service where ProcAssure is a data processor or subprocessor, ProcAssure will redirect the data subject to make its request directly to the Customer. Customer is responsible for responding to any such request including, where necessary, by using the functionality of the Service.
9. Transfers of personal data
ProcAssure may transfer Personal Data outside the without the explicit written consent of the Customer. Personal Data delivered to a location inside the European Economic Area (“EEA”) may be transferred to other locations outside the EEA.
10. Information security
ProcAssure will implement appropriate technical and organisational measures in such a manner that ProcAssure’s processing of Personal Data will meet the requirements of applicable Privacy Laws and ensure the protection of the rights of the data subject.
ProcAssure will develop, implement and maintain security procedures and practices to protect against accidental or unlawful destruction, loss, alteration or unauthorised disclosure of and access to Personal Data (hereinafter “Personal Data Breach”). Any use of the information systems and the Personal Data that contravenes established routines, instructions from the Customer or applicable Privacy Laws, as well as any security breaches, shall also be treated as a Personal Data Breach.
11. Personal data breach and notification
ProcAssure shall without undue delay notify the Customer upon becoming aware of a Personal Data Breach.
Such notice will summarize in reasonable detail the effect of the breach on the services, and the corrective action taken to be taken by ProcAssure.
ProcAssure will cooperate fully with the Customer in all reasonable and lawful efforts to prevent, mitigate or rectify such Personal Data Breach.
ProcAssure shall have in place routines and systematic processes to follow up Personal Data Breaches which shall include re-establishing the normal state of affairs, eliminating the cause of the Personal Data Breach and preventing its recurrence.
12. Audits and records of processing activities
Where required under the GDPR, ProcAssure shall maintain all records required by Article 30(2) and, to the extent applicable to the processing of Personal Data on behalf of Customer, make them available to Customer upon request.
In order to confirm compliance with these Data Protection Terms, the Customer shall be at liberty to conduct an audit by assigning an independent third party who shall be obliged to observe confidentiality in this regard. Any such audit will follow ProcAssure’s reasonable security requirements, and will not interfere unreasonably with ProcAssure’s business activities.
The audit may only be undertaken after the Customer having provided four weeks written notice to the ProcAssure.
The findings in respect of the performed audit will be discussed and evaluated by the parties and, where applicable, implemented accordingly as the case may be by one of the parties or jointly by both parties.
All costs relating to the audit will be borne by the Customer.
The parties’ economic liability for damages suffered by data subjects or other physicals persons and which results from a party’s breach of Privacy Laws is exhaustively governed by GDPR Article 82 and subject to Clause 19.
14. Data Retention and Deletion
At all times during the term of the Customer’s subscription to the Service, the Customer will have the ability to access, extract and delete Personal Data stored in the Service.
ProcAssure will retain Personal Data that remains stored in a Service in a limited function account for up to 90 days after expiration or termination of Customer’s account. After the retention period ends, ProcAssure will delete the Personal Data within an additional 90 days, unless ProcAssure is permitted or required by applicable law to retain such data or authorised in these Data Protection Terms.