Article 1. - Introductory provisions

1. By signing up for the Services You accept the TOU as outlined below. These TOU constitute a binding legal agreement between You and Us and governs any access to and use of the Service.

2. Please also carefully read our Privacy Policy and Data Protection Agreement. Privacy Policy and Data Protection Agreement constitute an integral part of these TOU and by accepting these TOU you also accept the Privacy Policy and Data Protection Agreement.

3. You agree that You have read and understood the TOU upon acceptance when You make successful completion of the registration process.

4. Our Service is directed to entrepreneurs and businesses.

5. By confirming these TOU You confirm and guarantee that, according to all valid legal provisions of England and Wales and the country of Your citizenship or residence, that You are authorized to conclude a valid Agreement with Us which is established by the confirmation of these TOU. If You confirm these TOU for a company or another legal entity, You represent and warrant that You have the authority to bind that company or other legal entity to TOU and, in such event, “You”, “Your”, “User” will refer and apply to that company or other legal entity.

6. User must be over 16 years of age to access and use the Service. We may at Our sole discretion use any technical or other measures to prevent any person that is not authorized from accessing or using the Service.

7. When using the Service You may allow third parties to use some parts of Service as well (e.g. by adding other users to your account or enabling access to your bookkeeper/accountant). In case You allow any third parties to use the Service as well You are responsible to legally ensure that such third parties will be governed by these TOU when using the Service. The breach of these TOU by such third party shall be considered a breach of these TOU by You.

8. We may change these TOU anytime without prior notice and You agree that such changes will be binding to You. Any changes posted will amend and form part of this TOU. You are responsible for reviewing the TOU on a regular basis to obtain timely notice of any changes. The TOU are valid and in force from the moment of publication in the Service and by using the Service You express Your consent with new TOU.

9. If You don’t agree with terms presented in these TOU then You are not authorized to use the Service and You should cease use of the Service. In such a case your access to the Service may be limited.

10. The provisions and regulations of this TOU apply accordingly to any other software, program or application created by Us to use and access the Service at any time in the future for mobile devices, tablets or any other devices.

Article 2. - Our Service

1. Our Service allows its Users to create invoices, record expenses, track payments and inventory, create statistics, communicate with other Users and use other features that We may decide to add to the Service.

2. Features included in Service may also be specified on our website, web application or mobile application. By adding a specification of feature to the website, web application or mobile application or making a feature available for Users a feature shall become a part of Service.
   
   

Article 3. - General Terms of Use

1. We are the exclusive owner of all property rights and other intellectual property rights with respect to the Service. By accepting these TOU and using of the Service You don’t acquire any property rights or other intellectual property rights in regard to the Service (in particular no right to alter, change, interfere with the Service, process, adapt and create derivative works, create a copy of the Service, or to copy and then distribute the Service). The Service and its components, including graphic elements, their layout, texts, interfaces, and other components of the Service, are protected according to the law of England and Wales and international treaties in the field of intellectual property rights. Any use of the Service or other than in compliance with these TOU requires Our written consent. You are not authorized to use our trademarks and logos or to even use the graphical elements of the Service without Our consent.

2. As a User of the Service You agree:

   1. to not record, store, transmit or otherwise distribute through the Service content which are illegal, libelous, offensive, fraudulent or otherwise inappropriate;

   2. not to use the Service in any fraudulent or otherwise inappropriate way;

   3. to use the Service exclusively in the permitted way, in compliance with these TOU and/or valid legal provisions of England and Wales;

   4. not to use (or assist others in using) our Service in ways that violate, misappropriate, or infringe on Our rights, the rights of Our Users, or others, including privacy, publicity, intellectual property, or other proprietary rights;

   5. not to further sell, lease, provide for payment or without payment the Service or its part to third parties without Our consent (e.g. ‘cloud computing’ or ‘software as a service’) or to encumber in any way the right for using the Service.

3. You may use the Service only in the way for which We created the Service and only within the interfaces, programs, mobile applications, and other software solutions made available by Us to access and use the Service. You may not access the Service in other way than through programs and interfaces provided by Us. You are not authorized to change the source code of the Service, attempt to disassemble or otherwise encroach into its functionality with a reverse engineering.

4. We do not offer the Service under any freeware or shareware license (GNU GPL and/or other freely distributed licenses).

5. You may not misuse the Service. We are authorized in Our sole discretion to suspend, restrict or cancel the use of the Service by You in case it breaches Our TOU or otherwise interferes with the functionality, features and use of the Service. In cases Your access to the Service is cancelled or suspended We are authorized to delete and remove any content You have provided to the Service.

6. We do not guarantee support and maintenance services for the Service if You use the Service free of charge.

7. Any restrictions stated in this article of the TOU apply in general, aside from cases when some use of the Service is expressly permitted by generally binding legal provisions and in such a case exclusively in the range of such legal permission.

8. In case the Service requires or includes software for downloading (e.g. applications for mobile devices and tablets), this software may be automatically updated in Your device when releasing a new version of the Service. A download of such software and updates (manual or automatic) is part of the conditions of the provider of such service (e.g. Apple App Store, Google Play Store) and conditions of these services might apply on top of these TOU in such cases.

9. We grant You a worldwide, non-exclusive, personal, non-transferable, non-sublicensable license for the use of the software which We offer You as a component of the Service. This license is granted exclusively to You for the purpose to enable the use of the Service provided by Us in the way described and permitted by this TOU.

10. Unless otherwise specified the Service offers You to store, manage and send Your content. By using the Service You agree to the fact that You are responsible for the content which You provide to the Service. By using the Service, You agree that You have the right to store and save the content, especially personal and company data and that You have legal right to handle, store and manage such data. All Your rights to such content shall be retained (including intellectual property rights).

11. In compliance with these TOU We may send You notifications, e-mails, reports and similar notices about Our Service, offers, features, etc. You may opt out anytime by clicking on ‘Unsubscribe’ or by informing us about Your decision not to receive any kind of such information.

12. We are entitled to place adverts of Ours or adverts of third parties at various places and in various times in the Service. We are authorized to change and expand the range of placed adverts according to Our own considerations. As a User of the Service You give Your full consent with the placing of adverts in the Service.

13. The Service is provided on a subscription basis (a fee) for a set term specified in this TOU.

14. The Service may contain links to other websites, files and services. We do not check the content of these websites and files and are in no case responsible for the content of third-party sources.

Article 4. - Creating and managing an account

1. To use all of the Service’s features we may request that you register on the mobile app our our website and create a User account. A User account is identified by an e-mail address and secured by the password that You specify. We recommend using a password which contains a combination of capital and lower-case letters, numbers and other symbols not attributable or assignable to Your person, company or Your account.

2. You are obliged to treat Your login name and password with appropriate care and not share it with any unauthorized third party.

3. We will never ask You for Your password, neither via e-mail nor over the phone. In case You have forgotten Your password, You can create a new one or ask a support team to reset it for You. We are not responsible for any damage or losses which may have occurred to You in connection with violation of the security of Your User account or in consequence of a third party gaining unauthorized access to Your User account. If You find out or suspect that the security of Your User account has been violated and/or a third party has gained unauthorized access to Your User account, You must contact Us immediately.

4. In order to use some features of the Service we may ask You to select Your home country or reveal Your location. We may set a language and country according your browser or mobile device settings. In order to improve use of the Service it might be necessary to provide more personal or company data (business name, address, invoice number and bank information).

5. By creating an User account, the You agree with conditions of the TOU and agree to:

   1. provide Us with accurate, exact and complete information required during the registration process and with reference to using of the Service;

   2. ensure that the provided information remains exact, complete and updated;

   3. take all the necessary measures to ensure the protection of login details (password and account);

   4. take all necessary measures to ensure the protection of User data;

   5. ensure the protection of data entrusted to You by any third party and to comply with all Applicable laws regarding the privacy of such data

6. You represent and warrant that:

   1. You obtained all necessary rights, releases and permissions to provide Us with content and grant Us the rights in accordance with these TOU;

   2. data and its transfer to Us as permitted under this TOU do not violate any Applicable laws (especially the EU legislation of GDPR) or rights of any third party, including without limitation any intellectual property rights, rights of privacy, or rights of publicity, and any use, collection and disclosure authorized herein is not inconsistent with the terms of any applicable privacy policies.

7. You agree to release, defend and indemnify Us and Our affiliates and subsidiaries, and their officers, directors, employees and agents against all losses, costs (including reasonable legal costs and accounting fees on a full indemnity basis), expenses, demands or liability that they incur arising out of, or in connection with, a third party claim against Us relating to Your access or Your use of the Service and any part thereof or any content You recorded, added, downloaded, copied or transferred to the Service or violation the terms of these TOU or Applicable Law.

8. You are solely responsible for complying with Your retention obligations. When using the Service You are obligated to comply with the Applicable laws and to refrain from any activity that impairs or excessively strains the operation of the Service or the underlying technical infrastructure. You must always ensure that use of the Service and all saved data at all times comply with these TOU.

9. In case of cancellation or suspension of the Service in compliance with these TOU the User account may be blocked, deleted or closed and your access to the account, files and other content of the account may be limited. Upon blocking or cancellation of an account We are not obligated to remove copies of files and other account content from the server unless You ask for a permanent deletion according to the Applicable law. We are however, committed to prepare or release all Your saved data and account content to You on the basis of Your request and allow You to download/export it in a format given we approve of.

10. We assume no responsibility or liability for Your data, and You shall be solely responsible for any consequences of using, disclosing, storing, or transmitting it via the Service.

11. If you agree to these TOU and use the Service in any capacity without deciding to register an User account under your e-mail address, your user data and activities shall be saved under an unregistered account identified under a unique internal identificator, not tied to your e-mail address. At any time you may decide to delete all your user data and information about your activities within the Service within the Service. If you decide to register an user account under your e-mail address the data from the unregistered account shall be automatically transferred to your new User account.

Article 5. - Changes and modifications of the Service

1. We reserve the right to change, supplement, suspend or terminate any feature of the Service or any part of it at any time. We also reserve the right to add new restrictions, features or changes related to the use of the Service.

Article 6. - Fees and payment conditions

1. We are at our sole discretion, allowed to make some features of the Service or the entire Service a paid service and request a one-time payment or regular payments. 

2. If We decide to turn Our Service or parts of the Service that were previously provided free of charge into a paid service, We shall notify you ahead of time. You shall not be charged for using the Service without your consent. However, if you won’t agree to pay for the Service after We make it a paid service, We are authorized to terminate your account and/or disable your access to the Service.

3. We can sell multiple types of subscriptions to the Service and each type may allow You to use several features of Service or features in different quality, exact features of Service and their specifications provided with subscription shall be described in list of available subscriptions on Our website.

4. A subscription to use the service shall be sold ‘as it is’ and the Service does not enable to increase or decrease the number of features in a particular subscription for a higher or lower fee for that same subscription type. However an upgrade to a higher subscription type by paying a difference on the fees is possible if the Service allows such change.

5. Multiple subscriptions bought for one account at the same time shall not add features. A general rule shall apply that the subscription which is bought as the last is valid and activated for the account.

6. Payment fees for the subscription shall be paid monthly or annually, depending on the subscription type chosen by the User. Payments shall be made with payments methods We decide to implement.

7. Subscriptions shall be generally recurring which means the subscription shall renew after a chosen period (year or month) and the You will be automatically billed. You shall be notified of such situation by an e-mail message in case the subscription has been bought using the Service with an information how to stop further subscription renewals. You shall be able to stop a subscription renewal in Your User account.

8. The in-app (mobile) payments, subscription, recurring subscriptions, and refunds shall be handled solely by their respective service and the respective terms and conditions of those services apply.

9. The billing period of a subscriptions may be one month or one year in advance, from the date on which the payment was registered. We reserve the right to introduce the possibility to buy subscriptions for different periods (e.g. quarterly) or to introduce related services offering other billing models.

10. We may offer a trial (test period) in the form of test access to all or some features of Service. During the trial period the use of the Service shall be free of charge. If You decide to continue using the Service after the end of the trial period, We may charge a fee in form of a subscription. We shall decide on the duration of the trial period at our sole discretion.

11. We reserve the right to change the price list for the Service and its features at any time in the future and at its reasonable discretion. We shall inform You about such change no later than 30 days before the new price list for the Service becomes effective. If You don’t agree with the new price list for the Service, You have the right to decide to cease using the Service. If, however, You will continue to use the Service, You thereby give consent with the new price list for the Service and are bound to pay the fee for the Service in line with the new price list.

12. All fees for using the Service shall be paid in advance and shall be generally non-refundable, however a money-back policy may apply in certain cases granted by the Service. If Your account is cancelled or Your access to the Service is limited, then in compliance with these TOU (e.g. by cancellation of the Agreement) You do not have the right for any discount or chargeback from an already paid fee and/or for a refund of that fee.

13. As part of our commitment to User satisfaction We may allow Users to return a subscription fee within 30 days of payment for any reason or no reason and to receive a refund of the amount paid (money-back policy). In this context a return means that we will stop the subscription, which means that all features that the Service are cancelled in the User account. We do not accept returns or refunds after the 30-day return period. You understand that We may decide to not apply this practice in the future.

14. We are authorized to stop the feature of the Service to the User in case a fee has not been paid.

15. Unless otherwise expressly stated in the valid price list on the website or in the mobile app, all prices shall be exclusive of value added tax. 

16. We shall send an electronic invoice to the User upon receipt of the relevant payment if such payment has been made. You as the User agree that an e-mail used as a User login to the Service shall be used as a means of sending invoices and orders created by the Service. Invoices and bills from Apple or Google for purchases in the mobile app are handled by their respective services.

17. We reserve the right to monitor via technical and electronic means the range of use of the Service and in particular the payment of fees for use of the Service, in order it to verify the observance of the conditions of these TOU.

18. Any discounts on a subscription in the mobile app, on the website, announced by an e-mail message or newsletter, by using a promo-code, obtained or announced in any other way shall reduce the otherwise standard pricing for a maximum period of 1 or 12 months depending on the chosen subscription type (monthly or annual), thereafter the standard pricing will be applicable.

Article 7. - Responsibility and warranty

7. Reservations to responsibilities and warranties included in this article do not exclude any of Our reservations mentioned in previous Articles of these TOU and should be applied to all features of the Service regardless of their context.

8. The Service is provided on an ‘as is’ basis. We warrant that we have all requisite power and authority to execute, deliver and perform our obligations under the TOU.

9. You warrant that as User You shall comply with all Applicable laws and regulations relating to the Service and with all applicable rules, regulations and guidelines (whether or not having the force of law) of any regulatory organizations or bodies of which You are a member of or by which You are bound; and that You have all requisite power and authority to execute, deliver and perform Your obligations under the TOU.

10. As a User of the Service You are obligated to ensure and You are responsible for taking all measures in terms of data protection and other actions which ensure that Service does not damage other software, information systems and/or their content or data of a third party.

11. We do not provide any of the following guarantees and warranties:

    1. The Service shall be provided on time, uninterrupted and error-free;

    2. The Service shall be compatible and will cooperate with other hardware, software, system or database;

    3. Any errors in the Service shall be removed properly and in a timely manner;

12. We are not responsible for errors in the Service and does not provide a guarantee for the condition of the Service.

13. We are in no case is responsible for any direct or indirect damage (including loss of profit), the damage of the good name or data by the inaccessibility of the Service or by characteristics and/or features of the Service, the inability to use the Service, and even in case that have notified the Service about such fact.

14. You alone bear all the responsibility for the quality of any services and products created by using the Service and for the accuracy, adequateness, integrity, veracity, validity and quality of all information.

15. We do not bear any responsibility for outages, faults or unavailability of the Service which is caused by outages, faults or unavailability of Your systems, public communication networks or electric supply. If there is a certain guarantee offered by Your local laws or jurisdiction, in such case We offer You exclusively a guarantee in this range and in another range, we exclude a guarantee.

16. We do not warrant that any information provided by us is accurate, complete, or useful, that Service will be operational, error free, secure, or safe, or that Service will function without disruptions, delays, or imperfections.

17. We do not control and are not responsible for, controlling how or when our Users use the Service or its features and interfaces.

18. We are not responsible for and are not obligated to control the actions or information (including content) of Our Users or other third parties.

19. In any case We are responsible for any claims according to these TOU or according to anticipated guarantees only to the amount of paid and unused fees for using the Service.

Article 8. - Data protection and collection

1. We are committed to protect Your privacy and develop technologies that give You the most powerful and safe online experience. By using the Service, You also agree to our DPA – Data Processing Agreement and Privacy policy. You agree that You have read and understood the DPA and Privacy policy upon acceptance.

Article 9. - Termination of the Agreement

1. The Agreement is in effect for as long as We provide Service unless terminated as permitted in these TOU by any of the Parties. Either Party may terminate the Agreement if the other Party breaches any of the terms of this TOU. Either Party may also terminate the Agreement at any time if the other Party ceases to operate, declares bankruptcy, or becomes insolvent or is otherwise unable to meet its obligations.

2. You may terminate the Agreement at any time with notice to Us, but You will not be entitled to any credits or refunds as a result of convenience termination for prepaid but unused features, documents or any services, if not stated otherwise in this TOU.

3. Once the Agreement terminates, You (and any other Users and/or third-parties you’ve gained access to Your account) will no longer have any right to use or access the Service that is available to You under the Agreement.

4. Upon termination of the Agreement the You can have all your User account’s data deleted upon request: You can terminate the use of the Service and request to cancel/delete your User account at any time by sending request by e-mail to support@inv-pro.app from the e-mail address the User used to create the Account or to log into the account. No other cancellation of Your User account is possible.

5. In case of a User account deletion We shall delete all data from Our database including personal data, except that which We are required to retain under any Applicable law and in such case shall be held in accordance with Our technical and organisational safeguards. According to local laws of Your country of residence (mostly anti-fraud laws) We may be required to keep some data for an additional period of time.

6. Upon termination of the Agreement, We shall disable Users access to the Service.

Article 10. - Final provisions

1. if some provisions of these TOU and the Agreement made between You and Us are invalid at the time of its conclusion or if they become invalid later after on, the validity of the TOU and part of the Agreement that were not invalidated shall not be affected. Instead of any invalid provisions of these TOU (or Agreement), provisions of the valid laws of England and Wales, which are in their content and purpose closest to the content and purpose, shall be used.

2. This Agreement and TOU are subject to Applicable law of England and Wales. All disputes relating to claims following from these TOU or use of the Service or associated with these TOU or the Service shall be exclusively in the competence of relevant courts of England. You agree that such disputes shall be subject to the jurisdiction of these courts.

3. We may collect and process some User Data on your behalf which are necessary for a proper use of the Service, in this case You agree with Our Data Processing Agreement.

Data processing agreement

This Data Processing Agreement (hereinafter as “DPA”) is subject to Terms of Use. Unless specified otherwise in this DPA the terms used in this DPA shall have the same meaning as in the TOU.

This DPA forms the basis for the relationship between you, the User as Controller, and Us the provider and operator of the Service as Processor under Data Protection Laws, specifically the General Data Protection Regulation (GDPR).

This DPA applies for the processing of User Data through mobile apps as well as the other available services.

You agree to and accept the terms of this DPA as outlined below. You agree that you have read and understood the DPA upon acceptance. This DPA assures you that we, as your Processor, comply with the requirements arising from the GDPR.

GDPR is a set of laws and regulations the EU has taken to protect the persons rights for privacy and it becomes effective on May 25, 2018. The aim of the new regulation is to standardise and update how businesses handle the collection of personal data and to clarify how the EU Personal Data laws apply.

Definitions

• ‘User Data‘ means any Personal Data that We process on behalf of You as a Processor in the course of providing Service, as more particularly described in this DPA.

• ‘Data Protection Law/s’ means applicable and binding laws to which Us and User is a subject to in the field of personal data protection and privacy especially GDPR.

• ‘GDPR’ means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

• ‘Personal Data’ has the meaning given to that term in Data Protection Laws. It’s any information relating to a data subject by which it can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person or legal entity (where applicable).

• ‘Supervisory Authority‘ means any local, national or multinational agency, department, official, parliament, public or statutory person or any government or professional body, regulatory or supervisory authority, board or other body responsible for administering Data Protection Laws.

• ‘Subprocessor’ means another Processor engaged by US, which We have an agreement with, for carrying out processing activities on behalf of the User and in respect of this DPA.

• All other definitions referred to herein, including the terms Controller and Processor, are as determined by the relevant Data Protection Laws and GDPR.

Article 1. - Introduction

1. This agreement applies to Our processing of User Data on behalf of the User as a Processor in the context of the Service provided by Us under TOU.

2. For purposes of this DPA, You and We agree that You are the Controller and We are the Processor and when You act as a Processor of User Data then You are the Processor and We are another Processor. This Agreement forms the contractual basis to process User Data on Your behalf. It explains how User Data may be processed and the purpose of processing. We process User Data only as required and based on Your instructions, as outlined in this DPA and TOU.

3. We are in no case is responsible for any direct or indirect damage (including loss of profit), the damage of the good name or data by breach of the provisions of this DPA by the User or its authorized Users even in case that the User has notified Us about such fact. Liability for actions arising from breach of the provisions of this DPA is governed by liability and compensation provisions of the TOU.

Article 2. - Data processing provisions

1. By agreeing to this DPA You authorize Us to process, as a Controller, User Data for the purposes listed in this DPA, including internal research, fraud, security and risk management. We represent and warrant that we will process User Data for these purposes in compliance with Data Protection Laws and GDPR.

2. Each Party agrees and will ensure that the terms of this DPA shall also be fully applicable to the affiliates or third parties which may be involved in the processing operations of User Data on their behalf.

Article 3. - Data Processor Responsibilities

3. We are aware of the applicable legal responsibilities of Processors under Data Protection Laws.

4. We, as the Processor, represents and warrant that We will:

   1. only processes User Data in accordance with Your lawful instructions and not for any other purposes than those specified in this DPA, or as otherwise agreed by both Parties in writing.

   2. cooperate with You in Your role as Controller to fulfil Your own data protection compliance obligations under Data Protection Laws, including by providing all information available to Us as necessary to demonstrate compliance with Your own obligations and where applicable to help you conduct data protection impact assessments or prior consultation with Supervisory Authorities.

   3. keep internal records of processing of User Data carried out as a Processor on behalf of You.

   4. assist You in fulfilling Your obligation to respond to data subjects’ requests to exercise their rights as provided under Data Protection Laws and notify You about such requests if We receive it directly from the data subject.

   5. notify You when local Applicable Law prevent Us from fulfilling our obligations under this DPA and have a substantial adverse effect on the guarantees provided by this DPA, and from complying with the instructions received from You via this DPA, except if such disclosure is prohibited by Applicable Law, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation.

   6. When the DPA expires or upon termination of the DPA or upon a request to delete or return User Data by You, except for any Personal Data which we process as a Controller, We will, at Your choice, delete, anonymize, or return such User Data to You, and delete or anonymize existing copies unless Applicable Law prevents Us from returning or destroying all or part of the User Data or requires storage of the User Data (in which case We will protect the confidentiality of the User Data and will not actively process the User Data anymore).

5. In addition, We shall, as far as legally possible, inform You if a request for information on User Data processed is requested. We will respond to such requests once authorized by You to do so. We will not disclose any information unless We are required by Applicable Law to do so, such as by court order.

6. If you require information or assistance regarding the security of User Data, documentation or information about how We process User Data generally, you can request this information from Us.

7. We, Our employees and any Subprocessors, shall ensure confidentiality in relation to User Data processed under this DPA. This provision continues to apply after termination of this DPA, regardless of the cause of termination.

Article 4. - Controller Responsibilities

1. You, as the Controller, represents and warrants that You:

   1. comply with Data Protection Laws in respect of processing of User Data, and only gives lawful instructions to Us (lawfulness of processing).

   2. rely on a valid legal ground under Data Protection Laws for each purpose of processing, including obtaining data subjects’ appropriate consent if required or appropriate under Data Protection Laws (legal ground).

   3. provide appropriate notice to the data subjects regarding the processing of User Data for the purposes, in a timely manner and at the minimum with the elements required under Data Protection Laws (notice).

   4. take reasonable steps to ensure that User Data is accurate, complete and current; adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed; and kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the Personal Data are processed unless a longer retention is required or allowed under applicable law (accuracy, data minimization and data retention).

   5. implement appropriate technical and organizational measures to ensure, and to be able to demonstrate, that the processing of Personal Data is performed in accordance with Data Protection Laws (accountability).

   6. respond to data subject requests to exercise their rights of (a) access, (b) rectification, (c) erasure, (d) data portability, (e) restriction of processing, and (f) objection to the processing in accordance with Data Protection Laws (data subjects’ rights).

   7. will cooperate with Us to fulfil our respective data protection compliance obligations in accordance with Data Protection Laws (cooperation).

Article 5. - Details of processing

1. Subject-matter:

The subject matter of the data processing under this DPA is the User Data.

2. Duration:

The duration of the data processing under this DPA is until the termination of the Agreement in accordance with TOU.

3. Purpose:

The purpose of the data processing under this DPA is the provision of the Service to the User and the performance of Our obligations under the Agreement (including this DPA) or as otherwise agreed by the Parties.

4. Nature of processing:

We provide a services of professional invoice maker with all necessary features for a small business and other related services, as described in the Agreement.

5. Categories of data subjects:

Any individual accessing and/or using the Service through Your User account (authorized user) and any individual whose personal information or contact information is stored on or collected via the Services (i.e. Your clients and customers information or their representatives information).

6. Type of User Data:

User and authorized Users: identification and contact data (name, title, job, contact details, username);

Clients and Customers: identification and contact data (name, title, job, contact details).

Article 6. - Subprocessors

1. Some features of Service require the use of Subprocessors. Subprocessors provide services that are necessary to enable Us to fulfil the Agreement made with you when signing up to use the Service. We maintain agreements with all Subprocessors to process your User data in line with this DPA and Data Protection Laws. User agrees that We may engage Subprocessors to process User Data on User`s behalf.

2. The following Subprocessors are engaged by Us to process User Data:

   1. Amazon AWS, Germany - hosting, emailing.

   2. GetFinDone, Slovakia – Accounting.

   3. MailChimp, USA – E-mails, Newsletters and Info mails.

   4. Intercom, USA – live chat and support systems.

   5. Braintree, USA – Payment processes.

For avoidance of doubt User hereby grants to Us a general written authorisation to engage any Subprocessors even if they are not listed herein. 

3. We shall always choose the Subprocessor by specifically considering the suitability of the technical and organisational measures taken by the Subprocessor. A specific agreement between Us and Subprocessor will assure that they will maintain all User Data in line with the requirements under this DPA and current Data Protection Laws. We ensure that Subprocessors satisfy all obligations and requirements within this DPA, specifically that their level of data protection meets all standards required under present Data Protection Laws. We review the Subprocessor’s compliance with obligations on a regular basis.

4. Subprocessing, in terms of this DPA, only refers to those services that are directly associated with processing of User Data.

Article 7. - Data storage and security

1. We shall implement and maintain, at our cost and expense, appropriate and adequate technical and organizational measures in relation to the processing of User Data taking into account the nature of the processing, to assist the User insofar as possible in the fulfilment of the User’s obligations to respond to data subject requests relating to User Data.

2. Our servers are operated by Amazon AWS, Germany. All the User Data You provide to our website with is encrypted according to the security standard TLS (Transport Layer Security). You can recognize the secure TLS connection from the “s” after the “http” in the URL shown in Your browser (i.e. https://..), or from the lock symbol depicted in the browser tab. All of Your User Data, including their transmission between Your device and the Our servers, will be protected by standard security measures with the use of 256-bit SSL encryption.

3. We also take technical and organizational suitable security measures, in order to protect Your User Data against random or deliberate manipulations, partial or complete losses, destruction and/or against unauthorized access. In order to avoid loss of data, We run a mirrored database setup which means that Your User Data is always stored in two separate locations.

4. User Data that We process is stored in a secure environment within the EEA or outside of EEA in compliance with Privacy Shield rules and treated confidentially. Access to this data is limited to selected Our employees and partially to our Subprocessors. We adhere to Data Protection Laws at all times.

5. We do Our utmost to secure Your User Data in the best possible way, but we cannot guarantee the safety of your User Data when transferred over the Internet. When User Data is transferred over the Internet, there is a certain risk that others can access the User Data illicitly. In other words, the safety of your User Data transfer is Your own responsibility as the Controller.

6. Not with standing the above, User agrees that except as provided by this DPA, User is responsible for its secure use of the Service, including securing its account authentication credentials, protecting the security of User Data when in transit to and from the Service and taking any appropriate steps to securely encrypt or backup any User Data uploaded to the Service.

Article 8. - Confidentiality

1. The Parties must take steps to ensure that any person acting under their authority who has access to User Data is subject to a duly enforceable contractual or statutory confidentiality obligation, and if applicable process User Data in accordance with the User’s instructions.

Article 9. - Notification obligations

1. We shall notify the You of any data breaches concerning User Data immediately. Any justifiably suspected incidents shall be reported. Notice shall be sent to Your email address which is associated with your User account within 24 hours from the moment We discover the respective incident has occurred. This notification must contain at least the following information:

   1. A description of the type of the User Data affected including, if possible, the categories and approximate number of affected persons as well as the respective categories and approximate number of the User Data sets.

   2. The name and contact details of the Data Protection Officer (if appointed) or another point of contact for further information.

   3. A description of the probable consequences of the User Data protection infringement.

   4. A description of the measures taken or proposed by Us to rectify the User Data infringement and, where applicable, measures to mitigate their possible adverse effects.

   5. You shall also be notified immediately of any significant disruptions when carrying out the task as well as violations against the Data Protection Laws or the stipulations in this DPA carried out by Us. We shall inform the You of any inspections or measures carried out by Supervisory Authorities or other third parties if they relate to the User Data processing. We shall ensure that the User is supported in these obligations, in accordance with Art. 33 and Art. 34 of the GDPR, to the extent required.

      
      

Article 10. - Data retrieval

1. You have the right to retrieve all of User Data within the Service by means of the Service. If you request retrieval assistance regarding User Data retrieval, the associated costs shall be determined later in an agreement between the Parties and shall be based on the complexity of the requested process and the time to fulfil it in the chosen format.