Terms of Use

The Terms of Use on this page are effective from the 28th of November 2018 and apply to your use of the Telebond Site and Services.

The Telebond Terms of Use consist of:

  1. General Terms;
  2. Special Terms Experts;
  3. Special Terms – Client;
  4. Privacy Policy;
  5. Data Processing Agreement.

The General Terms apply to all Users of the Site.

In addition the Special Terms – Experts apply to Users when using the Site or Services as an Expert, the Special Terms – Clients apply to Users when using the Site or Services as a Client and the DPA applies to all Users.

Your specific attention is drawn to terms that: (i) permit us and selected third parties to put cookies on your computer (please see the cookies section of our Privacy Policy); (ii) limit our liability to you (please see clause 17 – Limitation of Liability); (iii) require you to indemnify us in certain circumstances (see clause 18 – indemnity); and explain the meanings and implications of the various intellectual property rights that may exist in any User Content (see clauses 11 and 13).

1. GENERAL TERMS

These general terms apply to all Users of the Site.

Welcome to Telebond, owned and operated by Candide Base Limited (“Candide”). Telebond is an online platform offering services that connect users providing information and advice (“Experts”) with users seeking information and advice (“Clients”) (together, the “Services”). The Services are accessible at www.telebond.com/ and on any other websites through which Candide makes the Services available (collectively, the “Site”). By using the Site, you agree to comply with and be legally bound by these Telebond Terms of Use, our Privacy Policy and our DPA (together, the “Terms”), as they may be modified and posted on the Site from time to time.

These Terms govern your access to, and use of, the Site and Services and Collective Content (as defined below) and constitute a binding legal agreement between you and Candide.

Please read carefully these Terms, which may be found at www.telebond.com/terms/. If you do not agree to these Terms, you have no right to use the Services, Site or Collective Content.

1. Definitions

In addition, in these Terms, unless the context requires otherwise, words in one gender include all genders and words in the singular include the plural and vice-versa.

In these Terms, the following words shall have the following meanings:

“Call” means an action by Users, who are using Services to connect to each other through video, audio and text.

“Client” means a User who uses the Site or Services to access information and advice from other Users within a Session.

“Collective Content” means User Content and Candide Content.

“Content” means text, graphics, images, music, software, audio, video, information or other materials.

“Expert” means a User who was contacted through his Profile, and/or sends an invitation to other Users or non-registered individuals, and who is hosting a Session.

“Profile” means an offer by an Expert to provide the services via the Site and Services.

“Session” means a scheduled meeting coordinated via the Services between Users in connection with and subject to the terms of a Profile.

“Tax” or “Taxes” mean any applicable sales taxes, value added taxes (VAT), goods and services taxes (GST) and other similar taxes, including but not limited to withholding, personal or corporate taxes.

“Telebond Content” means all Content that Candide makes available through the Site or Services, including any Content licensed from a third party, but excluding User Content.

“Telebond-ID” means a unique identification name, chosen by each User upon registration.

“User” means any person or entity who completes Candide’s online account registration process and includes Experts and Clients.

“User Content” means all Content that a User posts, uploads, publishes, submits or transmits to be made available through the Site or Services and includes, without limitation, Profiles, comments, captions, watermarks, images and tags.

“you” and “your” refer to the individual or entity that uses the Site or Services.

“we”, “us”, or “our” refer to Candide.

2. Services Description

The Site is a platform for Users to connect and schedule Sessions in order to exchange information with other Users. The Site and Services comprise an online platform through which Experts may create Profiles in order to offer information and advice to other Users. Candide is not a party to any agreements entered into between Users. Candide has no control over the conduct of Users or other users of the Site and Services or any information provided in connection with the Site and Services.

You may view Profiles as an unregistered visitor to the Site and Services. However, if you wish to use the Services or post a Profile, you must register in order to create a Telebond Account (as defined below).

Candide makes the Site and Services available to Users solely to facilitate User interaction, such as requesting and creating Sessions, call queuing, call cycling, payment integration and call facilitation (see www.telebond.com for more details). Candide does not provide, and is not responsible for, User Content or any information or advice exchanged between Users during Sessions or otherwise. Candide does not verify the credentials of any of its Users. Candide is not liable for any loss or damage related to any and all Profiles or information provided via the Services. All Users use the Site and Services at their own risk.

Experts are not employees or agents of Candide. They are independent service providers using the Site and Services to market their expertise to other Users and the public. Accordingly, Candide is not liable for any loss or damage caused by reliance on information provided by Experts.

3. Provision of the Services

The Site and Services are provided for persons who are 18 years of age or older and may not be accessed or used by anyone under 18 years old. By accessing or using the Site or Services you represent and warrant that you are 18 years of age or older.

Candide shall provide the Site and Services in accordance with these Terms.

4. Modification

Candide reserves the right, at its sole discretion, to modify the Site, Services or the Terms (including the Service Fee, as defined below), at any time. All minor modifications shall be published on the Site and the new Terms shall be effective from the date of publication as shown in the date displayed at the top of the modified published Terms. Where material changes are made, existing Users will be given 30 days prior notice of the changes via email. You agree to keep Candide notified at all times of your current email address.

By continuing to access or use the Site or Services after Candide have: (i) posted a modification on the Site; or (ii) provided you with 30 days’ notice; as applicable, you are deemed to have accepted the changes and shall be legally bound by the modified Terms.

If you do not agree to changes to the Terms, you must cease using the Site and Services.

5. User Account Registration

Direct Registration: To access certain features of the Site and to create a Profile, you must register to create an account (“Telebond Account”) and become a User. You may register directly via the Site or as described below in this clause.

Third Party Registration: You can also register to join by logging into your account with certain third party social networking sites (“SNS”), including, but not limited to, Google, Facebook, Twitter and LinkedIn, each a (“Third Party Account”).

Upon registration all Users are assigned with a Profile and a Telebond-ID. Candide reserves the right to block or make a User change any Telebond-ID which Candide deems to be inappropriate.

6. Use of Third Party Accounts

You may link your Telebond Account with Third Party Accounts.

You permit Candide to access, make available and store (if applicable) any Content that you have provided to and stored in your Third Party Account (“SNS Content”) so that it is available on and through the Site and Services via your Telebond Account and Telebond Account profile page. Unless otherwise specified in these Terms, all SNS Content, will be User Content for the purposes of these Terms. Depending on the Third Party Accounts you choose, and subject to the privacy settings that you have set in such Third Party Accounts, personal data that you post to your Third Party Accounts will be available on and through your Telebond Account on the Site and Services.

If a Third Party Account or associated service becomes unavailable, or Candide’s access to such Third Party Account is terminated by the third party service provider, SNS Content will no longer be available on and through the Site and Services.

You have the ability to disable the connection between your Telebond Account and your Third Party Accounts, at any time, by accessing the “Settings” section of the Site.

Use of your Third Party Accounts and your relationship with third party service providers is governed solely by the third party provider’s terms and conditions and/or your other agreements with them. Candide does not review any SNS Content for any purpose, including but not limited to its, accuracy, legality or non-infringement and Candide is accordingly not responsible for any SNS Content.

7. Telebond Account

Your Telebond Account and Telebond Account profile page for use of the Site is based upon the personal data you provide to Candide, or that Candide obtains via an SNS as described above. You may not have more than one (1) active Telebond Account.

You agree to provide accurate, current and complete information during the registration process, to update such information, to keep it accurate, current and complete. Candide reserves the right to suspend or terminate your Telebond Account and your access to the Site and Services if you create more than one (1) Telebond Account or if any information provided during the registration process or thereafter proves to be inaccurate, not current or incomplete.

You are responsible for safeguarding your password. You agree that you will not disclose your password to any third party and that you will take sole responsibility for any activities or actions under your Telebond Account, whether or not you have authorized such activities or actions. You will immediately notify Candide of any unauthorized use of your Telebond Account.

8. Profiles

Profiles are made publicly available via the Site and Services. A Profile is automatically created for you after registration.

You are solely responsible for any and all Profiles you post. Accordingly, you represent and warrant that any Profile you post: (i) will not breach any agreements you have entered into with any third parties; and (ii) will; (a) comply with all applicable laws, tax requirements, and rules and regulations that may apply to you and; (b) not conflict with the rights of third parties.

Candide cannot and does not control the Content contained in any Profiles or the information exchanged between Users via the Services. Candide has no liability whatsoever for the Content of Profiles, or for any User’s compliance with any applicable laws, rules and regulations.

Candide is not involved in the interactions between Users and does not refer or endorse or recommend particular Experts to Clients. Candide does not edit, modify, filter, screen, monitor, endorse or guarantee User Content or the content of communications between Users. Candide is not party to any agreements entered into between Users.

Candide reserves the right, at any time and without prior notice, to remove or disable access to any Profile for any reason, including Profiles that Candide, in its sole discretion, considers to be: (i) objectionable for any reason; (ii) in breach of these Terms; or (iii) otherwise harmful to the Site or Services.

9. Fees, Invoicing and Payments

Sessions and Financial Terms for Experts:

Sessions can be created in two ways, through a session request to an Expert or an invitation by an Expert.

  • Invitation: An Expert can invite other Users and non-Users, via email. An invited Client reviews the invitation, and either accepts and pays for it, or rejects the invitation.
  • Session request: When an Expert receives a session request from a User, the Expert should view the request and then either confirm or reject the request.

When a session request is confirmed, Candide will send both Users an email confirming the booking, depending on the selections made via the Site and Services.

The Expert is entitled to charge the Client a (“Session Fee”) for the Session. Session Fees are published in each Profile: (i) in the currency chosen by the Expert; and (ii) on the basis of a fee per Session. All Session Fees are set by Experts.

When the Expert confirms each Session, Candide calculates the appropriate Session Fee payable by the Client to the Expert based on the Session Fee set by the Expert.

Candide collects payment of the Session Fee from the Client and makes payment of the Session Fee to the Expert on the Client’s behalf.

Candide currently uses Stripe to collect and make payments under the Terms but reserves the right to use any other third party payment processor as may be listed on the Site from time to time.

In order for Candide to process payments, you will be asked to provide invoicing information such as name, invoicing address and credit card information either to Candide or its third party payment processor.

Candide requires Experts to accept payment in the following three currencies: US Dollars, pounds Sterling, Euros or Hungarian Forint. Candide reserves the right to amend the list of available currencies.

Sessions and Financial Terms for Clients

The Client is solely responsible for honouring any confirmed Sessions. If the Client chooses to enter into a transaction with an Expert by scheduling a Session via the Site, these Terms shall apply in relation to you and Candide and any other terms, conditions, rules and restrictions associated with such Session published in the Profile (“Other Terms“) shall apply between the Expert and the Client. The Client shall be solely responsible and liable to the Expert for performing all of its obligations in relation to the Other Terms. Candide is not a party to such Other Terms and has no liability whatsoever arising from or related to any Other Terms.

The Client shall pay Experts for Sessions in accordance with these Terms, by one of the methods described on the Site for example Stripe. On confirmation of each Session, Candide will process and collect the Session Fees payable by the Client to the Expert in accordance with these Terms and the terms of the Profile.

Candide cannot control any fees that Users may be charged by Stripe and a User’s bank relating to Candide’s collection of the Session Fees and the User acknowledges that the User is solely responsible for paying all such fees.

If a User is directed to Candide’s third party payment processor, the User may be subject to terms and conditions governing use of that third party’s service and that third party’s personal information collection practices. Please review such terms and conditions and privacy policy before using the third party services. Once the transaction is complete the User will receive a confirmation email summarizing its confirmed Session.

Refunds

Candide provides a communication solution for an Expert and a Client to connect and Services to be provided by Expert. If, for any reason a session is cancelled, missed. not conducted, including technical reason, or the Services provided by the Expert don’t match the Services advertised or expected the Expert and Client must agree if there should be a Refund and the Expert should act in accordance with its terms. Candide is under no circumstance liable for any compensations or Refunds that are directly related to the agreed transaction between an Expert and a Client.

All fees payable under these Terms are exclusive of any applicable taxes. You understand and agree that you are solely responsible for determining applicable tax reporting requirements in consultation with your tax advisors. Candide cannot and does not offer tax-related advice to any Users of the Site and Services.

You undertake that all payment details provided for the purpose of using the Site and the Services will be correct and that there are sufficient funds or credit facilities to cover all fees payable under these Terms.

10. User Conduct

You are solely responsible for your use of the Site, Services and Content.

You agree not to:

  • breach any law or regulation, or any order of a court, including, without limitation, zoning restrictions and tax regulations;
  • use the Site or Services for any commercial or other purposes that are not expressly permitted by these Terms;
  • use the Site or Services to transmit, distribute, post or submit any information concerning any other person or entity, including without limitation, photographs of others without their permission, personal contact information or credit, debit, calling card or account numbers;
  • use the Site or Services in connection with the distribution of unsolicited commercial email (“spam”) or advertisements unrelated to lodging in a private residence;
  • use automated scripts to collect information or otherwise interact with the Site or Services;
  • use the Site and Services to find Clients or Experts and then complete a transaction independent of the Site or Services in order to circumvent the obligation to pay any fees related to Candide’s provision of the Services;
  • use the Site or Services related to transactions involving: (i) narcotics, steroids, certain controlled substances or other products that present a risk to consumer safety; (ii) drug paraphernalia; (iii) cigarettes; (iv) items that encourage, promote, facilitate or instruct others to engage in illegal activity; (v) stolen goods including digital and virtual goods; (vi) the promotion of hate, violence, racial intolerance or the financial exploitation of a crime; (vii) items that are considered obscene; (viii) items that infringe or violate any copyright, trademark, right of publicity or privacy or any other proprietary right under the laws of any jurisdiction; (ix) certain sexually oriented materials or services; (x) ammunition, firearms, or certain firearm parts or accessories; or (xi) certain weapons or knives regulated under applicable law;
  • use the Site or Services related to transactions that: (i) show the personal data of third parties in breach of applicable law; (ii) support pyramid or ponzi schemes, matrix programs, other “get rich quick” schemes or certain multi-level marketing programs; (iii) are associated with purchases of annuities or lottery contracts, lay-away systems, off-shore banking or transactions to finance or refinance debts funded by a credit card; (iv) are for the sale of certain items before the seller has control or possession of the item; (v) are by payment processors to collect payments on behalf of merchants; (vi) are associated with the sale of traveller’s cheques or money orders; (vii) involve currency exchanges or cheque cashing businesses; (viii) involve certain credit repair, debt settlement services, credit transactions or insurance activities; or (ix) involve offering or receiving payments for the purpose of bribery or corruption;
  • use the Site or Services involving the sales of products or services identified by government agencies to have a high likelihood of being fraudulent;
  • use, display, mirror or frame the Site or any individual element within the Site, Services, Candide’s name, any Candide trademark, logo or other proprietary information, or the layout and design of any page or form contained on a page, without Candide’s express written consent;
  • copy, store or otherwise access any information contained on the Site, Services or Content for purposes not expressly permitted by these Terms;
  • infringe the rights of any person or entity, including without limitation, their intellectual property, privacy, publicity or contractual rights;
  • interfere with or damage the Site or Services, including, without limitation, through the use of viruses, cancel bots, Trojan horses, harmful code, flood pings, denial-of-service attacks, packet or IP spoofing, forged routing or electronic mail address information or similar methods or technology;
  • “stalk” or harass any other user of the Site or Services or collect or store any personally identifiable information about any other user other than for purposes of transacting as a Telebond User;
  • register for more than one Telebond Account or register for a Telebond Account on behalf of an individual other than yourself;
  • systematically retrieve data or other content from the Site or Services to create or compile, directly or indirectly, in single or multiple downloads, a collection, compilation, database, directory or the like, whether by manual methods, through the use of bots, crawlers, or spiders, or otherwise;
  • access, tamper with, or use non-public areas of the Site, Candide’ computer systems, or the technical delivery systems of Candide’s other Users;
  • attempt to probe, scan, or test the vulnerability of any Candide system or network or breach any security or authentication measures;
  • avoid, bypass, remove, deactivate, impair, descramble, or otherwise circumvent any technological measure implemented by Candide or any of Candide’s other Users or any other third party (including another user) to protect the Site, Services or Collective Content;
  • forge any TCP/IP packet header or any part of the header information in any email or newsgroup posting, or in any way use the Site, Services or Collective Content to send altered, deceptive or false source-identifying information;
  • attempt to decipher, decompile, disassemble or reverse engineer any of the software used to provide the Site, Services or Collective Content;
  • recruit or otherwise solicit any other User to join third party services or websites that compete with Candide, without Candide’s prior written approval;
  • impersonate any person or entity, or falsify or otherwise misrepresent yourself or your affiliation with any person or entity;
  • submit any Profile with a false or misleading information;
  • post, upload, publish, submit or transmit any Content that: (i) infringes, misappropriates or violates a third party’s patent, copyright, trademark, trade secret, moral rights or other intellectual property rights, or rights of publicity or privacy; (ii) violates, or encourages any conduct that would violate, any applicable law or regulation or would give rise to civil liability; (iii) is fraudulent, false, misleading or deceptive; (iv) is defamatory, obscene, pornographic, vulgar or offensive; (v) promotes discrimination, bigotry, racism, hatred, harassment or harm against any individual or group; (vi) is violent or threatening or promotes violence or actions that are threatening to any other person; or (vii) promotes illegal or harmful activities or substances; or
  • advocate, encourage, or assist any third party in doing any of the foregoing.

If you believe any User is acting or has acted inappropriately, including but not limited to, anyone who: (i) engages in offensive, violent or sexually inappropriate behaviour; (ii) you suspect of fraud; or (iii) engages in any other disturbing conduct, you should immediately report such person to the appropriate authorities and to Candide.

Candide will have the right to investigate and prosecute breaches of any of the above to the fullest extent permitted by applicable law. Candide may involve and cooperate with law enforcement authorities in prosecuting Users who breach these Terms.

You acknowledge that Candide has no obligation to monitor your access to or use of the Site, Services or Collective Content or to review or edit any User Content, but has the right to do so for the purpose of operating the Site and Services, to ensure your compliance with these Terms, or to comply with applicable law or the order or requirement of a court, administrative agency or other governmental body.

11. Ownership and Intellectual Property Rights

The Site, Services and Candide Content, including all associated intellectual property rights are the exclusive property of Candide and its licensors. You will not remove, alter or obscure any copyright, trademark, service mark or other proprietary rights notices incorporated in or accompanying the Site, Services, or Candide Content.

All trademarks, service marks, logos, trade names and any other proprietary designations of Candide used herein are trademarks or registered trademarks of Candide. Any other trademarks, service marks, logos, trade names and any other proprietary designations are the trademarks or registered trademarks of their respective parties.

All intellectual property rights and title to the Services, Site and Content (save to the extent incorporating any User Content or third party owned item) shall remain with the Candide and/or its licensors and no interest or ownership in the Services, Site and Content or otherwise is conveyed to you under these Terms. No right to modify, adapt, or translate the Services or create derivative works from the Services is granted to you. Nothing in these Terms shall be construed to mean, by inference or otherwise, that you have any right to obtain source code for the software comprised within the Services.

Disassembly, decompilation or reverse engineering and other source code derivation of the software comprised within the Services is prohibited. To the extent that you are granted the right by law to decompile such software in order to obtain information necessary to render the Services interoperable with other software (and upon written request by you identifying relevant details of the Services(s) with which interoperability is sought and the nature of the information needed), Candide will provide access to relevant source code or information. Candide has the right to impose reasonable conditions including but not limited to the imposition of a reasonable fee for providing such access and information.

12. License to use Candide Content, Services and Site

Subject to your compliance with the terms and conditions of these Terms, Candide grants you a limited, non-exclusive, non-transferable license, to: (i) access and view any Candide Content solely for your personal and non-commercial purposes; (ii) access and view any User Content to which you are permitted access, solely for your personal and non-commercial purposes; and (iii) use the Site and Services upon the terms and conditions of these Terms. You have no right to sublicense the license rights granted in this clause. Such licence shall permit you to make such copies of software or other information as are required for you to receive the Services. Where open source software is used as part of the Services, such software use by you will be subject to the terms of the open source licences.

You will not use, copy, adapt, modify, distribute, license, sell, transfer, publicly display, publicly perform, transmit, broadcast or otherwise exploit the Site, Services, or Collective Content, except as expressly permitted in these Terms. No licenses or rights are granted to you by implication or otherwise under any intellectual property rights owned or controlled by Candide or its licensors, except for the licenses and rights expressly granted in these Terms.

11. User Content

We may, in our sole discretion, permit Users to post, upload, publish, submit or transmit User Content. By making available any User Content on or through the Site and Services, you hereby grant to Candide a worldwide, irrevocable, perpetual, non-exclusive, transferable, royalty-free license, with the right to sublicense, to use, view, copy, adapt, modify, distribute, license, sell, transfer, publicly display, publicly perform, transmit, stream, broadcast, access, view, and otherwise exploit such User Content on, through, or by means of the Site and Services. Candide does not claim any ownership rights in any such User Content and nothing in these Terms will be deemed to restrict any rights that you may have to use and exploit any such User Content.

You acknowledge and agree that you are solely responsible for all User Content that you make available through the Site and Services. Accordingly, you represent and warrant that: (i) you either are the sole and exclusive owner of all User Content that you make available through the Site and Services or you have all rights, licenses, consents and releases that are necessary to grant to Candide the rights in such User Content, as contemplated under these Terms;

and (ii) neither the User Content nor your posting, uploading, publication, submission or transmittal of the User Content or Candide’s use of the User Content (or any portion thereof) on, through or by means of the Site and the Services will infringe, misappropriate or violate a third party’s patent, copyright, trademark, trade secret, moral rights or other proprietary or intellectual property rights, or rights of publicity or privacy, or result in the violation of any applicable law or regulation.

User Content will not, at any time, be deemed to reflect or represent or view or values.

14. Feedback

We welcome and encourage you to provide feedback, comments and suggestions for improvements to the Site and Services (“Feedback”). You may submit Feedback by emailing us at support@telebond.com. All Feedback will be the sole and exclusive property of Candide and you hereby irrevocably assign to Candide and agree to irrevocably assign to Candide all of your right, title, and interest in and to all Feedback, including without limitation all worldwide patent, copyright, trade secret, moral and other proprietary or intellectual property rights therein. At Candide’s request and expense, you will execute documents and take such further acts as Candide may reasonably request to assist Candide to acquire, perfect, and maintain its intellectual property rights and other legal protections for the Feedback.

12. Data Protection

We each undertake to comply with our obligations under any relevant applicable data protection laws, principles and agreements.

To the extent that personal data is processed using the Site, Services or Collective Content, the User acknowledges that Candide is a data processor and the User is a data controller and each of shall comply with its respective statutory data protection obligations and the terms of the DPA.

If a third party alleges infringement of its data protection rights, Candide shall be entitled to take measures necessary to prevent the infringement of a third party’s rights from continuing.

Where Candide collects and processes personal data of Users, as a data controller, when providing the Site, Services or Collective Content to Users, such collection and processing shall be in accordance with the Privacy Policy.

13. Warranties

The Site, Services and Collective Content are provided “as is” without any representation, endorsement or approval and without warranty of any kind, either express or implied other than that: (i) Candide has the right to license the Site, Services and Candide Content; and (ii) that by performing the Services Candide will not knowingly infringe the intellectual property rights of any third party.

Candide makes no warranty that the Site, Services, Collective Content (including, but not limited to the Profiles or any information provided via Sessions) will meet your requirements or be available on an uninterrupted, secure, or error-free basis. Candide makes no warranties regarding the quality of any Profiles, the Site, Services or Collective Content or the accuracy, timeliness, truthfulness, completeness or reliability of any Collective Content obtained through the Site or Services.

Candide does not conduct background checks on any User, but may conduct such background checks in its sole discretion. Candide does not attempt to confirm, and does not confirm, any User’s purported identity or credentials. You are responsible for determining the identity and suitability of others who you contact via the Site and Services. You are solely responsible for all of your communications and interactions with other Users of the Site or Services and with other persons with whom you communicate or interact as a result of your use of the Site or Services.

Candide makes no representation or warranties as to the conduct of Users of the Site or Services or their compatibility with any current or future Users of the Site or Services. You agree to take reasonable precautions in all communications and interactions with other Users of the Site or Services and with other persons with whom you communicate or interact as a result of your use of the Site or Services, including but not limited to Users who are Experts, regardless of whether such communications or interactions are organized by Candide.

By using the Site or Services, you agree that any legal remedy or liability that you seek to obtain for actions or omissions of other Users or other third parties will be limited to a claim against the particular Users or other third parties who caused you harm and you agree not to attempt to impose liability on, or seek any legal remedy from Candide with respect to such acts or omissions.

The Site and Services may contain links to third party websites or resources. You acknowledge and agree that Candide is not responsible or liable for: (i) the availability or accuracy of such websites or resources; or (ii) the content, products, or services on or available from such websites or resources. Links to such websites or resources do not imply any endorsement by Candide of such websites or resources or the content, products, or services available from such websites or resources. You acknowledge sole responsibility for and assume all risk arising from your use of any such websites or resources or the Content, products or services on or available from such websites or resources.

If you accept or agree to these Terms on behalf of a company or other legal entity, you represent and warrant that you have the authority to bind that company or other legal entity to these Terms and, in such event, “you” and “your” will refer and apply to that company or other legal entity.

Except as expressly stated in these Terms, all warranties and conditions, whether express or implied by statute, common law or otherwise (including but not limited to satisfactory quality and fitness for purpose), are hereby excluded to the fullest extent permitted by law.

17. Limitation of Liability

Candide does not exclude or limit its liability to you for fraud, death or personal injury caused by any negligent act or omission or wilful misconduct of Candide in connection with the provision of the Services or Site.

In no event shall Candide be liable to you whether arising under these Terms or in tort (including negligence or breach of statutory duty), misrepresentation or otherwise, for any Consequential Loss. (“Consequential Loss“) shall for the purposes of these Terms mean: (i) pure economic loss; (ii) losses incurred by any client of yours or other third party; (iii) loss of profits (whether categorised as direct or indirect loss); (iv) losses arising from business interruption; (v) loss of business revenue, goodwill or anticipated savings; and (vi) losses whether or not occurring in the normal course of business, wasted management or staff time.

Subject to any applicable mandatory law to the contrary, the total liability of Candide in aggregate (whether in contract, tort or otherwise) under or in connection with these Terms and your use or access to the Site and Services (including any indemnity or contribution) shall not exceed one hundred (100) per cent of the total amount (excluding any Taxes) paid or payable: (i) to you by Candide, if you are an Expert; or (ii) to an Expert, if you are a Client, for all Sessions you make via the Site and Services in the twelve (12) month period prior to the event(s) giving rise to the liability or claim.

In no event shall you raise any claim under these Terms more than one (1) year after the discovery of the circumstances giving rise to such claim.

14. Indemnity

You agree to indemnify and keep indemnified Candide, its affiliates, and subsidiaries, and their officers, directors, employees and agents, harmless from and against any claims, liabilities, damages, losses, costs and expenses, including, without limitation, reasonable legal and accounting fees made against Candide by any person arising out of or in any way connected with: (i) your access to or use of the Site, Services, or Collective Content in breach of these Terms; (ii) your User Content; and (iii) your interaction with any other User, reliance on any information exchanged via the Site or Services, or creation of a Profile or /iv) breaches of your obligations under any applicable data protection law or regulation or the terms of the DPA.

19. Termination and Telebond Account Deactivation

Candide may, at its discretion and without liability to you, with or without cause, with or without prior notice and at any time: (i) terminate these Terms or your access to the Site and Services; and (ii) deactivate or cancel your Telebond Account. In the event Candide terminates these Terms, or your access to the Site and Services or deactivates or cancels your Telebond Account you will remain liable for all amounts payable for use or access to the Site and Services under these Terms.

You may cancel your Telebond Account at any time by contacting Candide by email or post as set out in clause 30 (Contacting Candide). Please note that if your Telebond Account is cancelled, Candide shall at your request delete or return Content you have posted to the Site and Services, including, but not limited to, any reviews or Feedback in accordance with the terms of the DPA.

15. Additional Terms

Certain areas of the Site (and your access to or use of certain aspects of the Site, Services or Collective Content) may have additional terms and conditions which will apply to those areas of the Site, Services or Collective Content. You will be required to agree to and accept such additional terms and conditions by actively clicking your acceptance of such additional terms. If there is a conflict between these Terms and any such additional terms and conditions, the additional terms and conditions will prevail over the Terms with respect to your use of, or access to, that area of the Site, Services, or Collective Content.

16. Assignment

You may not assign or transfer these Terms, without Candide’s prior written consent. Any attempt by you to assign or transfer these Terms, without such consent, will be null and void. Candide may assign or transfer these Terms, the provision and ownership of the Site and Services, at its sole discretion, without restriction. Subject to the foregoing, these Terms will bind and inure to the benefit of the parties, their successors and permitted assigns.

17. Notices

Unless otherwise specified in these Terms all notices or amendments to these Terms must be given in writing. In respect of Candide, writing shall include: (i) email (to the email address that you provide on registration or sign up); or (ii) by posting to the Site. For email notices, the date of receipt will be deemed the date on which such notice is sent.

18. Third Party Rights

Save for any associated company of Candide, a person who is not party to these Terms shall have no third party right by statute or otherwise to enforce any term hereunder and the provisions of the Contracts (Rights of Third Parties) Act 1999 are hereby expressly excluded.

19. Entire Agreement

These Terms constitute the whole agreement and understanding between Candide and you regarding the Site, Services, Collective Content and any Sessions or Profiles made via the Site, and Services and these Terms supersede and replace any and all prior oral or written understandings or agreements between Candide and you regarding the subject matter thereof.

20. Severability

Should a provision of these Terms be invalid or become invalid then the legal effect of the other provisions shall be unaffected. A valid provision is deemed to have been agreed which comes closest to what the parties intended commercially and shall replace the invalid provision. The same shall apply to any omissions.

26. Waiver

The failure of Candide to enforce any right or provision of these Terms will not constitute a waiver of future enforcement of that right or provision. The waiver of any such right or provision will be effective only if in writing and signed by a duly authorized representative of Candide.

21. Applicable Law and Jurisdiction

These Terms shall be governed by the laws of England and Wales. Subject to the parties following the dispute resolution procedure set out in clause 28 (Dispute Resolution), the courts of England shall have exclusive jurisdiction for the settlement of all disputes arising under these Terms.

22. Dispute Resolution

In the event of any dispute between the parties to these Terms the parties shall within 10 days of a written request from one party to the other, meet in a good faith effort to resolve the dispute without recourse to proceedings. If the dispute is not resolved as a result of such meeting, any party may (at such meeting or within 14 days from its conclusion) propose to the other in writing that structured negotiations be entered into with the assistance of a neutral advisor (“Neutral Adviser“). If the parties are unable to agree on the appointment of a Neutral Adviser or the Neutral Adviser is unable or unwilling to act, either party may within fourteen days from the date of the proposal to appoint a Neutral Advisor or within fourteen days of notice to any party that he or she is unable or unwilling to act, apply to CEDR to appoint a Neutral Adviser. The parties shall within 14 days of the appointment of the Neutral Adviser meet with him or her in order to agree a programme for the exchange of any relevant information and the structure to be adopted for the negotiations. If considered appropriate, the parties may at any stage seek assistance from CEDR to provide guidance on a suitable procedure. All negotiations connected with the dispute shall be conducted in confidence and without prejudice to the rights of the parties in any future proceedings. If the parties accept the Neutral Advisor’s recommendations or otherwise reach agreement on the resolution of the disputes, such agreement shall be set down in writing and, when signed by their duly authorised representative, shall be binding on the parties. Failing agreement, either of the parties may invite the Neutral Adviser to provide a non-binding opinion in writing. Such opinion shall be provided on a without prejudice basis and shall not be used in evidence in any proceedings subsequently commenced pursuant to the terms of these Terms without the prior written consent of the parties.

23. Force Majeure

Neither party shall be responsible to the other in circumstances where some or all of the obligations (except for the obligation for the payment of any fees) under these Terms cannot be performed due to circumstances outside the reasonable control of the defaulting party including, without limitation, an Act of God, change in legislation, fire, explosion, flood, accident, strike, lockout or other industrial dispute, war, terrorist act, riot, civil commotion, failure of public power supplies, third party hacking, viruses, trojans, worms, logic bombs or other material attacking the Site or Services, a denial-of-service attack, a distributed or malicious denial-of service attack, failure of communication facilities, or unavailability of the Internet.

24. Contacting Telebond

This Site and the Services are operated by Candide Base Limited of Candide Base Limited 78, York Street, London, United Kingdom, W1H 1DP, VAT No. [GB] 188 4641 66 . All queries about these Terms, should be sent to our Customer Care – Policy Issues Department at this address, or by email to: info@telebond.com

2. SPECIAL TERMS – EXPERTS

These Special Terms – Experts apply to all Users of the Site who are an Expert in addition to the General Terms. If there is any conflict between any provision of the General Terms and these Special Terms – Experts, the provisions of these Special Terms – Experts shall prevail.

Profiles

Users can reach you through your Profile, if they want to contact you as an Expert for a Session. To this end, you may need to provide information regarding the expertise you offer as well as pricing and other financial terms applicable to your offering.

Users are solely responsible for any and all Profiles they post. Accordingly, you represent and warrant that any Profile you post and the agreements you enter into with Clients: (i) will not breach any agreements you have entered into with any third parties; and (ii) will; (a) comply with all applicable laws, tax requirements, and rules and regulations that may apply to you and; (b) not conflict with the rights of third parties.

Experts are responsible for all of their acts and omissions in using the Site and Services.

Service Fees

Services are provided to Experts in consideration of Candide receiving a recurring subscription fee as further detailed and published at https://telebond.com/price/ (“Service Fee“); special promotions and discounts might apply. In order to always guarantee access to Candide, the Expert must have a valid payment method associated to its account, so that Candide can charge the monthly Service Fee. For valid payment methods Experts must check their setting on the profile page.

All prices exclusive of VAT, which shall be charged in addition as applicable from time to time.

Set-off and rights of retention of the Expert are excluded unless the claims are undisputed or have been finally established.

User Conduct

You agree not to: (i) contact any other Expert for any purpose other than asking a question related to the Services; or submit any Profile with a price that you do not intend to honour.

3. SPECIAL TERMS – CLIENTS

These Special Terms – Clients apply to all Users of the Site who are a Client, in addition to the General Terms. If there is any conflict between any provision of the General Terms and these Special Terms – Clients, the provisions of these Special Terms – Clients shall prevail.

Payment Fees

In addition to Session Fees charged by the Expert, fees might be charged by the payment provider. For more info visit https://telebond.com/price/.

User Conduct

You agree not to contact an Expert for any purpose other than asking a question related to the Services.

4. PRIVACY POLICY

Candide is owned and operated by Candide Base Limited (hereinafter collectively referred to as “Candide”, “we” or “us”). Candide takes your privacy very seriously.

This privacy policy (“Privacy Policy“) and any other documents referred to in it, sets out the basis on which any personal data: (i) we collect from users (“Users“) of www.telebond.com (the “Site”) or any services offered on our Site (“Services“); or (ii) that Users provide to us; shall be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

By using the Site or Services you are accepting the terms of this Privacy Policy, as it may be amended from time to time. If you do not agree to the terms of this Privacy Policy, please do not use this Site or Services.

The terms “using” and “processing” in this Privacy Policy include using cookies web beacons, and similar technologies on a computer, subjecting the data to statistical or other analysis and using or handling data in any way, including, but not limited to collecting, storing, evaluating, modifying, deleting, using, combining, disclosing and transferring data within our company group and to our affiliates worldwide.

For the purpose of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, (“GDPR“) or any subsequent amendment or replacement or supplementary legislation (together “Data Protection Law“), the data controller is Candide Base Limited of 78, York Street, London, United Kingdom, W1H 1DP.

Scope

This Privacy Policy only applies to data that you provide to us by using the Site or Services. Please note that the Site and Services may contain links to other websites. If you click on a link to another website, this Privacy Policy will not apply to any data collected on that website. We are not responsible for the privacy practices, security, or content of such other websites, and we recommend that you read the privacy policies of each website that you visit.

Purpose of Data Collection

Our principal goals in collecting data are to:

  • provide services, features and content on our Site and to administer your use of the Site;
  • improve the Site and Services;
  • enable Users to enjoy and easily navigate the Site.

Types of Data Collected

We may collect and process the following types of data about you.

Information you give us:

Personal Data: You may give us personal information about yourself when you register for and use the Services, access certain content or features within the Site or Services, directly contact the Site, subscribe for a newsletter, search for a product or service, place on order on the Site or within the Services, participate in Sessions, contact other Users or when you report a problem with the Site or Services.

The information you give us may include:

  • your name, phone number, mobile phone number, email address and postal address;
  • your username, password, and account setting preferences;
  • your credit card number, billing address and other billing related information;
  • Profile Image, chat messages and shared files;
  • Client’s name and email.

(collectively, “Personal Data”).

Information we collect about you:

Non-Identifying Data: When you visit our Site or use our Services, as a User or a non-registered user, (any of these, a “Candide User”), we may automatically collect non-identifying data. This information may include:

  • Log data: This is information that your browser sends whenever you visit a website (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type or the webpage you were visiting before you came to our Site, pages of our Site that you visit, the time spent on those pages, information you search for on our Site, access times and dates, and other statistics. We use this information to monitor and analyse use of the Site and the Services and for the Site’s technical administration, to increase our Site’s functionality and user-friendliness, and to better tailor our Site to our visitors’ needs. We do not treat Log Data as Personal Data or use it in association with other Personal Data, although we may aggregate, analyse and evaluate such Log Data for the same purposes stated above regarding other Non-Identifying Data including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
  • Information from other online accounts to which you have given us permission to collect data from within your settings or the privacy policies of these other online services. For example, this can be via social media or by choosing to send us your location data when accessing our Site from your smartphone; or it can be from the integrations and connections that you choose to install when using the Services.

(collectively, “Non-Identifying Data”).

Information we receive from other sources.

We also use information collected from other sources:

We may access information about you from third-party sources and platforms. You can register to use the Services by logging onto online accounts you may already have with third party service providers (“TPSP”) e.g. Google, Facebook, Twitter or LinkedIn each, a (“Third Party Account”), via our Site as described below. As part of the functionality of the Site or Service, you may link your Telebond Account with Third Party Accounts, by either:

  • providing your Third Party Account login information to us through the Site or Service; or
  • allowing us to access your Third Party Account, as permitted under the applicable terms and conditions that govern your use of each Third Party Account.

In doing so, you represent that you are permitted under the terms and conditions of the applicable TPSP:

  • to disclose your Third Party Account login information to us: and
  • to grant us access to use your Third Party Account for the purposes described in this Privacy Policy;

without you breaching the terms and conditions of the applicable TPSP and without obligation us to pay any fees or making us subject to any usage limitations imposed by the applicable TPSP.

If you register by logging into a Third Party Account via our Site, we will access the data you have provided to the applicable TPSP (such as your actual name, email address, profile picture, names of TPSP friends, names of TPSP groups to which you belong, other information you make publicly available via the applicable TPSP and/or other information you authorize us to access by authorizing the TPSP to provide such information) from your Third Party Accounts and we shall use that data to create your Telebond Account and Telebond Account profile page. Depending on the Third Party Accounts you choose and subject to the privacy settings that you have set in such Third Party Accounts, you understand that by granting us access to the Third Party Accounts, we will access, make available and store (if applicable and as permitted by the TPSP and authorized by you) the data in your Third Party Accounts so that it is available on and through your Telebond Account on the Site and Service. If there is data about your “friends” or people with whom you are associated in your Third Party Account, the data we obtain about those “friends” or people with whom you are associated, may also depend on the privacy settings such people have with the applicable TPSP.

We may receive information about you if you use any of the other websites we operate or the other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on this Site.

We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.

Cookies

Like many websites, we use “cookies” to collect information. A cookie is a small data file that we transfer to your computer’s hard disk for record-keeping purposes which is placed on your computer by websites that you visit. We use cookies for two purposes. First, we utilize persistent cookies to save your login information for future logins to the Site. Second, we utilize session cookies to enable certain features of the Site, to better understand how you interact with the Site and to monitor aggregate usage by Users and web traffic routing on the Site. Unlike persistent cookies, session cookies are deleted from your computer when you log off from the Site and then close your browser.

We use the following cookies on our Site or within our Services:

Google Analytics – Tracking cookies

These cookies are used to collect information about how visitors use our Site. We use the information to compile reports and to help us improve the Site. The cookies collect information in an anonymous form, including the number of visitors to the Site, where visitors have come to the Site from and the pages they visited. If you do not allow these cookies we will not be able to include your visit in our statistics. You can read the full Google Analytics privacy policy at: http://www.google.com/policies/privacy/.

Anonymous Analytics – Analytics cookies

We use analytics cookies to tell us whether you have visited the Site previously, and to gather statistics about visits to a page.

Geotargeting – Location cookies

These cookies are used by software which tries to work out what country you are in from information supplied by your browser when it requests a web page. This cookie is completely anonymous, and is only used to help target content.

Registration – Signin cookies

When you sign in, we generate cookies that let us know whether you are signed in or not. Our servers use these cookies to work out which account you are signed in with.

Site Performance – Preference cookies

We use site performance cookies to remember preferences you may have set on our Sites.

You can set up your browser options, to stop your computer accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use the whole of the Site or all functionality of the Service.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org. To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.

Web Beacons

Our Site may contain electronic images known as web beacons (sometimes called single-pixel gifs). Web beacons are used along with cookies to compile aggregated statistics to analyse how our Site is used and may also be used in some of our emails to let us know which emails and links have been opened by recipients. This allows us to gauge the effectiveness of our Candide User communications and marketing campaigns.

Use of Your Information

We do not use your information for purposes other than those set out in this Privacy Policy and/or at the time such information was collected, except with your consent, for a legitimate purpose or as required by law. We use information held about you in the following ways:

Information you give to us:

Email Communications: We may use information we collect to send you email communications or information about your account or changes to the Site or Services (including changes to our Telebond Terms of Use and this Privacy Policy).

Mobile Communications: With your consent, we may use your mobile phone number to send you information, notifications and updates regarding the Site or Service.

Profile Information: We use information we collect at registration to create your Telebond Account and Telebond Account profile page. Your Telebond Account profile page will include, among other things, your first and last name, your profile picture and your location. You can select the other items of Personal Data that you wish to be included in your Telebond Account profile page – including, but not limited to, a list of the TPSP groups to which you belong, a list of any of your TPSP friends or connections who are also Users, connections you have established between your Telebond Account and any TPSPs, and a biography and links to your profiles, if applicable (together, your “Profile Information”). We will display your Profile Information in your Telebond Account profile page publicly via the Site and, with your prior permission, on third party sites. Any information you choose to provide as part of your Profile Information will be publicly visible to all Users and consequently should reflect how much you want other Users to know about you. We recommend that you protect your anonymity and sensitive data and we encourage you to exercise caution regarding the information disclosed in your Telebond Account profile page. You can review and edit your Profile Information at any time.

Profiles: If you create a profile, we may publish, use, share or otherwise disclose the content of that profile publicly via the Site and may enable third parties to publish the profile on their websites.

Candide Marketing: We may also use your information to provide you with Candide (and its subsidiaries) newsletters, marketing or promotional materials and other information that may be of interest to you. If you are an existing User, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new User, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this by ticking the relevant box situated on the form on which we collect your data. You may opt out of these marketing related notifications at any time by accessing the “Manage Notifications” section of your Telebond Account. Please note that we may also use your Personal Data to contact you with information related to your use of the Service; you may not opt out of these notifications.

Request Fulfilment: We may use information that we collect to fulfil your requests for products, services and information. For example, we may use your information to respond to your customer service requests.

Data Analysis: In order to learn more about how our Site and Services are used, we aggregate and analyse the information we collect. We may use information, for example, to monitor and analyse use of the Site and Services, to improve functionality and to better tailor our content and design to suit our visitors’ needs.

Testimonials: We post testimonials on the Site. With your consent, we may post your testimonial on the Site along with your name. To have your testimonial removed, please contact us at info@telebond.com.

Aggregated Data: We may use your information and aggregate it with data collected from other Users to attempt to provide you with a better experience, to improve the quality and value of the Site and Services and to analyse and understand how our Site and Services are used. We may also use the combined information without aggregating it to serve you specifically, for instance to deliver a product to you according to your preferences or restrictions.

To Perform Contracts: We may use your information to carry out our obligations arising from any contract entered into between you and us and you and another User.

Information we collect from you:

Administration Purposes: We may use your information to administer our Site and Services, for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.

Usability: We may use your information to ensure that content from our Site and Services is presented in the most effective manner for you and for your computer, to allow you to participate in interactive features of our Services, when you choose to do so.

Services Information: We may use your information to inform you about scheduled Services downtimes and new features or to make suggestions and recommendations to you and other users of our Site or Services about our goods or services that may interest you or them.

Analysis: We may use your information to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you.

Third Party Access to your Data

We do not share or disclose your information for purposes other than those set out in this Privacy Policy and/or at the time the information was collected, except with your consent, for a legitimate purpose or as required by law. We will make information about you available to other companies, applications, or people in the circumstances listed below:

Information we share with third parties:

Analysis: We may share aggregated information that does not include Personal Data and we may otherwise disclose Non-Identifying Data and Log Data to third parties for industry analysis, demographic profiling, payment processing, customer service and other purposes. Any aggregated information we share will not contain your Personal Data.

Services Delivery: We may employ third party companies and individuals to perform Site-related services, including maintenance services, database management, web analytics, data processing and email and text message distribution. These third parties will have access to your information only for the purpose of performing these tasks on our behalf.

Companies within our group of companies: We will make your information (including Personal Data) available to all companies within our group of Companies in order to provide the Site and Services to Users. Where any group companies are located outside of the EEA, we will ensure that such companies are subject to EU Model clauses in relation to access to and use of your Personal Data.

Third Party Services: To customize your experience on the Site and to simplify our registration process, we provide you with the opportunity to access or interact with TPSPs, such as Google, Facebook, Twitter and LinkedIn. When you connect to the Site through these TPSPs, we may share your information with these TPSPs and they may share Personal Data about you with us. When you allow us to access your information through a Third Party Account to create a Site account, we may use this information for several purposes, including:

  • relationships automatically within our system. For example, if you connect to us via a service with a public friend list, like Twitter, we may check to see if any people you follow on Twitter are also Site Users. If we find a match, we will replicate your Twitter relationship with those Site Users, setting them to be fans, followers, or friends on our Site.
  • Populating a list of potential friends to whom you can send service-specific messages. For example, we may use friend lists from a TPSP to create a list of contacts to whom you may choose to share your Telebond Account profile page.
  • To enhance and personalize your experience on the Site, when you are connected via a TPSP, we may access certain information, such as your profile picture, in order to enhance and personalize your experience on the Site.

Please remember that we do not control the privacy practices of these TPSPs. We encourage you to read the privacy policies of all TPSP websites.

Information we disclose to third parties:

We may disclose your personal data to third parties:

Due Diligence: We may disclose your information in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.

Corporate Transaction: We may disclose your information in the event that the Site or Services are acquired by or merged with another company or a similar corporate transaction takes place, in which case Personal Data held about you will be one of the transferred assets. However, we will notify you by placing a prominent notice on the Site or within the Services, or sending a notice to the primary email address specified in your account before your Personal Data is transferred and becomes subject to a different privacy policy.

Contractual Right: We may disclose your information in order to enforce or apply our Telebond Terms of Use (www.telebond.com) and/or any other agreements, or to protect our rights, property, safety, our customers or others.

Investigations: We may share your information to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety or other rights and interests of any person, violations of the Terms, or as otherwise required by law.

Compliance with Laws: We may share your information to respond to subpoenas, search warrants, judicial proceedings, court orders, legal process, or other law enforcement measures, to establish or exercise our legal rights, or to defend against legal claims.

Security and Storage

To protect your privacy and your information, Candide uses multiple security procedures and practices to protect from unauthorized access, destruction, use, modification and disclosure of information of Users.

When you enter information on our Site, we encrypt that information using secure socket layer technology (SSL). SSL creates a secured connection between our web servers and your browser, which protects against unauthorized access to transmitted data and supports data being sent only to intended recipients.

Your information is password protected and our main servers are locked and hosted by a leading provider of Internet access to enterprises with mission-critical Internet application requirements. Access to the hosed environment is secure.

Identity theft and the practice currently known as “phishing” are of great concern to us. Safeguarding information to help protect you from identity theft is a top priority. We do not and will not, at any time, ask you to provide any credit card information, your Telebond Account ID, login password, or national identification numbers in a non-secure or unsolicited email or telephone communication.

We follow generally accepted industry standards to protect information submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our Site, you can contact us at support@telebond.com.

Note that we will make any legally required disclosures of any breach of security, confidentiality, or integrity of your unencrypted electronically stored “Personal Data” (as defined in applicable laws on security breach notification) to you via email or conspicuous posting on the Site as quickly as possible and without unreasonable delay, insofar as this is consistent with:

  • the legitimate needs of law enforcement; or
  • any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.

All communications, information and files exchanged should be shared exclusively using Candide’s system in order to keep communications and transactions on Candide secure. Security and trust must be maintained for all Users by maintaining initial conversations within the Candide application. Protecting our Users’ Personal Data is of critical concern. In order to protect our users’ privacy, Personal Data should be kept anonymous. Requesting or providing email addresses, Skype/IM usernames or other personal contact details (other than your name) is strictly prohibited. Candide’s Call Back service and User Inboxes are designed to enable communication between all Users.

International Transfer

We, our group companies, affiliates, and third party partners to whom we disclose your information may perform activities outside of the EEA and potentially we may collect, transfer, store, and process your information (including Personal Data) in countries outside of the EEA. As a result, your information may be subject to the laws of those countries or other jurisdictions. These laws may not be equivalent to the privacy and data protection laws in your jurisdiction. Personal Data may be disclosed in response to valid demands or requests from government authorities, courts, or law enforcement in these countries. By using the Site or providing us with your information, you consent to the potential collection, transfer, storage, and processing of your information outside of the EEA.

We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this Privacy Policy. In particular, this means that your Personal Data will only be transferred to a country that provides an adequate level of protection (for example, where the European Commission has determined that a country provides an adequate level of protection) or where the recipient is bound by standard contractual clauses according to conditions provided by the European Commission (“EU Model Clauses“).

Your rights

You have the right under Data Protection Law, free of charge, to request:

  • Access to your Personal Data.
  • Rectification or deletion of your Personal Data.
  • A restriction on the processing of your Personal Data.
  • Object to the processing of your Personal Data.
  • A transfer of your Personal Data (data portability).

You can make a request in relation to any of the above rights by writing to us at the email address given at the end of this Privacy Policy. We will respond to such queries within 30 days and deal with requests we receive from you, in accordance with the provisions of Data Protection Law. You may also:

  • Directly edit your Profile; or
  • Deactivate your Telebond Account by contacting us or selecting the “Cancel Account” feature of the Service

Please note that, if you cancel your Telebond Account, any of your user content on the Site will remain publicly viewable via the Site.

Consent

You have the right to withdraw your consent to us processing your Personal Data, at any time, by contacting us at the contact address given at the end of this Privacy Policy.

For new Users, where we process your Personal Data for marketing purposes, (similar other than informing you about similar goods and services of Candide or its affiliates), we will inform you and obtain your opt in consent (before collecting your Personal Data) if we intend to use your Personal Data for such purposes or if we intend to disclose your information to any third party for such purposes. If you change your mind about being contacted in the future, please opt out by clicking the “unsubscribe” link at the bottom of any email. Once you do this, you will no longer receive any marketing emails from us. We will continue to communicate with you regarding your service billing and support via email.

We send push notifications from time to time in order to update you about any Services or Site updates, events and promotions we may be running. If you no longer wish to receive these communications, please disable these in the settings on your device.

Data Retention

We retain Personal Data for as long as necessary for the relevant activity for which it was provided or collected. This will be for as long as we provide access to the Site or Services to you, your account with us remains open or any period set out in any relevant contract you have with us. In particular we delete the following data as follows:

  • Log data – 1 month;
  • Backups data – 2 months;
  • Emails – 45 days.

However, we may keep some data after your account is closed or you cease using the Site of Services for the purposes set out below.

After you have closed your account or ceased using the Site of Services for a period of at least 4 months, we usually delete Personal Data, however we may retain Personal Data where reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, maintain security, prevent fraud and abuse, resolve disputes, enforce our Telebond Terms of Use (www.telebond.com), or fulfil your request to “unsubscribe” from further messages from us.

We will retain de-personalised information after your account has been closed.

Please note: After you have closed your account or deleted information from your account, any information you have shared with others will remain visible. We do not control data that other users may have copied from the Site or Services. Your Profile may continue to be displayed in the services of others (e.g. search engine results) until they refresh their cache.

Complaints

If you have any complaints about our use of your personal data please contact us as set out at the end of this Privacy Policy or contact our supervisory authority in England: The Information Commissioner’s Office at, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England (“ICO“)

Age of Users

This Site and the Services are not intended for and shall not be used by anyone under the 18 years of age.

Changes to This Policy

This Privacy Policy may be updated from time to time by means of a notice on the Site prior to the change becoming effective. If we make any material changes we will notify you in advance by email (sent to the e-mail address specified in your Telebond Account). You will be bound by such changes if you continue to use the Site or Services after the date of the new privacy policy. . We encourage you to periodically review this page for the latest information on our privacy practices. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Telebond Terms of Use.

This Privacy Policy was last updated on the 28th of November 2018 and replaces any other privacy policy previously applicable to your use of the Site or Services.

Addressing Your Concerns

If you have questions or suggestions or wish to contact our Privacy Officer, please contact us:

By email: support@telebond.com.

By post: Candide Base Limited, Customer Care – Privacy Policy Issues, 78, York Street, London, United Kingdom, W1H 1DP.

5. DATA PROCESSING AGREEMENT

This DPA is entered into between Candide and the User and is incorporated into and governed by the terms of the Telebond Terms of Use.

1. Definitions

Any capitalised term not defined in this DPA shall have the meaning given to it in the Agreement.

“Affiliates” means any entity that directly or indirectly controls, is controlled by, or is under common control of a party. “Control,” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of a party;

“Agreement” means the agreement between the User and Candide for the provision of the Services (including access to the Site);

“Controller” means the User;

“Data Protection Law” means the GDPR and/or any subsequent amendment or replacement or supplementary legislation;

“Data Subject” shall have the same meaning as in Data Protection Law;

“DPA” means this data processing agreement together with Exhibit A and the Security Policy;

“GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016;

“Personal Data” shall have the same meaning as in Data Protection Law;

“Processor” means Candide;

“Security Policy” means Candide’s security document as updated from time to time, and accessible via www.telebond.com or otherwise made reasonably available by Candide;

“Standard Contractual Clauses” means the EU model clauses for personal data transfer from controllers to processors c2010-593 – Decision 2010/87EU;

“Sub-Processor” means any person or entity engaged by Candide or its Affiliate to process Personal Data in the provision of the Services to Users.

2. Purpose

  1. The Processor has agreed to provide the Services to the Controller in accordance with the terms of the Agreement. In providing the Services, the Processor shall process User Content on behalf of the Controller. User Content may include Personal Data. The Processor will process and protect such Personal Data in accordance with the terms of this DPA.

3. Scope

  1. In providing the Services to the Controller pursuant to the terms of the Agreement, the Processor shall process Personal Data only to the extent necessary to provide the Services in accordance with both the terms of the Agreement and the Controller’s instructions documented in the Agreement and this DPA.

4. Processor Obligations

  1. The Processor may collect, process or use Personal Data only within the scope of this DPA.
  2. The Processor confirms that it shall process Personal Data on behalf of the Controller and shall take steps to ensure that any natural person acting under the authority of the Processor who has access to Personal Data shall only process the Personal Data on the documented instructions of the Controller.
  3. The Processor shall promptly inform the Controller, if in the Processor’s opinion, any of the instructions regarding the processing of Personal Data provided by the Controller, breach any Data Protection Law.
  4. The Processor shall ensure that all employees, agents, officers and contractors involved in the handling of Personal Data: (i) are aware of the confidential nature of the Personal Data and are contractually bound to keep the Personal Data confidential; (ii) have received appropriate training on their responsibilities as a data processor; and (iii) are bound by the terms of this DPA.
  5. The Processor shall implement appropriate technical and organisational procedures to protect Personal Data, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons.
  6. The Processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate: (i) the pseudonymisation and encryption of Personal Data; (ii) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; (iii) the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident; (iv) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing. In accessing the appropriate level of security, account shall be taken in particular of the risks that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored or otherwise processed.
  7. The technical and organisational measures detailed in the Security Policy shall be at all times adhered to as a minimum security standard. The Controller accepts and agrees that the technical and organisational measures are subject to development and review and that the Processor may use alternative suitable measures to those detailed in the attachments to this DPA.
  8. The Controller acknowledges and agrees that, in the course of providing the Services to the Controller, it may be necessary for the Processor to access the Personal Data to respond to any technical problems or Controller queries and to ensure the proper working of the Solution and Services. All such access by the Processor will be limited to those purposes.
  9. Where Personal Data relating to an EU Data Subject is transferred outside of the EEA it shall be processed in accordance with the provisions of the Standard Contractual Clauses, unless the processing takes place: (i) in a third country or territory recognised by the EU Commission to have an adequate level of protection; or (ii) by an organisation located in a country which has other legally recognised appropriate safeguards in place, such as the EU-US Privacy Shield or Binding Corporate Rules.
  10. Taking into account the nature of the processing and the information available to the Processor, the Processor shall assist the Controller by having in place appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Controller’s obligation to respond to requests for exercising the Data Subject’s rights and the Controller’s compliance with the Controller’s data protection obligations in respect of the processing of Personal Data.

5. Controller Obligations

  1. The Controller represents and warrants that it shall comply with the terms of the Agreement, this DPA and Data Protection Law.
  2. The Controller represents and warrants that it has obtained any and all necessary permissions and authorisations necessary to permit the Processor, its Affiliates and Sub-Processors, to execute their rights or perform their obligations under this DPA.
  3. The Controller is responsible for compliance with all Data Protection Law, including requirements with regards to the transfer of Personal Data under this DPA and the Agreement.
  4. All Affiliates of the Controller who use the Services shall comply with the obligations of the Controller set out in this DPA.
  5. The Controller shall implement appropriate technical and organisational procedures to protect Personal Data, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. The Controller shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate.
  6. The Controller shall take steps to ensure that any natural person acting under the authority of the Controller who has access to Personal Data only processes the Personal Data on the documented instructions of the Controller.
  7. The Controller may require correction, deletion, blocking and/or making available the Personal Data during or after termination of the Agreement. The Processor will process the request to the extent it is lawful and will reasonably fulfil such request in accordance with its standard operational procedures to the extent possible.
  8. The Controller acknowledges and agrees that some instructions from the Controller, including destruction or return of data, assisting with audits, inspections or DPIAs by the Processor, may result in additional fees. In such case, the Processor will notify the Controller of its fees for providing such assistance in advance, unless otherwise agreed.

6. Sub-Processors

  1. The Controller acknowledges and agrees that: (i) Affiliates of the Processor may be used as Sub-processors; and (ii) the Processor and its Affiliates respectively may engage Sub-processors in connection with the provision of the Services.
  2. All Sub-processors who process Personal Data in the provision of the Services to the Controller shall comply with the obligations of the Processor set out in this DPA.
  3. Where Sub-processors are located outside of the EEA, the Processor confirms that such Sub-processors: (i) are located in a third country or territory recognised by the EU Commission to have an adequate level of protection; or (ii) have entered into Standard Contractual Clauses with the Processor; or (iii) have other legally recognised appropriate safeguards in place, such as the EU-US Privacy Shield or Binding Corporate Rules.
  4. The Processor shall make available to the Controller the current list of Sub-processors which shall include the identities of Sub-processors and their country of location. During the term of this DPA, the Processor shall provide the Controller with prior notification, via email, of any changes to the list of Sub-processor(s) who may process Personal Data before authorising any new or replacement Sub-processor(s) to process Personal Data in connection with the provision of the Services.
  5. The Controller may object to the use of a new or replacement Sub-processor, by notifying the Processor promptly in writing within ten (10) Business Days after receipt of the Processor’s notice. If the Controller objects to a new or replacement Sub-processor, the Controller may terminate the Agreement with respect to those Services which cannot be provided by the Processor without the use of the new or replacement Sub-processor. The Processor will refund the Controller any prepaid fees covering the remainder of the term of the Agreement following the effective date of termination with respect to such terminated Services.

7. Liability

  1. The limitations on liability set out in the Agreement apply to all claims made pursuant to any breach of the terms of this DPA.
  2. The parties agree that the Processor shall be liable for any breaches of this DPA caused by the acts and omissions or negligence of its Sub-processors to the same extent the Processor would be liable if performing the services of each Sub-processor directly under the terms of the DPA, subject to any limitations on liability set out in the terms of the Agreement.
  3. The parties agree that the Controller shall be liable for any breaches of this DPA caused by the acts and omissions or negligence of its Affiliates as if such acts, omissions or negligence had been committed by the Controller itself.
  4. The Controller shall not be entitled to recover more than once in respect of the same claim.

2. Audit

  1. The Processor shall make available to the Controller all information reasonably necessary to demonstrate compliance with its processing obligations and allow for and contribute to audits and inspections.
  2. Any audit conducted under this DPA shall consist of examination of the most recent reports, certificates and/or extracts prepared by an independent auditor bound by confidentiality provisions similar to those set out in the Agreement. In the event that provision of the same is not deemed sufficient in the reasonable opinion of the Controller, the Controller may conduct a more extensive audit which will be: (i) at the Controller’s expense; (ii) limited in scope to matters specific to the Controller and agreed in advance; (iii) carried out during UK business hours and upon reasonable notice which shall be not less than 4 weeks unless an identifiable material issue has arisen; and (iv) conducted in a way which does not interfere with the Processor’s day-to-day business.
  3. This clause shall not modify or limit the rights of audit of the Controller, instead it is intended to clarify the procedures in respect of any audit undertaken pursuant thereto.

3. Data Breach

  1. The Processor shall notify the Controller without undue delay after becoming aware of (and in any event within 72 hours of discovering) any accidental or unlawful destruction, loss, alteration or unauthorised disclosure or access to any Personal Data (“Data Breach“).
  2. The Processor will take all commercially reasonable measures to secure the Personal Data, to limit the effects of any Data Breach, and to assist the Controller in meeting the Controller’s obligations under applicable law.

2. Compliance, Cooperation and Response

  1. In the event that the Processor receives a request from a Data Subject in relation to Personal Data, the Processor will refer the Data Subject to the Controller unless otherwise prohibited by law. The Controller shall reimburse the Processor for all costs incurred resulting from providing reasonable assistance in dealing with a Data Subject request. In the event that the Processor is legally required to respond to the Data Subject, the Controller will fully cooperate with the Processor as applicable.
  2. The Processor will notify the Controller promptly of any request or complaint regarding the processing of Personal Data, which adversely impacts the Controller, unless such notification is not permitted under applicable law or a relevant court order.
  3. The Processor may make copies of and/or retain Personal Data in compliance with any legal or regulatory requirement including, but not limited to, retention requirements.
  4. The Processor shall reasonably assist the Controller in meeting its obligation to carry out data protection impact assessments (DPIAs), taking into account the nature of processing and the information available to the Processor.
  5. The parties acknowledge that it is the duty of the Controller to notify the Processor within a reasonable time, of any changes to applicable data protection laws, codes or regulations which may affect the contractual duties of the Processor. The Processor shall respond within a reasonable timeframe in respect of any changes that need to be made to the terms of this DPA or to the technical and organisational measures to maintain compliance. If the parties agree that amendments are required, but the Processor is unable to accommodate the necessary changes, the Controller may terminate the part or parts of the Services which give rise to the non-compliance. To the extent that other parts of the Services provided are not affected by such changes, the provision of those Services shall remain unaffected.
  6. The Controller and the Processor and, where applicable, their representatives, shall cooperate, on request, with a supervisory data protection authority in the performance of their respective obligations under this DPA.

11. Term and Termination

  1. The Processor will only process Personal Data for the term of the DPA. The term of this DPA shall coincide with the commencement of the Agreement and this DPA shall terminate automatically together with termination or expiry of the Agreement.
  2. The Processor shall at the choice of the Controller, upon receipt of a written request (including email) received within 30 days the end of the provision of the Services relating to processing, delete or return Personal Data to the Controller within 30 days of receiving such request. The Processor shall in any event delete all copies of Personal Data in its systems within 45 days of the effective date of termination of the Agreement unless: (i) applicable law or regulations require storage of the Personal Data after termination; or (ii) partial Personal Data of the User is stored in backups, then such Personal Data shall be deleted from backups up 2 months after the effective date of termination of the Agreement.

12. General

  1. This DPA sets out the entire understanding of the parties with regards to the subject matter herein.
  2. Should a provision of this DPA be invalid or become invalid then the legal effect of the other provisions shall be unaffected. A valid provision is deemed to have been agreed which comes closest to what the parties intended commercially and shall replace the invalid provision. The same shall apply to any omissions.
  3. This DPA shall be governed by the laws of England and Wales. The courts of England shall have exclusive jurisdiction for the settlement of all disputes arising under this DPA.
  4. The parties agree that this DPA is incorporated into and governed by the terms of the Agreement.

Exhibit A

Overview of data processing activities to be performed by the Processor

1. Controller

The Controller transfers Personal Data identified in sections 3, 4 and 5 below, as it relates to the processing operations identified in section 6 below.

The Controller is the User.

2. Processor

The Processor received data identified in sections 3, 4 and 5 below, as it relates to the processing operations identified in section 6 below.

The Processor is Candide.

3. Data Subjects

The Personal Data transferred includes but is not limited to the following categories of Data Subjects:

  • Employees, freelancers and contractors of the Controller and other users added by the Controller from time to time.
  • Contacts and friends of the Controller contained in any Third Party Services.
  • Users, Affiliates and other participants from time to time to whom the Controller has granted the right to access the Site and Services in accordance with the terms of the Agreement.
  • Customers of the Controller and individuals with whom those end users communicate with by email and/or instant messaging.
  • Service providers of the Controller.
  • Other individuals to the extent identifiable in the content of emails or their attachments or in archiving content.

4. Categories of Data

The Personal Data transferred includes but is not limited to the following categories of data:

  • Personal details, names, usernames, phone numbers, passwords, email and postal addresses of Users.
  • Personal Data derived from the Users use of the Site and Services
  • Profile information of Users from Third Party Accounts such as name, email address, profile picture, names of friends names of groups you are members of and other information made publicly available via the Third Party Account.
  • Personal Data within email and messaging content which identifies or may reasonably be used to identify, data subjects.
  • Metadata including sent, to, from, date, time, subject, which may include Personal Data. Financial data provided to use the Services such as credit card number, billing address and other billing related information
  • Survey, feedback and assessment messages.
  • Information offered by users as part of support enquiries.

5. Processing operations

The Personal Data transferred will be subject to the following basic processing activities:

  • Personal Data will be processed to the extent necessary to provide the Solution and Services in accordance with both the Agreement and the Controller’s instructions. The Processor processes Personal Data only on behalf of the Controller.
  • Processing operations include but are not limited to: enabling Users to connect with each other to exchange information, to create Profiles in order to offer information and advice to other Users using the Site, the Services or social media. These operations relate to all aspects of Personal Data processed.
  • Technical support, issue diagnosis and error correction to ensure the efficient and proper running of the systems and to identify, analyse and resolve technical issues both generally in the provision of the Solution and Services and specifically in answer to a Controller query. This operation may relate to all aspects of Personal Data processed but will be limited to metadata where possible.
  • Virus, anti-spam and Malware checking in accordance with the Solution and Services provided. This operation relates to all aspects of Personal Data processed.
  • URL scanning for the purposes of the provision of targeted threat protection and similar service which may be provided under the Agreement. This operation relates to attachments and links in emails and will relates to any Personal Data within those attachments or links which could include all categories of Personal Data.

Security Policy

Technical and Organisational Security Measures

Upon the Controller’s written request (no more than once in any 12 month period), the Processor shall provide within a reasonable time, a copy of the most recently completed certification and/or attestation reports (to the extent that to do so does not prejudice the overall security of the Solution and Services). Any audit report submitted to the Controller shall be treated as Confidential Information and subject to the confidentiality provisions of the Agreement between the parties.

The following descriptions provide an overview of the technical and organisational security measures implemented. It should be noted however that, in some circumstances, in order to protect the integrity of the security measures and in the context of data security, detailed descriptions may not be available, however additional information regarding technical and organisational measures may be found in the Security Policy. It’s acknowledged and agreed that the Security Policy and the technical and organisational measures described therein will be updated and amended from time to time, at the sole discretion of the Processor. Notwithstanding the foregoing, the technical and organisational measures will not fall short of those measures described in the Security Policy in any material, detrimental way.

1. Entrance Control

Technical or organisational measures regarding access control, especially regarding legitimation of authorised persons:

The aim of the entrance control is to prevent unauthorised people from physically accessing such data processing equipment which processes or uses Personal Data.

Due to their respective security requirements, business premises and facilities are subdivided into different security zones with different access authorisations. They are monitored by security personnel. Access for employees is only possible with an encoded ID with a photo on it. All other persons have access only after having registered before (e.g. at the main entrance).

Access to special security areas for remote maintenance is additionally protected by a separate access area. The constructional and substantive security standards comply with the security requirements for data centres.

2. System Access Control

Technical and organisational measures regarding the user ID and authentication:

The aim of the system access control is to prevent unauthorised use of data processing systems, are used for the processing of User Content.

Remote access to the data processing systems is only possible through the Processor’s secure VPN tunnel. If the users first authenticate to the secure VPN tunnel, after successful authentication authorisation is executed by providing a unique username and password to a centralised directory service. All access attempts, successful and unsuccessful are logged and monitored.

Additional technical protections are in place using firewalls and proxy servers and state of the art encryption technology that is applied where appropriate to meet the protective purpose based on risk.

3. Data Access Control

Technical and organisational measures regarding the on-demand structure of the authorisation concept, data access rights and monitoring and recording of the same:

Measures regarding data access control are targeted on the basis that only such data can be accessed for which an access authorisation exists and that data cannot be read, copied, changed or deleted in an unauthorised manner during the processing and after the saving of such data.

Access to data necessary for the performance of the particular task is ensured within the systems and applications by a corresponding role and authorisation concept. In accordance to the “least privilege” and “need-to-know” principles, each role has only those rights which are necessary for the fulfilment of the task to be performed by the individual person.

To maintain data access control, state of the art encryption technology is applied to the Personal Data itself where deemed appropriate to protect sensitive data based on risk.

4. Transmission Control

Technical and organisational measures regarding the transport, transfer, transmission, storage and subsequent review of Personal Data on data media (manually or electronically).

Transmission control is implemented so that Personal Data cannot be read, copied, changed or deleted without authorisation, during transfer or while stored on data media, and so that it can be monitored and determined as to which recipients a transfer of Personal Data is intended.

The measures necessary to ensure data security during transport, transfer and transmission of Personal Data as well as any other company or User Content are detailed in the Security Policy. This standard includes a description of the protection required during the processing of data, from the creation of such data to deletion, including the protection of such data in accordance with the data classification level.

For the purpose of transfer control, an encryption technology is used (e.g. remote access to the company network via two factor VPN tunnel and full disk encryption). The suitability of an encryption technology is measured against the protective purpose.

The transfer of Personal Data to a third party (e.g. customers, sub-contractors, service providers) is only made if a corresponding contract exists, and only for the specific purposes. If Personal Data is transferred to companies located outside the EEA, the Processor provides that an adequate level of data protection exists at the target location or organisation in accordance with the European Union’s data protection requirements, e.g. by employing contracts based on the Standard Contractual Clauses.

5. Data Entry Control

Technical and organisational measures regarding recording and monitoring of the circumstances of data entry to enable retroactive review.

System inputs are recorded in the form of log files therefore it is possible to review retroactively whether and by whom Personal Data was entered, altered or deleted.

6. Data Processing Control

Technical and organisational measures to differentiate between the competences of principal and contractor:

The aim of the data processing control is to provide that Personal Data is processed by a commissioned data processor in accordance with the Instructions of the principal.

Details regarding data processing control are set forth in the Agreement and DPA.

7. Availability Control

Technical and organisational measures regarding data backup (physical/logical):

Data is stored in triplicate across 2 data centres, with 2 separate cross connections. The data centres can be switched in the event of flooding, earthquake, fire or other physical destruction or power outage protect Personal Data against accidental destruction and loss.

If Personal Data is no longer required for the purposes for which it was processed, it is deleted promptly. It should be noted that with each deletion, the Personal Data is only locked in the first instance and is then deleted for good with a certain delay. This is done in order to prevent accidental deletions or possible intentional damage.

8. Separation Control

Technical and organisational measures regarding purposes of collection and separated processing:

Personal Data used for internal purposes only e.g. as part of the respective customer relationship, may be transferred to a third party such as a subcontractor, solely under consideration of contractual arrangements and appropriate data protection regulatory requirements.

Employees are instructed to collect, process and use Personal Data only within the framework and for the purposes of their duties (e.g. service provision). At a technical level, multi-client capability includes separation of functions as well as appropriate separation of testing and production systems.

User Content is stored in a way that logically separates it from other User data.

The Controller is assigned a unique encryption key, generated using a FIPS 140-2 compliant crypto library, which is used to encrypt and decrypt all of the Controller’s archived data. In addition to the unique encryption keys, all data being written to the storage grid includes the Controller’s unique account code. The Processor’s systems that write data to the storage grid retrieve he encryption key from one system and the customer code from another, which serves as a cross check against two independent systems. The Controller’s encryption key is further encrypted with a Processor key stored within a centralised and restricted key management system. In order for the Processor to access User Content via the master key, the key management system provisions individual keys following a strict process of approval that includes multiple levels of executive authorisation. Use of these master encryption keys is limited to senior production engineers and all access is logged, monitored, and configured for alerting by security via a centralised Security Incident and Event Management (“SIEM”) system. The Controller’s archived data is encrypted at rest using AES256 bit encryption and data in transit is protected by Transport Layer Security (“TLS”).

This can be via a website URL that is updated from time to time.