SaaS Contract - PlanningPME Web Access - GDPR
BETWEEN THE UNDERSIGNED :
Limited liability company with capital of EUR 50,000, with registered office at 39 rue Michel Ange 91026 EVRY cedex France, recorded in the Evry Commercial Register
Hereinafter referred to as ďthe ProviderĒ,
PARTY OF THE FIRST PART
PARTY OF THE SECOND PART
Individually referred to as ďPartyĒ and jointly as ďPartiesĒ,
The Customer wishes to use SaaS from a service provider specialized in the following application: planning solution in SaaS mode. The Customerís objective for operating these applications is resource planning.
The Provider is a supplier of Software as a Service, corporate applications leased online (known as a SaaS provider). In this capacity, it is the Application Service Provider as set out below in the contract.
The Customer acknowledges that it has run a free trial of the solution on the PlanningPME website, allowing it to judge whether the Application Services are suitable for its needs and to take all reasonable precautions for their use.
NOW, THEREFORE, THE FOLLOWING HAS HEREBY BEEN AGREED
ARTICLE 1. DEFINITIONS
The terms in initial capitals in this Contract, whether used in the singular or the plural, shall have the meaning given to them below.
Solutions means the operational functions listed in the description of the application services and made available to the Customer as part of the Application Services that form the object of the contract.
Data means the information, publications and, generally, the data in the Customer database, the use of which forms the object of this contract, which can only be consulted by Users.
API is a set of functions that facilitate access to the solution's services.
Log-in Details means both the userís own username and their password, sent to them upon subscribing to the service.
Internet means all interconnected networks, which are located in all regions of the world.
Intranet means a companyís or an organizationís own computer network, which uses TCP/IP protocols and, more generally, the technologies of the Internet, and which may be connected to the Internet.
Software means any software supplied by the Provider to the Customer and, in particular, the associated Solutions.
Application Service means the service offered by the Provider in SaaS mode, allowing the Customer to use the Solutions.
User means an individual placed under the responsibility of the Customer (officer, employee, representative, etc.) and benefitting from access to the Application Services on their computer in accordance with the use licence acquired by the Customer.
Error is a fault in the design of a computer programme which causes it to malfunction; the level of seriousness can range from minor to critical.
Documentation explains how the solution functions and how it must be used.
Maintenance enables the expiry of equipment to be foreseen and IT infrastructure to be developed (software and hardware).
ARTICLE 2. OBJECT
The contract sets out the terms and conditions applicable to the Services ordered by the Customer.
The Provider grants to the Customer, who accepts:
- an access right to the Providerís servers under the conditions set out below
- a right to end use of the Solutions
- a set of services defined hereinafter, including data hosting, application services maintenance and technical support
ARTICLE 3. CONTRACTUAL DOCUMENTS
The contract as well as the documents entitled ďAnnexesĒ constitute the entire agreement existing between the Parties, hereinafter referred to jointly as the Contract. This replaces and annuls any previous oral or written commitment with regard to the object of the Contract.
The Contract is formed of the following contractual documents, presented hierarchically based on their legal force, in descending order.
- this document
- the annexes to this document
In the event of a contradiction between one and/or several provisions appearing in any of these documents, the higher-ranking document shall take precedence.
The annexes to this document, which are an integral part of the Contract, are as follows:
- Annex A: Quality Charter
- Annex B: Financial Conditions
It is formally agreed between the Parties that if one of the Parties were to waive, or show tolerance with regard to, all or part of the commitments set out in the Contract, regardless of the frequency or duration, this shall not constitute an amendment to the Contract and nor may it establish a right of any kind.
ARTICLE 4. ENTRY INTO EFFECT, TERM AND RENEWAL
The Contract shall come into effect upon receipt of the signed purchase order.
Its contractual term is set at 12 months from its entry into force.
The Provider shall notify the Customer of the maturity of the Contract, and the renewal terms offered to it, in writing, 30 days before the end of this term.
If no response is received from the Customer within 30 days of the notification, the Contract shall be renewed under identical conditions, unless the Parties agree a new functional scope for the Application Services to meet the needs of the Customer.
ARTICLE 5. DESCRIPTION OF THE APPLICATION SERVICES
5.1. APPLICATION SOLUTIONS
The Provider makes the planning Solution PlanningPME Web Access available to the Customer on its server via the Internet.
The data processed by the solution is as follows: customer, project, sub-project, resource, skill, equipment, event, unavailability, group, user, history, which can be supplemented, modified or deleted by the user.
The Provider grants the Customer a non-exclusive right to use the solution.
A warranty against any programming defect is provided by the Provider from the date that the Application Services are accessed for a duration of 90 days. This warranty is no longer valid if a third party operates the programmes.
The Provider provides data hosting, maintenance and security for the Solutions.
The Provider performs a back-up of the Data every day. These back-ups are saved for a week (see the Quality Charter in Annex A).
The services are provided pursuant to the Quality Charter in the Annexes.
The Provider provides an API limited to 2000 requests per hour and per API key; above this limit, a volumetric pricing will be applied.
The Internet Access Provider is chosen by the Customer. The Provider provides no warranty with respect to this.
5.3. ACCESS TO THE SOLUTIONS
The Customer alone shall use this right of access. It may log in at any time, excluding during maintenance periods, namely:
- 24 hours a day
- 7 days a week
- including Sundays and public holidays
- with support from the Providerís technical support teams
The Solution may be accessed:
- from the Customerís computers
- from any of the Customerís portable computers
- using the Log-in Details provided to the Customer
On accessing the Application Services, the Customer is identified by:
- a username assigned to each User by the Provider
- a password sent to the Customer by the Provider
The Customer will use the Log-in Details sent to it each time it connects to the Application Services.
The purpose of the Log-in Details is to restrict access to the Solutions under this Contract to the Customerís Users, to protect the Solutionsí integrity and availability, as well as the integrity, availability and confidentiality of the Customerís Data, as transmitted by the Users.
Confidentiality of log-in details:
The Log-in Details are personal and confidential. The Customer undertakes to make every effort to keep its Log-in Details secret and not to disclose them in any form whatsoever. The Customer is entirely responsible for the use of the Log-in Details and is responsible for the safekeeping and security of the access codes sent to it. It will make sure that no other person not authorized by the Provider has access to the Application Services and the Solutions. Generally, the Customer assumes responsibility for the security of individual workstations used to access the Solutions. If it is aware that another person has accessed them, the Customer shall inform the Provider immediately and confirm it by registered letter. If its log-in details are lost or stolen, the Customer shall use the process put in place by the Provider to recover its log-in details, by email or telephone.
ARTICLE 6. APPLICATION QUALITY
The Customer has been advised of the inherent technical risks of the Internet and the interruptions to access that may result from them. The Provider shall therefore not be held liable for any unavailability or slowing of the Application Services. In addition, the Provider provides its services pursuant to the Quality Charter. The Provider is not able to guarantee the continuity of the Application Services, fulfilled remotely via the Internet, a fact which the Customer acknowledges.
The Provider undertakes to implement effective controls to give a reasonable assurance that the Customer may access and use the relevant applications at the times set out in this contract.
The Provider guarantees the implementation of the Application Services pursuant to the Quality Charter in the Annexes.
The Application Services may occasionally be suspended due to essential maintenance on the Providerís servers. If the Application Services are interrupted due to maintenance, the Provider undertakes to comply with the process described below in the article ďMaintenanceĒ, so that the Customer can preferably be informed of the interruption and can take measures sufficiently in advance to avoid any disruption to its business.
The Provider may not be held liable for the possible impact of this outage on the Customerís business.
ARTICLE 7. LICENCE
The Provider assigns the Customer a personal, non-exclusive, non-assignable and non-transferable right to use the Solutions, for the entire duration of the Contract and worldwide.
The Customer may only use the Application Services and Solutions in accordance with its requirements and their documentation. In particular, the licence for the Solutions is only assigned with the sole aim of allowing the Customer use of the Services, to the exclusion of all other purposes.
The right of use refers to the right to present and implement the Application Services in accordance with their purpose, in SaaS mode, through a connection to an electronic communications network. The Customer may not in any case make the Solutions available to a third party and is strictly prohibited from any other use, in particular but not limited to any adaptation, modification, translation, arrangement, dissemination or decompilation.
ARTICLE 8. MAINTENANCE
The Provider is responsible for corrective and ongoing maintenance of the Solutions.
Corrective maintenance: Telephone support for handling errors is available from Monday to Friday from 9:00 a.m. to 6:00 p.m. Error reports must be immediately confirmed by an email to the Provider. The Provider shall proceed to diagnose the error and then implement corrective measures.
(a) In the event of a critical error, the report shall be acknowledged in under 24 business hours. The Provider shall strive to correct critical errors as soon as possible and will offer a workaround solution.
(b) In the event of a normal error, the report shall be acknowledged within 48 business hours. The Provider shall strive to correct the error and will offer a workaround solution that means the functionalities in question can continue to be used, within 60 working days.
(c) In the event of minor errors, the report shall be acknowledged as soon as possible, and the Provider will correct the minor error in a new version of the Service, issued as part of ongoing maintenance.
The Provider is not responsible for Maintenance in the following cases:
- refusal of the Customer to cooperate with the Provider in resolving errors and in particular to respond to questions and requests for information.
- use of the Application Services that is not compliant with their purpose or their documentation.
- unauthorized modification of the Solutions by the Customer or a third party.
- failure of the Customer to meet its obligations under the Contract.
- installation of any software packages, software or operating systems that are incompatible with the Application Services.
- failure of the electronic communication networks.
- voluntary act of degradation, abuse or sabotage.
- deterioration due to an event of force majeure or misuse of the Application Services.
Ongoing maintenance: The Customer benefits from updates and functional developments to the Application Services.
The Provider undertakes to transmit updated documentation for new updates to the Solutions.
Corrections to and developments of the Application Services are expressly subject to this Contract.
The Provider warrants that the upgrades or new versions of Software shall not lead to any loss in performance or functionality with regard to the Application Services.
The Provider shall perform regular anti-virus and anti-malware updates on the servers.
ARTICLE 9. TECHNICAL SUPPORT
The Provider shall respond to the Customer by telephone from Monday to Friday, 9:00 a.m. to 6 p.m., by telephone, within a maximum of 1 hour upon calling +33 169 471 000.
ARTICLE 10. TRAINING
On the Customerís request, the Provider may, under conditions to be defined, provide a mutual agreement on the provision of training.
The Provider shall submit a proposal for training provision if its technical support and corrective maintenance reports reveal that there are recurrent problems with the Customerís use, distinct from errors.
ARTICLE 11. DATA PROCESSING
11.1. PERSONAL DATA
If the Data transmitted for the purposes of using the Application Services includes personal data, the Customer warrants to the Provider that it will fulfil all obligations incumbent on it pursuant to the French Information Technology and Civil Liberties Act of 6 January 1978, and that it has informed data subjects who are natural persons of the use made of said personal data. To this effect, the Customer indemnifies the Provider from and against any recourse, complaint or claim from a natural person whose personal data may be reproduced and hosted on the Application Service.
The Provider undertakes to disclose to the Customer the occurrence of any security breach that has direct or indirect consequences on Data Processing, as well as any complaint from any individual affected by the data processed under this Contract. This must be disclosed as soon as possible and a maximum of forty-eight hours after the security breach was discovered or the complaint received.
The Provider undertakes to inform the Customer of the location of the Data and, more generally, to disclose any useful or necessary information to enable declarations to be made. The Customer, as the controller, undertakes to conclude the standard contractual clauses established by the European Commission in its decision of 5 February 2010 and to obtain proper authorization from the CNIL (French National Commission on Informatics and Liberty).
The Provider hereby informs the Customer that the Data will be hosted on servers located in the following countries: France. In the event of changes to the destination countries by the Provider, it shall inform the Customer of this in advance, without delay, and obtain its written consent. Where applicable, the Provider must supply the Customer with an updated list of the destination countries.
The Parties undertake to collect and process any personal data in conformity with all legislation in force applicable to data processing, and in particular, the amended act No. 78-17 of 6 January 1978. With regard to this law, the Customer is responsible for the Processing performed under this Contract.
11.2. USE OF DATA
The Customer has editorial responsibility for use of the Application Services.
The Customer is solely responsible for the quality, lawfulness and pertinence of the Data and content it transmits for the purposes of use of the Application Services. It also warrants that it owns the intellectual property rights permitting use of the Data and content. Consequently, the Provider accepts no liability if the Data and/or content is not compliant with laws and regulations, public policy provisions or even the Customerís requirements.
The Customer shall indemnify the Provider, on first request, from and against all liabilities that may result from accusations from a third party relating to a breach of this indemnity.
More generally, the Customer is solely liable for content and messages disseminated and/or downloaded via the Application Services. The Customer remains the sole owner of the Data constituting the content of the Solutions.
If a request from an administrative or judicial authority is received by the Provider, it undertakes to inform the Customer of this immediately.
The Customer shall complete the declaratory formalities concerning the Processing with the competent data protection authorities. The Provider undertakes to provide any useful information to enable these formalities to be completed.
11.3. DATA SECURITY
Each of the Parties undertakes to implement appropriate technical means to ensure the security of the Data.
Without prejudice to the article ďLiabilityĒ, the Provider undertakes to maintain the integrity and confidentiality of the Data contained in the Solutions. The Provider shall implement technical and organizational measures to prevent any fraudulent access to or use of the Data and to prevent any loss, alteration or destruction of the Data.
In performance of the Contract, the Provider shall act solely on the instructions of the Customer. In this capacity, the Provider undertakes not to use the Data for its own purposes or for that of a third party.
Pursuant to Article 34 of the French Information Technology and Civil Liberties Act as amended, the Provider undertakes to take all reasonable precautions to keep information secure and, in particular, to protect it from any accidental or illegal destruction, accidental loss, alteration, dissemination or unauthorized access, particularly when the Processing includes data transmitted within a network, as well as precautions against any other form of illegal processing or disclosure to unauthorized persons.
The Provider will provide the Customer with the IT security policy that it has in place and will inform it of changes to this policy. It will make available to the Customer documents concerning the security of its data, including, in particular, the necessary technical documentation, risk analyses produced and a detailed list of the security measures implemented.
The IT platforms and documents provided by the Customer to the Provider remain the Customerís property.
The data contained on these media and in these documents is strictly covered by professional secrets (Article 226-13 of the French Criminal Code), and the same applies to all data that comes to the Providerís knowledge in performance of the Contract.
The Provider undertakes to ensure its compliance Ė and that of its staff Ė with the following obligations:
- not to make any copies of documents and information media entrusted to it, unless necessary for the performance of this Contract and with the prior agreement of the Customer.
- not to use the documents and information processed for purposes other than those specified in this contract.
- not to disclose these documents or information to other persons, whether governed by private or public law, or natural or legal persons.
- to take all measures to avoid any fraudulent or improper use of the files in performance of the contract.
ARTICLE 12. TECHNICAL AUDIT
The Customer, after notifying the Provider in writing, with a minimum notice period of 4 weeks, may conduct, at its own cost, an audit of the operating conditions of the Solutions, and, more generally, of the compliance of the Provider with the technical and security specifications [Quality Charter in the annexes]. To this effect, the Customer shall designate an independent auditor who is not in competition with the Provider in the SaaS market and who must be approved by the Provider and sign a confidentiality agreement.
The audit must be conducted within the strict conditions described above and may not include the Providerís financial, accounting or commercial data in its scope.
The Provider undertakes to cooperate in good faith with the expert and to facilitate the audit, providing him or her with all the information necessary and responding to all requests related to this audit. The audit shall be conducted during the Providerís business hours. A copy of the audit report by the auditor shall be sent to each Party and examined conjointly by the Parties, who agree to meet for this purpose.
ARTICLE 13. FINANCIAL CONDITIONS
The financial conditions are set out in the Annexes.
The fees for the Services are indicated in euros and do not include taxes or charges.
The invoicing address is the Customerís registered address.
Excluded from the fees and requiring separate invoices are the following:
- and more generally any provisions not included in the SaaS offer
13.2. PAYMENT METHODS
Regardless of the contractual duration, the Services are invoiced every 12 months.
Invoices are payable in advance, within 30 days of their receipt, by cheque or bank transfer.
13.3. DEFAULT IN PAYMENT
Without prejudice to any damages and interest, the Customerís failure to pay an invoice when it is due entitles the Provider to:
- apply late-payment interest equal to three times the statutory interest rate, without prior notice and commencing from the first day of delay.
- claim additional banking and management costs (recovery, correspondence and telephone reminder costs, resubmission of debits declined by its bank).
- suspend the Services immediately.
ARTICLE 14. OWNERSHIP
The Customer is and remains the owner of all the Data that it uses via the Application Services under the Contract.
The Provider is and remains the holder of ownership rights concerning all elements of the Application Services and the Solutions made available to the Customer and more generally the IT infrastructure (software or hardware) implemented or developed under the Contract.
The Contract does not confer any right of ownership to the Customer to the Solutions.
The temporary availability of the Solutions under the conditions set out in the Contract may not be viewed as an assignment of any intellectual property right to the benefit of the Customer, within the meaning of the French Intellectual Property Code.
The Client is prohibited from reproducing any element of the Software or any documentation concerning it, by any method whatsoever, in any form whatsoever and on any media whatsoever.
The Customer may not assign the rights and obligations arising from the Contract, in whole or in part, whether this is by way of a temporary assignment, a sub-licensing agreement or any other contract transferring said rights and obligations.
ARTICLE 15. WARRANTY OF TITLE
The Provider declares and warrants:
- that the Solutions it has developed are original within the meaning of the French Intellectual Property Code,
- that it owns all the intellectual property rights required to be able to conclude the Contract.
The Provider declares and warrants that the Solutions are not liable to infringe the rights of third parties.
ARTICLE 16. LIABILITY Ė FORCE MAJEURE
Each of the Parties assumes liability for the consequences resulting from its negligence, errors and omissions as well as the negligence, errors and omissions of any of its subcontractors that cause direct harm to the other Party.
In addition, and in the event of negligence proven by the Customer, the Provider shall only be obliged to remedy the pecuniary consequences of direct and foreseeable harm due to performance of the Services. As a consequence, the Provider cannot, under any circumstances, assume liability for indirect or unforeseeable damages to, or losses of, the Customer or third parties, which specifically includes any loss of earnings, loss, inaccuracy or corruption of files or Data, commercial damage, loss of revenue or profits, loss of clientele, loss of opportunity, costs of obtaining a substitute product, service or technology, relating to or originating from the failure to perform or wrongful performance of the services.
In any case, the amount for which the Provider is liable is strictly limited to the reimbursement of the sums actually paid by the Customer as of the date on which the event incurring liability occurred, per user workstation, per day of interruption based on average consumption over the previous 6 months.
Furthermore, the Provider may not be held liable for the accidental destruction of the Data by the Customer or a third party accessing the Application Services using the Log-in Details provided to the Customer.
The Provider may not, in any case, be held liable for any damages in the event of losses caused by an interruption or a drop in service by the telecommunications operator, an electricity supplier or an event of force majeure.
Neither of the Parties may be held liable for any breach of its obligations under this Contract if such a breach results from: a governmental decision, including any withdrawal or suspension of any authorizations, a total or partial strike, whether internal or external to the company, a fire, a natural disaster, a state of war, a total or partial interruption or a stopping of the telecommunications or electrical networks, an act of computer piracy, or more generally any other event of force majeure having the characteristics defined in jurisprudence. The Party observing such an event must immediately inform the other Party of the impossibility of fulfilling its obligations.
The suspension of obligations or delay therein may not be used to invoke liability for non-performance of obligations, nor give rise to the payment of damages or late-payment interest.
ARTICLE 17. INSURANCE
The Provider has subscribed to the necessary insurance policies to cover the risks related to its business. It undertakes to provide the Customer with proof of this, if explicitly requested.
The Customer must make sure that sufficient guarantees are provided to regulate transfers of Data, in particular through the implementation of binding corporate rules on subcontractors or by the signing of standard contractual clauses as adopted by the European Commission in its decision 2010/84/EU with the interested Parties, including the Provider and any subcontractors.
ARTICLE 18. TERMINATION
In the event of a breach of contractual obligations by one of the Parties, the other Party is entitled to terminate the Contract 30 days after a letter of notice sent by registered post with acknowledgement of receipt has gone unheeded. The breach or breaches observed shall be indicated in the letter of notice.
In the event of termination, the Customer shall cease using the access codes for the Solutions or the Application Services. The reversibility services shall be implemented pursuant to the article ďReversibilityĒ.
The Provider undertakes not to store the Data beyond the storage period set by the Customer for the purposes for which it was collected and, in any case, not to store it after the termination of the Contract.
At the end of the Contract or in the event of its early termination, regardless of the reason for this, the Provider and its subcontractors shall immediately return a copy of all the Data to the Customer, in the same format that the Customer used to send the Data to the Provider, or failing this, in a structured and commonly used format.
This return shall be confirmed by a report, signed and dated by Parties.
Once the return is completed, the Provider shall destroy the copies of the Data held on its systems within a reasonable period and must provide proof of this to the Customer within a reasonable period, following signature of the return report.
ARTICLE 19. REVERSIBILITY
In the event of termination of the contractual relationship, regardless of the reason for this, the Provider undertakes to return Ė or possibly destroy, at the Customerís option Ė all the Data belonging to it, in a standard readable format that would not pose problems in an equivalent environment (SQL dump). This shall be carried out free of charge, upon the first request of the Customer communicated by registered letter with acknowledgement of receipt and within 7 days of receiving such a request.
The Customer shall actively work with the Provider in order to facilitate the Data retrieval.
The Provider shall ensure that the Customer may continue using the Data, without interruption, directly or with the assistance of another service provider.
Upon request, and subject to an additional invoice, the Provider may reload the Customerís Data into the system that it has selected, although it is the Customerís responsibility to make sure this is completely compatible.
Upon the Customerís request, the Provider may provide additional technical support to the Customer and/or a third party designated by it, within the framework of reversibility.
This support shall be invoiced at the Providerís rate in effect when the reversibility notification is issued.
ARTICLE 20. NON-SOLICITATION OF STAFF
Each of the Parties shall refrain from hiring, or giving work to, any of the other Partyís employees, whether directly or through an intermediary, without this Partyís prior express agreement. This provision is valid for the entire duration of the Contract and for 12 months following its termination.
If one of the Parties does not comply with this obligation, it undertakes to compensate the other Party, by immediately paying it, upon request, a fixed sum equal to 12 times the employeeís gross monthly remuneration at the point in time of his or her departure.
ARTICLE 21. CONFIDENTIALITY
Each of the parties is obliged (i) to keep all the information received from the other Party confidential and, in particular, (ii) not to disclose the other Partyís confidential information to any third parties, other than employees or agents that require knowledge of it; and (iii) to only use the other Partyís confidential information to exercise its rights and fulfil its obligations under the terms of the Contract.
Notwithstanding the foregoing, none of the Parties shall have any obligation with regard to information that (i) has entered or enters the public domain without this being due to the fault of the Party receiving it, (ii) is developed independently by the Party receiving it, (iii) is already known to the Party receiving it before the other Party disclosed it, (iv) is legitimately received from a third party not subject to an obligation of confidentiality, or (v) must be disclosed by law or following a court order (in which case it must be disclosed only to the extent required and after notifying the Party that initially provided it in writing).
The Partiesí obligations with regard to confidential information shall remain in effect for the entire duration of the Contract and, once it has ended, for as long as the information in question remains confidential for the Party that disclosed it and, in any case, for a period of 5 years after the end of the contract.
Each of the Parties must return all copies of documents and media containing confidential information of the other Party as soon as the Contract ends, regardless of the reason for this.
The Parties also undertake to ensure that their staff comply with these provisions, along with any agent or third party that may be engaged in any form whatsoever under the Contract.
ARTICLE 22. MISCELLANEOUS
The invalidity, lapse, unenforceability or lack of binding force of one or any of the Contractís provisions shall not result in the remaining contractual provisions being invalid, lapsed or unenforceable, or lacking binding force, and they shall remain in effect. However, the Parties may, by mutual agreement, agree to replace the invalidated provision(s).
The Customerís data constitutes the content of the Solutions.
The Contract is subject to French law, to the exclusion of all other legislation.
If the contract is written in, or translated into several languages, only the French version shall have binding force.
Disputes Ė clause conferring territorial jurisdiction:
To find a mutual solution to any dispute that may arise during the performance of the Contract, the Parties agree to meet with each other within 30 days of receiving a registered letter with acknowledgement of receipt from one of the two Parties.
IF, AT THE END OF A PERIOD OF FIFTEEN DAYS, THE PARTIES DO NOT REACH AGREEMENT ON A COMPROMISE OR SOLUTION, THE DISPUTE WILL THEN BE SUBJECT TO THE COMPETENT COURTS AT THE PROVIDERíS REGISTERED OFFICE.
ANNEX A - QUALITY CHARTER
The Provider undertakes to comply with the Quality Charter and, in particular, the following points, which act as a guarantee of the serviceís quality:
The Provider undertakes to implement effective controls to give a reasonable assurance that the Customer can access and use the Solutions in question at the times set out in this Contract.
The Provider has introduced a redundant system that can run an uninterrupted service.
In the event of non-compliance with availability commitments during the course of a month, the following penalties will be applied:
- the total amount excluding tax of the penalties due for a month is capped at 100% of the monthly price due, excluding tax, for that month.
The Provider may supply an availability report as a means of verifying the parameters defined in this Charter.
SECURITY AND CONFIDENTIALITY
The Provider strives to secure access and use of the Solutions, taking into account the protocols, in accordance with standard practice in the field.
The Provider has put in place effective safeguards against unauthorized physical and electronic access to the Providerís operating systems and applications, as well as to the Customerís confidential information, in order to give a reasonable assurance that access to the systems and the Data of the Customer is restricted to authorized individuals, and that the Customerís confidential information is protected against any use contrary to its purpose.
The Provider has put in place a double back-up of the Data with verification performed by its services, on a daily basis and in response to any specific request related to an event.
The Parties undertake to cooperate with the competent data protection authorities, in particular in the event of any requests for information that may be sent to them or in the event of an inspection. The media is stored in two separate locations for 7 consecutive days.
The Data is backed up through a database back-up procedure. The period for restoring back-ups is 1 day.
The Provider undertakes to implement effective controls in order to give a reasonable assurance that the applications made available to Customers process the data entrusted to it without risk of omission, alteration, deformation or any other form of error that could damage the integrity of the results from these applications and that data is processed in compliance with the applicable statutory regulations, and that the Data and processing are accessible in the event of inspections and external audits that may be conducted.
The integrity of the data processing extends to all system components and all processing phases (data input, transmission, processing, storage and data output). These controls consist of coherence and processing controls, detection and management of errors as well as the Usersí information on any related risk of non-conformity.
The Provider guarantees a response time of 5 seconds between its server and any User located in France. The response time refers to the monthly average of the average daily response time for opening a weekly schedule.
ANNEX B - FINANCIAL CONDITIONS
|PlanningPME Web Access Saas||Monthly cost excluding tax|
|Management of 1 to 9 resources||39 €|
|Management of 10 to 19 resources||59 €||Management of 20 to 29 resources||79 €||Management of 30 to 39 resources||99 €||Management of 40 to 49 resources||119 €||Management of 50 to 74 resources||149 €||Management of 75 to 99 resources||179 €||Management of 100 to 149 resources||219 €||Management of 150 to 199 resources||259 €||Management of 200 to 249 resources||299 €||Management of 250 to 299 resources||339 €||Management of 300 to 399 resources||399 €||Management of 400 to 499 resources||459 €||Management of more than 500 resources||Contact us|