General Terms and Conditions of Sale

REDWIT, a French société par actions simplifiée (simplified joint stock company) with share capital of €200,000, whose registered office is located at 10 rue de Penthièvre, 75008 Paris, France, registered with the Paris Trade and Companies Register under number 792 520 843 (hereinafter, “REDWIT), specialising in the digital and construction sector and providing access to a software enabling its customers to plan and optimise their internal and external resources (hereinafter, the “Solution”).

 

The Customer, having had the chance to assess, under its sole responsibility, the functionalities of the Solution and to ensure they are a perfect match for its needs, sought to take out a licence to use the Solution and accepted and countersigned the quotation sent by REDWIT (hereinafter, the “Quotation”) or, if applicable, entered into an implementation agreement (hereinafter, the “Implementation Agreement”) containing the price, the description of the services offered by REDWIT, as well as the applicable special terms and conditions.

This document (hereinafter, the “General Terms and Conditions of Sale”) defines the general terms and conditions under which REDWIT shall provide the Customer, and where applicable any User Company, with access to the Solution and its associated services in return for payment of the price. The documents constituting the Agreement form an indivisible whole and are the only documents governing the relations between the Parties.

 

  • DEFINITIONS

In addition to the terms defined in the text, the terms below used in the General Terms and Conditions of Sale shall have the following meanings, for both singular and plural forms:

“Customer” Means any company that enters into or is about to enter into a contractual relationship with REDWIT regarding the performance of the Services for the Customer and the User Companies.
“Agreement” Means these General Terms and Conditions of Sale, the Quotation or the Implementation Agreement (as applicable) and the appended documents (appended either to the quotation or to the Implementation Agreement), the Description of the Service Rate Software Package, and the Processing of Personal Data (hereafter, together, the “Agreement”).

 

“Data” Means all data belonging to the Customer and its employees, whatever their nature and form, which is collected and/or processed by REDWIT in connection with the performance of the Agreement.
“Trademarks” Means the trademarks registered and used by REDWIT in connection with the provision of the Software Package and the Services:

“Dispatcher.fr”: trademark registered with the French National Industrial Property Institute (INPI) on 25 February 2014

“Dispatcher” trademark registered on 5 October 2015 with the INPI and on 19 April 2016 with the European Union Intellectual Property Office (EUIPO).

“Parties” Means, jointly, REDWIT and the Customer.
“Software Package” Means the software solution developed by REDWIT for the outsourced management of internal projects and rental equipment, as well as the management of staff, named “DISPATCHER”.
“Site(s)” Means the location(s) where training will be provided by REDWIT.
“Affiliated Company” Means the companies that are controlled, that control or that are under the common control of one of the Parties. The term “control” means the direct or indirect ownership of at least 50% of the share capital or voting rights.
“User Company” Means, collectively, the Customer and/or any Affiliated Companies whose staff or subcontractors would use the Solution under this Agreement, it being expressly specified that the Customer shall inform the User Companies of the obligations incumbent on them under the Agreement and that the User Companies shall comply with the obligations contained in the Agreement. The Customer shall hold REDWIT harmless against all damages or loss in this respect.
“Solution” Means the version of the Software Package as configured by REDWIT according to the Customer’s needs and specific requirements under the Agreement.
“Services” Means, collectively, the access to the Solution and the associated services provided by REDWIT, as further described in the Quotation or the Implementation Agreement.
“Users” Means the staff or subcontractors of the Customer and the User Companies that use the Solution under a user licence taken out by the Customer with REDWIT, in accordance with the terms stipulated in the Agreement.
“Active Account(s)” Means all opened accounts for which a User has received a login invitation, or a username and password, which has not been expressly cancelled, and which would therefore offer the User the permanent option to log into and use the Solution, regardless of whether said User logs into/has actually logged into its account during the year in question.
“SSII/ESN” A Company that outsources its IT engineering skills.
API / Webservice “API” (Application Programming Interface): means a set of functions and web services giving access to an application’s services via a computer language. APIs may only be used by means of API keys, thereby securing and customising access to the application’s services.

 

  • DESCRIPTION OF THE SERVICES

The purpose of these General Terms and Conditions of Sale is to set forth the conditions under which REDWIT undertakes to provide the Customer with the Services in return for payment of the price provided in the Quotation or the Implementation Agreement.

The Services relate to the provision of licences:

  • Granting of user licences for the Solution:
    • Provision of the Solution to the Customer;
    • Non-transferable and non-exclusive licences to use the Solution, allowing multiple Users to access the Solution.

and may include the following ancillary services:

  • Configuration, deployment and integration of the Solution, basic training:
  • Configuring the Software Package so that the Solution can be deployed at the Customer’s premises;
  • Data integration for all entities, regions or organisations;
  • Basic general training on the use of the Solution for each entity, organisation or region.
  • Additional specific training (Option):
  • At the Customer’s request, additional specific training sessions may be provided by REDWIT to future users of the Solution;
  • Training sessions for 1-6 participants with similar profiles will be carried out either on the Customer’s Site or remotely.
  • Provision of trackers: Standalone and connected telematics boxes
    • Standalone box for feedback from the field;
    • “Data” package: a package that allows data to be forwarded from the trackers to the data processing platform;
    • Additional accessories.

 

  • Provision of API / Webservices
    • Inbound API: provision of a webservice enabling the Customer to create, modify and deactivate data within the Dispatcher platform;
    • Outbound API: provision of a webservice enabling the Customer to retrieve data from the Dispatcher platform.
  • Interface maintenance or integration tasks

 

  • Setup and provision of a test and training environment

 

  • OBLIGATIONS OF THE PARTIES

 

  • General obligations of each Party

In performing its obligations under the Agreement, each Party undertakes to:

  • appoint a contact person capable of representing it, with the power to take or ensure that the decisions necessary for the implementation and deployment of the Solution and the proper performance of the Services are taken;
  • perform its obligations under the Agreement in good faith.

 

  • REDWIT’s obligations

In performing its obligations under the Agreement, REDWIT undertakes to:

  • make the Solution available to the Customer and User Companies by granting Users non-exclusive and non-transferable user licenses for the term of the Agreement; and
  • ensure a level of Services that complies with the provisions of the Agreement, in line with the state of the art, and in compliance with applicable law throughout the term of the Agreement;

 

it being agreed that in the event of a default of payment by the Customer of any sum due under the Agreement, REDWIT shall be entitled, fifteen (15) calendar days after sending the Customer a formal notice to pay by registered letter  or Fedex that has remained without effect, to suspend the performance of its services (provision of the Solution and provision of the Services) until the outstanding invoices have been paid in full. This suspension may not be considered as termination of the Agreement by REDWIT, and does not constitute a waiver of any damages that REDWIT may claim as a result of the Customer’s breach of its obligations.

 

  • Customer’s obligations

The Customer represents and confirms that the Services as described in the Quotation or Implementation Agreement are complete, clear, consistent and meet its needs. As such, it undertakes, on its own behalf and on behalf of any User Company:

  • to provide REDWIT with any useful and relevant information that may have an impact on the proper performance of REDWIT’s obligations (change in activity, structure or organisation, etc.);
  • not to undertake any operation that would block or slow down the implementation of the Solution, its deployment or the performance of the Services, directly or indirectly, without first notifying REDWIT within a reasonable timeframe;
  • to ensure that its staff are available to implement the Solution and the Services delivered to the Customer and/or any User Company, insofar as said Solution and Services are characterised by complex technical features both in their design and their performance. These services therefore require active collaboration and ongoing exchanges of information between the Parties;
  • to comply with all precautions and recommendations for use made by REDWIT for the use of the Solution, and to retain its former system(s) that enable it to process the functionalities covered by the Agreement, at least until the acceptance of the Solution’s operational status at the end of the test period, and to monitor the situation closely, particularly during the start-up period;
  • to inform the staff concerned about the training provided by REDWIT as agreed in the Quotation or the Implementation Agreement so that they can acquire and maintain the necessary expertise in the Solution and its developments;
  • to make available and maintain the recommended technical environment for the proper use of the Solution (e.g. up-to-date Internet browser, up-to-date mobile phone OS).

 

API-specific obligations:

The Customer undertakes to use the APIs in accordance with technical state of the art, and in particular, without limitation, to:

  • use security protocols,
  • use the APIs in accordance with applicable legislation and technical specifications,
  • optimise its calls to APIs and try to minimise calls to the technical infrastructure (optimisation of requests, use of data filters, etc.),
  • maintain the code, developments or connectors for the APIs that it has created,
  • change the way that it uses the APIs in line with the APIs’ technical developments.

REDWIT cannot guarantee the proper functioning of the APIs in the event of their poor use by the Customer. If the APIs are not used correctly, REDWIT reserves the right to cut access to the APIs and to the data of the Customer’s “API agents”.

REDWIT is in no way responsible for the data injected into the platform by the Customer via the APIs. The Customer is the guarantor of the data injected into the APIs/the Solution and undertakes to hold REDWIT harmless against any damage or loss suffered by REDWIT in connection with data injected by the Customer.

REDWIT and the Customer expressly agree that the service provided by REDWIT does not in any way include explaining and debugging the Customer’s API calls. The Customer must ensure that it has the necessary competence and technical skills to properly understand and use the APIs.

REDWIT declares that it has developed the APIs in line with the regulatory, professional and mathematical constraints of which it is aware. However, it does not under any circumstances guarantee the accuracy of the APIs or the absence of any defects. REDWIT reserves the right to change the APIs in any way it deems desirable, in particular but not limited to bringing the APIs into compliance with existing regulations or professional rules, in the event that these should change. REDWIT will inform the Customer of any foreseeable, planned maintenance periods, and make the APIs unavailable at this time. Under no circumstances shall REDWIT be held liable for any damages and impacts linked to these maintenance periods, it being understood that the duration and frequency of such periods shall be limited as far as possible.

The Customer is responsible for storing and conserving its API id and password (access token), as well as their confidentiality. REDWIT may not be held liable for any harm or prejudice suffered in the event of any loss, communication or exposure of the access token to a third party. The Customer shall immediately inform REDWIT of any loss, communication or exposure  to a third party of the access token, and shall hold REDWIT harmless against any consequences.

Access to the APIs is an ancillary service to the provision of the Licenses. It shall therefore be cancelled automatically in the event that the agreement relating to the Licenses is terminated.

It is specified and expressly agreed that Users shall be subject to the same obligations as the Customer. Customer shall guarantee and hold REDWIT harmless against any wrongdoing or action of Users  in violation of the obligations set forth in this Article 3.3.

 

 

  • PRICING CONDITIONS

 

  • Price

 

  • Deployment and integration of the Solution; training and support throughout the Contract

The deployment and integration of the Solution and training sessions shall be invoiced in accordance with the terms of the Quotation or the Implementation Agreement.

Additional Quotes or amendments to the Implementation Agreement may be concluded for services relating to support, change management, additional training not provided for in the initial Quote or Implementation Agreement, etc.

 

  • User licences for the Solution

Licences will be invoiced in accordance with the terms of the Quotation or the Implementation Agreement.

It is specified that the fee corresponding to the licences is calculated based on the number of working accounts purchased by the Customer.

These accounts shall be activated by the Customer as and when necessary.

It is expressly agreed that if the number of Active Accounts exceeds the number of accounts purchased by the Customer, REDWIT shall be entitled to issue an additional invoice to regularize the situation at the end of the month or at the end of the year.

REDWIT shall have the option, at its sole discretion and on each anniversary of the Agreement, to increase the price of the licences and therefore the annual fixed price. This increase shall be within the limit of the changes to the SYNTEC index between the index of one month in year N and the index for the same month of year N-1, with the option to round up.

 

  • Expenses

REDWIT’s travel expenses (transport and accommodation) incurred in connection with the provision of the Services referred to in Article 1, and more generally in connection with the performance of the Agreement, may be re-invoiced to the Customer at actual cost upon presentation of receipts. Prior agreement is required for all expenses greater than €3,000 (excl. VAT).

 

  • SMS

The Customer may activate the option to send SMS.

In this case, REDWIT shall send the Customer an invoice every 12 months from the Commercial Operation Date, the amount of which shall be calculated by applying the following monthly fixed amounts.

SMS sent by the Dispatcher platform operated by REDWIT will be re-invoiced to the Customer using the fixed rates below:

  • Flat-rate billing per 5,000 SMS
  • Applicable price grid:

 

Applicable monthly fee in euros
Number of SMS sent over one month France / Belgium / UK / Germany / Spain / Slovakia / Estonia Chile / Czech Republic / Poland / Lithuania / Latvia / Romania Canada / USA
< 5 000 500 250 50
5,001 < x <10,000 1,000 500 100
10,001 < x < 15,000 1,500 750 150
15,001 < x < 20,000 2,000 1000 200
20,001 < x < 25,000 2,500 1250 250

 

  • Maintenance costs for the interfaces between the solution and the customer’s interface

It is expressly agreed that REDWIT shall invoice the Customer for the costs of maintaining the interfaces in accordance with the terms of the Quotation or the Implementation Agreement.

 

  • IT environment costs

It is expressly agreed that REDWIT shall invoice the Customer for IT environment costs in accordance with the terms of the Quotation or the Implementation Agreement.

Additional Quotes or amendments to the Implementation Agreement may be concluded for the provision of IT environments not provided for in the initial Quote or Implementation Agreement.

 

  • Payment terms

REDWIT shall invoice the Customer using the invoicing address provided in the Quotation or the Implementation Agreement.

Fees for the Solution’s licences and APIs shall be paid annually in arrears .

The remaining Services (deployment, training, additional services, etc.) must be paid 50% upon receipt of the invoice, with the balance upon delivery or performance of the service.

All payments shall be made in euros, by bank transfer to the REDWIT account within a maximum period of thirty (30) days following receipt of the invoice.

Any delay in payment shall automatically incur recovery costs in the amount of €120 (excl. VAT) as well as penalties calculated at the rate of three (3) times the legal interest rate in force on the day following the payment date stated on the invoice. A flat-rate fee for recovery costs shall be automatically added to this sum, the amount of which is set by Article D.441-5 of the French Commercial Code. This compensation is not subject to VAT, and its amount is not included in any penalty calculations.

 

  • INTELLECTUAL PROPERTY

 

  • Intellectual property of the Solution and right of use
  • Pre-existing elements

Nothing in this Agreement shall be construed as granting REDWIT any right to any of the intellectual property rights owned by the Customer and/or the User Companies. The same applies to intellectual property rights belonging to REDWIT. Each Party shall thus remain the owner of all the rights that it held prior to the signing of the Agreement.

  • Developments

The Parties agree that the copyright and all other intellectual property rights relating to any new version, development or enhancement of the Solution belong exclusively to REDWIT.

The Customer acknowledges and accepts that the intellectual property rights attached to the Solution, the accompanying documentation, as well as the developments and programs arising from the Agreement or created during its performance, belong exclusively to REDWIT and are not transferred to the Customer under the Agreement. In this respect, the Customer undertakes, on its own behalf and on behalf of any User Company, not to:

  • Reproduce the Solution in any way, including the performance of modifications, merger or inclusion in another program and/or its accompanying documentation;
  • Decompile, copy or modify all or part of the Solution’s programs;
  • Assign, transfer, sell, lease or use the programs in the name and on behalf of REDWIT and/or more generally make them accessible to a third party, unless expressly permitted to do so under the Agreement;
  • Erase or modify any copyright or other proprietary rights relating to the programs;
  • Erase, alter or hide any trademark or reference to property rights, any copyright in any of the programs, or any other document accompanying it. It undertakes to comply with this clause for any authorised copy.

The Customer also undertakes, on its own behalf and on behalf of any User Company, to ensure that REDWIT’s rights to the Solution are mentioned on all documents accompanying and referring to it, as well as on all legal reproductions of any form.

 

  • Infringement of intellectual property rights

The Customer undertakes to inform REDWIT as soon as possible in the event of counterfeiting, usurpation, unfair competition or, more generally, any infringement relating to all or part of the constituent elements and/or components of the Solution. REDWIT shall be the sole judge of the measures required to put an end to this situation as soon as possible.

The Customer must notify REDWIT immediately in the event that the Customer is the subject of a legal action or a specific threat of legal action that jeopardises or is likely to jeopardise the Solution, in any way whatsoever. REDWIT shall have control over any action required to defend its rights, at its own exclusive expense, profit or loss.

 

  • Trademarks

REDWIT remains the sole owner of the Trademarks.

 

  • Training materials

The training materials are the exclusive property of REDWIT and are protected by copyright. Any reproduction and use for a purpose other than exclusively internal use is prohibited and constitutes an infringement. The same applies to any transfer or provision to a third party.

 

  • Third-party software

Third-party software licenses that are owned by third-party manufacturers and necessary for the use of the Solution (i.e. up-to-date web browser and mobile phone OS) by the Customer and the User Companies, are, in principle, excluded from the Agreement. REDWIT is neither the designer nor the manufacturer of said third-party software. The Customer expressly acknowledges that it acquires this system software directly, under its sole responsibility.

Furthermore, REDWIT does not provide, maintain or update the version of third-party Software. The Customer and the User Companies must contract the relevant third parties directly for these services.

 

  • TERM AND TERMINATION

 

  • Term

These General Terms and Conditions of Sale shall take effect from the effective date of the Agreement referred to in the Quotation or the Implementation Agreement.

At the end of the initial term of the Agreement, as specified in the Quotation or the Implementation Agreement, the Agreement shall be tacitly renewed for successive one (1) year periods unless a Party as notified the other Party of its intention to terminate the Agreement at least three (3) months before the end of the considered period.

 

  • Termination

The Agreement may be terminated as of right at any time, without notice:

By REDWIT:

  • In the event of fraudulent use of the Solution by the Customer, any User Company (for which the Customer answers) and/or the Customer’s or User Company’s Users;
  • In the event of liquidation or receivership proceedings being initiated against the Customer, during which the administrator has not ruled for the continuation of the Agreement in accordance with applicable law;
  • In the event of the non-performance by the Customer of its contractual obligations under the Agreement and, in particular, without limitation, in the event of the non-payment of any sum due to REDWIT.

 

By the Customer:

  • In the event that liquidation proceedings are initiated against REDWIT;
  • In the event of non-performance by REDWIT of its contractual obligations under the Agreement, it being understood that any malfunction whatsoever that may have been handled by REDWIT in accordance with the service rate specifications described in the appendix shall not be subject to termination as of right.

In the event of termination for non-performance of all or part of a Party’s obligations, this termination shall be carried out at the request of the other Party. It shall take effect at the end of a period of thirty (30) working days after the defaulting Party has been formally notified of the nature and extent of the non-performance, provided that such formal notice has remained without effect.

In the event of termination of the Agreement, REDWIT shall retain all sums already paid. All outstanding sums must be paid by the Customer to REDWIT.

 

  • LIABILITY

 

  • Scope of REDWIT’s tasks

Under the Agreement, REDWIT is tasked solely with the services described in the Quotation or Implementation Agreement, to the exclusion of any other service and in particular:

  • any network service and in particular the establishment and operation of a connection between the Customer’s and any other User Company’s IT system with the REDWIT Solution.
  • REDWIT’s monitoring of the quality of the Data provided by the Customer and any other User Company;
  • and more generally, any service not explicitly described in the quotation or the Implementation Agreement.

The Parties agree that REDWIT shall not be held liable for any interruption, slowdown or malfunction of the Solution resulting from elements beyond its control. These include, for example:

  • non-compliance by the Customer, by any other User Company and/or by any User with the recommendations and operating procedures communicated by REDWIT;
  • non-compliance by the Customer with its obligations to pay for the services provided by REDWIT in accordance with the terms agreed between the Parties and/or as described in the financial terms and conditions in the Agreement;
  • malfunctioning of the Customer’s and any other User Company’s installation, or the under-sizing of said installation as a failure to comply with REDWIT’s technical prerequisites;
  • malfunction due to a modification of the Customer’s and/or any User Company’s installation that has not been communicated to and approved by REDWIT;
  • malfunction of an installation managed by a third party;
  • in a general sense, due the actions of the Customer, any User Company, a User, a third party, the occurrence of a force majeure event or unforeseeable circumstances.

 

  • REDWIT’s limitation of liability

REDWIT shall be liable to the Customer for any direct loss resulting from a fault committed by REDWIT in connection with the performance of the Agreement, and which can be proven by the Customer.

REDWIT shall not be held liable for any indirect losses and/or damages suffered by the Customer, including but not limited to financial or commercial loss, loss of customers or savings, any commercial disruption, any increase in costs and other overheads, loss of profit, loss of brand image, and any loss of data, files or computer programs whatsoever that may result from the performance or non-performance of the Agreement. Any action brought against the Customer by a third party shall be treated as an indirect loss and shall therefore not give way to an indemnification of the Customer by REDWIT.

 

In any event, and without prejudice to the aforementioned limitations, the total and cumulative amount of the sums and interest to which REDWIT may be liable may not exceed, for all the infringements and/or breaches, an amount corresponding to the fees paid by the Customer to REDWIT during the twelve (12) months preceding the event giving rise to said liability.

REDWIT shall not be held liable for any damage that may result from actions by the Customer itself, by a Third Party, from the occurrence of a force majeure event or any other external cause. In any event, the Customer remains liable for the hardware and software it uses that are not supplied or made available to it by REDWIT under this Agreement.

With regard to the functionalities of the solution relating to staff management, the Parties agree that the Customer remains solely and uniquely responsible for compliance with applicable labour laws, and more generally laws related to the employment and transfer of the staff, temporary staff and subcontractors hired by the Customer and the User Companies.

 

  • CONFIDENTIALITY

With effect from the signing of the Agreement, each Party:

  • agrees to consider as confidential and undertakes not to disclose the documents, Data and information communicated by the other Party in connection with the performance of the Agreement (hereinafter, the “Confidential Information”);
  • undertakes not to use the Confidential Information for purposes other than those relating to the sole performance of the Agreement; and
  • undertakes to provide the same level of protection for this Confidential Information as it would for its own confidential information.

This confidentiality obligation applies to User Companies and Users.

This confidentiality obligation does not apply to information and documents:

  • that are in the public domain on the date of signature of the Agreement, or that will enter into the public domain after the signature of the Agreement, unless the receiving Party is behind the publication of this information;
  • that is already in the possession of the Receiving Party on the date of communication of this information, if the receiving Party can provide evidence of said prior possession;
  • that is disclosed by a third party entitled to communicate these information and documents;
  • when the receiving Party can prove it has developed the information communicated hereunder independently.

This confidentiality obligation shall remain in force for a period of five (5) years after the termination of this Agreement.

 

  • PERSONAL DATA & DATA REVERSIBILITY

The Parties undertake to comply with all applicable regulations regarding the processing of personal data. The policy applied by REDWIT can be consulted in the appendix.

In the event of termination of the contractual relationship, REDWIT may destroy and/or return to the Customer all or part of the data, and in particular personal data collected in connection with the performance of the Agreement, at the request of the Customer or the Users and in accordance with the applicable regulations. The Customer will actively work with REDWIT to facilitate data recovery.

Unless otherwise provided by law or contractual provision, data shall be returned in a standard format chosen by REDWIT and shall be made available to the Customer in the form of a download or, if the volume is too great, by sending an external data carrier.

If the Customer requests a format other than the standard format provided by REDWIT, REDWIT may refuse or agree to this request. In the event of that an alternative format is produced, REDWIT shall provide the Customer with a quote for the reversibility Services based on REDWIT’s daily rate of one thousand euros excluding VAT (€1,000 excl. VAT) per day and per person.

 

  • NON SOLICITATION OF EMPLOYEES

The Customer shall refrain from hiring or soliciting, directly or indirectly by any company of which it is a shareholder, directly or indirectly, any person performing or having performed an employee activity within REDWIT throughout the term during which the Agreement was in force, except with REDWIT’s prior written consent.

 

  • COMMERCIAL REFERENCE

For the purposes of its communication and as a commercial reference, the Customer authorises REDWIT to mention its company name, its trade name, and to reproduce its logos as part of promotional actions or in professional publications, regardless of the chosen medium (commercial documentation, press kit, publications in the professional press, websites, etc.).

The Customer authorises REDWIT provide a description of the project, subject in this case to the prior approval of the Customer, which may only withhold such approval for legitimate reasons.

 

  • MISCELLANEOUS PROVISIONS
  • Independence of the Parties

Under the Agreement, neither Party may claim in any way the status of agent, representative or officer of the other Party, nor may it bind the other Party with regard to third parties beyond the services explicitly provided for in the provisions of the Agreement.

Furthermore, under the terms of the Agreement, no specific legal structure is formed between the Parties, each of which remains fully independent with its own responsibilities and client base. Each Party shall therefore retain exclusive control over its employees, agents and officers, without the other Party being in any way able to influence the working relations and conditions of the other Party’s employees, its salary policy, its hiring policy, or its disciplinary powers, with this list not being exhaustive.

 

  • Entire Agreement

The General Terms and Conditions of Sale, the Quotation or the Implementation Agreement and their appendices express all the contractual obligations binding the Parties with regard to its purpose. It supersedes any agreement and correspondence prior to the signing of the Quotation or the Implementation Agreement relating to the same purpose. Furthermore, the Customer waives the application of its own General Terms and Conditions of Sale and/or Purchase.

 

  • Interpretation

The headings or titles for the various sections of the Agreement are provided for information purposes only. They have no contractual value.

 

  • Non-waiver

The fact that one of the Parties has not applied any clause of the Agreement, whether permanently or temporarily, may not under any circumstances be considered as a waiver of the rights of that Party arising from said clause, the non-application of which has been accepted.

 

  • Partial invalidity

If one or more provisions of the Agreement are held to be invalid or declared as such pursuant to a law, a regulation, or following a final decision by a court having jurisdiction, the other provisions shall retain their full force and effect, unless the disputed provisions are considered essential. In this case, at the request of the first party to act, the parties undertake to negotiate in good faith and to sign a written amendment to remedy the invalidity of the relevant clause(s), while respecting the structure of the agreement.

 

  • Notifications

Any notification under the Agreement must be made exclusively in writing for the attention of the other Party. A notification shall be deemed to have been issued when it has been (i) delivered by hand, (ii) sent by registered letter with acknowledgement of receipt, (iii) sent by fax or email with acknowledgement of receipt or (iv) sent by any internationally recognised courier service.

The Parties elect domicile at their respective registered offices, as mentioned in the Quotation or the Implementation Agreement.

Any Party changing its address must duly notify the other Party.

 

  • Applicable law and jurisdiction

The Agreement shall be governed by French law.

In the event of difficulties relating to the performance of the Agreement, the Party concerned undertakes to notify the other Party in advance by registered letter with acknowledgement of receipt. Both Parties shall endeavour to come up with an amicable solution within thirty (30) calendar days of receipt of the registered letter. The Customer shall not suspend payment of all or part of the invoices due under the Agreement during this period.

In the absence of an amicable settlement between the Parties, and in the event of a dispute relating to the interpretation and/or performance of the agreement, express jurisdiction is granted to the courts of Paris having jurisdiction, notwithstanding multiple defendants or third-party appeals, and even for summary or ex parte proceedings.

Appendix: Description of the solution

  • OBJECTIVES AND CONCEPT OF THE SOLUTION

 

  1. General presentation and objectives of the Solution

 

The Solution is a web & mobile platform that enables the Customer to manage and optimise the company’s resources (human resources, teams and equipment).

REDWIT SAS offers cloud-based software via its Dispatcher Solution to:

  1. Facilitate digital and collaborative resource planning
  2. Analyse and optimise planning
  3. Communicate this planning within the company

Users can access the Solution via:

A web platform: comprehensive tool with more extensive functionalities for staff in charge of planning  (e.g. operations managers, works supervisors, project managers, dispatchers, managers). The web platform is accessible via a web browser and an internet connection.

  • A mobile application: tool with targeted functionalities for operational staff working in the field (site managers, work supervisors, operators, etc.).

 

The Solution consists of several modules / functionalities:

  • Data library: Used to manage the planned elements
    • g. library of objects: project / worksites, staff, equipment, teams, etc.
  • Planning tool: Used to plan the use of resources
    • The planning tool has various viewing options
    • g.: weekly view, daily view, view by resource, view by project/ worksite
    • The planning tool includes a large number of functionalities to facilitate the management of resource allocations (copy, paste, drag & drop, pdf editing, etc.)
  • Expression of resources needs: Expresses a need for resources for a project / worksite
    • g.: Need for a formwork operator on project 1239 – Gare Saint Larzare worksite from 19/09/2020 to 31/12/2021
  • Reporting tool: Displays data reports (analyses, graphs, etc. )
  • Certification tool: Manages the certification of certain elements of the platform
    • Certification configuration – e.g.: Caces 482 – site machinery – renewable every 3 years.
    • Certification management: incorporation of certifications into the elements
  • Data repository and settings:
    • g.: Organizational structure of the company – e.g.: Travel agency
    • g.: Business skills repository
    • Please note: These elements are configured when the tool is used with Dispatcher consultants (from the Service Provider). The interfaces and modification functionalities are not directly available to Customers within the solution.
  • Profile and rights management
    • The platform includes an engine for configuring rights, roles and authorisations by profile type.
    • Please note: Rights are configured when the tool is used with Dispatcher consultants (from the Service Provider). The interfaces and modification functionalities are not directly available to Customers within the solution.

 

Non-exclusive example of use cases managed by the Dispatcher platform

  • Staffing management use case:
    • Skills request
      • The site manager or foreman uses the mobile application to request skills for their worksites (staff, worksite and estimated dates of the need);
      • If internal staff are available, the tool indicates staff availability. The dispatcher can then respond to the request and assign internal staff at the request of the site manager;
      • If no internal staff are available, then the dispatcher can assign a temporary worker or search for staff from other Customer companies that use the Dispatcher solution;
      • The site manager and the foreman can see that the staffing request has been processed.
    • Operations manager:
      • The operations manager can prepare their staffing meeting directly from the web platform.
      • They can export the schedule and communicate it to their teams.
    • Equipment management use case:
      • Equipment requests
        • The site manager or the foreman uses the mobile application to request equipment for their worksites (equipment, worksite and estimated dates for which the equipment will be needed);
        • The dispatcher views these requests;
        • If equipment is available internally, the tool indicates its availability. The dispatcher can then respond to the request and assign internal equipment at the request of the site manager.
        • If no internal equipment is available, then the dispatcher can search for equipment at other Customer sites that use the Dispatcher solution, or run a search of equipment rental firms and order rental equipment via the “Rental” module;
        • The site manager and the foreman can see that the request has been processed.
      • Dispatcher:
        • The dispatcher can prepare their planning meeting directly from the web platform.
        • The planning tool is distributed and used directly by the teams during the planning meeting.
        • They can export the schedule and communicate it to their teams.

 

  1. Technical Solution

 

Customer technical platforms

Web: The Solution is cloud-based Software as a Service (SAAS). It is accessible via the Internet and a web browser. In terms of browsers, REDWIT recommends Google Chrome or Mozilla Firefox. REDWIT is not responsible for any malfunction on any other web browsers.

Mobile: the supported mobile platforms / OS are Android. REDWIT is not responsible for malfunctions of the Dispatcher application on any other mobile OS.

 

Hosting – Database – System Backup

REDWIT provides the Customer with a dedicated system. This technical solution guarantees reliability, confidentiality and security for the Customer. The database is thus specific to the Customer and contains only the Customer’s data.

The Customer can access the Solution using the url address provided in the Implementation Agreement.

The system’s hosting is outsourced to a specialist service provider.

REDWIT undertakes to back up all Customer data on a daily basis. Backups are stored for one month.

The sites for system hosting, primary storage and data backup are located in France.

If REDWIT wishes to locate the hosting and backup sites outside Europe, it must first obtain the Customer’s written consent.

 

Security

The Dispatcher solution has seven (7) security levels.

  1. Connection to the Dispatcher environment is made via SSL encryption protocols. These use enhanced certificates that guarantee our users a secure connection to our service from their browser or mobile application.
  2. Individual user sessions are identified and verified for each transaction. This makes it possible, for example, to disable a user at any time (e.g. if a mobile phone is lost).
  3. A Firewall is in place for http requests. User authentication is completed via this firewall.
  4. Rights management is integrated into the solution. The user has a customised view of the data according to the rights granted by the administrator.
  5. Passwords are stored in encrypted format in the data tables. REDWIT teams do not have access to the Customer’s users’ passwords – (encryption method: SHA 512 hash).
  6. Logins are recorded. Customers can retrieve this information on the Dispatcher solution via the Customer website.
  7. Network security is handled by the REDWIT provider in charge of web hosting (secure connections to infrastructures via SSH).

 

Data backup

Data are backed up daily. Daily backups are stored for one (1) month.

 

  • USER ACCESS TO THE SOLUTION

 

Number of User accesses

In accordance with the terms agreed between the Parties, the Customer shall have the number of accesses to the platform confirmed in the Implementation Agreement. An operating licence corresponding to the creation of user accesses to the Solution will be granted to the Customer.

 

Creation of User access

At any time during the term of the Agreement, the Customer may create User access for its staff and the staff of the User Companies. It will also have the option to cancel access, if necessary. The usernames and passwords generated when the Customer creates a new access will be communicated directly to the employee concerned.

 

Solution login

Each User will have a unique access code (username and password) that will allow them to log into the Solution at any time: 24 hours a day, 7 days a week, including Sundays and public holidays (excluding maintenance periods).

Login details are personal and confidential. They may only be changed at the request of Users or at REDWIT’s initiative, subject to informing the Customer in advance. The Customer undertakes to make every effort to keep their login details secret and not to disclose them in any form whatsoever. The Customer is fully responsible for the use of the login details by its Users, and guarantees the protection of the access codes provided to them. It shall ensure that no person other than the users authorised by REDWIT has access to REDWIT services and solutions. In a general sense, the Customer is responsible for the security of individual workstations providing access to REDWIT’s solutions. If the Customer becomes aware that another person is accessing REDWIT’s solutions, it shall inform REDWIT thereof immediately by email followed by a registered letter.

The access procedure defined by REDWIT is presented during Customer training sessions. Access is attained:

  • from the Customer’s computers
  • from any of the Customer’s laptops
  • from mobile devices using the latest version of the Dispatcher application
  • using the login details provided to the Customer and specified in the Implementation Agreement

Users shall use the login details provided to them each time they log into the Application Services. These Login details are intended to ensure that access to the Dispatcher Solution is reserved for the Customer’s users. Their purpose is to protect the integrity and availability of the Dispatcher solution, as well as the integrity, availability and confidentiality of the Customer’s data as transmitted by the users.

In the event of the loss or theft of any login details, the Customer shall use the procedure set up by REDWIT on the Dispatcher site, or contact the appointed administrator at the Customer’s premises or REDWIT’s user service support.

REDWIT may not under any circumstances be held liable for consequences arising from the third-party use of user access codes.

Appendix: Service Agreement – Service Rate

All times specified in this article are for the GMT +1 time zone. Days and hours refer to business days and hours.

 

  • Service Level

REDWIT guarantees the Customer 24/7 server availability, it being specified that any integration and maintenance process is not included in this guarantee.

REDWIT guarantees the Customer that its English- and French-speaking technical support teams will be available from Monday to Friday, from 9 a.m. to 5 p.m. CET, on the following telephone number: +33 9 70 73 00 82

 

  • Definition of incidents

Incidents are distinguished according to the level of criticality. They are divided into three categories: critical errors, major errors, and minor errors.

“Critical errors”: apart from application shutdowns related to planned operations or in agreement with the Customer for the delivery of updates or remedial new features, any malfunction of the Software causing its total unavailability or the interruption of one of its core functions, without a workaround solution for the Customer, is considered a critical error.

“Major errors”: any critical error with a workaround solution is considered to be major error. The Software operates with limited capabilities or is unstable.

“Minor errors”: situations where the Software is running but with errors are considered to be minor errors.

 

  • Continuity and availability of the Solution

REDWIT guarantees the Customer that the Solution will be available in a live environment under the conditions described below, it being specified, however, that the following are not included in service uptime calculations:

  • scheduled maintenance periods;
  • unavailability due to the user’s Internet access;
  • planned interruptions accepted by the Customer;
  • interruptions at the Customer’s request;
  • incidents due to the occurrence of Force Majeure events;
  • interruptions due to the Customer’s refusal to work with REDWIT to resolve errors, and in particular to respond to questions and requests for information;
  • interruptions due to the solution being used in a manner that does not comply with its purpose or documentation;
  • interruptions due to a modification of the solution by the Customer or by a third party;
  • interruptions due to the Customer breaching its obligations under the Agreement;
  • interruptions due to the installation by the Customer of any software packages, software or operating system that is not compatible with the solution;
  • interruptions due to the failure of electronic communication networks;
  • interruptions due to a deliberate act of damage, malicious acts, or sabotage;
  • interruptions due to deterioration resulting from a force majeure event or the incorrect use of the solution;
  • Interruptions due to corrupted or non-compliant data injected by the Customer into the Solution.

Availability is calculated based on the operational functioning of the Solution, as follows:

  • “Monthly Uptime Percentage” is calculated by subtracting from 100% the percentage of hours in the month in which the Dispatcher Solution is “unavailable” during the guaranteed service range (GSR).
  • The GSR is from 7 a.m. to 8 p.m. CET, from Monday to Friday (5 days per week).
    • e. 279.5 hours per month, excluding public holidays (5 days x 13 hours x 4.3 weeks = 279.5 hours)
  • The service is declared unavailable in the event of a “Critical error”

Example of a monthly uptime calculation:

  • Sum of critical error times over the month in the GSR: 2 h
  • Uptime = 100% – 2 h / 279.5 h

Non-compliance with the service rate may lead to penalties being applied.

Uptime penalty % of the monthly fixed-rated fee*
97% ≤ Uptime < 98.5% 5%
95% ≤ Uptime < 97% 15%
Uptime < 95% 20%

*: monthly fixed-rate fee = annual fixed-rate fee / 12

These penalties will be invoiced to REDWIT or will be subject to a credit note for the amounts due to REDWIT, at its discretion.

 

  • Corrective maintenance and resolution of technical incidents

Telephone support to deal with errors is available from Monday to Friday, from 9 a.m. to 5 p.m., inclusive.

Any error report must be confirmed immediately by email to REDWIT. Accordingly, the Customer must follow the following procedure:

  • Call the technical support centre
  • Open an incident by email at service@Dispatcher-pro.com
  • Open an incident in the support form & changes to the Dispatcher platform.

The error correction deadlines are shown in the table below. These are based on the priority level of the request, as determined during discussions between the Service Provider and the Company.

Criticality of the Error Acknowledgement deadline Workaround deadline Resolution deadline
Critical error 3 business hours 3 business hours 1 business day
Major error 5 business hours 1 business day 3 business days
Minor error 8 business hours 2 business days 40 business days

 

These deadlines are expressed in business hours and days, and more specifically according to the opening hours of the Service Provider’s technical service centre, i.e. from Monday to Friday from 9 a.m. to 5 p.m. (Paris time).

The date and time taken into account is based on the timestamp on the email sent by the Company.

In the event of an error that is minor, costly and/or complex to correct, REDWIT reserves the right not to correct this minor error.

REDWIT is not responsible for maintenance in the following cases:

  • the Customer’s refusal to work with REDWIT to resolve errors, and in particular to respond to questions and requests for information;
  • the use of the solution in a manner that does not comply with its purpose or documentation;
  • the modification of the solution by the Customer or by a third party;
  • the Customer breaching its obligations under the Agreement;
  • the installation of any software packages, software or operating system that is not compatible with the solution;
  • the failure of the electronic communication networks;
  • deliberate acts of damage, malicious acts, or sabotage;
  • deterioration resulting from a force majeure event or the incorrect use of the solution;
  • Interruptions due to corrupted or non-compliant data injected by the Customer into the Solution.

 

  • Maintenance of and changes to the Solution

 

As far as possible, REDWIT shall carry out maintenance operations during the week before 6 a.m. and after 6 p.m., or on Saturdays and Sundays at any time.

In the case of maintenance operations during weekdays, between 6am and 6pm,  REDWIT will give the Customer one week’s notice via an alert message displayed on the Solution.

REDWIT may make significant changes to the Solution. As such, the Customer will benefit from upgrades offered by REDWIT.

This situation may lead to the occasional suspension of the Solution. In this case, REDWIT undertakes to comply with the procedure described below in order to keep the Customer as informed as possible about the interruption, allowing it to take sufficient advance measures to avoid any disruption to its business. REDWIT may not be held liable for the possible impact of this downtime on the Customer’s activities.

REDWIT will inform the Customer of any major changes via a newsletter or a notification displayed in the Solution.

Two types of changes are possible:

  • Standard changes activated by default: applicable to all REDWIT customers;
  • Configurable changes: the Customer can choose whether or not to activate these changes.

Standard upgrades will be deployed on the Customer’s platform once they have been developed and tested by REDWIT.

In addition, the Customer undertakes to do its utmost to communicate internally and provide training on developments with its User Companies.

The Customer acknowledges that it is aware of the importance of operational staff updating the mobile application on their mobile devices.

As part of its quest for ongoing improvement, REDWIT reserves the right to contact Users of the Solution directly in order to collect their opinions and feedback, for example via satisfaction questionnaires. The Customer undertakes not to object to these measures, within a maximum limit per quarter.

 

  • Incident monitoring

 

A system for monitoring incidents and changes is implemented by REDWIT (the “ticketing” system)

Appendix: Personal data processing

  1. The purpose of this Appendix is to define the conditions under which REDWIT, acting in this respect as the Customer’s processor, undertakes to carry out the personal data processing operations defined hereinbelow on the Customer’s behalf. It is understood that the Customer is the controller for the processing defined herein.

As part of the Agreement, of which this Appendix forms an integral part, it is agreed that in order to provide the Dispatcher Solution to the Customer, REDWIT will have access to the categories of personal data listed below.

Under these conditions, the Parties undertake to comply with the regulations and legislation in force applicable to the processing of personal data and, in particular, French Law no. 2018-493 of 20 June 2018 on the protection of personal data, amending law no. 78-17 of 6 January 1978 relating to data privacy, as well as Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 applicable from 25 May 2018 (hereinafter, in a general sense, the “Regulations”).

 

  1. The Parties agree on the following definitions:

“Data”: means any information relating to an identified or identifiable natural person, i.e. someone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online handle, or by one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of said natural person. Data that are the subject of this agreement are listed in Article 3 of this Appendix.

“Data Subject(s)”: means any identified or identifiable person whose Data are processed and who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online handle, or by one or more factors specific to their physical, physiological, genetic, mental, economic, cultural or social identity. Data Subjects are the Customer’s end users, who benefit from REDWIT’s services.

Other capitalised terms shall have the meaning ascribed to them in the General Terms and Conditions of Sale.

 

  1. Description of the purposes of the data processing and Data subject to sub-processing:

REDWIT is authorised to process, on behalf of the Customer, the Data necessary to make the Dispatcher solution available to the Customer and user entities belonging to its group.

REDWIT’s provision of services involves the processing of Data belonging to the Data Subjects in order to integrate the Data into the Solution or for data migration.

To this end, the Parties agree that Data belonging to the Data Subjects shall be transferred to REDWIT, which shall store these data for the aforementioned purposes. The Data transferred and processed by REDWIT are:

  • surname, first name,
  • telephone, address
  • skills, authorisations and medical restrictions
  • documents (Construction and Public Works (BTP) card, etc.)

It is understood that the Data Subjects are the end users, who have given their consent to benefit from the services offered by the Customer and delivered by REDWIT via the Dispatcher Solution.

The stated processing is carried out for the term of the contractual relationship provided for in the Agreement. The fate of the Data at the end of the Agreement is described in Article 10 of this Appendix.

 

  1. REDWIT’s obligations to the controller:

As the processor, REDWIT undertakes to:

  1. process the Data for the sole purpose(s) comprising the processing defined herein;
  2. process the Data in accordance with the controller’s documented instructions as set out in the Agreement and its Appendices. The processor shall inform the controller immediately if it considers that an instruction constitutes a breach of the Regulations. In addition, under the Regulations, if the processor is required to transfer Data to a third country or to an international organisation located outside the territory of the European Union, it must inform the controller of this legal obligation prior to such transfer, unless the relevant law prohibits such communication on significant grounds of public interest;
  • garuantee the confidentiality of the Data processed under this Agreement;
  1. ensure that the persons authorised to process the Data under this Agreement:
    • undertake to respect the confidentiality of the Data or are subject to an appropriate legal obligation of confidentiality;
    • receive the necessary data protection training.
  2. take into account the principles of data protection by design and data protection by default with regard to its tools, products, applications or services. In addition, REDWIT undertakes to implement all necessary technical and organisational guarantees to ensure that the Data are not distorted, damaged or communicated to unauthorised third parties;
  3. never use sub-processors that would transfer the Data outside the territory of the European Union, unless it has taken all requisite compliance measures and informed the Customer beforehand. In this case, the sub-processor must comply with the obligations of the Agreement on behalf of and in accordance with the instructions of the controller. REDWIT is responsible for ensuring that the sub-processor provides the same sufficient guarantees regarding the implementation of appropriate technical and organisational measures to ensure that the processing meets the requirements of the Regulations;
  • collaborate actively with the Customer if a Data Subject opts to exercise their rights under the conditions defined in Article 6 of this Appendix;
  • keep a register of sub-processing operations;
  1. never transfer, disclose or give access to any computer media or any document of any medium, nature or other, without limitation, containing the Data Subjects’ data to a third party, other than the aforementioned sub-processors, without prior authorisation from the Customer;
  2. notify the Customer of any Data breach within 72 hours of becoming aware of it, and in writing if required to do so by the Regulations. This notification shall be accompanied by any relevant documentation that enables the controller or REDWIT to notify said breach to the competent supervisory authority, if required to do so by the Regulations, under the conditions defined in Article 7 of this Appendix;
  3. notify the Customer immediately in the event of a request, complaint, audit, investigation or enquiry by a third party, an administrative authority, a Data Subject or any other person that establishes or claims any potential non-compliance with the Regulations;
  • leave the controller the option to perform an audit of the processing carried out by REDWIT and all appropriate technical and organisational measures guaranteeing the ongoing security, integrity, confidentiality, availability and resilience of the systems and services used in the processing, as well as compliance with Data Subjects’ rights and the Regulations, it being specified that the Customer must provide REDWIT with written notification thereof at least thirty (30) calendar days in advance;
  • cooperate with the controller in the event of a security breach, in particular with regard to the need to notify the competent supervisory authority and to implement all technical measures required to detect a breach of the Data Subjects’ Data that may pose a significant risk to their rights and freedoms, and to inform the Customer thereof within a reasonable timeframe.

 

  1. Data Subjects’ right to information:

At the time of collecting the Data, the Customer must inform the Data Subjects about the Data processing that it intends to carry out. The wording and format of this information may be agreed with the processor prior to the collection of the Data.

 

In particular, the information given to the Data Subjects must contain the following elements:

  • The identity and contact details of the controller;
  • Where applicable, the contact details of the Data Protection Officer (DPO);
  • The purposes of the processing for which the Data is intended;
  • The Data recipients;
  • The Data retention period;
  • The existence of their rights of Data access, rectification, erasure and portability, and the right to limit or object to the processing of their personal data;
  • The right to withdraw their consent to data processing;
  • The Data Subject’s right to lodge a complaint with the competent supervisory authority if he or she considers that his or her rights have been infringed.

 

  1. Requests by Data Subjects to exercise their rights

To the extent possible, and taking into account the available techniques and related implementation costs, REDWIT, as controller, shall assist the Customer in fulfilling its obligation to respond to requests from Data Subjects to exercise their rights (rights of access, rectification, erasure and objection; the right to limit processing, the right to data portability, the right not to be subject to an automated individual decision, including profiling).

It is expressly agreed that the Customer is responsible for responding to the Data Subjects’ requests to exercise their rights under the conditions and within the deadlines provided for by the Regulations in force. REDWIT undertakes to work actively with the controller to respond to these requests, exclusively for Data to which it has access as part of its processing tasks and under the conditions provided for herein. To this end, the SERVICE PROVIDER undertakes to communicate any request it may have received to the controller, and to comply with the procedure for managing Data Subjects’ rights provided by the CUSTOMER.

 

  1. Notification of Data Breaches

Following prior notice and with written agreement from the controller, the processor shall notify the competent supervisory authority, in the name and on behalf of the controller, of Data Breaches as soon as possible and, if possible, no later than 72 hours after becoming aware of them, unless the breach in question is unlikely to result in any risk to the Data Subjects’ rights and freedoms.

This notification must contain at least:

  1. a description of the nature of the Data Breach including, where possible, the categories and approximate number of Data Subjects affected, and the categories and approximate number of Data records concerned;
  2. where applicable, the name and contact details of the Data Protection Officer or other contact person from whom additional information may be obtained;
  • a description of the likely consequences of the Data breach;
  1. a description of the measures taken or proposed by the controller to remedy the Data breach, including, where appropriate, measures to mitigate any possible adverse consequences.

If it is not possible to provide all this information at the same time, the information may be communicated in a staggered manner, without undue delay.

Following prior notice and with written agreement from the controller, the processor shall communicate the Data Breach to the Data Subject as soon as possible, in the name and on behalf of the controller, only if said breach is likely to result in a high risk to the Data Subject’s rights and freedoms.

The communication to the Data Subject shall describe the nature of the Data Breach in clear and simple terms. It shall contain at least:

  1. a description of the nature of the Data Breach including, where possible, the categories and approximate number of Data Subjects affected, and the categories and approximate number of Data records concerned;
  2. where applicable, the name and contact details of the Data Protection Officer or other contact person from whom additional information may be obtained;
  • a description of the likely consequences of the Data breach;
  1. a description of the measures taken or proposed by the controller to remedy the Data breach, including, where appropriate, measures to mitigate any possible adverse consequences.

 

  1. 8. Assistance with compliance issues provided to the controller by the processor

As far as possible, REDWIT shall work to support the Customer, as controller, in carrying out data protection impact analyses, if required by the Regulations, taking into account the available techniques and the related implementation costs.

As far as possible, REDWIT shall work with the Customer, as controller, to carry out the prior consultation with the supervisory authority.

 

  1. Security measures

REDWIT undertakes to implement the following security measures:

  • the means to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
  • the means to restore the availability of and access to the Data in a timely manner, in the event of a physical or technical incident;
  • a procedure for regularly testing, analysing and assessing the effectiveness of the technical and organisational measures to ensure the security of the processing described herein.

 

  1. Fate of the Data

At the end of the contractual relationship, REDWIT undertakes to return all Data belonging to the Customer in a standard format (Microsoft Excel, SQL and CSV), at the Customer’s expense and at the Customer’s first request made by registered letter with acknowledgement of receipt, within thirty (30) calendar days of the date of receipt of this request.

Unless otherwise provided by law or contractual provision, data shall be returned in a standard format chosen by the Customer and REDWIT, and shall be made available to the Customer in the form of a download or, if the volume is too great, by sending an external data carrier as part of a chargeable service up to the cost of the external data carrier and its secure sending.

REDWIT also undertakes to respond to this request within thirty (30) calendar days of receipt of the Customer’s request for the return of its data.

At the end of the provision of services relating to the processing of this Data, the SERVICE PROVIDER undertakes to destroy all Data collected in connection with the Agreement, notwithstanding any legal or regulatory provision to the contrary. The processor must provide written proof of said destruction once it is complete.

In the event that the termination of the contractual relationship requires reversibility, the Parties shall meet to agree on a quote for the Customer to recover all of its Data. This quote shall be based on REDWIT’s daily rate of one thousand euros excluding VAT (€1,000 excl. VAT) per day and per person.

 

  1. Obligations of the Customer, as controller, towards REDWIT

As controller, and in accordance with the provisions of the Regulations, the Customer undertakes to:

  • Provide REDWIT with the Data required for the performance of the Agreement defined in Section 3 of this Appendix;
  • Oversee the processing provided for herein and document in writing any related instructions;
  • Keep a record of the processing operations carried out under the Agreement;
  • Implement all organisational technical measures to guarantee to REDWIT that the Data has been/are collected and processed in compliance with the provisions of the Regulations to ensure the ongoing security, integrity, confidentiality, availability and resilience of the systems and services used to process the data in compliance with the Data Subjects’ rights and the requirements of the Regulations;
  • Restrict access to data belonging to the Data Subjects to staff duly authorised for this purpose and subject to confidentiality;
  • Raise staff awareness and train staff on Data processing, the provisions of the Regulations and related consequences;
  • Never transfer the Data to a third party in any way without having duly informed the Data Subject;
  • Never transfer the Data outside the European Union in any way without having duly informed the Data Subject;
  • Guarantee all of the Data Subjects’ rights of data access, portability, erasure, rectification, opposition to processing and limitation of processing for Data collected under the conditions defined in Article 6 of this Appendix;
  • Notify the competent supervisory authority of any security breach that presents a high risk to Data Subjects’ rights and freedoms within 72 hours of discovery of said breach under the conditions of Article 7 of this Appendix;
  • Destroy data belonging to the Data Subjects within a period that complies with the Regulations in force.