End User License Agreement (EULA), Data Processor Agreement (DPA), Privacy Policy and cookie policy

End User License Agreement (EULA)

This End User License Agreement (“EULA”) is a legal agreement between the Parties Uniconta A/S, Klausdalsbrovej 601, 2750 Ballerup, Denmark, CVR/Company Registration no. 33266928 (“Uniconta“) and the (“Customer”).

The EULA is accepted by the Customer on the Uniconta website www.uniconta.com and shall form the agreement between the parties.

The service is business to business.

This EULA replaces all previous agreements between Uniconta and the Customer regarding the Uniconta Enterprise Resource Planning software including selected add-ons and plug-ins (the “Service”).

1.                       LICENSE GRANTED

1.1                   Rights Reserved by Uniconta

Uniconta owns all title and intellectual property rights in and to the Service. Uniconta reserves all rights not expressly granted to the Customer under this EULA.

1.2                    Customer’s Right of Use

1.2.1              Subject to the Customer’s fulfilment of the Customer’s obligations under the EULA, including, without limitation, payment of any and all applicable subscription fees, Uniconta hereby grants the Customer, subject to the restrictions in Clause 2 below, a personal, non-exclusive, non-transferable right to use the Service according to the terms in this EULA.

1.3                    The Customer’s right to use the Service will take effect on the date of the first login by the Customer and runs until terminated in accordance with the terms in this EULA.

1.3.1              The Service may contain an overview of selected modules. For some features, services and additional modules, separate terms must be accepted by the Customer in addition to this EULA before they may be used.

1.3.2              In addition to the Customer’s own access, the Customer has the right to grant access to the Service to a third party. The Customer warrants and is fully responsible for the third party that the Customer gives access to or uses the Customer’s login details.

1.3.3              Every individual user of the Service appointed by the Customer (“Named User”) must create a user profile under which the Named User shall have access to and utilize Service. The Customer is responsible for the administration of Name Users registered under the Customer and for the Name Users use of the Service.

1.3.4              The Customer shall ensure that the Service is not used in a manner which could harm Uniconta’s name, reputation, or goodwill, or which violates applicable laws or regulations.

2.                       RESTRICTIONS

2.1                    No Assignment, Selling, Sub-licensing, Rental, Lending or Leasing

Subject to section 1.3.3, the Customer may not assign, sell, sub-license, rent, lease or lend the Service.

2.2                    No Copying

The Customer is not allowed to make any copies of the Service, except to the extent expressly permitted by applicable law. Similarly, the Customer may not publish, distribute or otherwise make the Service publicly available for others to copy.

2.3                    Limitations on Reverse Engineering, De-compilation, and Disassembly

The Customer is not entitled to reverse engineer, decompile, or disassemble the Service, except and only to the extent that applicable law notwithstanding this limitation expressly permits such activity.

2.4                    Support, Upgrade, Maintenance, etc.

Uniconta will deliver support, upgrade, maintenance or other services in connection with the Service at the discretion of Uniconta as announced by Uniconta.

3.                       PRICE AND TERMS OF PAYMENT

If the Customer receives an invoice directly from Uniconta, the following applies:

3.1                    In case the Customer needs another level of capacity or functionality, the Service will automatically be upgraded or downgraded accordingly. The Customer accepts that the price will consequently increase or decrease according the configuration of the Service.

3.2                    If the Customer through excessive use of the Service burdens the Service disproportionately, Uniconta is entitled to charge additional fees. Uniconta will notify the Customer in case such fees incur.

3.3                    Payment terms, including due date of payment, appear from the invoices.

3.4                    In case of failure to pay the Service Fee in due time, the Customer will receive one reminder free of charge seven days after said due date. Is the Service Fee subsequently not paid ten days after the date of the first reminder, the Customer will receive a second reminder and be charged a reminder fee of DKK 150 in Denmark, or the equivalent fee permitted in the relevant jurisdiction. Is the License Fee subsequently not paid seven days after the date of the second reminder the Customer’s access to the Service will be blocked subject to section 5.1 and 5.2. Access to the Service will reopen after Uniconta receives payment unless Uniconta has terminated the EULA before this time.

3.5                    The Customer agrees that invoices and reminders sent from Uniconta by e-mail are to be considered duly received by the Customer. E-mails to the address provided by the Customer must be deemed delivered when submitted by Uniconta.

3.6                    The applicable Service Fees can be found on Uniconta’s website and may be modified by change on the website with one (1) month’s notice. The same applies to changes to the composition and content of License types and additional modules. All prices are excl. VAT.

3.7                    First billing period runs from the start of the month of initial access to the Service. Invoices are charged monthly, unless otherwise agreed by the Parties.

3.8                    If the Customer receives the Service based on an agreement between the Customer and a third party other than Uniconta (e.g. Uniconta Partners or Uniconta Distributors), Pricing and Payment Terms will be agreed directly with the third party.

4.                       EXPIRY AND TERMINATION

4.1                    Termination

4.1.1              The Customer may terminate use of the Service, make Service downgrading, and/or opt-out of additional modules to the end of a calendar month unless otherwise stated in the description or terms of the specific modules.

4.1.2              Uniconta may terminate this EULA with six (6) months written notice, or without notice if the Customer is in breach of any term, condition or provision of the EULA or in case of the Customer’s insolvency or bankruptcy.

4.1.3              Pursuant to section 5.1 and 5.2, at termination of the Licence, for whatever reason, the Customer shall discontinue any and all use of the Service immediately.

5.                       THE CUSTOMER’S DATA

5.1                    The Parties agree that the data uploaded to the Service by the Customer belongs to the Customer, who accordingly may freely dispose of the data while using the Service. The Service allows the Customer to export all records, data, etc. through the Service’s export function, and the Customer agrees that such exports must be carried out by the Customer prior to the termination of the EULA. In the event that access to the Service expires or is terminated by the Customer, Uniconta shall, where reasonably and commercially sound, aim to provide the Customer with a period of 10 days after termination where the export function can be used.

5.2                    Uniconta reserves the right to delete Customer’s data 90 days after termination of the EULA, regardless of the reason for termination, and Uniconta is under no obligation to store Customer data after this time.

5.3                    After termination of the License, Uniconta is entitled to retain the Customer’s data in anonymous form for statistical and analytical uses only.

5.4                    Uniconta may, in exceptional cases where Uniconta deems this justifiable and reasonable, for example to avoid loss of value, provide third parties and public authorities with access to Customer’s data, in connection with a legal obligation, governmental requirements, bankruptcy, death, or the like.

5.5                    The Customer agrees that Uniconta has the right to assign its obligations under this EULA to a Reseller.

5.6                    The Customer accepts that Uniconta and retailer has access to Customer’s data, provided the Customer has accepted this in the Service’s Reseller Access function.

5.7                    The Customer’s data is processed in accordance with the Data Processing Agreement in Schedule 1.

6.                       OPERATING STABILITY

6.1                    Uniconta strives for the best operational stability possible, but is not responsible for breakdowns or malfunctions, including operational malfunctions caused by factors beyond Uniconta’s control. This includes, inter alia, power failure, equipment failure, failure in connection to the internet or telecommunications, or the like. The Service and the service are provided “as is” and Uniconta disclaims any warranty, insurance, indemnity, claim or other terms, whether direct or indirect.

6.2                    In case of breakdown or disturbance, Uniconta aims to restore operations to normal as soon as possible.

6.3                    Scheduled interruptions in access to the Service will primarily be located between 21.00 and 06.00 CET. Should it be necessary to discontinue access to the Service beyond this time window, the Customer will be informed of this as long prior to the interruption as possible.

7.                       CHANGES

7.1                    Uniconta is entitled to continuously make updates and improvements on the Service. Uniconta is also entitled to change the composition and structure of the Service and services provided. Such updates, improvements, and changes may occur with or without notice and may affect the services provided, including information and data uploaded to or submitted by the Service.

8.                       INTELLECTUAL PROPERTY RIGHTS

8.1                    The Service and information submitted from the Service, except for the Customer’s data, are protected by copyright and other intellectual property rights and are owned by or are licensed to Uniconta. Individually created software also belongs to Uniconta, unless otherwise agreed in writing. The Customer shall notify Uniconta of any current or potential violation of Uniconta’s intellectual property rights or unauthorized use of the Service of which the Customer becomes aware.

8.2                    This EULA does not in any way transfer any intellectual property rights related to the Services to the Customer.

8.3                    The Customer gives Uniconta and its suppliers an authorization and global license to the material and all data uploaded by the Customer sufficient for Uniconta to properly manage and operate the Service, fulfill its obligations, and promote relevant products to the Customer.

8.4                    The Customer guarantees that the material and data being uploaded does not infringe on any third-party rights and does not contain material that may be offensive or violates applicable laws or regulations.

9.                       TRANSFER

9.1                    Uniconta has the right to assign its rights and obligations in part or in whole under the EULA to a third party.

9.2                    The Customer agrees that Uniconta is entitled to use subcontractors in relation to all aspects of this EULA, including for the completion and operation of the Service, and for storing Customer data.

10.                    EXCLUSIONS AND LIMITATIONS OF LIABILITY

10.1                In no event will Uniconta be liable to the Customer or any other person or entity for any direct or indirect damages of any kind, including, without limitation, for lost profits, lost savings, lost data or other special, indirect, punitive, consequential, or incidental damages arising out of or relating to the use of the Service or to any service provided or undertaken by Uniconta under this EULA, even if Uniconta has been advised of the possibility of such loss or damage. The foregoing exclusion of liability applies to all causes of action, including breach of contract, breach of warranty, strict liability, negligence and other torts.

10.2                In no event will Uniconta be liable to the Customer or any other person or entity for any damages, direct or indirect, of any kind due to system instability or failure.

10.3                Uniconta is not responsible for any third-party solutions that are available and/or integrated with the Service, including currency feeds/calculators. Uniconta cannot be held liable for the accuracy, completeness, quality, or reliability of the information nor the results obtained through these third-party solutions. Similarly, Uniconta cannot be held liable for the availability, security, or functionality of any third-party solutions, including possible damages and/or loss caused by third-party solutions. The burden is upon the Customer to prove that a loss suffered by the Customer cannot be attributed to third party solutions.

10.4                The maximum aggregate liability of Uniconta upon any claims whatsoever, arising out of the services provided by Uniconta or the Service under this EULA will in any event be absolutely limited to the direct damages actually incurred by the Customer and furthermore be limited to the amount of the Service Fees as paid by the Customer 12 months prior to the event giving rise to liability.

10.5                Uniconta shall be under no liability to the Customer in respect of loss arising by reason of force majeure, namely, circumstances beyond the control of Uniconta, including but not limited to acts of God, perils of the sea or air, fire, flood, drought, explosion, sabotage, accident, embargo, riot, civil commotion, including acts of local government and parliamentary authority and labour disputes of whatever nature and for whatever cause arising including (but without prejudice to the generality of the foregoing) work to rule, overtime bars, strikes and lockouts.

11.                    THIRD PARTY RIGHTS

11.1                Uniconta cannot and does not grant to the Customer any licence to any third-party patent or to any other intellectual property rights held by a third party. The Customer must, at the Customer’s own expense, license and maintain any such licences from third parties, and Uniconta cannot be held liable if a third party raises a claim for infringement of such third party’s patent rights or other intellectual property rights. If the Customer does not license and maintain such third-party licences as mentioned, and if this somehow results in a third party raising a claim against Uniconta, the Customer shall indemnify Uniconta against any such third-party claim.

12.                    WAIVER

Failure or neglect by Uniconta to enforce any of the provisions of the EULA at any time shall not be construed nor shall be deemed to be a waiver of Uniconta’s rights under the EULA nor in any way affect the validity of the whole or any part of the EULA nor prejudice Uniconta’s rights to take subsequent action.

13.                    SEVERABILITY

In the event that any of the provisions of this EULA shall be determined by any competent authority to be invalid, unlawful or unenforceable to any extent, such provision shall to that extent be severed from the remaining provisions which shall continue to be valid between the Parties fully permitted by law.

14.                    COMPLIANCE WITH LOCAL LAWS

The Customer shall comply at the Customer’s own expense and risk with all relevant and applicable laws including, but not limited to, broadcast laws and regulations in the use of the Service.

15.                    CHANGE OF TERMS

Uniconta may modify the terms and conditions pursuant to this EULA with one (1) month’s notice after such changes have been posted on the Uniconta website. Use of the Service after a change of these terms constitutes acceptance of such changed terms. It is the Customer’s obligation to keep up to date on changes to the terms.

16.                    APPLICABLE LAW AND VENUE

16.1                Applicable Law:

This EULA shall be governed, construed and enforced in accordance with the laws of Denmark.

16.2                Disputes and Venue:

Any dispute arising out of or relating to this EULA shall be settled by the Copenhagen City Court. That shall not prevent any referral of the matter to the Danish High Court or to the Danish Maritime and Commercial Court in accordance with the applicable laws.

Notwithstanding the specified agreement on jurisdiction, the Parties shall, if any dispute arises, attempt to settle it by mediation in accordance with the Association of Danish IT Attorneys’ (“DITA”) Mediation Procedure (www.danske-it-advokater.dk). To initiate the mediation a party shall give notice in writing to the other party to the dispute requesting mediation. A copy of the request shall be sent to the DITA. The mediator shall be nominated by DITA no later than eight (8) working days after DITA’s receipt of the notice. No party may commence any court proceedings in relation to any dispute until the parties have attempted to settle the dispute by mediation. As a minimum, a party shall be obliged to attend the first meeting convened by the mediator. A party shall be entitled to commence court proceedings if any delay of such proceedings may result in the forfeiture of any right, e.g. due to time barring.

16.3                Right to injunctive relief: Notwithstanding Clause 16.2 above, Uniconta may seek injunctive or equitable relief in any jurisdiction to enforce its intellectual property rights.

Data Processing Agreement (DPA)

This DPA is a Schedule to the End User License Agreement accepted by the Customer. The Customer is the Data Controller in respect of this DPA. Uniconta is the Data Processor in respect of this DPA.

1.                       Definitions

Data Controller                    means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; in this DPA the Customer;

Data Processor                    means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller; in this DPA Uniconta;

Data Protection Laws          means, as binding on either party or the Services:

a) the GDPR;

b) any laws which implement any such laws; and

c) any laws that replace, extend, re-enact, consolidate or amend any of the foregoing;

Data Subject                       means an identified or identifiable natural person;

DPA                                     This Data Protection Agreement.

GDPR                                  means the General Data Protection Regulation (EU) 2016/679;

International Organisation  means an organisation and its subordinate bodies governed by public international law, or any other body which is set up by, or on the basis of, an agreement between two or more countries;

Personal Data                      means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

Personal Data Breach          means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed;

Processing                           has the meaning given in applicable Data Protection Laws from time to time (and related expressions, including process, processed, processing, and processes shall be construed accordingly);

Protected Data                     means Personal Data received from or on behalf of Data Controller in connection with the performance of the Data Processor’s obligations under this DPA; and

Sub-Processor                      means any agent, subcontractor or other third party (excluding its employees) engaged by the Data Processor for carrying out any processing activities on behalf of Data Controller in respect of the Protected Data.

2.                       Data Processor’s compliance with Data Protection Laws

The parties agree that Data Controller is a Controller and that the Data Processor is a Processor for the purposes of processing Protected Data pursuant to this DPA. The Data Processor shall at all times comply with the applicable Data Protection Laws in connection with the processing of Protected Data. Data Controller shall ensure all instructions given by it to the Data Processor in respect of Protected Data (including the terms of this DPA) shall at all times be in accordance with the applicable Data Protection Laws.

3.                       Data Processor’s compliance with data protection laws

The Data Processor shall process Protected Data in compliance with the obligations placed on it under Data Protection Laws and the terms of this DPA.

4.                       Instructions

4.1                    The Data Processor shall only process the Protected Data in accordance with Annex 1 of this DPA (and not otherwise unless alternative processing instructions are agreed between the parties in writing) except where otherwise required by applicable law (and shall inform Data Controller of that legal requirement before processing, unless applicable law prevents it doing so on important grounds of public interest).

4.2                    Without prejudice to section 2 of this DPA, if the Data Processor believes that any instruction received by it from Data Controller is likely to infringe the Data Protection Laws it shall promptly inform Data Controller and be entitled to cease to provide the relevant Services until the parties have agreed appropriate amended instructions which are not infringing.

5.                       Security

5.1                    In accordance with the Data Protection Laws, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing of the Protected Data to be carried out under or in connection with this DPA, as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons and the risks that are presented by the processing, especially from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to the Protected Data transmitted, stored or otherwise processed, the Distributor shall implement appropriate technical and organisational security measures appropriate to the risk, including as appropriate those matters mentioned in Articles 32(a) to 32(d) (inclusive) of the GDPR.

6.                       Sub-processing and personnel

6.1                    The Data Processor shall:

6.1.1              not permit any processing of Protected Data by any agent, subcontractor or other third party (except its or its Sub-Processors’ own employees in the course of their employment that are subject to an enforceable obligation of confidence with regards to the Protected Data) without the written authorisation of Data Controller;

6.1.2              prior to the relevant Sub-Processor carrying out any processing activities in respect of the Protected Data, appoint each Sub-Processor under a written contract containing materially the same obligations as under this DPA, including an obligation to implement appropriate technical and organisational measures in such a manner that the processing will meet the requirements of the GDPR, that is enforceable by the Data Processor and ensure each such Sub-Processor complies with all such obligations;

6.1.3              remain fully liable to Data Controller under this DPA for all the acts and omissions of each Sub-Processor as if they were its own; and

6.1.4              ensure that all persons authorised by the Data Processor or any Sub-Processor to process Protected Data are subject to a binding written contractual obligation to keep the Protected Data confidential.

6.2                    Data Controller authorises the appointment of the Sub-Processors listed at the website of Uniconta: Sub-processors.

7.                       Assistance

7.1                    The Data Processor shall (at Data Controller’s cost) assist Data Controller in ensuring compliance with Data Controller’s obligations pursuant to the GDPR (and any similar obligations under applicable Data Protection Laws) taking into account the nature of the processing and the information available to the Data Processor. The Data Processor will assist Data Controller concerning matters including, but not limited to

7.1.1              the implementation of the appropriate technical and organisational security measures with due regard for the current state of the art, the cost of their implementation, and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, pursuant to Article 32 of the GDPR

7.1.2              the notification of any personal data breach to the supervisory authority to the relevant supervisory authority pursuant to Article 33 of the GDPR, as well as communication of any personal data breach to the data subject, pursuant to Article 34 of the GDPR.

7.1.3              the preparation of any impact assessment, pursuant to Article 35 of the GDPR, and

7.1.4              consultation of the relevant supervisory authority, pursuant to Article 36 of the GDPR.

7.2                    The Data Processor shall (at Data Controller’s cost) taking into account the nature of the processing, assist Data Controller (by appropriate technical and organisational measures), insofar as this is possible, for the fulfilment of Data Controller’s obligations to respond to requests for exercising the Data Subjects’ rights under Chapter III of the GDPR (and any similar obligations under applicable Data Protection Laws) in respect of any Protected Data including requests for access, rectification, blocking or deletion. The Data Processor must also assist the controller by implementing appropriate technical and organisational measures, for the fulfilment of Data Controller’s obligation to respond to such requests.

8.                       Confidentiality

8.1                    The Data Processor shall keep the Protected Data confidential.

8.2                    The Data Processor shall not disclose the Protected Data to third parties or take copies of the Protected Data unless strictly necessary for the performance of the Data Processor’s obligations towards Data Controller according to the DPA, and on condition that whoever the Protected Data is disclosed to is familiar with the confidential nature of the Protected Data and has accepted to keep the personal data confidential in accordance with this DPA.

8.3                    All terms of the DPA apply to any of the Data Processor’s employees and the Data Processor must ensure that its employees comply with the DPA.

8.4                    The Data Processor must limit the access to the Protected Data to employees for whom access to said Protected Data is necessary to fulfil the Data Processor’s obligations towards Data Controller.

8.5                    The obligations of the Data Processor under this section 9 persist without time limitation and regardless of whether the cooperation of the Parties has been terminated.

8.6                    Data Controller shall treat confidential information received from the Data Processor confidentially and may not unlawfully use or disclose the confidential information.

9.                       International transfers

The Data Processor shall not process and/or transfer, or otherwise directly or indirectly disclose, any Protected Data in or to countries outside the European Union or to any International Organisation without the prior written consent of Data Controller.

10.                    Audits and processing

The Data Processor shall, in accordance with Data Protection Laws, make available to Data Controller such information that is in its possession or control as is necessary to demonstrate the Data Processor’s compliance with the obligations placed on it under this DPA and to demonstrate compliance with the obligations on each party imposed by Article 28 of the GDPR (and under any equivalent Data Protection Laws equivalent to that Article 28), and allow for and contribute to audits, including inspections, by Data Controller (or another auditor mandated by Data Controller) for this purpose (subject to a maximum of one audit request in any 12 month period under this clause 12).

11.                    Breach

The Data Processor shall notify Data Controller without undue delay and in writing on becoming aware of any Personal Data Breach in respect of any Protected Data.

12.                    Deletion/return and survival

On the end of the provision of the Services relating to the processing of Protected Data, at Data Controller’s cost and Data Controller’s option, the Data Processor shall either return all of the Protected Data to Data Controller or securely dispose of the Protected Data (and thereafter promptly delete all existing copies of it) except to the extent that any applicable law requires the Data Processor to store such Protected Data. This Schedule shall survive termination or expiry of this DPA following the earlier of the termination or expiry of this DPA in the case of all other paragraphs and provisions of this Schedule.

13.                    Amendments and Assignments

13.1                The Parties may at any time agree to amend this DPA. Amendments must be in writing.

13.2                The Data Processor may not assign or transfer any of its rights or obligations arising from this DPA without Data Controller’s prior, written consent.

14.                    Commencement and termination

14.1                This DPA shall enter into force on the Data Controller’s acceptance of the EULA.

14.2                The DPA may be renegotiated by both parties if changes in law or disagreements in the DPA give rise to this.

14.3                This DPA is valid for the duration of the processing of the Protected Data. Regardless of the termination of the underlying contractual DPA of the Parties, the Data Processing DPA will remain in force until termination of the processing and the deletion of the data by the Data Processor and any authorized Sub-Processors.

15.                    Indemnification and Liability

15.1                Data Controller shall indemnify and keep indemnified the Data Processor against all losses, claims, damages, liabilities, fines, sanctions, interest, penalties, costs, charges, expenses, compensation paid to Data Subjects, demands and legal and other professional costs (calculated on a full indemnity basis and in each case whether or not arising from any investigation by, or imposed by, a supervisory authority) arising out of or in connection with any breach by Data Controller of its obligations under this Schedule.

15.2                Limitation of Liability and Indemnification Claims. The liability of the Data Processor under this DPA is to the widest possible extent limited in accordance with the limitation of liability agreed in the DPA.

15.3                Fines issued by the Supervisory Authority. The Parties agree that the general principle of division of liability between the Parties relating to fines imposed by any relevant Supervisory Authority is based on that the respective Party has to fulfil its obligations under the GDPR and the Act, and that any fines imposed by a Supervisory Authority should be paid ultimately by the Party which has materially failed in its performance of its legal obligations under the GDPR or the Act. Consequently, the Data Processor shall at its own costs give the Data Controller all information and assistance available required to respond to such claims.

15.4                The Data Processor shall review the requirements and instructions issued by the Data Controller regarding data processing activities performed by the Data Processor under this DPA on their behalf, and notify the Data Controller beforehand in writing if it believes that implementation of such requirements or instructions would likely constitute a violation of the GDPR or the Data Protection Regulation applicable to the Data Processor. The Data Processor shall in its written notice advise the Data Controller on how such requirements and instructions should be amended to avoid such potential violation of the GDPR or the Act by the Data Processor due to following such requirements or instructions. If the Data Controller in its written response continue requiring that the Data Processor shall implement such requirements and instructions despite the associated risks, then the Data Controller shall at their own cost indemnify and hold the Data Processor harmless against any fines imposed by any Supervisory Authority.

Annex 1

Data processing and security details

Processing of the Protected Data by the Data Processor under this DPA shall be for the subject-matter, duration, nature and purposes and involve the types of Personal Data and categories of Data Subjects set out in this Annex 1.

1.                       Subject-matter of processing:

The Data Processor will have access to the Personal Data of the Customer, the Named Users of the Customer and the specific information, which the Customer adds to the Uniconta Service to store the Personal Data and ensuring the Uniconta Service’s availability, integrity and confidentiality, as well as to provide remote services to the Customer’s users of the Uniconta Service.

2.                       Duration of the processing:

The Data Processor may process the Personal Data for as long as the Data Controller subscribes to the Service as defined in the EULA.

The Data Processor may delete the Personal Data upon termination of the Service and shall delete the Personal Data no later than 12 months after the termination unless the Data Processor is required to retain the Personal Data for a longer period of time according to legal requirements.

3.                       Nature and purpose of the processing:

The Data Processor shall process data including Personal Data to perform the Service as described in the EULA and on www.uniconta.com.

4.                       Type of Personal Data:

Name, address, email, telephone numbers, invoice identification numbers.

5.                       Categories of Data Subjects:

Customers, suppliers and employees of the Data Controller.

6.                       Specific processing instructions:

The Service is automated, and processing will only take place upon command of the Data Controller. Support services by the Data Controller will only take place upon specific request by the relevant person at the Data Controller.

7.                       Sub-processors:

The current and updated list of Sub-processors may be found here: Sub-processors.

Privacy Policy

Welcome to www.uniconta.com (“the Website”) owned by:

Uniconta A/S

Company No (CVR No.): 33266928

Tryg – The Camp

Klausdalsbrovej 601

2750 Ballerup

Danmark

Tel.: +45 70 33 16 16

E-mail address: info@uniconta.com

When you convey information relating to an identified or identifiable natural person (“Personal Data”) on our Website or when using our services (“the Service”) we collect and process that information.

The protection of your Personal Data is important to us and we wish to explain how we handle your Personal Data.

Below you will find a description of the Personal Data we collect, for which purpose we process the Personal Data, how long we maintain the Personal Data, and if we share the Personal Data with others.

1.                       What kind of Personal Data do we collect?

1.1                    We collect the following Personal Data:

name,

address,

e-mail address

1.2                    We collect this Personal Data when you sign up for the Services. Furthermore, we collect information by using cookies at the Website; please see our Cookie Policy for further details.

2.                       For which purpose do we use your Personal Data?

2.1                    We use your Personal Data to process your subscription to Services, handle complaints, provide support, send newsletters to you and to contact you at your request. We also use your Personal Data to answer any inquiries and to improve the contents of the Website and the Services. The information may also be used for statistics about the users of the Website and the Services.

3.                       We only process relevant Personal Data

3.1                    We only process Personal Data about you that are relevant and sufficient in relation to the purposes defined above. The purpose is crucial for the kind of data that is relevant to us. The same applies to the amount of Personal Data we process – we do not process more Personal Data than needed for the specific purpose.

4.                       We process only the required Personal Data

4.1                    We collect, process and store only the Personal Data acquired to meet our intended purpose in section 2.1. Additionally, it may be decided by law which data we are required to collect and store for our operation. The type and extent of the Personal Data we process may also be required to fulfil a contract or other legal obligation.

4.2                    We want to ensure that we treat only the Personal Data necessary for each of our specific purposes. Therefore, our IT systems collect only the Personal Data necessary. It is also automatically ensured that the amount of processing is not unnecessarily large and the storage time is not too extensive.

4.3                    To protect you from unauthorized persons accessing your Personal Data, we use IT solutions that automatically ensure that your data are only available to the relevant employees. There is also embedded protection against an unlimited number of persons receiving access to your Personal Data.

5.                       We amend any inacurate Personal Data about you

5.1                    We verify that the Personal Data we process is  accurate, and we make sure to update your Personal Data continuously. As the Services are dependent on your Personal Data being accurate and up to date, we ask that you provide us with relevant changes to your Personal Data so we can alter our register accordingly You can use the contact details above to notify us of any changes.

6.                       For how long do we keep your Personal Data?

6.1                    We store your Personal Data as long as you subscribe to the Services or as long as you subscribe to our newsletter. We delete your Personal Data at your request according to section 12.2 or no later than one year after the termination of your subscription to the Services, unless we are required to retain the Personal Data for a longer period of time according to legal requirements

7.                       We will obtain your consent before processing your Personal Data

7.1                    We obtain your consent before processing your Personal Data for the purposes described above unless we have a legal basis for collecting them. If we collect your Personal Data on such a legal basis, we will inform you of such a basis as well as our legitimate interest in processing this Personal Data.

7.2                    Your consent is voluntary and can be withdrawn at any time by contacting us. Please contact us on the following address, if you would like to withdraw your consent or have any questions concerning the above: info@uniconta.com.

7.3                    If we wish to process your Personal Data for another purpose, we will inform you and obtain your consent before we begin processing of the Personal Data. If we have other legal grounds for processing your Personal Data than your consent, we will inform you accordingly.

8.                       We do not disclose your Personal Data without your consent

8.1                    In some cases, we will pass on the Personal Data to others. The passing on of Personal Data will take place to the extent and to whom it is necessary for us to provide you with the Services – and only upon your prior consent.

8.2                    Your Personal Data may be passed on to: (i) suppliers with whom we cooperate to support our company (e.g. suppliers of services, technical support, delivery services and financial institutions); or (ii) in connection with sales, assignments or prevailing other transfer of the contents of the Website; or (iii) if it is required by law, court order or by prevailing legislation.

8.3                    As our business grows, we may sell and acquire businesses or assets. In connection with such transactions, customer information in general is one of the most attractive business assets. Personal Data collected with reference to this Privacy Policy will, if so, be passed on to the buyer acquiring our business or assets or to companies that we may acquire. We obtain your consent before disclosing your Personal Data to a third country party. If we pass on your Personal Data to a third country party, we make sure that their level of data protection will meet the requirements we have set out in this policy under the applicable law. We set requirements regarding, including, but not limited to, data processing, information security and fulfilment of your rights set out in this private policy.

8.4                    If we transfer your Personal Data to collaborators or other parties, including for marketing purposes, we obtain your consent and inform you of how your data will be used. You may object to this kind of disclosure at any time and you can exclude yourself from marketing requests in the CPR registry.

8.5                    We will not obtain your consent if we are legally required to disclose your Personal Data, for example, as part of reporting to an authority.

8.6                    We may use Sub-processors to provide our Service and you may find the current and updated list of Sub-processors here: Sub-processors.

9.                       Data Security – what measures do we take?

9.1                    We take precautionary measures of technical and organizational nature to protect your Personal Data from manipulation, loss, destruction or access from unauthorized persons. Our precautionary measures are revised on a regular basis for us to meet the legislative requirements for a suitable data security system.

9.2                    However, we cannot guarantee that the data are completely protected against individuals who want to and succeed in breaking our precautionary measures and gain access to transfer information on the Internet, e.g. via e-mail.

9.3                    In case of a security breach that results in high risks of discrimination, ID theft, financial loss, loss of reputation or other significant inconvenience, we will notify you of the security breach without undue delay.

10.                    Cookies – we obtain your consent before installing Cookies

10.1                Before we install cookies on your equipment, we ask for your consent. However, cookies required to ensure functionality and settings can be used without your consent.

10.2                You can find more information on the Website about our use of cookies and how to delete or reject them. If you want to revoke your consent, please see the instructions under our Cookie Policy.

11.                    Access – you are entitled to access your Personal Data

11.1                You are entitled to know which Personal Data we process about you, from where they originate and for which purpose we use them. We will let you know for how long we store them and who receives them.

11.2                At your request, we will disclose what data we process about you. Access may, however, be limited for the protection of other persons’ privacy, trade secrets and intellectual property rights.

Please contact us by email info@uniconta.com if you want to exercise these rights.

12.                    Rectification or Deletion – you are entitled to have inaccurate Personal Data corrected or deleted

12.1                If you believe that the Personal Data we treat about you are inaccurate, you are entitled to have them corrected. You can contact us and inform us of the inaccuracies and how they can be corrected.

12.2                In some cases, we will have an obligation to delete your Personal Data. This applies, for example, if you withdraw your consent. If you believe your data are no longer necessary for the purpose for which we obtained them, you may want to have them deleted. You may also contact us if you believe your Personal Data are being processed in violation of the law or other legal obligations.

12.3                When you convey a request by email to info@uniconta.com to correct or delete your Personal Data to us, we will investigate whether the conditions are met and, if so, make changes or deletions as soon as possible.

13.                    Complaints – you are entitled to object to the processing of your Personal Data

13.1                You have the right to object to the processing of your Personal Data. You can also object to our disclosure of your data for marketing purposes. You can object by email info@uniconta.com. If your opposition is justified, we will stop processing your Personal Data.

14.                    Dataporatbility – you are entitled to retrieve your Personal Data

14.1                You are entitled to receive the Personal Data you have made available to us and those, if any, we have collected from a third party based on your consent. If we process data about you as part of a contract to which you are a party, you have the right to receive these data as well. You also have the right to transfer these Personal Data to another service provider. If you wish to exercise your right to data portability, we will transfer your Personal Data to you in a commonly used format.

15.                    Contact us if you want to exercise you rights

15.1                Please contact us by email info@uniconta.com.

15.2                If you wish to access your data, have them corrected or deleted, or object to our data processing, we will investigate and respond to your request as soon as possible and no later than one month after we receive your request.

15.3                If we do not fully support your objection, you have the right to file a complaint with the Danish Data Protection Agency by following the instructions on the Danish Data Protection Agency’s website:https://www.datatilsynet.dk/english/the-danish-data-protection-agency/complaints-to-the-danish-protection-agency/.

COOKIE POLICY

Welcome to www.uniconta.com (“Uniconta.com”) owned and operated by:

Uniconta ApS

Klausdalsbrovej 601, 2750 Ballerup, Denmark

CVR-no. 33266928

To contact us please use the following www.uniconta.com/contact/ or mail to Klausdalsbrovej 601, 2750 Ballerup, Denmark.

We use cookies at uniconta.com in order to optimize the user experience, and in order to provide the best possible service for our users.

The use of cookies may involve processing of personal data and accordingly.

We recommend that you also read our Privacy Policy

What are Cookies?

Cookies are small pieces of information units, which a website may store on your computer’s hard disk, smartphone or other electronic devices with a memory. Cookies contain information, which Uniconta may use to enhance the efficiency of the communication between your web browser and you. Cookies are standard technology on the Internet and also occur on uniconta.com.

We can only read the cookies that we have placed on your equipment; we cannot receive or read cookies from other websites.

Although there are many different types of cookies, every single one tracks user behaviour to help make your overall experience quicker, easier and more efficient. Cookies cannot harm your computer and do not contain any personal or private information.

How do Cookies Work?

On uniconta.com, we use cookies that behave in different ways. The cookies may be divided into First-Party and Third-Party Cookies, Session and Persistent Cookies. Below, is an overview of how cookies work and what they do.

Session Cookies:

Session Cookies exist temporarily while you are reading and navigating the website. Once you have closed the page, the web browser will delete all Session Cookies.

Persistent Cookies:

A Persistent Cookie will outlast your session on uniconta.com. In this sense, Persistent Cookies remember your behaviour. For example, a Persistent Cookie will store your details to prevent the laborious task of re-entering the same information every time you visit us.

First-Party and Third-Party Cookies:

First-Party Cookies track behaviour within the confines of uniconta.com. They help us to offer you improved functionality and a smoother user experience. Third-Party Cookies are set in websites outside of uniconta.com. (For example, Google Analytics uses Third-Party Cookies to provide us with information on visits to and from our website).

How to Manage Cookies:

The vast majority of web browsers accept cookies. However, you do have the ability to decline cookies by modifying the settings on your browser. If you use several browsers, remember to delete cookies in all of them.

For further information about cookies and how to disable, block and delete them, see the instructions below.

PLEASE NOTE If you do this you may lose some of the functionality of the Website.

 

Browser

Windows OS

Mac OS

Chrome

  1. Select ‘Options’ from the ‘Tools’ tab at the top of your browser window.
  2. Select the ‘Under the Hood’ tab, find the ‘Privacy’ section, and select the ‘Content settings’ tab.
  3. Finally, select ‘Allow local data to be set’.
  1. Select ‘Preferences’ from the ‘Explorer’ tab at the top of your browser window.
  2. Find ‘Cookies’ under ‘Receiving Files’.
  3. Select the ‘Never Ask’ option.

Firefox

  1. Select ‘Internet Options’ from the ‘Tools’ tab at the top of your browser window, then click on the ‘Privacy’ tab.
  2. Make sure that the ‘Privacy level’ is set to Medium or below, which enables cookies in your browser.
  3. Cookies will be disabled if settings are set to Medium or higher.
  1. Select ‘Preferences’ from the ‘Explorer’ tab at the top of your browser window.
  2. Find ‘Cookies’ under ‘Receiving Files’.
  3. Select the ‘Never Ask’ option.

 

 

Internet Explorer

  1. Select ‘Options’ from the ‘Tools’ tab at the top of your browser window.
  2. Select the ‘Privacy’ icon.
  3. Click on ‘Cookies’ and select ‘allow sites to set cookies’.
  1. Select ‘Options’ from the ‘Tools’ tab at the top of your browser window.
  2. Select the ‘Privacy’ icon.
  3. Click on ‘Cookies’ and select ‘allow sites to set cookies’.

 

 

 

Safari

  1. Select the Cog icon at the top of your browser window,
  2. Select the ‘Preferences’ tab.
  3. Select ‘Security’ and check the option that says ‘Block third-party and advertising cookies’.
  4. Click ‘Save’
  1. Select ‘Preferences’ from the ‘Safari’ tab at the top of your browser window.
  2. Select ‘Security’ and then ‘Accept cookies’ option.
  3. Select the ‘Only from site you navigate to’ option.
Top