Datenschutzerklärung

Softbrik KI für Digital Gesundheit

Datenschutzerklärung

Die für das Forschungsprojekt „Telemedizin und Acne inversa – TeleVersa” (im Folgenden „Forschungsprojekt”) unter Ziffer 1 aufgeführten Verantwortlichen (im Folgenden „Verantwortliche”) legen großen Wert auf den Datenschutz. Daher erheben und verarbeiten die Verantwortlichen Ihre personenbezogenen Daten ausschließlich in Übereinstimmung mit den einschlägigen gesetzlichen Bestimmungen, insbesondere der EU-Datenschutzgrundverordnung (DSGVO). Diese Datenschutzerklärung beschreibt, welche Arten von personenbezogenen Daten von Ihnen im Rahmen und im Zusammenhang mit dem Forschungsprojekt verarbeitet werden.

Neben der in dieser Datenschutzerklärung beschriebenen Datenverarbeitung durch die Verantwortlichen erfolgt ebenfalls eine eigenständige Erhebung und Verarbeitung Ihrer personenbezogenen Daten (einschließlich Gesundheitsdaten) durch die ADA Health GmbH, Karl-Liebknecht-Str. 1, D-10178 Berlin, Telefon +493040367390, E-Mail legal_ext@ada.com (im Folgenden „ADA Health”). Dies betrifft die Symptomanalyse über das von ADA Health bereitgestellte und betriebene Symptomanalyse Tool. Diese Datenverarbeitung durch ADA Health ist Gegenstand einer gesonderten, zusätzlichen Einwilligung von Ihnen gegenüber ADA Health auf Grundlage der Datenschutzrichtlinie (https://ada.com/de/privacy-policy/raw/) und der Allgemeinen Geschäftsbedingungen von ADA Health (https://ada.com/de/terms-and-conditions/raw/).

1. Die in dieser Datenschutzerklärung beschriebenen Abläufe und Datenverarbeitungen beziehen sich ausschließlich auf Ihre personenbezogenen Daten (einschließlich Gesundheitsdaten) aus den Fragebögen (Patient*innen- und Ärzt*in-Fragebögen) und den von ADA Health mit Ihrer Zustimmung bereitgestellten Fallbericht, nicht jedoch auf die Datenverarbeitung durch ADA Health im Rahmen der Leistungserbringung beim ADA Health Symptomanalyse Tool. An dieser Datenverarbeitung sind die Verantwortlichen nicht beteiligt und sie haben auch keinen Zugriff auf diese personenbezogenen Daten.

1.1 Die Datenverarbeitung im Rahmen der Durchführung des Forschungsprojektes steht nach Maßgabe der in Ziffer 3 beschriebenen Zuständigkeits- und Verantwortungsbereiche in der jeweiligen Verantwortung

  • des Initiators und Organisators des Forschungsprojektes, die Novartis Pharma GmbH, Roonstr. 25, D-90429 Nürnberg (im Folgenden „Novartis”); sowie
  • Ihrer/Ihres in der datenschutzrechtlichen Einwilligungserklärung und Schweigepflichtentbindung aufgeführten Hautärztin/ Hautarztes .

Als Initiator und Organisator des Forschungsprojektes agiert Novartis gemeinsam mit der*dem Hautärzt*in als gemeinsam Verantwortliche (Art. 26 in Verbindung mit Art. 4 Nr. 7 DSGVO).

1.2 Die Datenschutzbeauftragten der Verantwortlichen können Sie unter den folgenden Kontaktdaten erreichen:

  • Novartis Pharma GmbH: Data Privacy, Roonstr. 25, D-90429 Nürnberg, E-Mail datenschutz@novartis.com.
  • Hautärzt*in: Siehe die Angaben in der von Ihnen erteilten datenschutzrechtlichen Einwilligungserklärung.

2. Was ist der Grund für die gemeinsame Verantwortung zwischen Novartis und der*dem Hautärzt*in.

2.1 Novartis arbeitet beim Forschungsprojekt in arbeitsteiliger Weise eng mit der*dem Hautärzt*in zusammen. Dies betrifft auch die Verarbeitung Ihrer personenbezogenen Daten in pseudonymisierter Form. Novartis hat mit der*dem Hautärzt*in die Reihenfolge der Verarbeitung Ihrer personenbezogenen in den einzelnen Projektabschnitten festgelegt (siehe hierzu Ziffer 3). Vor diesem Hintergrund sind Novartis und die*der Hautärzt*in innerhalb der nachfolgend beschriebenen Prozessabschnitte Ihnen gegenüber gemeinsam für den Schutz Ihrer personenbezogenen Daten verantwortlich (Art. 26 DSGVO).

2.2 Im Rahmen ihrer gemeinsamen datenschutzrechtlichen Verantwortlichkeiten haben Novartis und die*der Hautärzt*in eine Vereinbarung gemäß Art. 26 DSGVO abgeschlossen, in der insbesondere geregelt ist, welche Partei welche Pflichten gemäß der EU-Datenschutzgrundverordnung (DSGVO) erfüllt. Dies betrifft insbesondere die Wahrnehmung Ihrer datenschutzrechtlichen Rechte im Sinne der Art. 15 ff. DSGVO (vgl. Ziffer 7) sowie die Erfüllung der datenschutzrechtlichen Informationspflichten im Sinne von Art. 13 DSGVO (vgl. Ziffer 3.2).

3.     Zuständigkeiten und Verantwortungsbereiche für die Datenverarbeitung

3.1 Die Zuständigkeiten und die Verantwortung für die Datenverarbeitung sind wie folgt zwischen den Verantwortlichen festgelegt:

Datenverarbeitung
Zuständigkeit und Verantwortung
(a)
Erhebung Ihrer personenbezogenen Daten im Rahmen der Arztfragebögen und die Einholung Ihrer schriftlichen Einwilligungserklärung in die Verarbeitung der personenbezogenen Daten für die Zwecke des Forschungsprojektes nach Maßgabe der Patienteninformation und dieser Datenschutzerklärung.
Alleinige Verantwortung der/des Hautärztin/Hausarztes.
(b)
Erhebung Ihrer personenbezogenen Daten im Rahmen der Patienten-Fragebögen
Alleinige Verantwortung von Novartis.
(c)
Speicherung des von ADA Health bereitgestellten pseudonymisierten Fallberichtes in der Projektdatenbank.
Alleinige Verantwortung von Novartis.
(d)
Verschlüsselte Übermittlung und Speicherung Ihrer pseudonymisierten Angaben aus dem Ärzt*in- und Patient*innen-Fragebögen in der Projektdatenbank.
Alleinige Verantwortung von Novartis.
(e)
Die Bereitstellung, der Betrieb und die Nutzung der Projektdatenbank für die Durchführung des Forschungsprojektes.
Alleinige Verantwortung von Novartis.
(f)
Die Analyse und Auswertung der pseudonymisierten Daten für Zwecke des Forschungsprojektes und die anschließende Verwendung anonymisierter Auswertungen und Auswertungsergebnisse zur wissenschaftlichen Dokumentation und Auswertung sowie zur Verwendung von anonymisierten Fachpublikationen (z.B. auf Fachkongressen oder in Fachzeitschriften).
Alleinige Verantwortung von Novartis.

3.2 Bei Erhebung Ihrer personenbezogenen Daten ist für die Erfüllung der Informationspflichten (Art. 13 DSGVO) die*der Hautärzt*in zuständig. Zu diesem Zweck wird Ihnen die*der Hautärzt*in gemeinsam mit dem Einwilligungsformular die Patient*innen-Information sowie diese Datenschutzerklärung zur Verfügung stellen.

4.     Art der Daten, Ablauf und Zweck der Datenverarbeitung

4.1 Im Rahmen des Forschungsprojektes werden in pseudonymisierter Form folgende Datenarten verarbeitet: Geschlecht, Alter, Größe, Gewicht, Diagnosen, Informationen zur Dauer und Ausprägung assoziierter Symptome zur Acne inversa bzw. Ihrer Hautkrankheit, Krankheitshistorie (Dauer der Erkrankung, Anzahl der Arztkontakte, Therapien und Schmerzen), Lebensqualität, Auswirkung Ihrer gesundheitlichen Probleme auf Ihre Fähigkeit zu arbeiten und Ihre Alltagsaktivitäten zu bewältigen sowie Informationen zu emotionalen Aspekten und dem Wohlempfinden im Rahmen der Ärzt*in-Patient*innen-Beziehung.

4.2 Die Datenverarbeitung unterliegt dem nachfolgend aufgeführten Ablauf:

(a) Nach Durchführung der eigenständigen ADA Health Symptomanalyse über die von ADA Health bereitgestellte Webapplikation über das Tablet, die in der alleinigen Verantwortung von ADA Health erfolgt, wird mit Ihrer Veranlassung ein Fallbericht von ADA Health erstellt und bereitgestellt. Des Weiteren werden Sie gebeten, die in der Patient*innen-Information im Einzelnen aufgeführten Patient*innen-Fragebögen zu beantworten. Dies erfolgt über ein Tablet, das Ihnen im Auftrag von Novartis durch deren Dienstleister Institut Dr. Schauerte GmbH, Finkenstr. 7, D-80333 München (im Folgenden „IDS”) zur Verfügung gestellt wird. Zuletzt führt die*der Hautärzt*in eine routinemäßig dermatologische Untersuchung bei Ihnen durch und beantwortet ebenfalls die in der Patient*innen-Information im Einzelnen aufgeführten Ärzt*in-Fragebögen über eine Webapplikation.

(b) Im Rahmen Ihrer Beantwortung der Patient*innen-Fragebögen über das von IDS bereitgestellte Tablet erfasst der Webserver aus technischer Notwendigkeit ferner bestimmte Verkehrsdaten von Ihnen (z.B. IP-Adresse, Datum und Uhrzeit der Durchführung des jeweiligen Patient*innen-Fragebogens, der verwendete Browser, das verwendete Betriebssystem, Domainname und Adresse des Internet- Providers). Diese Verkehrsdaten werden ausschließlich für die Durchführung des jeweiligen Patient*innen-Fragebogens über das bereitgestellte Tablet verarbeitet.

(c) Sämtliche der im Rahmen des Forschungsprojektes erhobenen personenbezogenen Daten von Ihnen (Patient*innen- und Ärzt*innen-Fragebögen sowie ADA Health Fallbericht) werden über eine verschlüsselte Verbindung und ausschließlich in pseudonymisierter Form an die Projektdatenbank, die im Auftrag von Novartis von IDS bereitgestellt und betrieben wird, übermittelt und dort gespeichert. Pseudonymisiert bedeutet, dass Ihr Name durch ein Pseudonym (d.h. einen Nummerncode) ersetzt wird. Infolgedessen ist die Zuordnung Ihrer Angaben, Werte und Informationen zu Ihnen ohne zusätzliche Informationen ausgeschlossen. Über diese zusätzlichen Informationen verfügt nur Ihr*e Hautärzt*in, nicht jedoch Novartis oder IDS.

(d) Die pseudonymisierten Daten sämtlicher Teilnehmer*innen (einschließlich Ihnen) in der Projektdatenbank werden anschließend von IDS im Auftrag von Novartis wissenschaftlich analysiert und ausgewertet. IDS ist hierbei als Auftragsverarbeiter (Art. 4 Nr. 8 DSGVO) für Novartis tätig. Nach Abschluss der Auswertung anonymisiert IDS die Auswertungen und Auswertungsergebnisse und übergibt diese an Novartis.

4.3 Die Verantwortlichen verarbeiten Ihre pseudonymisierten Daten (einschließlich Gesundheitsdaten) aus den Patient*innen- und Ärzt*in-Fragebögen sowie aus dem Fallbericht von Ada Health für die Zwecke der wissenschaftlichen Dokumentation und Auswertung sowie der Erstellung von anonymisierten Auswertungen und Auswertungsergebnissen aller Teilnehmer*innen (einschließlich Ihnen) für Zwecke der Veröffentlichung im Rahmen von Publikationen (z.B. Beiträge auf Fachkongressen und in Fachzeitschriften). Die Sie betreffenden Informationen helfen den Verantwortlichen, ein besseres Verständnis über die Acne inversa Erkrankung und die damit einhergehenden Einschränkungen im Alltag zu erlangen mit dem Ziel, Erkenntnisse zu erhalten, um die aktuelle Gesundheitsversorgungssituation von Acne inversa Patient*innen verbessern zu können.

4.4 Ferner sind zuständige Überwachungsbehörden sowie von Novartis beauftragte Monitorinnen/Monitore berechtigt, Ihre bei der*dem Hautärzt*in vorhandenen personenbezogenen Daten (insbesondere Gesundheitsdaten) ausschließlich zum Zwecke der Überprüfung der ordnungsgemäßen Durchführung dieses Forschungsprojektes einzusehen (z.B. Überprüfung der wirksam erteilten Einwilligungserklärung oder Überprüfung der ordnungsgemäßen Übertragung in die Projektdatenbank). Diese Monitorinnen/Monitore, die als Auftragsverarbeiter (Art. 4 Nr. 8 DSGVO) für Novartis tätig sind, sind vertraglich zur Verschwiegenheit verpflichtet. Eine Weitergabe der eingesehenen personenbezogenen Daten (einschließlich Gesundheitsdaten) an Novartis oder IDS findet nicht statt.

4.5 Die Verarbeitung Ihrer pseudonymisierten Daten (einschließlich Gesundheitsdaten) erfolgt ausschließlich innerhalb der Europäischen Union (EU) bzw. des Europäischen Wirtschaftsraums (EWR).

4.6 Rechtsgrundlage für die Verarbeitung Ihrer personenbezogenen Daten – einschließlich Ihrer Gesundheitsdaten – für die in Ziffern 4.3 und 4.4 genannten Zwecke ist Ihre erteilte ausdrückliche Einwilligung (Art. 6 Abs. 1 Buchst. a, Art. 9 Abs. 2 Buchst. a DSGVO).

5.     Risiken der Datenverarbeitung und Weitergabe Ihrer personenbezogenen Daten

5.1 Bei jeder Datenverarbeitung können Vertraulichkeitsrisiken (z.B. die Möglichkeit, die betreffende Person zu identifizieren) trotz aller Bemühungen nicht vollständig ausgeschlossen werden. Derartige Risiken steigen in der Regel, je mehr Daten miteinander verknüpft werden können. Die Verantwortlichen werden alle angemessenen und nach dem Stand der Technik möglichen Maßnahmen zum Schutz Ihrer Privatsphäre ergreifen und Daten nur an Dritte weitergeben, die ein geeignetes Datenschutzkonzept vorweisen können. Medizinische Risiken sind mit der Datenverarbeitung nicht verbunden.

5.2 Ihre in der Projektdatenbank eingestellten pseudonymisierten Daten werden nicht an Dritte weitergegeben, es sei denn, dies ist zur Erfüllung des Forschungsprojektes erforderlich, sonst aufgrund einschlägiger gesetzlicher Bestimmungen zulässig oder Sie haben den Verantwortlichen Ihre Einwilligung in die Weitergabe erteilt.

5.3 Die Verantwortlichen sind berechtigt, die Verarbeitung Ihrer pseudonymisierten Daten im Rahmen der datenschutzrechtlichen Vorgaben ganz oder teilweise an externe Dienstleister auszulagern, die für den jeweiligen Verantwortlichen als Auftragsverarbeiter (Art. 4 Nr. 8 DSGVO) tätig sind.

Novartis setzt folgende externe Dienstleister als Auftragsverarbeiter im Rahmen des Forschungsprojektes ein:

Dienstleister
Beschreibung des Dienstes
Empfängerland und angemes-senes Datenschutzniveau
Dienstleister Institut Dr. Schauerte GmbH, Finkenstr. 7, D-80333 München
Bereitstellung, Betrieb und Hosting der Projekt¬daten¬bank, Durchführung der Analyse und Auswertung der pseudonym-isierten Daten der Teilnehmer und Erstellung von entsprechenden Auswertungen und Auswertungsergebnissen
Deutschland (EU)

6.     Dauer der Speicherung Ihrer personenbezogenen Daten

Ihre personenbezogenen Daten werden von den Verantwortlichen nur so lange gespeichert, wie dies für die Erreichung der Zwecke, für die diese personenbezogenen Daten erhoben wurden, erforderlich ist oder – soweit darüberhinausgehende gesetzliche Aufbewahrungsfristen bestehen – für die Dauer der gesetzlich vorgegebenen Aufbewahrung. Im Anschluss werden Ihre personenbezogenen Daten gelöscht.

Ihre pseudonymisierten Daten werden von IDS nach Abschluss des Forschungsprojektes anonymisiert und Novartis ausschließlich in Form von anonymisierten Auswertungen und Auswertungsergebnisse aller Teilnehmer*innen zur Verfügung gestellt. Anschließend werden diese Daten bei IDS gelöscht.

7.     Ihre Betroffenenrechte

7.1 Ihnen stehen nach Maßgabe des geltenden Datenschutzrechts insbesondere die folgenden Rechte gegenüber den Verantwortlichen zu. Bitte wenden Sie sich an die unter Ziffer 1 angegebenen Kontaktmöglichkeiten der Verantwortlichen.

Bitte üben Sie Ihre in dieser Ziffer 7 beschriebenen Betroffenenrechte vorrangig gegenüber der*dem Hautärzt*in bzw. deren*dessen Personal aus, da nur diese in der Lage sind, Ihnen die entsprechenden pseudonymisierten Daten zuzuordnen. Novartis (einschließlich ihres Auftragsverarbeiters IDS) ist eine Zuordnung der pseudonymisierten Daten zu Ihnen nicht möglich (Art. 11 DSGVO).

7.2 Als betroffene Person im Sinne der EU-Datenschutzgrundverordnung (DSGVO) haben Sie grundsätzlich das Recht auf Auskunft über die Verarbeitung Ihrer personenbezogenen Daten (Art. 15 DSGVO). Sie haben ggf. das Recht, die Berichtigung (Art. 16 DSGVO), Löschung (Art. 17 DSGVO) oder Einschränkung der Verarbeitung (Art. 18 DSGVO) Ihrer personenbezogenen Daten zu verlangen und je nach Sachlage haben Sie das Recht auf Datenübertragbarkeit (Art. 20 DSGVO).

7.3 Soweit die Verarbeitung auf Ihrer Einwilligung beruht, haben Sie das Recht, diese Einwilligung jederzeit zu widerrufen. Durch den Widerruf wird die Rechtmäßigkeit, der aufgrund der Einwilligung bis zum Widerruf erfolgten Verarbeitung nicht berührt. Bitte beachten Sie, dass die Verwendung der anonymisierten Auswertungen und Auswertungsergebnisse aller Teilnehmer*innen von Ihrem Widerruf unberührt bleibt, da es sich hierbei um anonyme Daten handelt.

7.4 Sie haben zudem das Recht, sich bei der zuständigen Datenschutzaufsichtsbehörde über die Verarbeitung Ihrer personenbezogenen Daten zu beschweren.

  • Zuständige Datenschutzaufsichtsbehörde für Novartis: Bayerisches Landesamt für Datenschutzaufsicht, Postfach 606,
    D- 91511 Ansbach, Telefon +49 981 180093-0, Fax +49 981 180093-800, E-Mail poststelle@lda.bayern.de.
  • Zuständige Datenschutzaufsichtsbehörde für die*den Hautärzt*in: Siehe die Angaben in der datenschutzrechtlichen Einwilligungserklärung und Schweigepflichtentbindung.

Sie können sich aber auch an eine andere Datenschutzaufsichtsbehörde – etwa an Ihrem Wohnsitz – wenden. Weitere Datenschutzaufsichtsbehörden finden Sie auf der Website der Bundesbeauftragten für den Datenschutz und die Informationsfreiheit unter www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

7.5 Die Verantwortlichen informieren sich unverzüglich gegenseitig über die von Ihnen geltend gemachten datenschutzrechtlichen Rechtspositionen. Die Verantwortlichen stellen einander sämtliche für die Beantwortung von Auskunftsersuchen oder anderen datenschutzrechtlichen Anfragen notwendigen Informationen zur Verfügung.

Terms of Service

Legal Documents

All policies and documents related to doing business with Softbrik can be found here. Should any information be missing - drop us a Voice Message.

Softbrik Terms of Service

Thanks for using Softbrik! These are our Terms and Conditions for using the Softbrik services. We would encourage you to take a few minutes and read through them. In case of any questions, you can always reach out to us at info@softbrik.com.

The Agreement must be accepted as a necessary condition without any exception to signing up for our services.

For setting up various Softbrik subscription(s), you will have to provide certain information about your business, individuals in the organisation as well as provide certain payment information. The Agreement applies whether you are signing up as a company or as an individual.

1. Acceptance of the Agreement

1.1 The Agreement applies to Softbrik OÜ, Hobujaama 4, 10151 Tallinn, Estonia, business reg. no. 14597527 and/or its wholly owned subsidiary Softbrik Health S.a.rl., registry code B245839, address 21 Rue Glesener, L-1631, Luxembourg, with common email id info@softbrik.com, (‘Softbrik’) and the customer (‘Customer’).

As a customer, you can be a legal entity or a natural person. If you are a natural person, you represent and warrant to Softbrik that as an individual (i.e., not a corporation or a registered entity) you are at least 18 years of age. You also represent and warrant that you are legally permitted to use the Services and access the Site from your current and foreseeable jurisdiction. If you are entering into this Agreement on behalf of a company or any other legal entity of whatever shape or form, you represent and warrant that you have the authority to bind such entity to this Agreement on behalf of the entity and its affiliates, in which case the terms “you” or “your” will refer to such entity and all its affiliates as relevant. This Agreement is void where prohibited by law, and the right to use the Services is revoked in such jurisdictions.

1.2 The Agreement covers the Customers use of the Softbrik services, client software and any other services launched by Softbrik (Services).

1.3 This Agreement is fully and unconditionally accepted by you without any prejudice when ticking off the “I hereby accept the Softbrik OÜ Subscription, Terms & Conditions” box upon signing up for the Softbrik OÜ services.

2. Duration of the Agreement

2.1 The Agreement becomes legally binding and effective upon both parties on the date of signing up for the Services by ticking off the “I hereby accept the Softbrik’s Subscription, Terms & Conditions” box (‘Effective Date’).

 

2.2  When signing up for the Services, you will immediately be granted access to our freemium platform. This does not require any payment details. If you want to subscribe to paid Softbrik services at a later stage, you will be asked for further company/person and payment details. After successful payment (see below under Section 3.2.), you will receive an email with a link to your private Softbrik environment and login information.

 

2.3   You can at any given time, choose to upgrade or downgrade your Softbrik subscription. Any change will be pro-rated from the next invoicing period taking already made payments into account. Should you which to cancel your subscription, you will only be invoiced for the remaining number of days left in that invoicing period. The account will as such remain open until the end of the invoiced period. Should you wish reconsider your decision and continue using Softbrik services, kindly send us an e-mail at support@softbrik.com with the specific details.

 

2.4  An Enterprise Agreement may be terminated as follows:

Termination by the Enterprise account holder: Should you wish to terminate your company’s Softbrik account permanently (including any analytics dashboard), please send us an e-mail at support@softbrik.com and we will terminate the account. An account can be terminated only to the end of an invoicing period applying 2 weeks of written notice. In case the request to terminate a company, account is received later than 2 weeks prior to the end of an invoicing period, the termination will only be effective as of the following invoicing period, for which an invoice will be issued. The termination of an Enterprise account is non-reversible, and no company data will be retained. Should you wish to use Softbrik services in the future, a new company account will have to be set up.

Termination by Softbrik: In case of violation of the Agreement (see section 7), your account will first be suspended after which you will receive a written notice to contact Softbrik (support@softbrik.com). If a solution has not been found within 2 weeks after the notice, the account will be terminated. The termination of an Enterprise account is non-reversible, and no company data will be retained.

3. Payment & Invoices

3.1 A Softbrik subscription may or may not entail special offers such as a.) a free trial period or free usage of features on the Softbrik platform b.) time bound discounts on the subscription c.) referrals and other bonuses. If you, as the Customer, are eligible for any such time bound schemes and activities, they will automatically be announced upon the execution of your subscription and entering your payment information. Please note that offering and implementation of any such

3.2 You are invoiced for the first month when you sign up for the paid subscription services. Subsequent invoices are issued and to be paid upfront monthly. As an example, if you sign up on 12 December then the next invoice will be issued for upfront payment on 12 January and so forth. You can cancel the Agreement at any given time, see above under Duration of the Agreement.

3.3 The total payment is calculated based on the subscription chosen and potential add-ons.

3.4 All payment details, including VAT specifications, appear on your monthly invoice.

3.5 Invoices are e-mailed directly to the email address used to setup the Softbrik account ( henceforth called ‘Administrator’ or ‘Admin’ in abbreviation) as well as accessible inside the Softbrik Platform. If you do not receive an invoice or if you need to have the invoice(s) send to another email address, make sure to contact us using either our contact form on the website or email us directly at support@softbrik.com.

3.6 If you which to change the timing of your invoice, please contact our support team at support@softbrik.com.

3.7 The credit card you enter during the registration is used for the subscription. It is possible to update the credit card information in the Admin panel. Softbrik accept payment on any valid credit card (VISA or MASTERCARD) through our approved and licensed payment partners. All payments are executed in EURO. In case your credit card is not supported, please contact us using either our contact form or email us directly at support@softbrik.com.

3.8 If an invoice is not paid, for whatever reason, within 3 banking days calculated as of the first day of a new invoicing period, see above under 3.2., you will receive a reminder to pay the invoice within 10 banking days calculated as of the date of receiving the reminder. In case the invoice is not paid in due time within the 10 banking days, the company account will be terminated, and all Services stopped, see above under 2.b.ii for what happens when a company account is closed. A new company account may be opened upon payment of any outstanding amount.

3.9 You, the Customer, explicitly and unequivocally agree that Softbrik will never be liable or responsible for any loss, of whatever nature, amount, or any other impact it may have, that a company incurs, directly or indirectly, due to the closing, for whatever reason, of a company account. The same applies to a company’s use of the Services, Softbrik cannot, may not and will never accept to be made responsible for any loss, of whatever nature, amount, or any other impact it may have, that a company incurs, directly or indirectly, by using the Services.

4. Your Information, Site Submissions & Your Permissions

4.1 When you use our Services, you provide, upload, share or generate to us a range of information and data including but not limited to your files, content, messages, contacts, customer identities, financial information and so on (‘Your Information’). Your Information remains your legal ownership throughout the course of your Softbrik Services usage. The Agreement does not give us any legal ownership rights to Your Information except for the limited rights that enable us to provide the Services. The security, confidentiality and privacy of your information is our priority. For further details please read our Privacy Policy and the FAQs on Security and Privacy.

4.2 By signing this Agreement, you are permitting us to conduct activities like, but not limited to, hosting Your Information, backing it up completely or partially, and sharing it completely or partially as needed to perform our Services. Our Services also provide you with features like, but not limited to, photo thumbnails, document previews, commenting, easy sorting, editing, sharing, and searching. These and other present or future features may require our systems to access, store, and scan Your Information to provide quality Services. You give us explicit permission without any prejudice to do those tasks and more as we decide the most appropriate way to provide our services. Furthermore, you explicitly and unequivocally agree that this permission extends to all our trusted third-party services like, but not limited to, Amazon Web Services (AWS).

4.3 Please note that “Your Information”, automatically includes all the information your input, your employees, customers, vendors, stakeholders and any other individual whose data you choose to share, or they share with you via Softbrik platform as a logical extension of your business. When you grant us the permission to use Your Information, the consent naturally and logically extends to the information you have shared about your employees, customers, vendors, stakeholders, or other individuals as you have deemed appropriate. Softbrik is not responsible in anyway whatsoever to either assess, verify, gauge the appropriateness of Your Information nor to take any additional consent for Your Information shared. You are completely and unequivocally responsible and liable for Your Information, their accuracy, completeness, quality, integrity, legality, reliability, and appropriateness, including any consent from any natural person without exception.

Please Note: Softbrik does not take any legal responsibility of your content and in case of any legal enquiries by appropriate authorities satisfying grounds of reasonable evidence of illegal content, may decide to share necessary content with the authorities for due legal process. It is clearly understood that you, your team and all the users understand their own responsibility and liability and consequence of storing, retrieving any information and generally using any services related to Softbrik or its partner ecosystem. Please read the Responsibilities and Acceptable Use clauses below for further understanding of your role in fair and safe usage of the platform.

5. Your Conduct & Responsibilities

5.1 You are responsible for your conduct as the Customer. Your Information and you must comply with the Agreement. Content in the Services may be protected by others’ intellectual property rights. Please do not copy, upload, download, or share content unless you have the unconditional right to do so.

5.2 We may choose to review your conduct from time-to-time review and use of our Services to make sure they are compliant with the Agreement. With that said, we have no obligation to do so. We are not responsible for the content people post and share via the Services.

5.3 Help us keep you informed, and Your Information protected. Safeguard your password to the Services and keep your account information current. Do not share your account credentials or give others access to your account.

6. Consent & Personal Information

6.1 You (The Customer) take complete and full ownership of any your employees, customers, vendors, stakeholders, or any person’s data (including private information like email addresses, phone number, voice or textual feedback and other forms of personally identifiable information) entered on the Softbrik platform. In case of any objection, the Company must do everything possible to remove such private information from the platform. Softbrik personnel do not have access to Customer Information and hence cannot take any responsibility, directly or indirectly, under any circumstances, for any private information submitted to the system with or without prior consent. All users of Softbrik’s communication system must provide electronic consent to Softbrik Data Processing Agreement.

6.2 If you are subject to European data protection laws (General Data Protection Regulation), the California Consumer Privacy Act (CCPA), or similar data protection laws, you further represent and warrant that you have reviewed and clearly agreed to Softbrik’s Data Processing Addendum. You further acknowledge and agree that your indemnity obligation under the “Indemnity” section below applies to your disclosure of Personal Data under this Agreement.

7. Violation of the Agreement

7.1 You may use our Services only as permitted by at any time applicable law, including export control laws and regulations.

7.2   To use our Services, you must be at least 18 years old or else please check your local law for the age of digital consent. If you do not meet these age requirements, or any other relevant requirements, you may not use the Services under any condition whatsoever.

7.3  Any unlawful conduct may, partly or in full, lead to the suspension or termination of Services or the Agreement. Softbrik unconditionally reserves the right to take any legal action deemed necessary to remedy such situation irrespective of any payments made for the consumption of such Services for whatever period of time. Any possible refund of any amount after suspected or proven violation of usage terms is completely and solely up to Softbrik to decide upon. Softbrik, cannot, will not and may not, partly, or fully, be made responsible for any loss, of whatever nature, the Customer may suffer from such actions. Softbrik reserves the right to claim compensation from the Customer for any costs, loss or otherwise financial expenses incurred to ensure a lawful Customer account according to this provision.

8. Acceptable Usage

8.1 True Identity: The Customer is registered with Softbrik applying only true user identities, company details, credit card information, etc. We apply a zero tolerance for impersonation of other businesses, legal and natural persons. Any attempt to impersonate a business, legal or natural person, or provide misleading or fake information at registration or later, entitles us to stop, limit or terminate, partly or in full, without any warning and at the sole decision of Softbrik OÜ, the Service towards you. In such case, you may or may not receive a refund, partly or in full, for unfulfilled Services, a decision solely to be made by us. We reserve the right to deduct, from a possible refund to the you, any expenses incurred to investigate the incident as well as claim further compensation from you for any loss, of whatever nature and amount, we may have suffered due to such misbehavior. Softbrik OÜ bears no responsibility, of whatever nature, towards you for any loss or damage that you may claim to have or suffer from us stopping, limiting, or terminating the Services, partly or in full, according to this provision.

8.2   Malicious Usage: You are given access to our Services in good faith. Any attempt to maliciously use the out platform, hack, disrupt or use it in any way other than as intended, entitles us to stop, limit or terminate, partly or in full, the Services. In such case, you may or may not receive a refund, partly or in full, for unfulfilled Services, a decision solely to be made by Softbrik OÜ. We reserve the right to deduct, from a possible refund to you, any expenses incurred to investigate the incident as well as claim further compensation from you for any loss, of whatever nature and amount, we may have suffered due to such misbehavior on your part. We bear no responsibility, of whatever nature, towards you for any loss or damage that you may claim to or suffer from us stopping, limiting, or terminating the Services, partly or in full, according to this provision.

9. Software & Beta Services

9.1 Some of our Services may allow you to download client software (“Software”), which may be updated automatically from time to time. Through the Agreement, you are given a limited, non-exclusive, non-transferable, revocable license to use the Software, solely for the purpose of accessing the Services. To the extent any component of the Software may be offered under an open-source license, we will make that license available to you and the provisions of that license may expressly override part of the Agreement. Unless, the following restrictions are prohibited by law, you agree not to reverse engineer or decompile, partly or in full, the Software or Services, attempt to do so, or assist anyone in doing so.

9.2 We sometimes release new or updated products and features that we are still testing and evaluating. Such Services will be marked beta, preview, early access, or evaluation (or with words or phrases with similar meanings) and may not be as reliable as other Services.

10. Intellectual Property

10.1 As between Softbrik and you, Softbrik (and/or its licensors) is the sole and exclusive owner, and will retain all right, title, and interest in and to the Services. You will not own any portion of the Services in any form. You will not copy or store any portion of the Services other than for their intended fair usage without prior written permission from Softbrik, or from the copyright holder.

10.2 All trademarks, service marks, and trade names that appear on the Services are proprietary to Softbrik or third parties. You will abide by all copyright notices and restrictions contained in the Services which are protected at any time, by any applicable intellectual property rights and regulations as per European Union laws, Estonian laws and any other relevant international law as applicable from time to time. Subject to the terms and conditions of this Agreement, Softbrik grants you and your Authorized Users a nonexclusive, non-transferable right and license (without right to sublicense) to access and use the Services, solely for you and your Authorized Users’ business purposes.

10.3 Except as provided in this Section, you may not modify, publish, transmit, participate in the transfer or sale of, reproduce, create derivative works based on, distribute, perform, display, or in any way exploit, any of the Services in whole or in part. Additionally, you will not attempt to circumvent any of Softbrik’s technical measures, or decompile, reverse engineer, or disassemble the Services. The Agreement does not grant you any right, title or interest, neither partly nor fully, in the Services, Softbrik OÜ trademarks, logos or other brand features.

10.4 We respect the intellectual property of others. We respond to notices of alleged copyright infringement and reserve the right to take any actions upon such notice that we deem appropriate, entitled, and necessary. If you think anyone has posted material to the Site or Services that violates any copyrights or other intellectual property right, then you can notify Softbrik at info@softbrik.com with the Subject Line: Potential Copyright Infringement. Alternately you can write the word ‘Copyright’ on an envelope, put the details inside and then courier us to Softbrik OÜ, Hobujaama 4, 10151 Tallinn, Estonia.

11. Warranty Disclaimer

11.1 Softbrik has no special relationship with or fiduciary duty to you. You acknowledge that Softbrik has no control over, and no duty to take any action regarding: which end users gain access to the Services; what results you may obtain via the Services; what effects the Services may have on you; how you may interpret or use such results; or what actions you may take because of having been exposed to the Services. You release Softbrik from all liability for your having acquired or not acquired Services and content and results through the Services. Softbrik does not manage or control any business or individual that you may interact with through the Services, and Softbrik accepts no responsibility or liability for any act or omission by such entity. You hereby waive all legal or equitable rights or remedies you have or may have against Softbrik with respect to acts and omissions by such entities.

11.2 The Services may contain, or direct you to sites containing, information that some people may find offensive or inappropriate. Softbrik makes no representations concerning any content contained in or accessed through the Services, and Softbrik will not be responsible or liable for the accuracy, copyright compliance, legality or decency of material contained in or accessed through the Services. THE SERVICES ARE PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, IMPLIED WARRANTIES OF MERCHANTABILITY, TITLE, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. SOME JURISDICTIONS DO NOT ALLOW LIMITATIONS ON HOW LONG AN IMPLIED WARRANTY LASTS, SO THE ABOVE LIMITATIONS MAY NOT APPLY TO YOU.

11.3 TO THE FULLEST EXTENT ALLOWED BY LAW, SOFTBRIK DISCLAIMS ANY LIABILITY OR RESPONSIBILITY FOR THE ACCURACY, RELIABILITY, AVAILABILITY, COMPLETENESS, LEGALITY OR OPERABILITY OF THE MATERIAL PROVIDED THROUGH THE SERVICES. BY USING THE SERVICES, YOU ACKNOWLEDGE THAT SOFTBRIK IS NOT RESPONSIBLE OR LIABLE FOR ANY HARM RESULTING FROM: (i) USE OF THE SERVICES; (ii) DOWNLOADING INFORMATION CONTAINED ON THE SERVICES; (iii) UNAUTHORIZED DISCLOSURE OF IMAGES, INFORMATION OR DATA THROUGH THE SERVICES; AND (iv) THE INABILITY TO ACCESS OR RETRIEVE ANY DATA FROM THE SERVICES, INCLUDING, WITHOUT LIMITATION, HARM CAUSED BY VIRUSES OR ANY SIMILAR DESTRUCTIVE PROGRAM.

12. Third Party Sites and Services

12.1 You (The Customer) of Softbrik may gain access from the Services to third-party sites on the Internet. Third-party sites or services are not within the supervision or control of Softbrik. Softbrik makes no representations or warranties about any third-party site or resource and does not endorse the products or services offered by third parties. Softbrik disclaims all responsibility and liability for content on third-party websites. Third-party providers of ancillary services may require your agreement to additional or different terms prior to your use or access of their sites or services. Any such agreement will in no way modify this Agreement.

13. Indemnification

13.1 You will indemnify and hold Softbrik, its directors, officers, employees, agents, and representatives harmless, including costs and attorneys’ fees, from any claim or demand made by any third party due to or arising out of (i) your access to or use of the Services, (ii) your violation of this Agreement, (iii) your infringement, or the infringement by any third party using your registration information, of any intellectual property, or other right of any person or entity, including but not limited to any third party claims relating to your disclosure of Personal Data to Softbrik, and (iv) the Data or any other materials provided to Softbrik.

14. Limitations of Liability

14.1 EXCEPT FOR DAMAGES AND LIABILITIES ARISING FROM: (i) A PARTY’S BREACH OF SECTION 6 (CONFIDENTIALITY); (ii) ITS VIOLATION OF APPLICABLE LAWS; (iii) ITS INDEMNIFICATION OBLIGATIONS; OR (iv) GROSS NEGLIGENCE OR INTENTIONAL MISCONDUCT, IN NO EVENT SHALL EITHER PARTY, ITS DIRECTORS, OFFICERS, SHAREHOLDERS, EMPLOYEES, MEMBERS, AGENTS AND REPRESENTATIVES BE LIABLE TO THE OTHER FOR: (i) ANY INDIRECT, INCIDENTAL PUNITIVE, OR CONSEQUENTIAL DAMAGES OF ANY KIND OR DAMAGES FOR LOSS OF USE, PROFITS, DATA, IMAGES, OR OTHER INTANGIBLES, OR IN THE CASE OF SOFTBRIK, DAMAGES FOR UNAUTHORIZED USE, NON-PERFORMANCE OF THE SERVICES, ERRORS OR OMISSIONS. SOFTBRIK’S LIABILITY UNDER THIS AGREEMENT WILL BE LIMITED TO THE GREATER OF: (A) THE AMOUNT PAID BY YOU, IF ANY, FOR ACCESSING THE SERVICES DURING THE TWELVE (12) MONTHS PRIOR TO THE DATE THE CLAIM AROSE; OR (B) $100.00 US DOLLARS. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATIONS AND EXCLUSIONS MAY NOT APPLY TO YOU.

15. Choice of Law, Venue and Language

15.1 The Agreement will be governed by the laws of Estonia, without reference to its choice of law rules.

15.2 Exclusive jurisdiction over and venue of any suit arising out of or relating to the Agreement, will be in the court of the district of Tallinn, and each of the parties hereto consents to the personal jurisdiction of, and venue in, this court.

15.3 Any correspondence in relation to the Agreement, whether written or spoken, shall at any time, no matter what the context, only be accepted and delivered in standard UK or UK business English.

16. Miscellaneous

16.1 The failure of either party to exercise in any respect any right provided for herein will not be deemed a waiver of any further rights hereunder. If any provision of this Agreement is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary so that this Agreement will otherwise remain in full force and effect and enforceable.

16.2 This Agreement is not assignable, transferable, or sublicensable by you except with Softbrik’s prior written consent. Softbrik may transfer, assign, or delegate this Agreement and any or all of its rights and obligations without consent.

16.3 If you are purchasing paid Services, Softbrik may request and with your consent, Softbrik may publicly disclose in writing that you purchased Services and may use your trademarks, service marks or trade name solely in connection with such disclosures.

16.4 This Agreement (including the Privacy Policy and Anti-Spam Policy) is the complete and exclusive statement of the mutual understanding of the parties and supersedes and cancels all previous written and oral agreements, communications and other understandings relating to the subject matter of this Agreement. No agency, partnership, joint venture, or employment is created as a result of this Agreement, and you do not have any authority to bind Softbrik in any respect whatsoever.

16.5 Any notice that is required or permitted by this Agreement will be in writing and will be deemed effective upon receipt, when sent by confirmed e-mail, if to you, at the email address you provide with your account, and if to Softbrik, to info@softbrik.com.

Legal Document

Legal Documents

All policies and documents related to doing business with Softbrik can be found here. Should any information be missing - drop us a Voice Message.

Softbrik Terms of Service

Thanks for using Softbrik! These are our Terms and Conditions for using the Softbrik services. We would encourage you to take a few minutes and read through them. In case of any questions, you can always reach out to us at info@softbrik.com.

The Agreement must be accepted as a necessary condition without any exception to signing up for our services.

For setting up various Softbrik subscription(s), you will have to provide certain information about your business, individuals in the organisation as well as provide certain payment information. The Agreement applies whether you are signing up as a company or as an individual.

1. Acceptance of the Agreement

1.1 The Agreement applies to Softbrik OÜ, Hobujaama 4, 10151 Tallinn, Estonia, business reg. no. 14597527 and/or its wholly owned subsidiary Softbrik Health S.a.rl., registry code B245839, address 21 Rue Glesener, L-1631, Luxembourg, with common email id info@softbrik.com, (‘Softbrik’) and the customer (‘Customer’).

As a customer, you can be a legal entity or a natural person. If you are a natural person, you represent and warrant to Softbrik that as an individual (i.e., not a corporation or a registered entity) you are at least 18 years of age. You also represent and warrant that you are legally permitted to use the Services and access the Site from your current and foreseeable jurisdiction. If you are entering into this Agreement on behalf of a company or any other legal entity of whatever shape or form, you represent and warrant that you have the authority to bind such entity to this Agreement on behalf of the entity and its affiliates, in which case the terms “you” or “your” will refer to such entity and all its affiliates as relevant. This Agreement is void where prohibited by law, and the right to use the Services is revoked in such jurisdictions.

1.2 The Agreement covers the Customers use of the Softbrik services, client software and any other services launched by Softbrik (Services).

1.3 This Agreement is fully and unconditionally accepted by you without any prejudice when ticking off the “I hereby accept the Softbrik OÜ Subscription, Terms & Conditions” box upon signing up for the Softbrik OÜ services.

2. Duration of the Agreement

2.1 The Agreement becomes legally binding and effective upon both parties on the date of signing up for the Services by ticking off the “I hereby accept the Softbrik’s Subscription, Terms & Conditions” box (‘Effective Date’).

 

2.2  When signing up for the Services, you will immediately be granted access to our freemium platform. This does not require any payment details. If you want to subscribe to paid Softbrik services at a later stage, you will be asked for further company/person and payment details. After successful payment (see below under Section 3.2.), you will receive an email with a link to your private Softbrik environment and login information.

 

2.3   You can at any given time, choose to upgrade or downgrade your Softbrik subscription. Any change will be pro-rated from the next invoicing period taking already made payments into account. Should you which to cancel your subscription, you will only be invoiced for the remaining number of days left in that invoicing period. The account will as such remain open until the end of the invoiced period. Should you wish reconsider your decision and continue using Softbrik services, kindly send us an e-mail at support@softbrik.com with the specific details.

 

2.4  An Enterprise Agreement may be terminated as follows:

Termination by the Enterprise account holder: Should you wish to terminate your company’s Softbrik account permanently (including any analytics dashboard), please send us an e-mail at support@softbrik.com and we will terminate the account. An account can be terminated only to the end of an invoicing period applying 2 weeks of written notice. In case the request to terminate a company, account is received later than 2 weeks prior to the end of an invoicing period, the termination will only be effective as of the following invoicing period, for which an invoice will be issued. The termination of an Enterprise account is non-reversible, and no company data will be retained. Should you wish to use Softbrik services in the future, a new company account will have to be set up.

Termination by Softbrik: In case of violation of the Agreement (see section 7), your account will first be suspended after which you will receive a written notice to contact Softbrik (support@softbrik.com). If a solution has not been found within 2 weeks after the notice, the account will be terminated. The termination of an Enterprise account is non-reversible, and no company data will be retained.

3. Payment & Invoices

3.1 A Softbrik subscription may or may not entail special offers such as a.) a free trial period or free usage of features on the Softbrik platform b.) time bound discounts on the subscription c.) referrals and other bonuses. If you, as the Customer, are eligible for any such time bound schemes and activities, they will automatically be announced upon the execution of your subscription and entering your payment information. Please note that offering and implementation of any such

3.2 You are invoiced for the first month when you sign up for the paid subscription services. Subsequent invoices are issued and to be paid upfront monthly. As an example, if you sign up on 12 December then the next invoice will be issued for upfront payment on 12 January and so forth. You can cancel the Agreement at any given time, see above under Duration of the Agreement.

3.3 The total payment is calculated based on the subscription chosen and potential add-ons.

3.4 All payment details, including VAT specifications, appear on your monthly invoice.

3.5 Invoices are e-mailed directly to the email address used to setup the Softbrik account ( henceforth called ‘Administrator’ or ‘Admin’ in abbreviation) as well as accessible inside the Softbrik Platform. If you do not receive an invoice or if you need to have the invoice(s) send to another email address, make sure to contact us using either our contact form on the website or email us directly at support@softbrik.com.

3.6 If you which to change the timing of your invoice, please contact our support team at support@softbrik.com.

3.7 The credit card you enter during the registration is used for the subscription. It is possible to update the credit card information in the Admin panel. Softbrik accept payment on any valid credit card (VISA or MASTERCARD) through our approved and licensed payment partners. All payments are executed in EURO. In case your credit card is not supported, please contact us using either our contact form or email us directly at support@softbrik.com.

3.8 If an invoice is not paid, for whatever reason, within 3 banking days calculated as of the first day of a new invoicing period, see above under 3.2., you will receive a reminder to pay the invoice within 10 banking days calculated as of the date of receiving the reminder. In case the invoice is not paid in due time within the 10 banking days, the company account will be terminated, and all Services stopped, see above under 2.b.ii for what happens when a company account is closed. A new company account may be opened upon payment of any outstanding amount.

3.9 You, the Customer, explicitly and unequivocally agree that Softbrik will never be liable or responsible for any loss, of whatever nature, amount, or any other impact it may have, that a company incurs, directly or indirectly, due to the closing, for whatever reason, of a company account. The same applies to a company’s use of the Services, Softbrik cannot, may not and will never accept to be made responsible for any loss, of whatever nature, amount, or any other impact it may have, that a company incurs, directly or indirectly, by using the Services.

4. Your Information, Site Submissions & Your Permissions

4.1 When you use our Services, you provide, upload, share or generate to us a range of information and data including but not limited to your files, content, messages, contacts, customer identities, financial information and so on (‘Your Information’). Your Information remains your legal ownership throughout the course of your Softbrik Services usage. The Agreement does not give us any legal ownership rights to Your Information except for the limited rights that enable us to provide the Services. The security, confidentiality and privacy of your information is our priority. For further details please read our Privacy Policy and the FAQs on Security and Privacy.

4.2 By signing this Agreement, you are permitting us to conduct activities like, but not limited to, hosting Your Information, backing it up completely or partially, and sharing it completely or partially as needed to perform our Services. Our Services also provide you with features like, but not limited to, photo thumbnails, document previews, commenting, easy sorting, editing, sharing, and searching. These and other present or future features may require our systems to access, store, and scan Your Information to provide quality Services. You give us explicit permission without any prejudice to do those tasks and more as we decide the most appropriate way to provide our services. Furthermore, you explicitly and unequivocally agree that this permission extends to all our trusted third-party services like, but not limited to, Amazon Web Services (AWS).

4.3 Please note that “Your Information”, automatically includes all the information your input, your employees, customers, vendors, stakeholders and any other individual whose data you choose to share, or they share with you via Softbrik platform as a logical extension of your business. When you grant us the permission to use Your Information, the consent naturally and logically extends to the information you have shared about your employees, customers, vendors, stakeholders, or other individuals as you have deemed appropriate. Softbrik is not responsible in anyway whatsoever to either assess, verify, gauge the appropriateness of Your Information nor to take any additional consent for Your Information shared. You are completely and unequivocally responsible and liable for Your Information, their accuracy, completeness, quality, integrity, legality, reliability, and appropriateness, including any consent from any natural person without exception.

Please Note: Softbrik does not take any legal responsibility of your content and in case of any legal enquiries by appropriate authorities satisfying grounds of reasonable evidence of illegal content, may decide to share necessary content with the authorities for due legal process. It is clearly understood that you, your team and all the users understand their own responsibility and liability and consequence of storing, retrieving any information and generally using any services related to Softbrik or its partner ecosystem. Please read the Responsibilities and Acceptable Use clauses below for further understanding of your role in fair and safe usage of the platform.

5. Your Conduct & Responsibilities

5.1 You are responsible for your conduct as the Customer. Your Information and you must comply with the Agreement. Content in the Services may be protected by others’ intellectual property rights. Please do not copy, upload, download, or share content unless you have the unconditional right to do so.

5.2 We may choose to review your conduct from time-to-time review and use of our Services to make sure they are compliant with the Agreement. With that said, we have no obligation to do so. We are not responsible for the content people post and share via the Services.

5.3 Help us keep you informed, and Your Information protected. Safeguard your password to the Services and keep your account information current. Do not share your account credentials or give others access to your account.

6. Consent & Personal Information

6.1 You (The Customer) take complete and full ownership of any your employees, customers, vendors, stakeholders, or any person’s data (including private information like email addresses, phone number, voice or textual feedback and other forms of personally identifiable information) entered on the Softbrik platform. In case of any objection, the Company must do everything possible to remove such private information from the platform. Softbrik personnel do not have access to Customer Information and hence cannot take any responsibility, directly or indirectly, under any circumstances, for any private information submitted to the system with or without prior consent. All users of Softbrik’s communication system must provide electronic consent to Softbrik Data Processing Agreement.

6.2 If you are subject to European data protection laws (General Data Protection Regulation), the California Consumer Privacy Act (CCPA), or similar data protection laws, you further represent and warrant that you have reviewed and clearly agreed to Softbrik’s Data Processing Addendum. You further acknowledge and agree that your indemnity obligation under the “Indemnity” section below applies to your disclosure of Personal Data under this Agreement.

7. Violation of the Agreement

7.1 You may use our Services only as permitted by at any time applicable law, including export control laws and regulations.

7.2   To use our Services, you must be at least 18 years old or else please check your local law for the age of digital consent. If you do not meet these age requirements, or any other relevant requirements, you may not use the Services under any condition whatsoever.

7.3  Any unlawful conduct may, partly or in full, lead to the suspension or termination of Services or the Agreement. Softbrik unconditionally reserves the right to take any legal action deemed necessary to remedy such situation irrespective of any payments made for the consumption of such Services for whatever period of time. Any possible refund of any amount after suspected or proven violation of usage terms is completely and solely up to Softbrik to decide upon. Softbrik, cannot, will not and may not, partly, or fully, be made responsible for any loss, of whatever nature, the Customer may suffer from such actions. Softbrik reserves the right to claim compensation from the Customer for any costs, loss or otherwise financial expenses incurred to ensure a lawful Customer account according to this provision.

8. Acceptable Usage

8.1 True Identity: The Customer is registered with Softbrik applying only true user identities, company details, credit card information, etc. We apply a zero tolerance for impersonation of other businesses, legal and natural persons. Any attempt to impersonate a business, legal or natural person, or provide misleading or fake information at registration or later, entitles us to stop, limit or terminate, partly or in full, without any warning and at the sole decision of Softbrik OÜ, the Service towards you. In such case, you may or may not receive a refund, partly or in full, for unfulfilled Services, a decision solely to be made by us. We reserve the right to deduct, from a possible refund to the you, any expenses incurred to investigate the incident as well as claim further compensation from you for any loss, of whatever nature and amount, we may have suffered due to such misbehavior. Softbrik OÜ bears no responsibility, of whatever nature, towards you for any loss or damage that you may claim to have or suffer from us stopping, limiting, or terminating the Services, partly or in full, according to this provision.

8.2   Malicious Usage: You are given access to our Services in good faith. Any attempt to maliciously use the out platform, hack, disrupt or use it in any way other than as intended, entitles us to stop, limit or terminate, partly or in full, the Services. In such case, you may or may not receive a refund, partly or in full, for unfulfilled Services, a decision solely to be made by Softbrik OÜ. We reserve the right to deduct, from a possible refund to you, any expenses incurred to investigate the incident as well as claim further compensation from you for any loss, of whatever nature and amount, we may have suffered due to such misbehavior on your part. We bear no responsibility, of whatever nature, towards you for any loss or damage that you may claim to or suffer from us stopping, limiting, or terminating the Services, partly or in full, according to this provision.

9. Software & Beta Services

9.1 Some of our Services may allow you to download client software (“Software”), which may be updated automatically from time to time. Through the Agreement, you are given a limited, non-exclusive, non-transferable, revocable license to use the Software, solely for the purpose of accessing the Services. To the extent any component of the Software may be offered under an open-source license, we will make that license available to you and the provisions of that license may expressly override part of the Agreement. Unless, the following restrictions are prohibited by law, you agree not to reverse engineer or decompile, partly or in full, the Software or Services, attempt to do so, or assist anyone in doing so.

9.2 We sometimes release new or updated products and features that we are still testing and evaluating. Such Services will be marked beta, preview, early access, or evaluation (or with words or phrases with similar meanings) and may not be as reliable as other Services.

10. Intellectual Property

10.1 As between Softbrik and you, Softbrik (and/or its licensors) is the sole and exclusive owner, and will retain all right, title, and interest in and to the Services. You will not own any portion of the Services in any form. You will not copy or store any portion of the Services other than for their intended fair usage without prior written permission from Softbrik, or from the copyright holder.

10.2 All trademarks, service marks, and trade names that appear on the Services are proprietary to Softbrik or third parties. You will abide by all copyright notices and restrictions contained in the Services which are protected at any time, by any applicable intellectual property rights and regulations as per European Union laws, Estonian laws and any other relevant international law as applicable from time to time. Subject to the terms and conditions of this Agreement, Softbrik grants you and your Authorized Users a nonexclusive, non-transferable right and license (without right to sublicense) to access and use the Services, solely for you and your Authorized Users’ business purposes.

10.3 Except as provided in this Section, you may not modify, publish, transmit, participate in the transfer or sale of, reproduce, create derivative works based on, distribute, perform, display, or in any way exploit, any of the Services in whole or in part. Additionally, you will not attempt to circumvent any of Softbrik’s technical measures, or decompile, reverse engineer, or disassemble the Services. The Agreement does not grant you any right, title or interest, neither partly nor fully, in the Services, Softbrik OÜ trademarks, logos or other brand features.

10.4 We respect the intellectual property of others. We respond to notices of alleged copyright infringement and reserve the right to take any actions upon such notice that we deem appropriate, entitled, and necessary. If you think anyone has posted material to the Site or Services that violates any copyrights or other intellectual property right, then you can notify Softbrik at info@softbrik.com with the Subject Line: Potential Copyright Infringement. Alternately you can write the word ‘Copyright’ on an envelope, put the details inside and then courier us to Softbrik OÜ, Hobujaama 4, 10151 Tallinn, Estonia.

11. Warranty Disclaimer

11.1 Softbrik has no special relationship with or fiduciary duty to you. You acknowledge that Softbrik has no control over, and no duty to take any action regarding: which end users gain access to the Services; what results you may obtain via the Services; what effects the Services may have on you; how you may interpret or use such results; or what actions you may take because of having been exposed to the Services. You release Softbrik from all liability for your having acquired or not acquired Services and content and results through the Services. Softbrik does not manage or control any business or individual that you may interact with through the Services, and Softbrik accepts no responsibility or liability for any act or omission by such entity. You hereby waive all legal or equitable rights or remedies you have or may have against Softbrik with respect to acts and omissions by such entities.

11.2 The Services may contain, or direct you to sites containing, information that some people may find offensive or inappropriate. Softbrik makes no representations concerning any content contained in or accessed through the Services, and Softbrik will not be responsible or liable for the accuracy, copyright compliance, legality or decency of material contained in or accessed through the Services. THE SERVICES ARE PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, IMPLIED WARRANTIES OF MERCHANTABILITY, TITLE, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. SOME JURISDICTIONS DO NOT ALLOW LIMITATIONS ON HOW LONG AN IMPLIED WARRANTY LASTS, SO THE ABOVE LIMITATIONS MAY NOT APPLY TO YOU.

11.3 TO THE FULLEST EXTENT ALLOWED BY LAW, SOFTBRIK DISCLAIMS ANY LIABILITY OR RESPONSIBILITY FOR THE ACCURACY, RELIABILITY, AVAILABILITY, COMPLETENESS, LEGALITY OR OPERABILITY OF THE MATERIAL PROVIDED THROUGH THE SERVICES. BY USING THE SERVICES, YOU ACKNOWLEDGE THAT SOFTBRIK IS NOT RESPONSIBLE OR LIABLE FOR ANY HARM RESULTING FROM: (i) USE OF THE SERVICES; (ii) DOWNLOADING INFORMATION CONTAINED ON THE SERVICES; (iii) UNAUTHORIZED DISCLOSURE OF IMAGES, INFORMATION OR DATA THROUGH THE SERVICES; AND (iv) THE INABILITY TO ACCESS OR RETRIEVE ANY DATA FROM THE SERVICES, INCLUDING, WITHOUT LIMITATION, HARM CAUSED BY VIRUSES OR ANY SIMILAR DESTRUCTIVE PROGRAM.

12. Third Party Sites and Services

12.1 You (The Customer) of Softbrik may gain access from the Services to third-party sites on the Internet. Third-party sites or services are not within the supervision or control of Softbrik. Softbrik makes no representations or warranties about any third-party site or resource and does not endorse the products or services offered by third parties. Softbrik disclaims all responsibility and liability for content on third-party websites. Third-party providers of ancillary services may require your agreement to additional or different terms prior to your use or access of their sites or services. Any such agreement will in no way modify this Agreement.

13. Indemnification

13.1 You will indemnify and hold Softbrik, its directors, officers, employees, agents, and representatives harmless, including costs and attorneys’ fees, from any claim or demand made by any third party due to or arising out of (i) your access to or use of the Services, (ii) your violation of this Agreement, (iii) your infringement, or the infringement by any third party using your registration information, of any intellectual property, or other right of any person or entity, including but not limited to any third party claims relating to your disclosure of Personal Data to Softbrik, and (iv) the Data or any other materials provided to Softbrik.

14. Limitations of Liability

14.1 EXCEPT FOR DAMAGES AND LIABILITIES ARISING FROM: (i) A PARTY’S BREACH OF SECTION 6 (CONFIDENTIALITY); (ii) ITS VIOLATION OF APPLICABLE LAWS; (iii) ITS INDEMNIFICATION OBLIGATIONS; OR (iv) GROSS NEGLIGENCE OR INTENTIONAL MISCONDUCT, IN NO EVENT SHALL EITHER PARTY, ITS DIRECTORS, OFFICERS, SHAREHOLDERS, EMPLOYEES, MEMBERS, AGENTS AND REPRESENTATIVES BE LIABLE TO THE OTHER FOR: (i) ANY INDIRECT, INCIDENTAL PUNITIVE, OR CONSEQUENTIAL DAMAGES OF ANY KIND OR DAMAGES FOR LOSS OF USE, PROFITS, DATA, IMAGES, OR OTHER INTANGIBLES, OR IN THE CASE OF SOFTBRIK, DAMAGES FOR UNAUTHORIZED USE, NON-PERFORMANCE OF THE SERVICES, ERRORS OR OMISSIONS. SOFTBRIK’S LIABILITY UNDER THIS AGREEMENT WILL BE LIMITED TO THE GREATER OF: (A) THE AMOUNT PAID BY YOU, IF ANY, FOR ACCESSING THE SERVICES DURING THE TWELVE (12) MONTHS PRIOR TO THE DATE THE CLAIM AROSE; OR (B) $100.00 US DOLLARS. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATIONS AND EXCLUSIONS MAY NOT APPLY TO YOU.

15. Choice of Law, Venue and Language

15.1 The Agreement will be governed by the laws of Estonia, without reference to its choice of law rules.

15.2 Exclusive jurisdiction over and venue of any suit arising out of or relating to the Agreement, will be in the court of the district of Tallinn, and each of the parties hereto consents to the personal jurisdiction of, and venue in, this court.

15.3 Any correspondence in relation to the Agreement, whether written or spoken, shall at any time, no matter what the context, only be accepted and delivered in standard UK or UK business English.

16. Miscellaneous

16.1 The failure of either party to exercise in any respect any right provided for herein will not be deemed a waiver of any further rights hereunder. If any provision of this Agreement is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary so that this Agreement will otherwise remain in full force and effect and enforceable.

16.2 This Agreement is not assignable, transferable, or sublicensable by you except with Softbrik’s prior written consent. Softbrik may transfer, assign, or delegate this Agreement and any or all of its rights and obligations without consent.

16.3 If you are purchasing paid Services, Softbrik may request and with your consent, Softbrik may publicly disclose in writing that you purchased Services and may use your trademarks, service marks or trade name solely in connection with such disclosures.

16.4 This Agreement (including the Privacy Policy and Anti-Spam Policy) is the complete and exclusive statement of the mutual understanding of the parties and supersedes and cancels all previous written and oral agreements, communications and other understandings relating to the subject matter of this Agreement. No agency, partnership, joint venture, or employment is created as a result of this Agreement, and you do not have any authority to bind Softbrik in any respect whatsoever.

16.5 Any notice that is required or permitted by this Agreement will be in writing and will be deemed effective upon receipt, when sent by confirmed e-mail, if to you, at the email address you provide with your account, and if to Softbrik, to info@softbrik.com.

Report Incidents

Legal Documents

All policies and documents related to doing business with Softbrik can be found here. Should any information be missing - drop us a Voice Message.

Escalations

Softbrik employs state of the art double encryption policy and stringent security measures. However sometimes threats can still creep in due to technical vulnerabilities or worse social engineering.

1. Security Risks

a. Identity Thefts

Softbrik will never ask you for personal information like passwords, credit card details etc. If you feel that your details have been taken despite normal procedures, it is probably social engineering to steal your identity. In such a situation immediately alert us with an e-mail to safety@softbrik.com with the word ‘Urgent’ in the headline for us to give priority attention.  Alternately you can drop a Voice Message to us with the link here.

b. Data Breach

In case of any suspected hacking, data loss or similar issues please notify us immediately to take preventive and corrective action.

 

2. Financial Claims 

Softbrik does not deal with your payment systems as that relationship is handled by your bank and Stripe (our payment service provider). In case of any issues with double charging, card blocking, mis-transaction kindly contact your bank first followed by Stripe.

 

3.Invoicing

For any invoicing or payment term related issues kindly email us at info@softbrik.com or drop a Voice Message here.

Security

Legal Documents

All policies and documents related to doing business with Softbrik can be found here. Should any information be missing - drop us a Voice Message.

Security Policy

Softbrik employs state of the art double encryption policy. The information below discusses the policies and procedures in place for dealing with Data Safety and Security.

1. Authentication

Softbrik requires regular account users to login. No features are available without a secured authentication. Softbrik uses 128-bit SSL encryption for all authenticated sessions. This means that data sent to the Softbrik API as well as data retrieved through the Softbrik account management interface is protected.

 

2. Data Retrievability 

You are limited to retrieving only your own data through your secured account. Data stored in your Softbrik  account is only available to you. Each request to retrieve data from Softbrik must be authenticated. Furthermore, requests are restricted to the currently logged-in account.

Requests made to the Softbrik internal API require a logged in account and will not return outputs successfully otherwise.

 

3.Credit Card Information

We never store your Credit Card information. When you purchase a paid Customer.io subscription, your credit card data is not transmitted through nor stored on our systems. Instead, we depend on Stripe, a company dedicated to this task. Stripe is certified to PCI Service Provider Level 1, the most stringent level of certification available. Stripe’s security information is available online.

 

4. Softbrik Team Access

Access to servers is restricted to infrastructure engineers alone. Each employee is provided access through a unique key that can be revoked if needed. Each employee has their own login to our administrative web interface which can also be revoked. Softbrik account or business teams will not have any access rights to your environment.  For support issue resolution, they may request temporary authentication or a live session with secured remote access management tools.

 

5. Intrusion Testing

Softbrik periodically performs various Intrusion and Penetration Testing to assess system vulnerabilities. If you need specific testing for compliance reasons, please email us at safety@softbrik.com

 

6.Reporting Concerns

While we are extremely vigilant about security, vulnerabilities can occur from time to time. If you see any direct or potential vulnerability, we will greatly appreciate if you can drop us a quick email to safety@softbrik.com and we will investigate further accordingly.

We’ll work with you to make sure we understand the issue and address it. We consider security correspondence and vulnerabilities our highest priorities and will work to address any issues that arise ASAP.

Anti-Spam & Anti-Fraud Policy

Legal Documents

All policies and documents related to doing business with Softbrik can be found here. Should any information be missing - drop us a Voice Message.

Anti-Spam,Anti-Fraud Policy

 

Last revised on March 20, 2022, effective as of July 1st, 2021

 

Zero Tolerance

Softbrik has a no tolerance policy towards spam and fraud. “Spam” means unsolicited communication to persons with whom our customers do not have a business relationship or who have not specifically requested (opted-in to) our customers’ mailings. “Fraud” in Softbrik context means using the Services to ask sensitive personal information for the purpose of exploitation, abuse (data or physical) and impersonation of a different business without legitimate authority to dupe customers.

We monitor the Services for any large increases feedback communication or complaints of sensitive information (financial, health data) extraction. A customer’s account will be warned, suspended, and even potentially terminated with a 3 Strike Policy if the customer sends unsolicited email messages or tries to extract un-related sensitive information with mal intentions. Please report any suspected abuse to safety@softbrik.com.

ISPs and Blacklist administrators may contact us at safety@softbrik.com. Please forward the complete email or electronic message in question, including headers and any attached voice files.

If applicable, please also unsubscribe from any newsletter using the link at the bottom of the email if you no longer wish to receive emails from the sender. We will take the appropriate action against the sender of the email in question.

 

Customer Responsibility

To use our Services, Customers must agree to send only permission-based email or other forms of communication. This means all recipients must have opted-in to receive communications from the sending entity.

An opt-in can occur either via a sign-up form on a web site, at a point-of-sale sign-up form, or on a physical sign-up sheet. Purchased lists may not be used with the Services, regardless of the source or permission status.

You may not use Softbrik’s services to send messages to recipients that were:

  1. Harvested or scraped from websites
  2. Acquired through Purchased Lists (whether they are opt-in or not)
  3. Send Feedback questions with copy-righted, trader-marked or registered brand logo and other assets, that your current business account do not hold direct and clear ownership.

Additionally, the following sending practices are prohibited using Softbrik platform:

Feedback harvesting: If you collect customer feedback solely for the purpose of selling the information to other 3rd parties

Fraudulent Personal Information harvesting: Customers are strictly prohibited to use Softbrik platform for asking sensitive information like Credit Card Number, Bank Accounts, Health Data (ex. Covid Vaccination Status) unless there is a clear and direct relation to their business or campaign.

 

Procedure for Handling Complaints

Customer’s account will be immediately suspended facing up to terminated if we determine in our sole discretion that the account is used to send spam or duplicitous communication for retrieving sensitive information .

If you use the Services to send out emails to addresses obtained in any way other than a subscriber opting-in to your list, you may incur a huge penalty from competent national Data Regulatory Authorities in accordance with European, National, State and Federal regulations.

To determine whether you have sent spam or duplicitous messages, we will:

  1. review the content of the message in question
  2. review your subscriber list for patterns common to harvested lists
  3. review the spam complaint
  4. view the records to see when the subscriber was subscribed and their IP address

Prohibited Content

Softbrik prohibits the use of the Services to send content like text, audio or image files which:

  1. Provides, sells or offers to sell (or services related to): pornography; escort services; illegal goods; illegal drugs; illegal drug contraband; pirated computer programs; instructions on how to assemble or otherwise make bombs, grenades or other weapons
  2. Provides, sells, or offers to sell or rent any mailing list
  3. Displays material that exploits children, or otherwise exploits children under 18 years of age
  4. Posts or discloses any personally identifying information or private information about children
  5. Provides material that is abusive, bigoted, prejudiced, racist, hateful, profane, obscene, violent, harassing, fraudulent, deceptive, misleading or otherwise illegal content
  6. Violates the copyright, trademark, patent, trade secret, intellectual property or other rights of another
  7. Sells or promotes any products or services that are unlawful in the location at which the content is posted or received
  8. Introduces viruses, worms, harmful code and/or Trojan horses on the Internet
  9. Promotes, solicits or participates in pyramid schemes
  10. Engages in any libelous, defamatory, scandalous, threatening, harassing activity
  11. Posts any content that advocates, promotes, or otherwise encourages violence against any governments, organizations, groups or individuals or which provides instruction, information or assistance in causing or carrying out such violence.

Softbrik reserves the right to prohibit the use of the Services by any entity at its sole discretion.

For more information visit spamlaws.com and check EU checklist against Spam.

Data Processing Agreement

Legal Documents

All policies and documents related to doing business with Softbrik can be found here. Should any information be missing - drop us a Voice Message.

Softbrik Agreement for Data Processing

Last revised on March 20, 2022, effective as of July 1st, 2021

This data processing agreement is concluded between the parties mentioned below. It explains in detail how personal data is collected, stored, retrieved, and processed by users of the Softbrik platform. Please read it carefully and for any questions reach out to us at safety@softbrik.com.

 

1. Parties

Softbrik OÜ, registry code 14597527, address Hobujaama tn 4, 10151 Tallinn, Harju County, Estonia and/or its wholly owned subsidiary. Softbrik Health S.a.rl., registry code B245839, address 21 Rue Glesener, L-1631, Luxembourg, with email id info@softbrik.com, henceforth called (“Processor”), and represented by their legal representative,

and

legal entity who consents to Softbrik’s terms and conditions to legally receive services by clicking the Submit button of the Sign-up form (“Controller”),

The Controller and the Processor are hereinafter jointly referred to as the Parties and separately as the Party.

2. Definitions

 

2.1    Applicable data protection legislation – any applicable legislation relating to data protection and security, including the

  1. European Directive on Privacy and Electronic Communications (Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector)
  2. General Regulation on the Protection of Personal Data or GDPR (Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC) and their amendments, replacement, or extensions (hereinafter together referred to as “EU legislation”),
  • All binding national laws within European Union implementing EU law and other binding data protection or data security directives, laws, regulations, and decisions in force at the relevant time.
  1. California Consumer Privacy Act or CCPA (Directive AB-375 of the California State Legislature, United States of June 28th, 2018)
  2. and California Privacy Right Act or CPRA (Proposition 24 of the California State Legislature, United States of November 3, 2020)

2.2   Personal data – data relating to an identified or identifiable natural person. An identifiable natural person is a person who can be identified, directly or indirectly, by an identifier, such as name, address, social security number, subscriber number, IP address, location data, online identifier, traffic data or message content, or one or more on the basis of a factor related to the physical, physiological, genetic, mental, economic, cultural, or social identity of the natural person concerned

3. Background

3.1  The Processor shall grant the Controller access to the Softbrik web platform on the basis of an Agreement concluded between the Parties. The purpose of this data processing agreement is to ensure the protection and security of personal data transmitted by the Controller to the Processor under the Agreement. In connection with the Agreement, the Processor shall process, on behalf of the Controller, personal data received from the Controller relating to the employees, members, or customer of the Controller for whom the Controller is a Controller of personal data in accordance with applicable data protection legislation. The amount of personal data collected by the Controller regarding individuals, can be decided by the Controller through platform functionalities. In order to comply with applicable data protection legislation and to ensure an adequate level of protection of personal data transmitted to the Processor, the Parties agree to the following Obligations of the Controller [Section 4] and Obligations of the Processor [Section 5].

4. Obligations of the Data Controller

4.1. The Controller agrees and confirms that the processing of personal data by the Controller within the framework of the performance of the Agreement takes place in compliance with applicable data protection legislation and this data processing agreement.

 

4.2. The Controller agrees and confirms that he/she has authorized and during the processing of personal data in connection with the Agreement, authorizes the Processor to process personal data on behalf of the Controller.

 

4.3. The Controller agrees to provide the Processor with the necessary information and documentation upon request to fulfil the obligations of the processor arising from the applicable data protection legislation.

 

4.4. The Controller is fully responsible of requiring and maintaining the explicit consent of data subjects to process his/her personal data where the applicable data protection legislation requires such consent (e.g. processing special categories of personal data such as health data). Processor’s personnel do not have access to Controller’s Information and hence cannot take any responsibility, directly or indirectly, under any circumstances, for any private information submitted to the system with or without prior consent.

5. Obligations of the Data Processor

5.1. The Controller shall ensure that the processing of relevant personal data arising from the Agreement complies with the requirements of the applicable data protection legislation, the terms of the Agreement and this data processing agreement and that the rights of data subjects are duly protected. The Processor and third parties employed or involved by the Processor may process personal data only in accordance with the requirements of this data processing agreement and the Agreement and following other instructions issued or documented by the Controller as necessary.

5.2. The personal data processed by the Processor on the basis of this data processing agreement are described in the personal data instructions (Annex A). The personal data instructions specify the types of personal data processed by the Processor under the Agreement, the purposes of the processing of personal data and the technical and organizational security measures to be applied by the Processor to protect personal data and other details required by applicable data protection legislation.

5.3. The Processor shall not process personal data to a greater extent than is necessary for the performance of the Agreement and the data processing agreement by the Processor. The Processor agrees that, in the absence of explicit written consent, he or she shall not have the right to process personal data for purposes other than those agreed in the Agreement and the data processing agreement. If mandatory European Union or national law applicable to the Processor prohibits the Processor from complying with the Agreement or the instructions given or alternatively requires further processing beyond the Agreement or the data processing agreement, the Processor shall immediately inform the Controller of the relevant legal requirement prior to processing, or notifies the Controller that the Processor cannot fulfil the Agreement or the given instructions. In addition, the Processor shall immediately inform the Controller if, in his opinion, the instruction given by the Controller infringes the applicable data protection legislation.

5.4. The Processor shall keep the personal data confidential and shall ensure that all persons to process the personal data are informed of their confidential nature, have received appropriate training on their responsibilities and have undertaken or are bound by an appropriate legal obligation of confidentiality. The respective obligation of confidentiality shall remain in force after the termination of this data processing agreement and/or the Agreement.

5.5. The Processor shall implement appropriate technical and organizational measures to protect the personal data processed against un or unlawful processing and against accidental loss, destruction, damage, alteration, or disclosure. Such measures shall ensure a level of security commensurate with the risks of processing.

5.6. Considering the nature of the processing and the information available, the Processor shall also assist the Controller in ensuring that the Controller fulfils its obligations related to the security of personal data, such as reporting data breaches, risk and impact assessments and advising in accordance with applicable data protection law.

5.7. In the event of an actual or reasonably suspected personal data breach or other imminent enforcement proceedings against the Processor concerning the processing of personal data under a data processing agreement, the Processor shall notify the Controller in writing without delay and no later than forty-eight (48) hours after becoming aware of the breach. After receiving the prior approval of the Controller, the Processor shall try to resolve the situation quickly and prevent further damage and mitigate the effects of the respective case. In the notification, the Processor shall provide the Controller with all data necessary for the Controller to fulfil his/her notification obligation and to eliminate and mitigate the effects of the personal data breach in accordance with the applicable data protection legislation. Where possible and reasonable, the Processor shall provide appropriate remedial services to data subjects upon request.

5.8. The Processor shall also document the violations of personal data related to the Agreement, outlining the circumstances of the violation, its effects and the corrective measures are taken. This documentation must enable the supervisory authority to verify compliance with the applicable data protection legislation. The documentation may contain only the information necessary for that purpose.

5.9. The Processor shall, at the request of the Controller and without additional charge, cooperate and assist the Controller with information on appropriate technical and organizational measures to ensure the data subject’s rights under applicable data protection law, including:

(i)   Provide the Controller with a copy of the data subject’s personal data;

(ii)  Open, correct, delete personal data or restrict the processing of personal data.

The Processor shall provide the requested assistance with the necessary documents and information within ten (10) days of the request of the Controller.

5.10.  If a data subject, supervisory or government agency (e.g. the Data Protection Inspectorate) or another third party requests personal data be processed under the Agreement from the Processor, the Processor shall direct the respective request to the Controller. The Processor shall not disclose personal data or other information concerning the processing of personal data without the prior written consent of the Controller unless the Processor is required to disclose such data under mandatory European Union or national law. In the latter case, the Processor shall immediately notify the Controller of the application to the extent permitted by law.

5.11.The Processor shall provide, without charge to the Controller, all data and documentation and provide the assistance necessary to the Controller to comply with all the requirements of the applicable data protection legislation and to demonstrate compliance with these requirements with respect to personal data related to the Agreement. In addition, the Processor shall allow and facilitate audits by regulatory and/or supervisory authorities.

5.12. The Processor must always keep and make available up-to-date data on processing operations, including the name, contact details, representative (including data protection officer, if applicable) and location of each legal entity acting as a (sub)processor, the types of processing carried out on behalf of the Controller, and, where applicable, the nature of the international transfer of data (including the countries) concerned and the documentation on the applicable transfer mechanisms). The Processor shall, at the request of the Controller and without undue delay, provide the Controller with the documentation provided for in this point so that the Controller can comply with the applicable data protection legislation.

5.13. The Processor shall ensure that the Controller has the right to understand the Processor’s mechanisms involving their business (and shall ensure that the Processor has equivalent control and audit rights regarding third-party sub processors) in order to verify that the Processor’s processing activities and related technical and organizational security measures are in accordance with this obligation set out in the data processing agreement, the Agreement or applicable data protection law.

6. Transfer of Personal Data to a Third Party

6.1. The Processor shall not have the right to transfer personal data to a third party or to grant access to a third party, e.g. by giving remote access to personal data (all understood as a transfer) or to involve sub-processors to process personal data (the above-mentioned transfer and sub-processing activities are collectively referred to as the transfer of personal data to a third party) except the list of service providers mentioned at the relevant section of the website like the ‘Service-providers’ page (https://softbrik.com/service-providers)

6.2   In the future if the list of such service providers expands, the processor will periodically inform the controller in writing. Once informed, the transfer of personal data by the Processor shall be subject to the establishment of the same data protection obligations as provided for in this data processing agreement before the transfer of personal data to the relevant third party. The consent shall not be required for those sub-processors (service providers) listed in the relevant section of the website like the ‘Features’ page (https://softbrik.com/service-providers).

6.3. This consent shall be valid until the earliest of the following: (i) if the Controller notifies the Processor of the withdrawal of the consent; or (ii) if the Processor notifies the Controller that the Processor no longer uses the approved third party for that purpose.

6.4. If the Controller does not consent to the transfer of personal data to a third party for the reason that the Controller considers reasonable, the Processor shall continue to perform the Agreement and the data processing agreement under the agreed conditions until the following events occur: (i) The Parties have agreed to terminate the Agreement related to the processing of personal data and have ensured the return of the relevant personal data to the Controller (or deletion, as the case may be) or have agreed to transfer the Agreement to a new service provider, which can in no case take longer than three (3) months; or (ii) the Parties have agreed how the performance of the Agreement will continue, including the relevant costs and in a manner reasonably acceptable to the Controller.

6.5. If the third party sub-processor does not comply with the applicable data protection legislation or does not comply with the data protection obligations arising from the Agreement with the Controller, the Processor shall remain liable to the Controller for the third party obligations under applicable data protection legislation and the relevant Agreement only where Processor has not complied with obligations of data protection legislation or where Processor has given such instructions to the third party sub-processor which led the third party sub-processor to the noncompliance of data protection legislation or the Agreement.

Important: Impact of Work from Home and Remote Work on 3rd Party Data Processing

 

In light of the Covid pandemic, it is possible that a significant majority of the Processor’s team handling Data is working remotely at any moment of time. The Processor shall ensure that at any time data needs to be handled remotely, they are processed using the appropriate list of service providers as mentioned in Section 6.1 with reasonable data security (https://softbrik.com/security) for prevention of any abuse of information.

7. Termination of processing of Personal Data

If the processing of personal data is no longer necessary under the Agreement or if the respective Agreement terminates or is terminated, the Processor shall delete or return to the Controller all personal data processed by the Processor under the Agreement, unless otherwise required by applicable data protection legislation. Upon deletion of personal data, the Processor shall immediately confirm the destruction of personal data at the request of the Controller. If the Controller requests the return of personal data, the Processor shall return all personal data in the manner and form requested by the Controller and delete all existing copies thereof.

8. Liability

The Processor shall not be liable for any damage caused in the course of processing the data in any shape or form including any security vulnerability due to underlying provider’s service malfunction or any malware or any human errors. Processor shall only be responsible for carrying out legally required tasks. The Controller shall reimburse the Processor for all costs and protect it against claims, damages and expenses incurred by the Processor or for which the Processor may be held liable in connection with the performance of its obligations under this data processing agreement due to the Controller or its employees or agents. The obligations set out above shall survive the termination, cancellation or expiration of this data processing agreement and/or the Agreement.

9. Term

This data processing agreement is valid as long as the Processor processes personal data on behalf of the Controller on the basis of the Agreement.

Privacy Policy

Legal Documents

All policies and documents related to doing business with Softbrik can be found here. Should any information be missing - drop us a Voice Message.

End User Privacy Policy

Last revised on 28th December 2022, effective as of January 1, 2023.

Softbrik works hard to respect your privacy, starting with being transparent about what data we collect and how we use it. This privacy policy describes the information Softbrik OÜ, registry code 14597527, address Hobujaama tn 4, 10151 Tallinn, Harju County, and/or its wholly owned subsidiary. Softbrik Health S.a.rl., registry code B245839, address 21 Rue Glesener, L-1631, Luxembourg, common email id [info@softbrik.com], (“we” or “us”) collect from End Users (“you”) via our digital forms (the “Forms”) and the information we collect on behalf of our clients (“Controllers”) who employ our technology to use our messaging, analytics, and other services (the “Services”).

1. Scope

1.1 This End-User Privacy section covers fundamentals of how the data is collected from you. To understand how the Data is processed, please refer to the comprehensive Softbrik Data Processing Agreement.

1.2 This Policy applies when you interact with us through our Services. It does not apply to non-Softbrik websites and mobile applications that may link to the Services or be linked to or from the Services as they are third parties that Softbrik does not own or control. Softbrik is not responsible for any 3rd Party’s privacy or security practices. Please review the privacy policies on those websites and applications directly to understand their privacy practices. In case of any questions, we always encourage you to clarify with us first at safety@softbrik.com.

1.3 Any order forms or additional agreements to which users agree governing the provision of optional Softbrik features shall take precedence over the terms of this Privacy Policy to the extent of any differences, so please read such order forms or additional agreements carefully.

 

2. Which Privacy Laws do we cover?

Softbrik covers a host of European and international Privacy best practices.

2.1  Applicable data protection legislation – any applicable legislation relating to data protection and security, including the

  1. European Directive on Privacy and Electronic Communications (Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector)
  2. General Regulation on the Protection of Personal Data or GDPR (Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC) and their amendments, replacement, or extensions (hereinafter together referred to as “EU legislation”), These include health care related provisions and patient rights as termed as ‘Medical GDPR’.
  3. All binding national laws within European Union implementing EU law and other binding data protection or data security directives, laws, regulations, and decisions in force at the relevant time for general and healthcare specific situations.
  4. Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) As per the Federal Government of the United States pertaining to healthcare data and patient rights.

2.2 Softbrik participates in and complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. Softbrik’s accountability for personal data that it receives under the Privacy Shield and subsequently transfers to a third party is described in EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks.

 

3. Information We Collect on Website and on Forms

3.1  Softbrik Website & Forms typically include fields that permits you to enter:

(i)  Name, Email Id, Telephone Number, and other Contact Details if the controller has enabled this so that the customer service professionals have an option to contact you

(ii)  Your preference and feedback about customer products and services in textual form

(iii) Your preference and feedback about customer products and services in voice format as an encrypted audio-file.

(iv) Your demographical information that our customers can seek with Survey Forms

(v)  Any information you share with our customers for support on product or services

3.2  Other forms of information that can be collected are:

(i)  In certain instances, payment information and associated contact information

(ii) Email addresses and similar contact information in widgets for marketing newsletters, including whether you open or click links in any correspondence

(iii) Device information collected from third-party API integrations. For example, Customers can  use third-party integrations to record the Customer website pages you visit and upload that information to our systems

 

4. Information We Collect Automatically

When you interact with the Services, certain information about your use of our Services is collected automatically. This includes:

4.1 Details of your visits to our site and information generated during the use of our site (including the timing, frequency, and pattern of service use) including, but not limited to, traffic data, location data, weblogs and other communication data, the resources that you access, and how you reached our site.

4.2 Details regarding the device you use to access our Services, including, but not limited to, your IP address, operating system, and browser type.

4.3 Information about how you interact with our ads and newsletters, including whether you open or click links in any correspondence.

Much of this information is collected through trusted 3rd party tracking technologies which are mentioned in this page –  https://softbrik.com/service-providers

 

5. How We Use & Protect Your Information

5.1 We may use the information we collect from you for the following purposes:

5.2 To provide our customers (Controllers) a detailed understanding of your feedback for improvement of their products and services, including to take steps to enter a contract for sale or for services, process payments, fulfil orders, and send service communications.

5.3 Your Voice feedback data is processed to offer feedback services to the Controller’s customer service professionals or similar team (Customer Feedback, Customer Success). Voice feedback data is auto categorized through ML/AI according to keyword recognition and pattern enhancement allowing customer service professionals to see end-user summary and trends.

5.4 To Create custom audiences on social media sites.

5.5 To provide you with the best service and improve and grow our business, including by understanding our customer base and purchasing trends and understanding the effectiveness of our marketing.

5.6 To understand how our Services are being used, track site performance, and make improvements.

5.7 To deliver ads about our Services to you around the web and measure their effectiveness.

5.8 To detect, investigate, and prevent activities that may violate our policies or be fraudulent or illegal, and to comply with legal requirements regarding the provision of products and services

 

6. Understanding Meta-Data

Most businesses that have an internet presence use “targeted” advertising, which is also known as “personalized,” “interest-based,” or “behavioural” advertising. We use it too, and because we respect your privacy we would like to explain why. We use information we collect about you for two key purposes:

6.1 When you visit our website or interact with our emails to advertise to you on other websites and around the web, including paid search results and social media. We partner with companies that collect this information for us using cookies, JavaScript, and similar web technologies. The information we collect is granular, such as how you navigate through our website and how you interact with the different elements on each page. We link that information to an ID number that represents you (or more accurately, the device you use to interact with us), which is often a random string of alphanumeric characters. However, that ID and the information associated with it does not identify you personally. Our goal in collecting this information is to advertise more effectively to people who we think are interested in our services, such as by serving our ad on social media to people who have previously visited our website. If we did not use targeted advertising, we would end up serving ads to many people who have no interest in or need to use our services.

6.2 We collect information on behalf of our Customers (Controllers) to provide them with more accurate understanding of your sentiments about their products and services. This data is also collected our database with randomized IDs and we use the meta-data to improve the precision of our Machine Learning algorithms for better contextual understanding. This means we will group your data using a Machine Learning model to understand emotional conditions and continuously try to improve the precision of those detection. However, our data modelling is purely for providing insights to our Customers for taking business actions and for enhancement purpose only, not to construed as a single source of truth under any circumstances whatsoever.

To understand the roles and responsibilities of us (Data Processor) and our Customers (Data Controllers) please read through the Data Processing Agreement.  

 

7. Third Parties

7.1 Softbrik works with only trusted 3rd parties to handle your data (Service Providers). To know full list of the trusted service providers, we will keep it updated on the ‘Service Providers’ page of the website (https://softbrik.com/service-providers).

7.2 Additionally sometimes Our Services may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. To be very clear, we have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services in any context whatsoever.

 

8. Additional Information About Data Collection & Sharing Practices

8.1 Sharing of De-identified or Aggregated Data
We may share aggregated or de-identified data at our discretion.

8.2 Combination of Information
We may combine information from the Services together and with other information we obtain from our business records.

8.3 Change of Ownership or Corporate Organization
We may transfer to another entity or its affiliates or service providers some or all information about you in connection with, or during negotiations of, any merger, acquisition, sale of assets or any line of business, change in ownership control, or financing transaction. We cannot promise that an acquiring party or the merged entity will have the same privacy practices or treat your information the same as described in this Policy.

8.4 Our Practices Regarding Information Belonging to Children

The Services are intended for adult Customers aged eighteen (18 years) and older and end-users aged thirteen (13 years) and older.

Softbrik does not knowingly collect personally identifiable information from anyone under the age of 13 under any condition and educates our Customers to refrain from commercial outreach to children below 13 years using our services. If we discover that we have inadvertently collected information from anyone younger than the age of 13, we will delete that information.

If you are a parent or guardian and you are aware that your children has provided us with Personal Data, please contact us immediately at safety@softbrik.com. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers. 

8.5 Sharing of Medical or Health Information
To the extent that we receive protected health information about you, that information is subject to electronic disclosure to the extent permitted by applicable laws as mentioned in Section 2.1. For certain healthcare projects we may take additional consent pertaining to the project in respective languages.

8.6 Retention of Medical Information

Typically Softbrik retains data for all users in their respective customer environments. Specifically for medical projects, there may be retention period requirement which are different to the general situation. In those cases, depending on the customer and project sponsor guidelines, Softbrik will retain or delete data after certain stipulated amount of time. Typically additional documentation with customized consent links are available for such projects in the respective language of the survey but not necessarily.

 

9. Your Options & Rights Regarding Information

9.1 Please note that if you make a request to exercise your rights regarding information our customers collected about you, then we will direct your inquiry to that customer because it is their responsibility to respond to you under the law.

9.2 If at any time you would like to unsubscribe from receiving future marketing or outreach emails, you can click the unsubscribe link at the bottom of any email or email us at safety@softbrik.com and we will promptly remove you from all correspondence. Please note un-subscription from marketing email does not prevent sending you operational emails regarding a project that you are participating nor key updates or notifications from Softbrik and its partners, regarding our Services, Terms & Conditions, change in Policies and so forth. Softbrik reserves the complete right and autonomy to decide the nature and frequency of such communication.

9.3 Most web browsers automatically accept cookies but, if you prefer, you can usually modify your browser setting to disable or reject cookies. If you delete your cookies or if you set your browser to decline cookies, some features of the Services may not be available, work, or work as designed. You may also be able to opt out of or block tracking by interacting directly with the other companies who conduct tracking through our Services.

9.4 You may choose to activate a “do-not-track” signal via your browser. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they even are aware of them. Because there currently is no industry standard concerning what, if anything, websites should do when they receive such signals, we currently does not take action in response to these signals. For more information on “do-not-track,” visit http://www.allaboutdnt.com.

 

10. Transfer Of Data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. If you use our Services outside of the geographical borders of the European Union, you understand that we may collect, process, and store your information in the European Union, specifically in Ireland and Germany where we tend to store majority of our data via encrypted and secure cloud solution services. 

As of today we guarantee compliance with the list of laws explicitly mentioned in Section 2.1 and no more. The laws in the European Union regarding information may be different from the laws of your state or country and it is your responsibility to ascertain if we meet the standards expected from your legal regimen prior to usage if you are outside the jurisdictions mentioned in Section 2.1. 

The data collected will be transferred to the European Union for most practical purposes. Any such transfers will comply with safeguards as required by relevant law from the European Union standpoint. By using the Services, you consent to the collection, international transfer, storage, and processing of your data.

Softbrik will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

 

11. Disclosure Of Data

Softbrik may disclose your Personal Data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of Softbrik
  • To prevent or investigate possible wrongdoing in connection with the Services
  • To protect the personal safety of users of the Services or the public
  • To protect against legal liability.

 

12. Further changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Services, prior to the change becoming effective and update the ‘effective date’ at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

 

Contact US

If you have any questions about this Privacy Policy, please contact us by email: safety@softbrik.com.

Service Providers

Legal Documents

All policies and documents related to doing business with Softbrik can be found here. Should any information be missing - drop us a Voice Message.

Softbrik Service providers

The following are the list of Trusted 3rd Party Service Providers for Softbrik. This list is not exhaustive and we constantly update it to reflect our latest business situation. If you have any question about this list, do not hesitate to reach out to us at safety@softbrik.com.