PS Principles' Terms of Service & Data Protection Agreement
TERMS OF SERVICE
By accessing this PS Principles website you are agreeing to be bound by these terms of service, all applicable laws and regulations, and agree that you are responsible for compliance with any applicable local laws. If you do not agree with any of these terms, you are prohibited from using or accessing this site. The materials contained in this website are protected by applicable copyright and trademark law.
2. Use License
Permission is granted to use the online materials (information or resources) on this PS Principles website for personal, non-commercial transitory viewing only. This is the grant of a license, not a transfer of title, and under this license you may not:
- modify or copy the materials;
- use the materials for any commercial purpose, or for any public display (commercial or non-commercial);
- attempt to decompile or reverse engineer any software contained on PS Principles' website;
- remove any copyright or other proprietary notations from the materials; or
- transfer the materials to another person or "mirror" the materials on any other server.
This license shall automatically terminate if you violate any of these restrictions and may be terminated by PS Principles at any time. Upon terminating your viewing of these materials or upon the termination of this license, you must destroy any downloaded materials in your possession whether in electronic or printed format.
The materials on PS Principles' website are provided on an 'as is' basis. PS Principles makes no warranties, expressed or implied, and hereby disclaims and negates all other warranties including, without limitation, implied warranties or conditions of merchantability, fitness for a particular purpose, or non-infringement of intellectual property or other violation of rights.
Further, PS Principles does not warrant or make any representations concerning the accuracy, likely results, or reliability of the use of the materials on its website or otherwise relating to such materials or on any sites linked to this site.
In no event shall PS Principles or its suppliers be liable for any damages (including, without limitation, damages for loss of data or profit, or due to business interruption) arising out of the use or inability to use the materials on PS Principles' website, even if PS Principles or a PS Principles authorized representative has been notified orally or in writing of the possibility of such damage. Because some jurisdictions do not allow limitations on implied warranties, or limitations of liability for consequential or incidental damages, these limitations may not apply to you.
5. Accuracy of materials
The materials appearing on PS Principles' website could include technical, typographical, or photographic errors. PS Principles makes every effort to ensure that its materials are accurate, complete or current. PS Principles may make changes to the materials contained on its website at any time without notice. However, PS Principles does not make any commitment to update the materials with any specific frequency.
PS Principles has not reviewed all of the sites linked to its website and is not responsible for the contents of any such linked site. The inclusion of any link does not imply endorsement by PS Principles of the site. Use of any such linked website is at the user's own risk.
PS Principles may revise these terms of service for its website at any time without notice. By using this website you are agreeing to be bound by the then current version of these terms of service.
8. Governing Law
These terms and conditions are governed by and construed in accordance with the laws of the United States of America and you irrevocably submit to the exclusive jurisdiction of the courts in that State or location.
DATA PROTECTION AGREEMENTEffective date: February 8, 2019. This GDPR Data Processing Agreement Addendum forms part of the Terms of Service available at https://pscc.psprinciples.com/terms. The purpose of this DPA is to reflect the parties’ agreement with regard to the processing of personal data in accordance with the requirements of Data Protection Legislation as defined below. Without limiting PS Principles' obligations under the Terms of Service, to the extent that Licensee stores, transmits, collects, or otherwise uses EU Personal Data (as defined below) PS Principles will comply with the following additional provisions. As used herein, “Agreement” means, collectively, the Terms of Service, this Addenda, and any other agreements entered into by the parties with respect to Licensee’s use of the PS Principles Platform.
1. Definitions. Capitalized terms used in this section will have the meaning set forth below.
2. “Data Breach” means any security breach, or any similar or equivalent comprise which leads to the unintended, accidental, unauthorized or unlawful loss, disclosure of, or access to, EU Personal Data by any Processor.
3. “Data Controller” has the meaning given to it under the GDPR.
4. “Data Processor” has the meaning given to it under the GDPR.
5. “Data Protection Laws” means any data protection, privacy or similar laws or regulations anywhere in the world relating to the processing or other use of personal data, including the GDPR, that apply in relation to any Personal Data processed in connection with this Agreement.
6. “EU Data Subject” will have the meaning given to “Data Subject” under the GDPR.
7. “EU Personal Data” will have the meaning given to “Personal Data” under the GDPR.
8. “GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and to the extent the GDPR is no longer applicable in the United Kingdom, any implementing legislation or legislation having equivalent effect in the United Kingdom.
9. “Licensee Personal Data” means EU Personal Data that is processed by PS Principles or any PS Principles employees, agents or personnel in performing its obligations under this Agreement or which is otherwise made available directly or indirectly to PS Principles or its employees, agents or personnel by Licensee.
10. “Processing” will have the meaning given to it under the GDPR.
11. “Processor Security Obligations” will mean Article 32 of the GDPR.
12. “Supervisory Authority” has the meaning given to it under the GDPR.
13. Compliance. PS Principles will comply with its obligations under applicable Data Protection Laws. PS Principles will ensure that all PS Principles employees, subcontractors and other personnel will comply with obligations that are equivalent to the obligations imposed on PS Principles under this section to the extent that such PS Principles employees, subcontractors and personnel carry out any processing of Licensee Personal Data under or in connection with this Agreement. PS Principles will not intentionally perform any act that puts Licensee in breach of its obligations under applicable Data Protection Laws, and PS Principles will notify Licensee if in PS Principles' opinion performance of a Licensee instruction would result in breach of applicable Data Protection Laws. Nothing in this Agreement will be deemed to prevent either party from taking the steps it reasonably deems necessary to comply with applicable Data Protection Laws.
14. General. The Parties acknowledge that: (i) Licensee alone will determine the purposes for which and the manner in which Licensee Personal Data are, or are to be, processed in the performance of this Agreement; (ii) Licensee will be the Data Controller in respect of all Licensee Personal Data; (iii) PS Principles will be the Data Processor in respect of Licensee Personal Data; and (iv) PS Principles will only process Licensee Personal Data for the limited purpose of performing its obligations under, and during the term of, this Agreement.
15. Requests. In a manner that conforms to any timescales set out in applicable Data Protection Laws, (and, in any event, as soon as reasonably practicable, if sooner, or as specified below in this section), PS Principles will comply with any written request by Licensee to: (i) correct or delete inaccurate Licensee Personal Data; (ii) provide a copy of Licensee Personal Data relating to an EU Data Subject in the possession or control of PS Principles; (iii) provide information about the Processing of Licensee Personal Data including information (or a report in sufficient detail if requested by Licensee, within thirty (30) days of such request) about the technical and organizational security measures that it uses to comply with the Processor Security Obligations or information about how its processing of Licensee Personal Data complies with applicable Data Protection Laws; (iv) within ten (10) days of such request or notice (as applicable) from Licensee, assist and provide the required information in respect of any request or notice, or any anticipated request or notice, by or on behalf of any EU Data Subject or by a Supervisory Authority in respect of Licensee Personal Data; (v) delete or return to Licensee the Licensee Personal Data after the end of the provision of the services related to the processing, unless otherwise required by applicable law; and (vi) otherwise provide reasonable assistance to Licensee as necessary to allow Licensee to comply with applicable Data Protection Laws.
16. Use. PS Principles will not, without Licensee’s prior written consent: (i) use Licensee Personal Data for PS Principles own purposes; or (ii) carry out the processing by automatic means of any Licensee Personal Data for the purpose of evaluating matters about an EU Data Subject that constitutes the sole basis for any decision that significantly affects such Data Subject.
17. Transfer. PS Principles may disclose Licensee Personal Data throughout the world to fulfill the purposes described above. This may include transferring Licensee Personal Data to other countries (including countries located outside the European Economic Area) that have different data protection regimes and which are not deemed to provide an adequate level of protection for EU Personal Information. To ensure that your Licensee Personal Data is sufficiently protected when transferred outside the EEA PS Principles has certified that its hosting provider is in compliance with the US Privacy Shield with the U.S. Department of Commerce. PS Principles will engage subcontractors only pursuant to Licensee’s general or specific authorization. Licensee specifically authorizes the engagement of PS Principles' parent, subsidiaries, and other companies under common control with PS Principles as subcontractors. Licensee generally authorizes the PS Principles' engagement of any other third parties as subcontractors. When engaging any subcontractor, PS Principles will enter into a written contract with such subcontractor containing data protection obligations not less protective than those in this DPA, to the extent applicable to the nature of the services provided by such subcontractor. Where PS Principles engages a subcontractor pursuant to Licensee’s general authorization, PS Principles will, at least 30 days before the new subcontractor processes any Licensee Personal Data, notify Licensee of the engagement. Licensee may object to such subcontractor by providing written notice to PS Principles within ten (10) business days of being informed of the engagement. In the event Licensee objects to a new subcontractor, Licensee and PS Principles will work together in good faith to find a mutually acceptable resolution to address such objection. If the parties are unable to reach a mutually acceptable resolution within a reasonable timeframe, Licensee may, as its sole and exclusive remedy, terminate the agreement impacted by the subcontractor by providing written notice to PS Principles.
18. Complaints. PS Principles will promptly notify Licensee if any complaints are received by PS Principles from third parties about the processing of Licensee Personal Data, and PS Principles will not make any admissions, settle or take any action which may be prejudicial to the defense or settlement of any such complaint and will provide to Licensee such reasonable assistance, at Licensee’s cost, as it may require in connection with such complaint. If PS Principles acquires, on behalf of and independently from Licensee, any EU Personal Data from EU Data Subjects as part of the Services, PS Principles will give such individuals a data protection notice describing the intended use of such EU Personal Data, in a form provided or approved by Licensee. Without prejudice to its other obligations under this Agreement, if PS Principles becomes aware of any unauthorized, unlawful or dishonest conduct or activities or any breach of this section (including the occurrence of any Data Breach), PS Principles will promptly notify Licensee and provide all relevant information reasonably required by Licensee about such conduct, activities and/or breaches. All complaints relevant to EU Personal Data should be sent to firstname.lastname@example.org
19. PS Principles Security Obligations. PS Principles acknowledges that it is obliged to comply with the Processor Security Obligations (including management of on-going compliance and effective security management) in respect of Licensee Personal Data and, in particular, that it will comply with the following obligations: (i) take appropriate technical and organizational security measures to safeguard against any unauthorized and unlawful processing of Licensee Personal Data and against any accidental loss or destruction of, or damage to, EU Personal Data; (ii) only process Licensee Personal Data in accordance with written instructions given by Licensee; (iii) take reasonable steps to ensure the reliability of those PS Principles employees, agents or other personnel that have access to Licensee Personal Data; and (iv) ensure that all PS Principles employees, agents or other personnel involved in processing Licensee Personal Data have undergone reasonably adequate training in the care and handling of EU Personal Data.
20. Audit. If a relevant data protection Supervisory Authority is required by law or regulation to audit the data processing facilities from which PS Principles' processes Personal Data in order to ascertain and/or monitor compliance with Data Protection Requirements, then PS Principles will cooperate with the audit at Licensee’s expense.