Last update: November 15, 2021 (download)
MARFEEL SaaS GENERAL TERMS OF SERVICE
Last update: November 15, 2021
This Contract is entered between Marfeel Solutions, S.L., a Spanish limited liability company with VAT number ESB65651259 (hereinafter may be referred as the COMPANY or MARFEEL) and the CLIENT. Both parties may be referred jointly as the PARTIES.
1.- SCOPE OF THE AGREEMENT
1.1. This SAAS GENERAL TERMS OF SERVICE below set forth the rights and obligations of the PARTIES associated with the implementation and execution of the SERVICE (S) (defined below) on the CLIENT'S website. Before using the SERVICE, CLIENT must read and affirmatively indicate its acceptance of the following SAAS GENERAL TERMS OF SERVICE, and any applicable SERVICE ORDER FORM (as defined below) (individually or collectively the "Contract and/or the “Agreement”).
1.2. SERVICE(S): Are the proprietary software services that MARFEEL will provide to the CLIENT that are described in a specific SERVICE ORDER FORM and that will be governed by this SAAS General Terms of Service.
1.3SERVICE ORDER FORM:Is the document issued by MARFEEL which describes the SERVICE requested and accepted by the CLIENT and any specific terms and conditions. Each SERVICE ORDER FORM shall be deemed a two-party agreement between Marfeel and the Client and shall be deemed to incorporate be subject to all the terms and conditions of this Marfeel Saas General Terms of Service.
2.- FEES AND PAYMENT
2.1. Except with regard to Data any Free Period, MARFEEL will bill the CLIENT in advance and according to the Billing Frequency stated on the respective SERVICE ORDER FORM. Invoices must be paid within 10 days counted since the date of issuance.
2.2. All amounts due shall be paid in EUROS or US DOLLARS. SERVICE fees are exclusive of all banking fees and all taxes, levies, or duties imposed by taxing authorities, and CLIENT is responsible for payment of all such fees, taxes, levies, or duties. In the event CLIENT is required to withhold any portion of SERVICE fees due to payments to banks or taxing authorities, (i) agrees to do so and to indemnify the COMPANY for any liability resulting from its failure to make such withholdings, and (ii) the COMPANY reserves the right to adjust the pricing of the SERVICE so that it is responsible for payment to MARFEEL of the full amount for the SERVICE, net of any such withholdings.
3.- TERM AND TERMINATION
3.1. The Initial Date of the SERVICE ruled by this Agreement is described in the respective SERVICE ORDER FORM.
3.2. Each SERVICE ORDER FORMwill remain in effect for the term indicated therewith counted since the Initial Date. Thereafter, it will renew automatically for the same term unless either party refuses such renewal by providing a written notice of termination of at least one (1) month before the end of the current term.
In case the CLIENT fails to comply with the notice period, the SERVICE ORDER FORM will deem to be automatically renewed for the same terms.
Under no circumstances MARFEEL will refund any prepaid fees or amounts paid by CLIENT.
3.3. Notwithstanding point 3.2, the CLIENT will have a 5 week period counted from the Initial Date in which it will be entitled to terminate the SERVICE ORDER FORMfor any reason. If the CLIENT exercises this option, MARFEEL will not reimburse any kind of fees or amounts paid by the CLIENT.
3.4. If CLIENT fails to comply with any provision of this Agreement, MARFEEL may terminate this Agreement immediately and retain any fees previously paid by CLIENT. MARFEEL may also, permanently or temporarily, terminate, suspend, or otherwise refuse to permit the CLIENT's use of the SERVICE(S) upon reasonable prior notice without incurring liability as a result thereof, if in its sole determination, CLIENT violates, or is reasonably likely to violate, this CONTRACT, including without limitation, by the nonpayment of fees.
3.5. Upon termination of this Agreement, all licenses, and any other rights and SERVICE (S) provided by MARFEEL to CLIENT in this Contract, shall cease immediately, and, unless otherwise specified in an applicable SERVICE ORDER FORM, MARFEEL will have no obligation to store, retain or provide any Traffic Data (historical or otherwise) to the CLIENT.
Survival: Sections 2, 5 to 8 inclusive, and section 10.5 shall survive any termination of this Contract. Upon any termination of this Contract, CLIENT must cease any further use of the SERVICE.
4.- RIGHTS AND OBLIGATIONS
4.1. Subject to this SAAS GENERAL TERMS OF SERVICE, MARFEEL grants the CLIENT a non-sublicensable, non-transferable, non-exclusive, revocable, limited license to use: (i) the SERVICES and (ii) certain proprietary documentation in the form generally made available by MARFEEL for use with the Software (the "Documentation") solely to receive the COMPANY's SERVICE. The CLIENT use of the SERVICE shall be restricted pursuant to the terms and conditions of this Contract in compliance with the Laws and applicable policies set by the COMPANY. MARFEEL also grants a nonexclusive, non transferable, revocable, limited license to access and use its API solely in connection with its use of the SERVICE.
4.3. CLIENT shall own all rights in and to all Traffic Data, subject to the rights and licenses granted herein. “Traffic Data” means all data and information created, received, processed or provided by MARFEEL in performing the SERVICE, or that results from performance of the SERVICE for the CLIENT. CLIENT hereby grants MARFEEL all necessary rights to access and track Traffic Data concerning CLIENT`S website, solely in connection with providing the SERVICE during the term of this Contract. MARFEEL disclaim any ownership of Traffic Data.
4.4. CLIENT shall not, and shall not allow others to: (i) cause or permit the reverse engineering, disassembly, or decompilation of any portion of the SERVICES; (ii) remove any copyright notices, trademarks or other proprietary notices or restrictions from the SERVICES; (iii) use or modify the SERVICES in any way that would subject the Product, in whole or in part, to a Copyleft License (as defined below); (iv) use the SERVICES, or permit it to be used, for purposes of evaluation benchmarking, performance tests or other comparative analysis intended for publication or disclosure to third parties; (v) except as permitted by this Contract, directly or indirectly: distribute, spread, disseminate, communicate, sell, sublicense, rent, lease, market, use or commercialize the SERVICE (or any portion thereof); (vi) provide the SERVICE on a time sharing, hosting, COMPANY or other similar basis; (vii) copy any features, functions or graphics of the Product for any purpose other than what is expressly authorized under this Contract; (viii) send, store, access or authorize a third party to send, store or access spam, unlawful, infringing, obscene or libelous material, viruses, worms, time bombs, Trojan horses and other harmful or malicious code, files, scripts, agents or programs; (ix) interfere with or disrupt the integrity or performance of the SERVICES. “Copyleft License” means a software license that requires that information necessary for reproducing and modifying such software must be made available publicly to recipients of executable versions of such software.
4.6. The COMPANY is the owner of all the Intellectual Property rights over the SERVICES, the trademarks, distinctive signs and contents associated with it, which have not been generated by clients, partners or collaborators.
4.7.The CLIENT accepts that MARFEEL may use its name and/ or logo to apply to awards, case studies, public relations and other marketing purposes.
4.8. The CLIENT acknowledges that Marfeel may need to access the CLIENT’s platform for the following purposes: to ensure that the SERVICE is provided to the expected level OR to optimize the platform OR to verify that the platform is functioning adequately, unless indicated otherwise via written statement from the CLIENT.
5.- WARRANTY DISCLAIMER
5.1. MARFEEL makes no warranty of any kind, whether express, implied, statutory or otherwise, including without limitation, merchantability, fitness for a particular use and noninfringement. The SERVICE is provided by the COMPANY and its licensors "as is" and "as available". CLIENT assumes all risk for the use of the SERVICE, including without limitation any harm caused by viruses, works, or other damaging materials. In no event does the COMPANY guarantee any results, increased traffic or user engagement for the CLIENT. MARFEEL does not warrant that the service or any portion thereof, are accurate, error or bug free, that the use of the service will be uninterrupted, or that the service's operation will not negatively affect other software or hardware. This section 5 applies to the maximum extent allowed by applicable law. The service is offered by MARFEEL from its facilities in Spain. MARFEEL makes no representations that the SERVICE is appropriate or available for use in other countries. Those who access or use the SERVICE from other jurisdictions do so at their own risk and are responsible for compliance with all applicable laws, including but not limited laws related to the collection of data from client`s website’s end users.
6.- LIMITATION OF LIABILITY
6.1. In no event will MARFEEL and/or its officers, directors, employees, agents or representatives be liable (i) for any indirect, special, incidental, consequential, exemplary or punitive damages related to or arising from CLIENT`s use, misuse, or inability to use the SERVICE; including but not limited, to contract or tort and whether or not the COMPANY was or should has been aware or advised of the possibility of such damage; or (ii) for any claim attributable to errors, omissions, or other inaccuracies in the SERVICE or destructive properties of the SERVICE. In no event shall the COMPANY aggregate liability under this Contract exceed the total sum of monies paid from CLIENT to the COMPANY as consideration for use of the SERVICE during the three (3) months immediately preceding the event giving rise to such liability.
7.1. CLIENT hereby agrees, at its expense, to indemnify, defend and hold harmless the COMPANY, its licensors, subcontractors, and its respective directors, officers, shareholders, employees and agents from and against losses, damages, expenses, liabilities and cost arising out of a third party claim, actions, or allegations made against MARFEEL relating to, incurred in connection with, or based upon: i) CLIENT` use of the SERVICE in breach of this contract; ii) infringement based on information, data or content submitted in connection with the SERVICE; and/or; iii) CLIENT infringement or potential infringement of any trademark, copyright, and/or intellectual property right. The CLIENT will reimburse MARFEEL for all necessary or convenient expenditure in connection with such claims.
8.- NON-DISCLOSURE AND CONFIDENTIAL INFORMATION
8.1. Confidential Information means any information that has been disclosed to any of the PARTIES as a result of the performance of the rights and duties described hereto, which is not available for the public domain as, for example, any information related to business, properties customers, operations, facilities, procedures, methods, transactions, knowhow or any other aspect of the activity of the PARTIES.
8.2. The PARTIES agree and undertake to maintain the Confidential Information in the strictest secrecy. No PARTY shall disclose the Confidential Information for any purpose different to the purpose associated with the present SAAS GENERAL TERMS OF SERVICE, unless any governmental agency in the exercise of their powers, requires the information.
8.3. Upon termination of the present SAAS GENERAL TERMS OF SERVICE, each PARTY, upon request of the other, will return or destroy all copies of all of the other's Confidential Information in its possession or control (unless impracticable), except to the extent such Confidential Information must be retained pursuant to applicable law or a PARTY’s document retention policy.
9.- DATA PROCESSING
9.1. The PARTIES acknowledge that MARFEEL, as Data Processor, undertakes to process personal data on behalf of the CLIENT following its instructions, according to article 28 of the General Data Protection Regulation (GDPR). This Contract will be subject to the Data Processing Addendum attached as Appendix A.
9.3. For the processing of Personal Data of California users and households, please refer to Appendix B.
9.4. For the processing of Personal Data of users located in the Federative Republic of Brazil, please refer to Appendix C.
9.5. The personal data of the parties, as well as of those other persons in charge of monitoring or executing the same, will be collected and processed, respectively, by Marfeel and the Client for the following purposes:
- To carry out an adequate management of the contractual relationship with the company in which they work or of which they are a representative.
- To maintain commercial contact with the company in which they work or of which they are a representative.
The legal basis that legitimates the processing of personal data is the existence of a legal or contractual relationship.
The data will be processed for the entire duration of the contractual relationship between the parties. Once the contractual relationship has ended, the data shall be blocked for the period during which any liability may arise from the processing or from the contract. Once the legal period of limitation has expired and these responsibilities have expired, the data will be deleted.
Data subjects have the right to access, rectify, delete, limit and oppose the processing of the data, as well as to exercise the other rights recognized in the current legislation on data protection, by contacting the corresponding data controller at the following address:
• Marfeel: The contact details of the Data Protection Officer are the following: e-mail: firstname.lastname@example.org; Address: Avenida Josep Tarradellas, 20-30, sixth floor. 08029 – Barcelona.
• The Client: the e-mail and postal address provided at the time of the contract.
They may also file a claim with the competent data protection authority.
10.- GENERAL CLAUSES
10.1. Neither PARTY may assign, in whole or in part, its rights or duties under these terms to a third PARTY without the prior written consent of the other PARTY, with the exception of a merger, acquisition or sale of all or substantially all of the PARTY’s assets, stock or business or any other corporate transaction. Notwithstanding the foregoing, Marfeel may assign this contract to any of its Affiliates without the CLIENT prior consent.
10.2. Communications: (i) The CLIENT shall direct all communications related to these conditions to: Av Josep Tarradellas 20-30, 6th Floor, 08029 Barcelona (Spain); TAX ID: ESB65651259; email: email@example.com (ii) COMPANY shall direct all communications aimed to the CLIENT to the address appointed by the CLIENT in theSERVICE ORDER FORM. (iii) Notifications conducted this way will take effect as of the date of receipt or, alternatively, from the tenth day following shipment.
10.3. The relationship between the PARTIES is governed by the terms and conditions set forth in these SAAS GENERAL TERMS OF SERVICE approved by the PARTIES and the respective SERVICE ORDER FORM, which must be jointly and uniquely interpreted. All terms and conditions specified under the “CONDITIONS” section in the SERVICE ORDER FORM will prevail over the SAAS GENERAL TERMS OF SERVICE. Any communication – written or oral - that is not reflected in the SAAS GENERAL TERMS OF SERVICE or in the SERVICE ORDER FORM will not be valid, except in the case of a contract termination, which shall be governed by Section 4.
10.4. MARFEEL reserves the right to update this document from time to time, in order to adapt it to its new products, SERVICE, price and any other associated conditions. When a unilateral novation of the conditions may constitute a relevant and substantial change regarding the previous terms the COMPANY shall notify immediately any material changes to this SAAS GENERAL TERMS OF SERVICE and the CLIENT shall be entitled to request for the termination of the SERVICE during the THIRTY (30) days after receiving the novation, unless it has engaged a fixed term plan and the amendment does not involve the payment of an additional amount in the same period.
10.5. These SAAS GENERAL TERMS OF SERVICE shall be interpreted, governed, and construed in accordance with the Spanish laws, excluding any other national, regional or local law. Waiving any other jurisdiction, the PARTIES agree to submit any dispute or discrepancy originated by these conditions to the exclusive jurisdiction of the Courts of the city of Barcelona.
10.6. In the event that any provisions of the SAAS GENERAL TERMS OF SERVICE are held invalid, unlawful or unenforceable by a competent Court or by any future legislative act, such act shall not limit or preclude the validity or enforceability of any other provisions of this document. Any such provision held invalid shall be substituted by a provision of similar effect reflecting the original intent.
DATA PROCESSING ADDENDUM
The COMPANY as the Processor undertakes to process personal data on behalf of the CLIENT, being the Controller, in accordance with the conditions laid down in this Data Processing Addendum. The processing will be executed exclusively within the framework of the SAAS GENERAL TERMS OF SERVICE, and for all such purposes as may be agreed to subsequently.
In order to perform the Services under the framework of the SAAS GENERAL TERMS OF SERVICE, and to provide the Services effectively, the Processor may have access to personal data for which the Controller is responsible.
The Processor must carry out the required processing of Personal Data in order to carry out the SERVICES indicated in SAAS GENERAL TERMS OF SERVICE.
This Data Processing Agreement is accessory to the main contract for the provision of the Services, so its duration is linked to the duration of the SAAS GENERAL TERMS OF SERVICE.
Nature and purpose of the processing
Generate Real time statistics based on website visitors in order for the Controller to know what`s happening on his website
Categories of Personal Data:
Device Information: IP address. Operating system version. Device, Country. Navigation level; User agent; User ID.
User Navigation information:
Device Information: device from which a visitor accesses the Publisher’s website. The information obtained is device model, operating system and version, the unique identifier of the device, and the mobile network.
Location information: IP address, time zone, and mobile service provider, allowing to get website visitors general location.
User Navigation Information: Information about the use of the Publisher’s website. Specifically, the frequency of use, the sections visited, use of specific functions, time spent in each section, scrolling done, etc.
Information provided by the Publisher: Publishers may submit some personal information, such as visitor user ID on the Publisher’s website.
Information deduced or calculated through MARFEEL proprietary software Tool : All the information collected allows to generate information regarding visitor`s interests (e.g. engagement to the media, favorite sections, contents, authors, etc. of the Publisher’s website or other similar parameters.
Categories of Data Subject:
The Controller, in addition to comply with any obligations provided in the SAAS GENERAL TERMS OF SERVICE, this Data Processing Agreement and the Regulation (EU) 2016/679 General Data Protection Regulation (GDPR) or other applicable regulation - must observe the following obligations in the performance of the following tasks:
A. Provide or make available to the Processor the data referred to in this document, as well as the necessary instructions to carry out the processing of the data.
B. Provide the website`s visitor with the information regarding the processing of their data through the SOFTWARE. The information must comply with the content established in Articles 12 and 13 of the GDPR. MARFEEL will not be held responsible for the failure to comply or defective compliance with the obligation to inform.
C. Collect website`s visitor data using appropriate legal basis. The Client acknowledges that the SERVICES may involve the installation of tracking devices in the website`s visitor browser (such as cookies), so the Client shall comply with the rules on their use and installation. In this sense, the Client shall provide clear and comprehensive information about the purposes of any cookie or similar technology that stores information (or accesses information stored) on website`s visitor’s devices, and obtain, where appropriate, their prior consent (which must be to the GDPR standard).
Although Marfeel may provide support or assistance regarding the configuration and implementation of mechanisms to inform and obtain consent of website visitors in relation to said cookies, compliance with said obligations shall continue to be the responsibility of the Client. Any proposal made by Marfeel in relation to the information and consent of the website visitors may only be considered as mere suggestions based on standard practices, and in no case as legal advice or any other kind of advice on the matter. Marfeel cannot be held responsible for the decisions taken by the Client with the information provided by Marfeel, which will be taken at their own risk.
D. Respond to the request for exercising the data subject rights, such as the rights of access, rectification, deletion and opposition, limitation to the processing, portability of the data and not to be subject to automated individual decisions, in collaboration with the Processor.
E. Carry out, if appropriate, an assessment of the impact that the processing operations executed by the Processor have on the protection of personal data.
F. Ensure, before and during the processing, compliance with applicable regulations on data protection by the Processor.
G. Supervise the processing, including the performance of inspections and audits.
H. Communicate to the Processor any variation that may occur in the personal data provided, so that it can be updated.
A. The Processor shall refrain from making use of the personal data for any purpose other than as specified by the Controller. The Processor will only process the personal data on documented instructions from the Controller.
If the Data Processor considers that compliance with an instruction from the Controller could mean a breach of data protection regulations, Processor will immediately inform the Controller of such circumstances. In this communication, the Processor will ask the Controller to amend, withdraw or confirm the instruction given, and may suspend compliance until there is a decision by the Controller.
B. All personal data processed on behalf of the Controller shall remain property of the Controller and/or the relevant Data subjects. The Processor shall take no unilateral decisions regarding the processing of the personal data for other purposes, including decisions regarding the provision thereof to third parties and the storage duration of the data.
C. The Processor will endeavor to take adequate technical and organizational measures against loss or any form of unlawful processing (such as unauthorized disclosure, deterioration, alteration or disclosure of personal data) in connection with the performance of processing personal data under this Data Processing Agreement.
Data collected on behalf of the Controller for the provision for the provision of the services described in the SAAS GENERAL TERMS OF SERVICE, will be pseudonymized, so that each Data Subject will be assigned a randomly-generated identification code and/or any other kind of pseudonymization technique in order to erase data that may directly or indirectly identify them particularly (e.g. anonymizing the last octet of the IP address).
D. The Processor shall warrant compliance with the applicable laws and regulations, including laws and regulations governing the protection of personal data, such as the GDPR.
E. In the event of a security leak and/or the leaking of data, as referred to in article 34a of the GDPR, the Processor shall, to the best of its ability, notify the Controller thereof with undue delay, after which the Controller shall determine whether or not to inform the Data subjects and/or the relevant regulatory authority(ies). This duty to report applies irrespective of the impact of the leak. The Processor will endeavor that the furnished information is complete, correct and accurate. The duty to report includes in any event the duty to report the fact that a leak has occurred, including details regarding:
· the (suspected) cause of the leak;
· the (currently known and/or anticipated) consequences thereof;
· the (proposed) solution;
· the measures that have already been taken.
The Processor shall assist the Controller in relation to the obligation to notify personal data breaches in accordance with the RGPD (in particular, articles 33 and 34 of the RGPD) and any other applicable regulation, present or future, that modifies or complements such obligations.
F. Keep in writing, a record of processing activities carried out on behalf of the person in charge.
G. Not to communicate, disclose or transfer the personal data in its custody to third parties, not even for its conservation, unless it has the express authorization of the Controller. The Processor may communicate the data to other data processors.
H. Guarantee the adequate training in data protection of the employees authorized to process personal data. The Processor shall ensure that employees or other persons authorized to process the personal data under this Agreement have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
J . Assist the Controller:
a) in the performance of audits or inspections, carried out by the Controller or by another auditor authorized by the Controller. The audits may be carried out periodically, in a planned or "ad hoc" way, at the most, once a year, unless there are circumstances that justify its realization exceeding this limit, and after notifying the Controller with 45 calendar days period of notice, during the Processor's usual working hours.
b) in carrying out impact assessment on the protection of personal data of the processing operations to be carried out by the Data Processor and, where appropriate, in conducting prior consultations with the supervisory authority.
K. Delete or return all the personal data to the Controller after the end of the provision of services relating to processing and delete existing copies unless Union or Member State law requires storage of the personal data. Processor may keep a copy with the data duly blocked, while responsibilities may arise from the execution of the Services. Take reasonable measures to periodically review the data held, and erase or anonymize it for statistical purposes when it is no longer needed.
L. Make available to the Controller, at its request, all information necessary to demonstrate compliance with the obligations laid down in this Data Processing Agreement.
LIMITATION OF LIABILITY
The Processor shall only be responsible for processing the personal data in accordance with the Controller’s instructions and under the (ultimate) responsibility of the Controller. The Processor is explicitly not responsible for other processing of personal data, including but not limited to processing for purposes that are not reported by the Controller to the Processor, and processing by third parties and / or for other purposes.
Controller represents and warrants that it has express consent and/or a legal basis to process the relevant personal data. Furthermore, the Controller represents and warrants that the contents are not unlawful and do not infringe any rights of a third party. In this context, the Controller willl defend, indemnify, and hold harmless the Processor of all claims and actions of third parties related to the processing of personal data without express consent and/or legal basis under this Data Processing Clause and/or related with the breach of this Data Protection Addendum by the Controller . For further information, consult the Opinion 2/2010 on behavioral advertising of the Working Group of article 29.
The Processor is authorized within the framework of the SERVICE Provision Agreement to engage third parties, without the prior approval of the Controller being required. Prior to the engagement, the Processor shall inform the Controller about the third party/parties engaged.
The Processor shall in any event ensure that such third parties will be obliged to agree in writing to the same duties that are agreed between the Controller and the Processor.
Currently, MARFEEL has entered into a contract with the following service providers:
● SCALEWAY, SAS located in France which guarantees a high level of security and availability of the information systems and that provides data hosting services.
● HETZNER ONLINE GMBH located in Germany which guarantees a high level of security and availability of the information systems and that provides data hosting services.
● OVH HISPANO S.L., located in Spain which guarantees a high level of security and availability of the information systems and that provides data hosting services.
The Processor may process the personal data in countries outside the European Union or the European economic area, only with subcontractors that guarantee an adequate level of protection and it satisfies the other obligations applicable to it pursuant to this Data Processing Clause and the GDPR.
The Processor may transfer Personal data to its affiliates MARFEEL US, LLC., and MARFEEL COLOMBIA, S.A.S,located in the United States and in Colombia, respectively. Processor has subscribed Standard Contractual Clauses with its affiliates for the Transfer of Personal Data to Processors Established in Third Countries approved by EC Commission Decision of 5 February 2010 or any successor clauses adopted in accordance with GDPR Article 28(8). Processor will ensure that data transfers to its affiliates outside the European Union will comply with the provisions stated in the GDPR.
CALIFORNIA CONSUMER PRIVACY ACT
1. The CLIENT is the sole responsible to determine its subjection to the California Consumer Privacy Act of 2018 (“CCPA”). In case CCPA is applicable, the parties will be subject to the conditions set forth in this section.
2. This section reflects the Parties’ agreement in connection with CCPA and it shall apply to the extent that the CCPA applies to the CLIENT and only affects transactions of personal Information of consumers in California.
3. The PARTIES recognize that MARFEEL will act as CLIENT’s Service Provider (according to CCPA definition), so MARFEEL’s use or disclose of the Consumer Personal Information is limited to the specific purpose of performing the Services set forth in GENERAL TERMS OF SERVICE and in the Order Form, on behalf of the CLIENT and those permitted under the CCPA for Service providers.
5. In the event that a Consumer has exercised the right to be excluded from the sale of his/her personal data to the CLIENT, it shall inform MARFEEL without undue delay. The CLIENT shall provide MARFEEL with all the necessary information to proceed with such use limitation.
6. MARFEEL may refuse to receive and use any Data if it reasonably believes that processing of such Data may infringe the CCPA, pose a risk of liability or harm to Consumers, MARFEEL or any of MARFEEL’s agents or Customers.
7. MARFEEL may engage sub-providers to receive or transfer personal information as long as, when applicable: (i) each Subprovider warrants that it has the technical capability to receive, interpret, and comply with the CCPA and, if necessary for the performance of the applicable service, accurately re-transmit an “opt-out”; (ii) each such Subprovider is bound by a written agreement with MARFEEL that includes, and requires such Subprovider to comply with the obligations of MARFEEL as set forth in this section.
LEI GERAL DE PROTEÇÃO DE DADOS– LEI Nº 13.709/18 - (Hereinafter LGPD)
1. The parties agree that the processing of users located in the Federative Republic of Brazil (Hereinafter “Brazil”) shall be processed according to the following section and the Data Processing Agreement (DPA) found in the Appendix A of this document. In the event of any inconsistency between the DPA and this section, this section shall prevail.
2. The parties acknowledge that the CLIENT acts as a Controller (Controlador) of webpage user’s personal data and that MARFEEL acts as a processor (Operador).
3. Personal data shall be processed by MARFEEL in accordance with the instructions imparted by the CLIENT. The CLIENT may verify the adherence of the instructions and the rules regulating MARFEEL.
4. MARFEEL does not collect any direct user identifiable information such as a name, e-mail address, etc. However, MARFEEL collects identifiers that, when used, may allow the identification of the individual to whom the information in question may relate, such as online identifiers or location data. MARFEEL has implemented measures to prevent user identification.
5. MARFEEL, when acting as a processor, shall act according to the provisions of the LGPD and will be responsible for any damages caused by the processing when it does not comply with the obligations stated in Data Protection Legislation or when it has not followed the controller’s lawful instructions, in which case, MARFEEL will be deemed equivalent to the controller, except in cases of exclusion as provided in LGPD.
6. The identity and contact details of the Data Protection Officer, for the purpose of Section II, Chapter VI of the LGPD are as follows:
Phone: +34 93 178 59 50
Address: Avenida Josep Tarradellas, 20-30, sixth floor. 08029 – Barcelona