General Terms & Conditions

October 19th, 2017

General Terms and Conditions

Article 1. DEFINITIONS

In these terms and conditions the following terms, provided that they start with a capital letter, are defined as:
1.1. Agreement: The agreements between the Supplier and the Client to which the terms and conditions are subject to.
1.2. Application: The by way of Cloud service provided software module, The Fi-nance Navigator, including the underlying databases and development plat-forms with accompanying data collections and documentation.
1.3. Availability: The actual period the Application is available to the client by way of Cloud service.
1.4. Client: A customer or company that bought or received access to the Appli-cation through the Portal.
1.5. Cloud service: To put the Application at disposal of and keep available to the Client on a Server against a subscriber fee.
1.6. Credentials: The means necessary to obtain access to the Portal, composed of a combination of username and password.
1.7. Interface: A tool that serves as communication link between the Cloud ser-vice and systems in the domain of the Client and that of the Supplier.
1.8. Personal information: Every piece of information concerning a direct or in-direct identified or identifiable natural person, like the User or employees of the User, that is processed during the use of the Cloud service.
1.9. Portal: The internet site where Client and User can make use of the Cloud service and can apply for mutations.
1.10. Reports: The reports, including financial overviews and insights, that are au-tomatically generated, through use of the Application, by the User after fill-ing out its personal information.
1.11. Server: A computer or set of computers including associated hardware (“cloud”), operated by or on behalf of the Supplier, with webserver equip-ment, the Application, supporting (database) software, which is accessible through the internet.
1.12. Supplier: Ernst & Young Accountants LLP, acting under the name of “The Fi-nance Navigator”.
1.13. Terms and conditions: These Terms and conditions.
1.14. Tools: The tools that the User should install on his appliance in order to be able to make use of the Application.
1.15. User: A natural person authorized by the Client to access the available Ap-plication through the Portal.

Article 2. APPLICABILITY

2.1. Every use of and/or access to the Portal by the User is subject to these Terms and conditions.
2.2. The user accepts to be bound to these Terms and conditions when making use of the Portal (and the incorporated Application) in any form.
2.3. The Supplier holds the right to amend these Terms and conditions at any moment. The User will be informed in case the Supplier amends the Terms and conditions and will be asked to agree to the (amended) contents of the new Terms and conditions.
2.4. The latest version of the Terms and conditions is accessible through the Por-tal at all times.

Article 3. THE PORTAL AND THE APPLICATION

3.1. The Portal is a web-based portal containing the Application aimed at start-ups.
3.2. The Application includes the functionalities as described on the product page that can be found on www.thefinancenavigator.com/features.
3.3. The Application is a fully automated system. Potential Reports and automat-ically generated remarks are automatically generated based on information entered by the User. The automatically generated remarks are of a general nature and serve as non-binding information with which the User can im-prove the quality of the information entered into the Application.

Article 4. ASSIGNMENT

4.1. The Client assigns the Supplier to deliver the Cloud services to the Client. These Cloud services consist of:
a. Making access to the “The Finance Navigator”-platform available to the Client, like described in the product information page www.thefinancenavigator.com/features;
b. Provide the right of use of the Application via the Portal to the Client in accordance with the Agreement; and
c. Granting the right of use for the Interface to the Client.
4.2. Functionalities of the current version of the Application will be described on the Portal in the in electronical form accessible user documentation and the product information page www.thefinancenavigator.com/features.
4.3. The Supplier is not bound to have a fall-back location or other fall-back facil-ities related to the execution of the Cloud services.
4.4. The Supplier is not bound to create back-up copies (back-ups) of the saved information created by the Client through use of the Cloud services.

Article 5. REPORTS

5.1. Reports and automatically generated remarks are no investment advice, consultancy advice or any other professional advice by the Supplier in any way, shape or form.
5.2. The Supplier does not provide assurance in any way, shape or form.
5.3. The Supplier does not warrant the realization of any scenario or prospect the User may have as a consequence of the use of the Application.
5.4. User is responsible for the use of the Cloud services and all decisions based on the use of the Cloud services.
5.5. The User should safeguard the Supplier, to the extent permitted by applica-ble law and regulations, against any claims from third parties (including entities related to the User and the Users professional advisors) and the resulting liabilities, damages, compensations, charges, and expenses (including reasonable external and internal legal costs) arising from the use of and/or the reliance on a Report by a third party after the Report has been made public to the third party by or on behalf of the User or at the users request.

Article 6. AVAILABILITY AND ADJUSTMENT

6.1. Supplier will exert itself for a suitable functioning of the Cloud service and will strive to the highest possible availability, quality, and safety of the Cloud service. However, the Supplier does not guarantee that the Cloud service will function without flaws, failures, or disruptions.
6.2. The Supplier reserves the right to modify the technical and functional prop-erties of the Cloud service and if necessary to recover any errors to comply with the applicable law and regulations.
6.3. Supplier will exert itself to track and recover any potential errors in the Cloud service. However, the Supplier does not guarantee that all errors can be recovered.
6.4. In case any of the modifications, as mentioned in clause 2 and 3, leads to a material deviation of the functioning of the Cloud service, the Supplier will inform the Client in writing or electronically before the modification be-comes available.
6.5. The Supplier reserves the right to temporarily disable the Cloud service for the purpose of maintenance, modification, or improvement of the computer systems of the Supplier. The Supplier will schedule such a temporary disa-blement, where possible, outside of office hours and will inform the Client about the scheduled disablement in a timely manner. A mentioned tempo-rary disablement can never be considered as a failure in the performance of the Suppliers obligations towards the Client.

Article 7. TOOLS

7.1. It is the Clients responsibility to have the Tools necessary for access to and the use of the Cloud service available and functioning. This includes (periph-eral) equipment and software, complementary applications, configurations, and internet connection that comply with the technical and functional speci-fications as mentioned by the Supplier.
7.2. The Client is responsible for the preservation of a connection to the power grid and other connections necessary for access to and use of the Cloud ser-vice.
7.3. Additional (third party) terms and conditions can be applicable to the use of complementary applications. The Supplier does not guarantee full function-ality of the complementary applications used by the Client.

Article 8. ACCESS TO SERVICE

8.1. The Client is responsible for every use of the Cloud service, either with or without their consent, and the provided Credentials to the Client. The Sup-plier is not liable for any damages to the Client and/or third parties through unauthorized access to the Cloud services and/or use of the Credentials.
8.2. The provided Credentials are not transmittable, strictly personal and exclu-sively for use within the Clients organization. The Client will take the neces-sary considerations with regard to the use of the Credentials and keep these secret from third parties.
8.3. Supplier holds the right to change the Credentials at his own behalf and will inform the Client in a timely manner.
8.4. The Client immediately informs the Supplier of any unauthorized use or sus-pected unauthorized use of the Credentials.
8.5. The Client can request the Supplier to block the Credentials. Additionally the Supplier holds the right to block Credentials if they are informed of unau-thorized use of the Credentials. In this case, the Supplier is not liable for any damages to the Client and/or third parties resulting from the blocking of the Credentials.

Article 9. USE OF THE CLOUD SERVICE

9.1. The Client guarantees that he and the User(s), if applicable, adhere to the following rules when making use of the Cloud service:
a. the Client will take care of protection of the (peripheral) equipment, soft-ware, infrastructure and internet connection against viruses, cybercrime and (other) unauthorized use by Users or third parties;
b. the Client and/or User will not spread any (computer) viruses or any other files that can damage the functioning of the Cloud services when making use of the Cloud services;
c. the Client and/or User will not perform any actions that can cause failures to the Cloud service, (computer) networks, or infrastructure (of other users) or with regard to this cause disturbance, limited use, or unforeseen use (for other users);
d. the Client and/or User shall not send large, unsolicited amounts of messag-es with identical or comparable contents (“spam”);
e. the Client and/or User will not misuse the Credentials or breach and/or at-tempt to breach the Cloud service security;
f. the Client and/or User will not perform of refrain from any activities that knowingly or reasonably should have known to cause potential use of the Cloud service that is illegal or wrongful to the Supplier and/or third parties;
g. the Client and/or User will not publish or spread any racist or discriminating material and/or (child) pornography. This includes publishing or spreading the material via infrastructure of the Cloud service;
h. the Client and/or User will not intentionally and without permission break into the computer system or part of the computer system (“hacking”) against the will of the owner or servicer;
i. the Client and/or User will not infringe the intellectual property rights of the Supplier and/or third parties in any way; and
j. the Client and/or User will not publish, reproduce, or in any other way em-ploy information and data provided by the Supplier within the framework of the Cloud service, other than for the Clients internal business purposes, without explicit written consent of the Supplier.
9.2. In case the Client and/or User(s) acts in contrast with the before mentioned rules, the Client is obligated to follow the reasonable instructions given by the Supplier in light of the infringement of the rules and the Client should make sure that the instructions are followed up by the User(s).
9.3. In case information stored, edited, processed, or in any other way processed through use of the Cloud service is wrongful to third parties, the Supplier holds the right to remove and delete this information from the Server, with-out prior consent of the Client. The Client grants the Supplier permission to remove and delete all infringing information from the Server. The Supplier is in no way, shape or form liable for any damages resulting from these ac-tions.
9.4. The Supplier can prevent access to the Cloud services by disabling the Cre-dentials or suspend services in case of a serious suspicion of a breach of the rules in the Terms and Conditions or Agreement. The Client is still obliged to make the agreed payments during such a disablement or suspension.

Article 10. THIRD PARTY APPLICATIONS

10.1. In case and to the extent that the Supplier provides applications and/or oth-er equipment of third parties to the Client in order to make use of the Cloud service, the use of these applications and/or equipment is subject to the Terms and conditions of the third party aside of the conditions between the Supplier and Client. The Client accepts the before mentioned terms and conditions provided that the Supplier informs the Client of the applicability of the terms and conditions either in writing or electronically.
10.2. In case and to the extent the mentioned third party terms and conditions are, for any reason, ought not to be applicable to or declared not to be ap-plicable to the Client-Supplier relationship, the Terms and conditions agreed between the Client and the Supplier concerning the use of the applications and/or equipment are applicable.
10.3. The Supplier can never be held accountable to more or different terms and conditions, than applicable to the relationship between the Supplier and its respective supplier of the third party appliance, in use and maintenance of that third party appliance.
10.4. To the extent that the Cloud service makes use of open source software the license of the respective rightful claimant are applicable, refer to the over-view in Appendix A. Nothing from the, by the Supplier provided, license can be interpreted as a limitation of the rights granted under relevant open source licenses.

Article 11. FEE AND PAYMENT

11.1. The Fees for use of the Cloud service can be found on the pricing overview page at www.thefinancenavigator.com/pricing.
11.2. The fees are depicted in euros and include owed value added tax.
11.3. The Supplier holds the right to periodically alter the fees, including the right to change the prices and rates 1 time per contract year. The Supplier will in-form the Client about any price or rate changes at least 2 calendar months before they take effect, without the right for the Client to end the Agree-ment with the Supplier in light of the change in price or rate.
11.4. The User is obliged to pay the fee before the Supplier grants the User access to the Portal. In case the fee is not received or not received correctly by the Supplier, the Supplier holds the right to deny the Client access to the Portal (and therefore the Cloud service). The fee and therefore the Availability of the platform depend on the time period selected by the User. At the end of the time period the User is required to select and pay a new fee in order to be able to keep access to the portal.
11.5. Furthermore we hereby inform you, in connection with your order, your personal data relating in particular to your identity, domicile, personal sta-tus, phone number, email address, bank card and bank account numbers, or to the transactions you enter into or payments you make, are processed by Ingenico Financial Solutions SA/NV (“Ingenico FS”) i) with the purpose of al-lowing us to be able to perform our agreement with Ernst & Young, ii) with the purposes of fraud monitoring and fraud management (determining the risk levels associated with transactions, detecting and managing any result-ing alerts), and iii) with the purpose of compliance with Ingenico FS’ legal obligations under the applicable legislation relating to the fight against money laundering and the financing of terrorism and (iv) with the purpose of compiling market analysis, statistics, analysis of transaction data, im-provement of the service provided by Ingenico FS.

The collection of your personal data is a mandatory requirement for these purposes. Without this personal data your transaction could be delayed or rendered impossible and your order cancelled.

Please be informed that Ingenico FS, with registered seat at Boulevard de la Woluwe 102, in 1200 Brussels and with company number
886.476.763 is the data controller for such data processing.

Ingenico FS will not communicate your personal data to third parties, ex-cept in the following two cases:

– Communication by Ingenico FS of personal data to its , affiliates, subcon-tractors or other parties with whom Ingenico FS has a contractual relation-ship and that provide services for / assistance to Ingenico FS in the frame-work of i) the performance of the agreement between us and Ingenico FS, ii) fraud prevention and management and iii) with the purpose of compli-ance by Ingenico FS with its legal obligations under the applicable legisla-tion relating to the fight against money laundering and the financing of ter-rorism and (iv) communication to third parties of anonymous or aggregated data. The third parties that are providing service/assistance to Ingenico FS with regard to fraud monitoring and fraud management can insert your personal data into their own specific database(s) that is (are) used by them to provide services for a multitude of merchants to prevent and manage fraud.

– If Ingenico FS is required by law to communicate certain information or documents to the National Bank of Belgium, to the Financial Intelligence Processing Unit (CTIF-CFI), to similar Belgian or foreign authorities, or gen-erally speaking to any judicial or administrative authority, law enforcement authorities or any legal or administrative authorities. Communication of personal data to those entities will be limited to the extent necessary or re-quired under the applicable regulations.

“Furthermore, a fraud may give rise to the recording of certain personal data relating to you in a dedicated file managed by Ingenico FS. The pur-pose of such file is to retain a trace of previous frauds, in particular to pro-vide information for criteria used to evaluate transaction risks and the scor-ing templates used for this purpose. The recording of your data in this file may also lead to you being assigned a higher risk level in the event of any subsequent order placed with a merchant that is customer of Ingenico FS, and consequently could potentially lead to the rejection of this order.

You are entitled to have access to your personal data and have the right to query, access and correct your data, as well as the right to object, for a le-gitimate reason, to the processing of your personal data. For the exercise of these rights, please address a written request (by registered mail), dated and signed, to the registered office of Ingenico FS (see above) or send an e-mail to privacy@fs.ingenico.com and mention in this letter or e-mail your name, address and telephone number where you can be reached during of-fice hours, and enclose a copy of both sides of your identity card or pass-port. You may hide the data that you are not required to provide according to your local legislation”

“Furthermore, we hereby inform you, in connection with your order, of fraud monitoring and fraud management activities which means that your personal data will be subject to further processing in addition to the processing of card not present payments. Ingenico Financial Solutions SA/NV (Ingenico FS) is the data controller for this additional processing intended to prevent and combat fraud, determine a risk level and model the score.

Any fraud may result in the recording of your personal data in a file managed by Ingenico FS in order to retain a trace of frauds, in particular to provide information for criteria used to evaluate risks and the score templates used. This recording of your data may also give rise to you be-ing assigned a higher risk in the event of any subsequent order placed with a merchant that is active in the same type of industry/sector and that is using the services of Ingenico FS, and could potentially lead to the rejection of this order by the merchant.

You have the right to query, access and correct your data, as well as the right to object, for a legitimate reason, to the processing of your person-al data. To exercise this right, you can send a letter to: Ingenico Financial Solutions SA/NV – Legal department “data protection” – Boulevard de la Woluwe 102 – B-1200 Brussels (Belgium), or send an email to: priva-cy@fs.ingenico.com, accompanied by a signed copy ofproof of identity”. You may hide the data that you are not required to provide according to your local legislation.

– Communication by Ingenico FS of personal data to its, subcontractors or other parties with whom Ingenico FS has a contractual relationship and that provide services for / assistance to Ingenico in the framework of i) the per-formance of the agreement between us and Ingenico FS, and ii) with the purpose of compliance by Ingenico FS with its legal obligations under the applicable legislation relating to the fight against money laundering and the financing of terrorism.

– If Ingenico FS is required by law to communicate certain information or documents to the National Bank of Belgium, to the Financial Intelligence Processing Unit (CTIF-CFI), to similar Belgian or foreign authorities, or gen-erally speaking to any law enforcement authority or judicial or administra-tive authority. Communication of personal data to those entities will be lim-ited to the extent necessary or required under the applicable regulations.

Article 12. SUSPENSION

12.1. In case the Client fails to meet any of the Terms and conditions and/or the Agreement, the Supplier has the right to partially or completely deny the Client access to the Cloud service seven days after a preceding warning or notice of default.

Article 13. INTELLECTUAL PROPERTY

13.1. All rights of intellectual property on all Applications, Interfaces, other appli-ances, documentation, and other material developed or made available in the context of the Cloud services which hold any form of intellectual proper-ty, rest exclusively with the Supplier or its licensers.
13.2. The Client obtains only the non-exclusive user rights and privileges as de-scribed in the Agreement or otherwise explicitly described and allocated in writing. The Client will not duplicate or publish any of the Applications, In-terfaces, other appliances, documentation or other materials developed or made available in the context of the Cloud service. The Client is not permit-ted to remove or change any of the references to copyrights, brands, trade names, or other rights of intellectual property from any of the Applications, Interfaces, other appliances, documentation or other materials developed or made available in the context of the Cloud service, including references to the confidential nature and secrecy of the materials.
13.3. The Supplier is allowed to take technical measures to protect any of the Ap-plications, Interfaces, other appliances, documentation or other materials developed or made available in the context of the Cloud service, on the condition that these measure do not influence the functionality in a negative way. In case any of the Applications, Interfaces, other appliances, doc-umentation or other materials developed or made available in the context of the Cloud service are protected by technical measures, the Client is not allowed to remove or avoid these.
13.4. The Client is not allowed to autonomously restore mistakes in the software of the Cloud service, make any changes to it, transfer it to other appliances, autonomously expand the functionalities, change the parameters, and/or remove security.

Article 14. USE OF INTERFACES

14.1. The Supplier hereby grants a non-exclusive and limited transferable right to use the Interface, under hereafter mentioned conditions for using the Cloud services, for the duration of the Agreement. The Client hereby accepts this right.
14.2. The right of use covers all actions with regard to the Interface that are reasona-bly needed in the scope of the use of the Cloud services by the Client of the Us-ers.
14.3. The Client is allowed, in case and to the extent that it is technically required and/or in line with the allowed user purposes, to make backups of the Interface.

Article 15. CONFIDENTIALITY

15.1. The Client and Supplier take care of that all information received from the other party is kept secret in case the party should reasonably know that the information is of confidential nature. The party receiving the confidential in-formation will only use this information for the purpose it was provided. In-formation will at least be treated confidential in case one of the parties indi-cates it as such.
15.2. The above mentioned obligation to secrecy is not applicable if the confiden-tial information;
i. is general knowledge, without this being caused by the violation of the ob-ligation of secrecy;
ii. is developed by the other party without use of this information;
iii. is obtained rightfully by the other party from a third party and does not bound the third party to a similar obligation of secrecy;
iv. should be made public on account of applicable law and regulations, a court order or a verdict of a regulator;
v. is used in an anonymous manner, to improve the quality of the automati-cally generated remarks in the Cloud service through the use of better comparable information (“benchmark”) and to make market reports avail-able to the User.
15.3. Parties are under the obligation to only use the in clause 15.1 mentioned in-formation for the execution of the Agreement.
15.4. Parties are under the obligation to impose the same obligations as men-tioned above to persons hired for the purpose of executing the Agreement.
15.5. The above mentioned obligations to secrecy are applicable during the dura-tion of the Agreement and two years beyond termination of the Agreement.

Article 16. INFORMATION

16.1. The Client remains the rightful claimant over the, with the use of the Cloud service, saved, edited, processed, and in other ways entered information.
16.2. The Client and the Users themselves determine which information is saved, edited, processed, and in other ways entered with use of the Cloud service. The Supplier has no knowledge about this information. The Client is respon-sible for the information they have entered in the Cloud service. Therefore the Supplier is not liable for any damages that result from the information entered by the Client. The Client indemnifies the Supplier from any claims for compensations of damages from third parties, to the extent that these claims are based on the use of the Cloud service by the Client.
16.3. The Supplier is not bound to check the accuracy and completeness of the in-formation entered in the Cloud service and is therefore not liable for the consequences of the use of inaccurate and/or incomplete information en-tered by the Client.

Article 17. PRIVACY

17.1. These Terms and conditions apply the following privacy laws and regula-tions: (a) before 25 May 2018: Directive 95/46 / EC of the European Parlia-ment and of the council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free transfer of such data (hereinafter “Directive”) and the Personal Data Protection Act; and (b) from 25 May 2018: regulation (EU) 2016/679 of the European Par-liament and of the Council of 27 April 2016 relating to the protection of nat-ural persons in connection with the processing of persons data and on the free transfer of such data (hereinafter “Regulation”) and the Act General Data Protection Act. In the Terms, the terms “Personal Data” shall mean “Processor Responsible”, “Processor”, “Processing”, “Concerned”, “Special Categories of Personal Data”, “Personal Data Infringement” and “Supervisory Authority” have the same meaning as defined in the Regulation.
17.2. As part of the use of the Application and the Portal, Supplier will process personal data on behalf of the Client. In this processing of personal data, Client will be considered as processing manager and Supplier as processor. For certain internal processes (such as compliance with laws and regula-tions, conducting conflict checks, ensuring the independence of the EY or-ganization, quality and risk management and EY’s own internal financial, administrative, IT and other administrative processes), Supplier is consid-ered to be a independent processing manager. These processing procedures for which EY acts independently as a processing manager falls outside the terms of application.
17.3. Supplier and Client will comply with applicable laws and regulations regard-ing privacy. Before providing the Personal Data to the processor, or provid-ing the Supplier instructions to process the Personal Data, the client deter-mines as processing manager that such data processing is permitted in ac-cordance with Article 7 of the Directive or Article 6 of the regulation.
17.4. The subject, nature and purpose of data processing (including Personal Data processing) are described in more detail in the Privacy Statement as listed on www.thefinancenavigator.com.
17.5. Supplier shall confidentially protect the Personal Data it processes for the Client and shall also oblige any person acting under its authority to keep such information secret, except insofar as any statutory or professional reg-ulation obliges them to notify or fulfill their duty until notification arises. The Supplier process this Personal Data only on behalf of the Client, subject to deviating legal obligations, and follow all written instructions from the Cli-ent. This also applies to the transfer of Personal Data to countries outside the European Economic Area (EEA) unless specific processing is required un-der applicable laws and regulations. In that case, Supplier will notify the pro-cessing manager before proceeding to this Processing of Personal Data un-less such notice is permitted.
17.6. Supplier informs the Client if, in her opinion, an instruction provides an in-fringement of applicable laws and regulations, including the Privacy Act.
17.7. Supplier will take appropriate technical and organizational measures to pro-tect the aforementioned Personal Data against loss or against any form of unlawful processing. These measures, taking into account the state of the art and the cost of implementation, ensure an appropriate level of security in view of the risks involved in the Processing and the nature of the Personal Data. The measures should also be aimed at avoiding unnecessary collection and further processing of personal data. Supplier will periodically evaluate and strengthen the measures taken by it, as appropriate, to the extent that the requirements or (technological) developments give rise to this.

17.8. Supplier allows the Client to periodically review compliance with the Agreement and statutory provisions applicable to the processing of Personal Data. The audit can be performed on behalf of the Client by an (external) in-dependent auditor in so far as this auditor is not a direct competitor of Sup-plier. This periodic check is limited to (up to 1 time a year) by Supplier to the Client asked questions regarding Suppliers compliance with the by law and regulations applied privacy policy and, if necessary, to perform an interview with IT Supplier (s) on a Supplier’s basis by the Client. In view of the Suppli-er’s confidentiality obligations with respect to other clients, the Client acknowledges and accepts that Supplier will not grant access to its IT sys-tems and / or its IT infrastructure to the Client and independent auditor ap-pointed by the Client.
17.9. Supplier shall notify the Client of: 1) an infringement of personal data (“data breach”) to be reported in accordance with article 34a of the personal data protection act and articles 33 and 34 of the regulation. In case of a data breach the Supplier will notify without undue delay after discovery of it the processing manager; 2) A complaint from a person whose Personal Data is processed by Supplier; 3) A request from a person whose Personal Data is processed by Supplier regarding the exercise of its rights deriving from the regulation; and / or 4) an investigation by a supervisory authority or other authority, to the extent permitted by applicable laws and regulations.
17.10. Supplier will assist the Client at his request in the context of a request or in-vestigation by a supervisory authority or other authority, or in the context of a request or complaint from an affiliate of whom Personal Data is processed by Supplier. Supplier will also reasonably cooperate with the Client in order to enable the Client to comply with applicable statutory privacy require-ments that may require a data protection impact assessment to be per-formed or to consult with a supervisory authority.
17.11. Supplier will not outsource the processing of Personal Data to any subcon-tractor without the prior written consent of the Client. The Client has the right to refuse this permission without notice of any reason or to add further terms to this permission. The subcontractor of the Supplier must comply at least with contractual provisions that are equivalent to the provisions of this Agreement. If the subcontractor fails to comply with his / her obligations re-garding privacy under this Agreement with Supplier, Supplier is fully liable to Client for compliance with the subcontractor’s obligations under the out-sourcing agreement. By signing this Agreement, Client grants Supplier per-mission to enable other EY firms and EY employees for the processing of Personal Data.
17.12. Supplier may process Personal Data in non-EEA countries provided that Supplier complies with Chapter 5 of the regulation (“transfers of Personal Data to third countries or international organizations”).
17.13. The duration of the processing of Personal Data is included in the Agree-ment. Upon completion of the processing services, Supplier will, upon Cli-ents request, delete all Personal Information unless Supplier has a legal or professional duty to keep this information. The parties acknowledge that this obligation does not apply to data held by the Supplier for backup purposes, provided that the terms of the security and confidentiality as contained in these Terms and conditions apply to it. Unauthorized the foregoing, Supplier will remove all Client’s data within 12 months from the expiry of the Agreement. Supplier will anonymize the data and can use the anonymous data for benchmarking purposes. The anonymized data will be stored for 10 years.

Article 18. LIABILITY AND INDEMNIFICATION

18.1. The total liability from the Supplier to the Client due to accountable failure in the performance of the Agreement or from any other source, is, for the duration of the Agreement, limited to the compensation of the direct dam-age to a maximum amount of the sum of all payment in the scope of the Agreement in the 12 months prior to the moment of the cause of the dam-ages (excluding Value Added Tax). This limitation of liability is equally appli-cable to the indemnification obligation of the Supplier.
18.2. Supplier’s liability for indirect damages, including lost profits, missed sav-ings, reduced goodwill, losses due to business stagnation, and claims arising from purchasers from the Client are excluded. Also excluded from the Sup-plier’s liability are mutilation, destruction or loss of files, data, documents or other information carriers of the Client.
18.3. The aforementioned limitation will not apply to any damage caused by the Suppliers intentional act or omission or gross negligence, or if such limita-tion is prohibited by law or pursuant to regulations.
18.4. Unless fulfillment of the Agreement is permanently impossible, the liability of the Supplier due to an accountable failure in the performance of the Agreement arises only, if the Client immediately provides a written notice of default to the Supplier which states a reasonable time frame for handling the failure, and the Supplier keeps failing to comply to its obligations after the stated time frame. The notice of default should include a complete and detailed description of the stated failure, which allows the Supplier the op-portunity to adequately respond to the notice of default.
18.5. A prerequisite for any right to compensation is always that the Client should report the damages in writing to the Supplier as soon as possible after they have arisen. Any claim expires past the course of 24 months after the dam-age has originated.

Article 19. FORCE MAJEUR

19.1. None of the parties is bound to fulfill any obligations, including any warran-ties agreed between the parties, in case a party is prevented from doing so due to force majeure. Force majeure includes, among others, circumstance beyond control of the Supplier regarding its suppliers, the failure to meet obligations set by the Client by the suppliers of the Supplier, public measures, power-outs, internet failures, computer networks or telecommu-nication facilities, (civil) war, utilization, strike, general transportation issues, and terrorism.
19.2. In case the situation of force majeure lasts longer than 30 days each of the parties holds the right to dissolve the Agreement in writing. Whatever has been performed, in scope of the Agreement, will in that case be settled pro-portionally without the parties owing each other for the remainder.

Article 20. DURATION AND TERMINATION

20.1. The Agreement starts at the moment the Client has accepted the Terms and conditions. The duration of the Agreement is equal to the agreed duration indicated at registration. Upon expiration the Agreement is automatically terminated. Users that wish to remain having access to the Portal should en-ter into a new Agreement.
20.2. Each party is authorized to terminate the Agreement due to an attributable deficiency in the fulfillment of the Agreement in case the other party shows an attributable deficiency in fulfillment of significant obligations from the Agreement. Termination is only possible when a complete and detailed writ-ten notice of default is delivered that puts forth a reasonable term for clari-fication of the failure. Any payment obligations from the Client and all other obligations to cooperation by the Client or a third party acting on behalf of the Client count as significant obligations from the Agreement.
20.3. Activities that already have been performed at the moment of termination, as intended above, will not be subject of termination, unless the Client proves that the Supplier defaults in significant parts of those activities. In that case the value of the activities that are already performed by the Client (barring counter evidence) equal to that of the payments made is deter-mined. Fees that the Supplier has invoiced before termination of the Agreement and for which the activities have been performed to mutual agreement remain, in compliance with last sentence, owed, undiminished, to the Supplier and are directly collectable upon termination.
20.4. The Client is not entitled to terminate the Agreement before the Agreement expires.
20.5. Each of the parties can immediately terminate the Agreement without no-tice of default in writing in case suspension of payments – temporary or not – is granted to the other party, in case the other party is filed for bankruptcy, or in case the company of the other party is liquidated or terminated other than on behalf of a restructuring of the companies. In case of such a termi-nation the Supplier is not obliged to refund fees that are already collected or pay any compensation. In case of bankruptcy of the Client the right of use of the Cloud service and the Interface is void.
20.6. In addition, the Supplier is allowed to terminate the Agreement with imme-diate effect in case the Supplier can establish, in reasonableness and fair-ness, that the Supplier is no longer capable of executing the Agreement in compliance with relevant law and regulations or applicable codes of conduct or professional or independence rules, unless the Supplier is capable of reaching an Agreement with the client to modify the Agreement so that it is capable of executing the Agreement.

Article 21. CONSEQUENCE OF TERMINATION

21.1. In case the Agreement is terminated, the parties will cooperate in good faith during possible support, desired by the Client, in remigration of the infor-mation entered during the use of the Cloud service and with the handover to the Client or a third party assigned by the Client during the “remigration-period”. The continuity of the availability of information and services are pivotal in this period. Any possible extra costs associated with this “remigra-tionperiod” will be billed to the Client.
21.2. The User is responsible for exporting or copying the information before ter-mination of the Agreement. After termination of the Agreement the User can visit the information after securing a new Agreement. The Supplier is not held to a certain (legal) retention period for the information entered in the Cloud service by the Client other than explicitly mentioned in Article 16. In case the Client does not immediately, after the termination of the Agree-ment, inform the Supplier of the before mentioned desired support in handover of the information, the Supplier holds the right to, immediately and without preceding notification, delete and destroy this information that is stored, edited, processed or in any other way entered into the Cloud ser-vice.

Article 22. DISPUTES AND APPLICABLE LAWS

22.1. All legal relations between the parties will be governed by Dutch law.
22.2. All disputes relating to legal relations between the parties will be settled by the competent court in the District of Rotterdam.

Article 23. OTHER PROVISION

23.1. In case any provision of the Agreement should be found to be invalid or be nullified, the other provisions will remain in force to the extent possible, with the invalid or nullified provision being replaced, in consultation be-tween the parties, by a provision that approximates the purport of the origi-nal provision to the extent possible.
23.2. In case the Supplier is required, at the request of or ordered by authorized public authorities or in connection with statutory obligations, to perform ac-tivities with respect to the information of the Client, its employees, or its Users, the associated costs will be billed to the customer unless cause of the investigations lies with the Supplier. The Supplier will inform the Client of such an event as soon as possible and to the extent permitted by applicable law.
23.3. The version of any communication received or saved by the Supplier is con-sidered as authentic (including log files), unless proven otherwise by the Cli-ent.
23.4. Parties inform each other within a reasonable time frame of any changes in name, address, e-mail address, telephone number and if asked bank account number.
23.5. Neither Supplier nor Client is entitled to transfer any of the rights and obli-gations in the Agreement to a third party without prior written consent of the other party. De non-transferring party will not deny this permission without reasonable ground.

Appendix A

Per below the Open Source Software used in the tool is disclosed.

Name License Licensor
1 Newtonsoft.Json MIT James Newton-King
2 Owin Apache 2.0 OWIN startup components contributors
3 Serilog Apache 2.0 Serilog Contributors
4 Unity Apache 2.0 Microsoft
5 Angular 4 MIT Google
6 Kendo Telerik End User License Agreement for Kendo UI Complete Telerik
7 angular2-toaster MIT Stabzs
8 bootstrap MIT twbs
9 classlist-polyfill Unlicense yola
10 cldr-data MIT rxaviers
11 compression-webpack-plugin MIT Webpack Contributors
12 core-js MIT zloirock
13 corejs ISC nikolaykletskin
14 gulp MIT GulpJS
15 hammerjs MIT Hammerjs
16 ie-shim MIT gdi2290
17 Jquery MIT Jquery
18 mdn-polyfills MIT msn0
19 ng2-slim-loading-bar MIT Akserg
20 object-assign MIT Sindresorhus
21 object-fit-polyfill MIT Tonipinel
22 object.values MIT es-shims
23 picturefill MIT Scottjehl
24 reflect-metadata Apache 2.0 Rbuckton
25 rxjs Apache 2.0 ReactiveX
26 svg-use-it MIT Dango
27 svg4everybody cc0-1.0 Jonathantneal
28 zone.js MIT Angular
29 Intl.js MIT AndyEarnshaw