This website is administered by Unicount OÜ, registry code 14614272, registered office address in Estonia, Tallinn, Veskiposti 2-1002, postcode 10138 (hereinafter Unicount), email support@unicount.eu.
1. Services
1.1. Unicount offers a company formation, virtual office and accounting services in Estonia (hereinafter Service or Services). Descriptions of the Services are provided on the websites www.unicount.eu and www.app.unicount.eu (hereinafter Website).
1.2. To have a user account with Unicount, a limited company registration process must be completed in the Estonian Business Register. Unicount Services cannot be used as a natural person, sole trader, foundation, non-profit organisation, foreign company, or branch of a foreign company through a user account that does not belong to a limited company registered in the Estonian Business Register.
1.3. By ordering Services from the Website, you agree to Unicount terms of service (hereinafter Terms).
2. Ordering the Services
2.1. Unicount Services can be ordered only via the Website by adult users with valid and supported Estonian or foreign digital authentication methods.
2.2. The Services can be ordered by completing the online ordering process, confirming the Service order, and making a payment when required by Unicount. All the required data fields must be filled in to complete the order.
2.3. Before the Client confirms the Service order, the basis for calculating the fees for the Service is displayed, and the Client is directed to the selected payment method.
2.4. The Service can be paid for by accepted payment cards and other payment methods when provided by third parties and displayed during the ordering process (hereinafter Service Providers). The payments are accepted in Euros only.
2.5. Unicount shall forward the personal data necessary to execute payments to Service Providers (data processors Stripe Payments Europe, Ltd or AS Maksekeskus and their sub-processors).
2.6. The Service contract (hereinafter Contract) between Unicount and the Client is deemed concluded by paying for the Services.
2.7. Unicount confirms the conclusion of a Contract by sending a confirmation of the order to the e-mail address provided by the Client within 24 hours of paying for the Services. The Contract is deemed concluded to the extent corresponding to the Service description provided on the Website, fees displayed, and these Terms.
If the service descriptions on the Website differ from those in these Terms, the description of services provided on the Website shall prevail.
2.8. If the Contract is concluded for a limited company that is not yet registered with the Estonian Business Register (hereinafter Business Register), then the limited company is deemed a party to the Contract from the moment the limited company is registered with the Estonian Business Register. A natural person who concludes the Contract on behalf of a limited company before it is registered with the Business Register shall be liable for the performance of the obligations arising from the Contract. The obligations arising from the Contract shall be passed on to the company when registered with the Business Register.
2.9. Due to the regulations established by the money laundering and terrorism financing prevention legislation and Unicount risk appetite, Unicount does not provide Services to companies whose legal representatives, members of the board, shareholders, or beneficial owners (hereinafter Related Persons) are:
– politically exposed persons, their family members, or close colleagues.
– persons included in the international sanctions list (https://www.sanctionsmap.eu/#/main)
– residents and citizens from the FATF high-risk third countries (https://www.fatf-gafi.org/en/topics/high-risk-and-other-monitored-jurisdictions.html)
– residents and citizens from the FATF-monitored countries (https://www.fatf-gafi.org/en/topics/high-risk-and-other-monitored-jurisdictions.html)
– legal persons not registered in Estonia.
2.10. Unicount can restrict the provision of Services to persons not mentioned in 2.9. based on its risk appetite.
2.11. By ordering Services from Unicount, you confirm that you do not qualify as a person listed in Article 2.9.
3. Company formation service
3.1. The registration of Estonian limited companies is performed by the Registration Department of Tartu County Court under the law of the Republic of Estonia.
3.2 Unicount enables the Client to register a company via the Estonian Centre of Registers and Information Systems (the government agency operating Business Register) application programme interface (hereinafter API), which prepares the application necessary for registration based on the Client’s inserted data.
3.3. Unicount is not responsible for the activity and decisions of the Estonian Centre of Registers and Information Systems or the Registration Department of Tartu County Court when registering a company.
3.4. Unicount is not responsible for technical faults related to the functioning of the API.
3.5. Unicount is not obligated to translate procedural documents or correspondence provided by the Registration department of Tartu County Court or any other official documents or correspondence received by the Client, except when it has been agreed to accordingly with the Client.
3.6. The Service fee does not include payment for actions taken to resolve or rectify the rulings provided by the Registration Department of Tartu County Court.
3.7. If the Registration department of Tartu County Court does not register the company, then it is not deemed a fault of Unicount or a flaw in the Service, and the Client cannot require compensation of fees paid.
3.8. Unicount total liability for damages arising from company formation service is limited to the amount paid by the Client for the company formation Service, excluding the state fees, VAT and API fees.
3.9. Commencing company formation services depends on whether the Client completed Unicount Know Your Client (hereinafter KYC) procedures and submitted requested Client Data under the Money Laundering and Terrorism Financing Prevention Act and article 6.5. of these Terms.
4. Virtual office services
4.1. Commencing virtual office and contact person services depends on whether the Client completed Unicount KYC procedures and submitted requested Client Data and its updates following the Money Laundering and Terrorism Financing Prevention Act and Article 6.5. of these Terms.
4.2. Upon the expiry of the Contract, the Client loses the right to use the registered office address and contact person service provided by Unicount in any way or form, and access to the Client Dashboard is revoked.
4.3. The Client is obligated to change the registered office address and contact person in the Business Register and notify business partners of the change of the address on the day of the expiry of the Contract at the latest. If the Client has not changed its registered office address and contact person in the Estonian Business Register within thirty (30) days from the expiry of the Contract, Unicount has the right to submit an application to the Registration Department of Tartu County Court for the deletion of the Client’s incorrect details from the Business Register and to claim a contractual penalty from the Client in the sum equal to the annual fee for the services.
4.4. Upon expiry of the Contract, Unicount is released from the obligation to provide services, including receiving and processing the Client’s mail or other communications.
4.5. Unicount has the right to destroy the received mail thirty (30) days after making electronic copies available for the Client in the Client Dashboard.
4.6. Unicount total liability for damages arising from providing virtual office services is limited to the amount, which equals the amount of the annual Service fee paid by the Client for providing virtual office service excluding VAT.
4.7. Unicount does not receive nor forward mailed or courier-delivered parcels except when agreed to accordingly with the Client.
4.8. Unicount only receives mail addressed to the Client company. Mail addressed to private persons is not accepted.
4.9. Unicount has the right to request accounting reports and bank statements from Clients to comply with the KYC requirements set by the authorities.
4.10. Unicount can terminate virtual office services when the Client is not using Unicount accounting services.
4.11. Unicount has the right to change the registered office addresses provided to Clients. Unicount must notify Clients of any changes to the available addresses thirty (30) days in advance.
5. Accounting services
5.1. Unicount shall perform the accounting of the Client’s economic activities in Estonia according to the source accounting documents and summary documents compiled based on source documents submitted by the Client. The organisation of accounting is construed by the Parties as the organisation of accounting per the current Estonian Accounting Act and other legal acts regulating accounting in the Republic of Estonia. The working language of accountants is English, and communication in any other language is subject to availability.
5.2. The Client must submit all the source documents needed to provide the accounting services for the previous calendar month to Unicount by the thirteenth day of the following month at the latest. Any documentary evidence and explanations necessary for the final provision of the accounting service are regarded as documents.
5.2.1 The data required for payroll accounting must be made available to Unicount five working days before payday.
5.2.2 The data required for submitting the income and social tax (TSD) declaration must be available to Unicount by the third day following the tax accrued calendar month. The data required for submitting the VAT (KMD) tax declaration must be available to Unicount by the thirteenth day following the tax accrued calendar month.
5.2.3. The data required for compiling the annual report must be available to Unicount at least 90 days before the submission deadline.
5.3. Unicount shall record transactions based on the documents and additional explanations submitted by the Client. Therefore, Unicount shall not be liable for the actual content of the economic transactions recorded or any mistakes in submitted tax declarations due to such transactions unless the transaction was intentionally mistakenly recorded despite the Client’s explicit written explanations. Unicount shall also not be liable if the Client fails to comply with their obligation to notify Unicount of the details of the economic transaction.
5.4. The Client is liable for the correctness of the data entered by their representatives into the accounting software (including pricing, stock records per number of items and amounts, inventories, etc.) and must ensure that the documents submitted to Unicount are correctly formatted, unambiguous, and authentic; if translations are necessary, the Client shall pay for them.
5.5. Unicount shall archive received documents digitally in a format that can be reproduced in writing for the period required by law during the Contract’s validity for accounting services.
5.6. The Client has to provide Unicount with explanations required for the provision of the accounting services so that Unicount can understand the content of documents or transactions. These explanations must be in a format that can be reproduced in writing or with a qualified electronic signature when required by Unicount.
5.7. The Client is fully liable for organising their accounting and reporting. Unicount does not have the right or obligation to participate in making decisions that fall under the competence of the Client’s management board or shareholders.
5.8. Unicount has the right to suspend the provision of accounting services if the Client fails to perform its obligations properly. Services are suspended automatically ten (10) days after a missed payment deadline.
5.9. Unicount has the right to postpone the deadlines for the performance of all their obligations (including the deadlines for the submission of tax declarations, annual reports, etc.) by the number of days the accounting service has been suspended due to circumstances caused by the Client.
5.10. Unicount has the right to postpone the deadlines for the performance of all their obligations (including the deadlines for the submission of tax returns, annual reports, etc.) by the number of days the Client is late with making available or submitting the Documents and data required for the provision of the accounting services, or transferring the fees payable according to the Service payment schedules. In this case, the date when the source document required for the last relevant operation or report is made available or when the information required for documentation is forwarded or payment is received is deemed the date of submitting the missing information or Documents.
5.11. Unicount has the right to terminate the Contract without prior notice if Unicount has a reasonable suspicion that the Client is submitting false data or documents or trying to commit offences according to Estonian law. In that case, Unicount has the right to demand immediate payment for the accounting services provided to the date the Contract is terminated.
5.12. Unicount is not liable for any direct or indirect material or non-material damage that may be caused by the defects or insufficient functioning of used software, expired eID methods or revoked eID certificates necessary for Client to access Estonian public e-services.
5.13. Unicount is proprietarily liable for any direct, intentional material damage caused to the Client, i.e. interest expenses determined by the Estonian Tax and Customs Board because Unicount has unjustifiably failed to forward information concerning the calculated due tax payments to the Client on time.
5.14. Among others, the Unicount is not liable for the occurrence of the damage indicated in clause 5.13 if:
5.14.1. the Client has submitted the source documents later than required for the timely declaration of taxes or has failed to adhere to the deadlines indicated in clause 5.2 of the Conditions and its sub-clauses.
5.14.2. the information submitted by the Client is incorrect, including if the Client has failed to check the supplier’s right to charge VAT on invoices.
5.14.3. the Client has failed to perform the obligations in clause 7 of the Terms and its sub-clauses in time.
5.14.4. tax legislation cannot be interpreted in only one way, and the Client has been notified of such circumstances.
5.15. Unicount or its subcontractors will maintain a professional civil liability insurance contract for at least 150,000 euros.
5.16. Unicount total liability for damages arising from accounting services is limited to twelve (12) average monthly fees paid by the Client, excluding VAT, but not more than 150,000 euros. The average monthly fee is calculated based on the invoices submitted by Unicount to the Client in the last six (6) months.
5.17. The commencement of accounting services depends on whether the Client has submitted the requested Client Data following the Money Laundering and Terrorism Financing Prevention Act and Article 6.5 of these Terms.
5.18. Documents from previous calendar months submitted after the calendar month’s accounting is finalised are included in calculating the new month’s accounting plan source document volume. If the monthly plan volumes are exceeded, the documents from previous months will incur an additional fee based on the Unicount fees for additional services. Unused source document volumes of the prior calendar month(s) do not pass over to the following month(s).
5.19. If the Client who has ordered the annual accounts compilation service does not submit the source documents within three months of the service order, despite repeated requests by Unicount, the service is considered to have been provided. The service fee is not subject to refund and cannot be used to offset any future fees for the same service.
5.20. If Unicount cannot complete the submission of the annual accounts because of missing documents, explanations, or signatures of the Client’s legal representative, the service is considered to have been provided. The service fee is not subject to refund and cannot be used to offset any future fees for the same service.
6. The Client’s rights and obligations
6.1. The Client has the right to use the Services according to the Service description and fees provided on the Website and in these Terms.
6.2. Upon using the Service, the Client becomes obligated to:
– refrain from using Unicount Services for an illegal or immoral purpose, including fraud or sending or storing unlawful material.
– refrain from disrupting or damaging the Website, software, or the Services provided.
6.3. The Client does not have the right to assign Contracts, resell the Services or give them to third parties to use.
6.4. The Client must inform Unicount within seven (7) days of the changes in their company details or contact details. Changes in company details include changes in Related Persons.
6.5. Due to the requirements established by the Money Laundering and Terrorism Financing Prevention Act, the Client must fulfil the KYC requirements when prompted to do so and provide all requested information through the Client Dashboard in due time when prompted by Unicount.
6.6. The Client shall ensure that all Client Representatives engage with the service provider’s personnel in a professional and respectful manner, refraining from any form of harassment, discriminatory remarks, or use of foul language. Client Representatives refers to any individuals acting on behalf of the Client, including Related Persons, employees, agents, or subcontractors.
7. Unicount rights and obligations
7.1. Unicount has the right to:
– receive remuneration on the terms and conditions prescribed in these Terms and fees displayed on the Website.
– use the assistance of third parties to perform the Contracts.
– temporarily suspend providing the Service without prior notification if it is for reasons independent of Unicount.
7.2. Unicount has the right to amend these Terms unilaterally. The valid Terms are published on the Website. The Clients subscribed to recurring services are notified of the amendments via Client Dashboard and e-mail at least thirty (30) days in advance. The Client is deemed to have accepted the amendments if it does not inform Unicount of not accepting them within seven (7) days. If the Client refuses to accept the amendments, the Client has the right to cancel the Contract by giving thirty (30) days advance notice by Client Dashboard or e-mail.
7.3. Unicount undertakes to perform the Contracts based on its professional knowledge, in a loyal manner for the Client and the necessary level of diligence according to the nature of the Service.
8. Payment of the fees
8.1. The grounds for and options for paying for the Services are provided on the Website.
8.2. The Client must pay according to the recurring Service payment schedule.
8.3. Recurring service payments charged directly from the Client’s payment card or bank account are settled at the latest on the service expiry date before the start of the new Service period.
8.4. Unicount has the right to amend the fees for the Services unilaterally. The Client is notified of the amendments of recurring Service fees via e-mail and Client Dashboard at least thirty (30) days in advance. The Client is deemed to have accepted the amendments if it does not inform Unicount of not accepting them within seven (7) days. If the Client refuses to accept the amendments, the Client and Unicount have the right to cancel the Contract of Service by giving thirty (30) days advance notice by e-mail.
9. Term and cancellation of the Contract
9.1. The Contract is concluded without a termination date due to the nature of the Service. It is valid until the Contract is cancelled.
9.2. Unicount and the Client may ordinarily cancel the Contract by notifying of it via e-mail at least thirty (30) days in advance.
9.3. Unicount has the right to terminate the Contract extraordinarily without following the advance notice term in the following cases. Extraordinary termination shall result in immediate discontinuation of the registered office address, contact person and other services provided to the Client:
– The Client assigns the Service or passes on the benefits received during the Service to a third party.
– The Client company’s Related Persons change during the Service to include persons listed in articles 2.9 and 2.10.
– Unicount has reason to believe that the Client is violating money laundering prevention rules or engaging in other illegal or immoral activities.
– The Client company’s Related Persons Estonian e-resident digital identity card, residence permit, or certificates are terminated or not renewed by a competent authority.
–The Client does not pay according to the recurring service payment schedule.
– The Client breaches Terms and has not remedied the breach within a reasonable time determined by Unicount.
–The Client has provided incorrect data or failed to notify Unicount of changed company or Related Person details or contact details.
– a petition has been submitted to the court against the Client or by the Client for declaring bankruptcy, or a competent person has decided to terminate the Client’s activity or if the Client itself notifies either Unicount or a third party about temporary or permanent insolvency problems.
– The Client has not submitted data required by Unicount or has submitted false data.
– The Client fails to provide Unicount with the information required to comply with the Money Laundering and Terrorism Financing Prevention Act within the indicated timeframe.
– The nature of the Client’s business would make Unicount unable to comply with the legal regulations.
– it is impossible to apply due diligence measures regarding the Client or a Related Person.
– The Client has damaged The reputation of Unicount through actions, including public statements or interactions with Unicount personnel that are considered defamatory, abusive, or detrimental to Unicount’s business interests.
– Client Representative engages in harassment, uses foul or abusive language, or exhibits discriminatory or offensive conduct towards Unicount representatives, employees, or subcontractors, whether in written or verbal communications.
9.4. Upon the cancellation or termination of the Contract, the amounts paid to Unicount by the Client are not to be returned or set off. The first monthly accounting Service charge is non-refundable after the software setup has been performed.
9.5. If the Client is a consumer, then the 14-day right of withdrawal does not apply to the Services because the Services provided by Unicount have individual characteristics and depend on the Client’s preferences.
10. Processing personal data
10.1. Unicount collects and processes the following personal data of the Client’s legal representative and other Related Persons: name, personal identification code, e-mail address, telephone number, place of residence, citizenship, and a copy of personal identification document. Please read our Privacy Policy for further information.
10.2. Unicount uses and processes personal data only to perform the obligations arising from the Contract and the law. Unicount does not forward personal data to third parties for commercial purposes. Unicount has the right to forward personal data to:
– The authorities and authorised persons for complying with the obligations arising from Estonian law.
– The third-party service providers necessary to perform the required AML checks.
– The third-party service providers working with Unicount to the extent necessary for performing the Services to the Client under these Terms.
10.3. Under the Money Laundering and Terrorism Financing Prevention Act, Unicount must keep the Client’s data and documents for the period established by law after the termination of the Contract.
10.4. By ordering Services from the Website, you agree to the processing of your personal data in compliance with these Terms.
10.5. The Data Processing Addendum (DPA) describes the roles and responsibilities of personal data processing related to Unicount Services under these Terms of Service.
11. Confidentiality
11.1. Unicount and the Client are obligated not to disclose commercial or other information to third parties that have become known to the parties during the validity of the Contract and the disclosure of which may damage the parties’ interests. The information which is public at the moment of entry into the Contract or becomes public during the term of validity of the Contract without a breach of the Contract or which must be disclosed according to legislation or which the Party has obtained from a third party who has the right to disclose such information according to legislation is not regarded as confidential and no restrictions on disclosure are applied to it. In addition, the prohibition of disclosing confidential information does not apply to the auditors and legal advisors of the Parties.
11.2. Unicount keeps commercial information received from the Client confidential but may forward the data to the authorities without the Client’s approval to comply with the disclosure obligation arising from the law.
12. Liability
12.1. Unicount is liable for direct damages if the damage is caused intentionally or due to gross negligence.
12.2. Unicount is not liable for indirect damage (incl. loss of profit) caused to the Client due to breach of the Contract. Unicount shall not compensate for damages due to gross negligence if liability insurance does not compensate Unicount for such damages. Unicount is not liable for damages caused by negligence.
12.3. The limitation period for submitting claims due to gross negligence against Unicount shall be six (6) calendar months from the performance of the act or occurrence of the event that caused the damage.
12.4. Unicount total liability is limited to the amount provided in particular terms of respective services (see 3.7, 4.6 or 5.16 of these Terms).
12.5. If the Client’s activity brings about a claim against Unicount (for example, legal assistance) or liability before third parties with a breach of the Contract by the Client, the Client is obligated to compensate Unicount for all expenses and losses borne with it.
12.6. The limitation period of the claims filed by the Client against Unicount is six (6) calendar months from the arising of the respective claim.
12.7. The Client agrees to indemnify and hold Unicount harmless from any claims or damages arising out of the misconduct or unlawful actions of the Client Representatives.
13. Dispute resolution
13.1. Disputes are resolved through negotiations. If an agreement is not reached, the dispute is resolved in Harju County Court.
13.2 The law applicable to the Contract is the law of the Republic of Estonia.
14. Trademark notice
“Unicount” and the Unicount logo are registered trademarks of Unicount.
Any version of the Terms provided in languages other than English is considered a translation. In a conflict between the two versions, the English version will prevail.
Last updated 1 December 2024
DATA PROCESSING ADDENDUM
This agreement regarding the processing of personal data (the ”Data Processing Agreement” or the ”DPA”) regulates Unicount (the ”Data Processor”) processing of personal data on behalf of the Client (the ”Data Controller”) upon providing Services in accordance with the Terms of Service agreed by the Parties (the ”Contract”).
This DPA is an inseparable part of the Contract between Unicount and the Client.
Legislation
1. The DPA specifies the obligations of the Data Processor and the Data Controller under the European Union and national applicable data protection and privacy legislation (the ”Applicable Law”), including the Regulation (EU) 2016/679 (GDPR).
2. Purpose of the processing of personal data
2.1. The purpose of the processing under the Contract is the provision of the Services by the Data Processor in accordance with the Contract.
2.2. The Data Processor only performs processing activities that are necessary and relevant to perform the obligations in accordance with the Contract.
2.3. In connection with the Data Processor’s delivery of the Services to the Data Controller, the types of personal data processed (the ”Personal Data”) will depend on the specific Services ordered and the Controller’s activities during these Services. The non-exhaustive list of Personal Data types is:
– Client’s private customers’ and Client’s representatives’ Personal Data may be available to the Data Processor during the Services
– Client’s employees’ contact details, communications to the Data Processor, and any other employment relation-related Personal Data made available by the Data Controller
3. Instructions
3.1 The Data Processor may only act and process the Personal Data in accordance with the documented instruction from the Data Controller (the” Instruction”) unless required by law to act without such instruction.
3.2. The Instruction at the time of entering into this DPA is that the Data Processor may only process Personal Data with the purpose of delivering the Services in accordance with the Contract. Subject to the terms of this DPA and with the parties’ mutual agreement, the Data Controller may issue additional written instructions consistent with the terms of this DPA.
3.3. The Data Controller’s Instructions for the processing of Personal Data shall comply with Applicable Law. The Data Controller will have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which it was obtained.
3.4. The Data Processor will inform the Data Controller of any Instruction that it deems to be in violation of the Applicable Law and will not execute the instructions until they have been confirmed or modified.
4. Engagement of Sub-Processors
4.1. The Data Processor is given general authorization to engage third parties to process the Personal Data (“Sub-Processors”) without obtaining any further written, specific authorization from the Data Controller, provided that the processing is transferred to any category of Sub-Processors indicated in this DPA. The categories of the Sub-Processors may be amended by the Data Processor from time to time and the amendment will be notified to the Data Controller.
4.2. The following categories of Sub-Processors shall be used by the Data Processor for providing Services under the Contract:
– Accounting and legal service subcontractors
– Website Hosting
– Estonian X-road services
– eID trust service providers
– Estonian Business Register
– IT support
– Payment gateways
– CRM software
– Marketing software
– Accounting software
– KYC software
– Social media, advertising, and analytics partners
4.3. If the Data Controller wishes to object to the new category of the Sub-Processor, the Data Controller shall give notice hereof in writing within ten (10) business days of receiving the notification from the Data Processor. The absence of any objections from the Data Controller shall be deemed consent to the new category of the Sub-Processor.
4.4. In the event the Data Controller objects to a Sub-Processor and the Data Processor cannot accommodate the Data Controller’s objection, the Data Controller may terminate the Contract by providing thirty (30) days written notice to the Data Processor.
5. The Data Processor’s obligations
5.1. The Data Processor shall ensure that its employees and the Sub-Processors treat all the Personal Data as strictly confidential information.
5.2. The Personal Data shall be processed based on the lawful Instructions of the Data Controller.
5.3. The Data Processor shall implement the appropriate technical and organizational measures as set out in the Applicable Law, including in accordance with GDPR article 32.
5.4. The Data Processor shall assist the Data Controller by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of the Data Controller’s obligations under the Applicable Law.
5.5. The Data Processor shall give notice to the Data Controller if a breach occurs that can lead to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to, the Personal Data processed on behalf of the Data Controller (a “Personal Data Breach”). Notice shall be given without undue delay, if possible, within 48h of learning about the Personal Data Breach.
5.6. The Data Processor makes available to the Data Controller information reasonably necessary to demonstrate compliance with the obligations laid down in this DPA and allow for and contribute to audits conducted by a qualified independent auditor. Parties will agree on the time of the audit, which may take place not more than once a year and the Data Processor shall have reasonable time to prepare the required information. Cost related to the audit shall be paid by the Data Controller. Any information retrieved during the audit shall be kept confidential by the Data Controller.
6. The Data Controller’s obligations
6.1. The Data Controller must ensure that the Personal Data is obtained from the data subjects and that it has a legal basis to process the Personal Data in compliance with the Applicable Law.
6.2. The Data Controller’s obligation is to ensure the rights of the data subjects, including informing the data subjects about processing under this DPA.
7. Rights of the data subjects
7.1. If the Data Controller receives a request from a data subject for the exercise of the data subject’s rights under the Applicable Law and the correct and legitimate reply to such a request necessitates the Data Processor’s assistance, the Data Processor shall assist the Data Controller by providing the necessary information and documentation. The Data Processor shall be given reasonable time to assist the Data Controller with such requests in accordance with the Applicable Law.
7.2. If the Data Processor receives a request from a data subject for the exercise of the data subject’s rights under the Applicable Law and such request is related to the Personal Data of the Data Controller, the Data Processor must immediately forward the request to the Data Controller and must refrain from responding to the person directly.
8. Liability
The general liability regarding data controllers and processors is regulated by Article 82 of GDPR. In addition to this, the contractual liability and limitation of liability of the Data Processor are set out in Article 12 “Liability” of the Terms of Service.
9. Term
9.1. This DPA shall come into force from accepting the Terms of Service by the Client and will have the same duration and termination terms as the Contract.
9.2. Following expiration or termination of the Contract, the Data Processor will delete all Personal Data in its possession except to the extent the Data Processor is required by Applicable law to retain some or all of the Personal Data (in which case the Data Processor will archive the data and implement reasonable measures to prevent the Personal Data from any further processing). The terms of this DPA will continue to apply to such Personal Data.
Last updated 1 December 2023