Terms and Conditions

Introduction

Rombit NV is a limited liability company with its registered address at Meir 30, B-2000 Antwerp and registered under company number 0846.801.288 (hereafter “Rombit NV”).

Applicability of these Terms and Conditions

These Terms and Conditions are an integral part of any agreement between Rombit and a Customer, and apply to all Rombit’s contractual relationships with its Customers regarding the Romware offering; they govern any contract relating to the Products as set out in the Purchase Order.

By signing the Purchase Order, the Customer explicitly acknowledges the content of the Agreement (consisting of the signed Purchase Order, the current Terms and Conditions and any Schedules and Appendices attached thereto), and its unconditional and integral consent to this content.

The Agreement can only be deviated from when such deviation(s) have been confirmed explicitly and in writing between Rombit and the Customer.

These Terms and Conditions will always take precedence over any other terms and conditions or any other document issued by the Customer. Customer agrees to waive its own general and special terms and conditions, even where it is stated therein that only those conditions may apply and even if such terms and conditions were not protested by Rombit.

In the event a Purchase Order explicitly grants certain rights to any third parties such as Customer affiliates (“Third Party Beneficiaries”), the Customer warrants (sterkmaking/ porte-fort) that the Third Party Beneficiaries shall comply with the obligations related thereto under the Agreement, including any licensing terms. In no case will a Third Party Beneficiary be granted more rights than those granted  to the Customer.

1. Definitions

1.1        Account: means an account linked to personalized log-in credentials enabling an authorized person to access and use the Platform and/or Hardware, including both administrator accounts and User accounts;

1.2        Agreement: means the present Terms and Conditions, the applicable Order Form, the Data Processing Agreement and any other Schedules (if applicable) as concluded between the Parties;

1.3        Business Day: means a normal working day from Monday to Friday, excluding Saturdays, Sundays or public holidays in Belgium;

1.4        Business Hours: means the hours from 09:00 am to 17:30 pm (Central European (Summer) Time) during Business Days;

1.5        Calendar Day: means any day of the year, including public holidays, Saturdays and Sundays;

1.6        Client: means the legal entity identified in the Order Form as the Client and which signs the Order Form;

1.7        Client Data: means all data entered by the Client or the Client’s Users when using the Platform or Hardware and as processed or stored by Rombit as a result of the Client and/or User using the Platform or Hardware. Client Data shall also include output data resulting from the processing by the Platform or Hardware of the data entered therein by the Client or the Client’s User;

1.8        Client-Induced Incident: means an Incident caused by (i) any act or omission of the Client, User or any Third Person using the Products; (ii) any use of the Platform or Hardware which is out of scope or contrary to the Documentation, whether by the Client or by any person authorised by the Client; (iii) a failure of the Client to perform or observe any of its obligations under this Agreement; (iv) an incompatibility between the Platform or Hardware and any other system, network, application, program, hardware or software not specified as compatible in the Documentation; (v) abuse or misuse of the Platform by the Client; (vi) any modification or addition to the Platform or Hardware that is performed without prior written consent of Rombit; (vii) the failure of any supporting (Third Party or Client’s) hardware and/or software; (viii) the use of incorrect data or incorrect integration; or (iv) the incorrect installation of a new version, release or fix by the Client or a Third Party;

1.9        Client Personal Data: means any Personal Data of the Client or its Users that is processed by Rombit on behalf of the Client in the performance of this Agreement;

1.10     Confidential Information: of a Party means the information of such Party, whether in written, oral, electronic or other form, and which is explicitly marked as confidential or proprietary, or should reasonably be considered confidential or is traditionally recognized to be of a confidential nature, regardless of whether or not it is expressly marked as confidential, including but not limited to, information and facts concerning business plans, customers, prospects, Personnel, suppliers, partners, investors, affiliates or others, training methods and materials, financial information, marketing plans, sales prospects, client lists, inventions, program devices, discoveries, ideas, concepts, know-how, techniques, formulas, blueprints, software (in object and source code form), documentation, designs, prototypes, methods, processes, procedures, codes, and any technical or trade secrets, including all copies of any of the foregoing or any analyses, studies or reports that contain, are based on, or reflect any of the foregoing. The Confidential Information of Rombit shall include all information relating to the Services, the Platform and the Hardware, without limitation hereto. The Confidential Information of the Client shall include, without limitation, the Client Data;

1.11     Data Protection Laws: means all applicable laws relating to the processing of Personal Data including the General Data Protection Regulation (Regulation (EU) 2016/679);

1.12     Documentation: means the operating manual, including a description of the functions performed by the Platform, the Services or the Hardware, user instructions, technical literature and all other related materials as generally made available by Rombit to its Clients and their Users to facilitate their use of the Platform, the Services and the Hardware, as applicable;

1.13     Effective Date: means the effective date indicated in the Order Form;

1.14     Force Majeure Event: means a temporary or permanent inability of a Party to fulfil its obligations, resulting from external facts and circumstances reasonably beyond the control of that Party. Force Majeure shall, but not exclusively, in any case apply to: both foreseeable and unforeseeable pandemics (and related measures), war or war risk, insurrection or public revolt, fire caused by an outside calamity, an import or export embargo imposed by the government, internet failure, hosting failure, floods, explosion, weather conditions, strike or social action, force majeure on the part of the vendors of Rombit, failures in goods, equipment, software or materials of Third Parties, government measures, disruption of internet, data network or telecommunication facilities, unavailability of Third Party servers, unavailability of Personnel, general transportation problems and electricity outages and otherwise all circumstances qualified by both Parties as Force Majeure in mutual consent;

1.15     Hardware: means the devices, which are safety, support, analysis and positioning tools, sold by Rombit to the Client, as set out in the Order Form;

1.16     Incident: means a malfunctioning of the Platform that is not a Client-Induced Incident;

1.17     Initial Term: means the initial period for which the Agreement is concluded and as set out in the Order Form. The Initial Term starts on the Effective Date;

1.18     Intellectual Property Rights: means all intellectual property rights wherever in the world, whether registrable or unregistrable, registered or unregistered, including any application or right of application for such rights; these “Intellectual Property Rights” include copyright and related rights, database rights, confidential information, trade secrets, know-how, business names, trade names, trademarks, service marks, passing off rights, unfair competition rights, patents, petty patents, utility models, semi-conductor topography rights and rights in designs;

1.19     Order Form: means the order form as signed by the Client and Rombit to which the present Terms and Conditions are attached;

1.20     Party: means a party to this Agreement;

1.21     Personal Data: has the meaning given to it in the General Data Protection Regulation (Regulation (EU) 2016/679);

1.22     Personnel: means employees, employees of affiliated companies, independent employees, subcontractors, consultants, and any other natural or legal persons directly or indirectly involved in the performance of the Agreement.

1.23     Platform: means Rombit’s proprietary Software As a Service platform, as specified in the Order Form, which will be made available by Rombit to the Client in accordance with this Agreement;

1.24     Product: means the Hardware and/or the Platform;

1.25     Rombit: means Rombit NV with registered offices at Meir 30, 2000 Antwerp, Belgium and enterprise number 0846.801.288;

1.26     Schedule: means any schedule attached to the Order Form;

1.27     Services: means any services relating to the Platform, as specified in the Order Form;

1.28     Term: means the Initial Term together with any Renewal Term;

1.29     Terms and Conditions: means these Terms and Conditions applicable to all Order Forms issued by Rombit, including any other Schedules or annexes;

1.30     Third Party: means any third party that is not a Party to the Agreement;

1.31     User: means an end user that has been authorized by the Client to use the Platform and/or the Hardware.

2. License

2.1        Rombit hereby grants to the Client a personal, restricted, non-transferable, non-exclusive, license to use the Platform for the internal business purposes of the Client during the Term in accordance with the applicable Documentation.

2.2        Within the scope of this license, Users are permitted to have access to and use the Platform, under the conditions as mentioned in the Agreement.

2.3        The extent of the license granted under the Agreement is restricted to the scope expressly set forth therein, and there are no implied licenses under the Agreement.

2.4        Except to the extent expressly permitted in this Agreement or required by law, the Client shall not: (i) sub-license, assign, distribute, transfer, sell, lease, rent charge or otherwise deal in or encumber its right to access and use the Platform, or use the Platform on behalf of any Third Party or make them available to any Third Party, nor allow or permit a Third Party to do any of the same; (ii) permit any unauthorised person to access or use the Platform; (iii) republish or redistribute any content or material from the Platform; (iv) make back-up copies of the Platform without Rombit’s prior written authorization; (v) reproduce, arrange, modify or alter the Platform including for the purpose of correcting errors, or create derivative works based on the Platform or enable a third party to perform such acts; (vi) remove or alter any copyright or other proprietary notice on the Platform; (vii) use the Platform for (a) any activity that is in breach of the law, public order or public morality, (b) unsolicited commercial communications (e.g.  spam); (c) collecting or harvesting personal information in breach of the law (e.g. phishing); or, (d) any activity that is offensive, defamatory, harmful to minors, indecent, illegal, in breach of Third Party rights or otherwise objectionable.

2.5        The Client shall comply with all applicable laws relating to the use of the Platform. The Client shall not use the Platform for any illegal, unauthorized or otherwise improper purposes, or use the Platform in a manner that fails to comply or is inconsistent with any part of the Documentation or the Agreement.

2.6        The Client has no right to access the software code (including object code, intermediate code and source code) of the Platform, either during or after the Term.

3. Availability and Use of the Platform

3.1        In order for the Client to access the Platform, Rombit shall create an Account for the Client and its Users and shall provide the Client with access credentials on, or within, a reasonable time following the Effective Date.

3.2        The access credentials are personal, and the Client shall only allow access to authorized Users and shall not communicate these credentials to any Third Party. Should a Third Party get access to the access credentials, the Client will immediately notify Rombit so Rombit can take the necessary measures to suspend the use of the access credentials and the use of the Platform.

3.3        The Client must comply with all relevant policies which are designated and made available to the Client in electronic way or via the Platform, and must ensure that all Users comply with these policies.

3.4        Unless explicitly described otherwise in the Order Form or any other agreement executed between both Parties, only Rombit or a Third Party appointed by Rombit shall have the right to integrate the Platform within the Client’s infrastructure or software (if applicable).

3.5        Rombit reserves the right to make operational or technical changes to the Platform.

4. Usage Control

4.1        Rombit has the right to monitor and inspect the usage of the Platform (at the site of its use and on a remote basis).

4.2        If such inspection shows that the Client has underpaid the amount of fees due to Rombit, without prejudice to any other rights and remedies available to Rombit, the Client shall promptly pay the amount of such underpayment to Rombit, increased with  the higher of  (i) a penalty of fifteen (15) percent of the underpaid amount or (ii) a fixed penalty of EUR 10,000.

5. Sale and delivery of the Hardware

5.1        The Hardware shall be delivered by Rombit in the state in which it is at the moment of delivery (‘as is’), and therefore with all visible and invisible errors and defects.

5.2        The Hardware shall only be shipped to the address specified in the Order Form after receipt by Rombit of full payment of the required instalment(s), as specified in the Order Form. The ownership of the Hardware shall only be transferred to the Client upon full payment of the applicable fees by the Client as specified in the Order Form. Unless explicitly agreed otherwise, shipping costs are not included in the price.

5.3        The delivery terms and the delivery schedule shall be stipulated in the Order Form. The delivery schedule shall be a non-binding good faith estimate only and  Rombit has the right to change or delay the delivery schedule in case any delivery issues with its supplier or a Force Majeure Event prevents the delivery within the stipulated time frame, without giving rise to any compensation. Rombit shall inform the Client thereof.

5.4        Unless explicitly stated otherwise in the Agreement, the shipment of the Hardware, at the point in time it leaves the Rombit premises, shall occur at the Client’s risk, including the risk for loss or destruction and cost, and the Client shall take out suitable and sufficient insurance for possible damage claims (INCOTERM EX WORKS). For the avoidance of doubt, all risks relating to the Hardware are borne by the Client as soon as the Hardware leaves the Rombit premises. Any applicable customs costs are borne by the Client.

5.5        The Hardware delivered shall be deemed to be in accordance with the Order Form and accepted by the Client unless a claim is formulated within five (5) calendar days of the actual delivery date. Any claim or dispute must be formulated in writing by registered letter. Such claims do not in any circumstances suspend the payment obligation of the Client.

5.6        The Client acknowledges and agrees (i) that, to the extent permitted by applicable law, Rombit does not accept obligations, nor provide any warranties, with respect to the Hardware and (ii) that the Services provided by Rombit under this Agreement shall be limited to the Platform.

6. Usage of the Hardware

6.1        The Client agrees to use the Hardware only in accordance with the Documentation and any instructions provided by Rombit.

6.2        The Client must comply with all relevant policies which are designated and made available to the Client (in writing (electronically or on paper) or via the Platform), and must ensure that all persons using the Hardware or having access to the Hardware comply with these policies.

6.3        The Hardware may be modified at Rombit’s sole discretion (for instance, by installing updates, upgrades, bugfixes, etc.), without however materially changing the core functionality or discontinuing the Hardware during the Term.

6.4        The Client shall not use the Hardware for the following purposes: (i) for illegal purposes, to perform acts that could be contrary to the applicable law (criminal or otherwise) or that could be prejudicial to Rombit, other clients or Third Parties; (ii) for purposes, applications or within industries other than those approved by Rombit; (iii) in a way that disrupts the Platform; (iv) to transmit any unlawful, prejudicial or harassing material, unauthorized advertising, spam or material that may infringe Intellectual Property Rights or other rights of Rombit or Third Parties, or material that contains viruses or other harmful computer code or files; (v) to copy or reverse engineer the Hardware or Platform; (vi) to directly or indirectly prepare competing or derivative services;  and/or (vii) to resell or market the Hardware to Third Parties.

7. Performance of the Service

7.1        Rombit shall provide the Services indicated in the Order Form.

7.2        Rombit shall have the right, at its sole discretion, to subcontract part or all of the Services to a or several Third Parties.

7.3        The Services will be performed on the premises of the Client or on an on remote basis, as identified in the Order Form.

7.4        The Client warrants that its workspace and facilities will be in compliance with all requirements of law. The Client indemnifies Rombit against any claims of Third Parties and Personnel of Rombit having suffered damages in connection with the performance of the Agreement resulting from the acts or omissions of the Client or from unsafe situations in the Client’s organisation. The Client shall inform Rombit in advance and in writing of the applicable house rules and safety procedures prior to the start of the Services.

7.5        Rombit shall perform the Services under this Agreement to the best of its ability.

7.6        Rombit does not warrant that the Services will allow the resolution of the problem (or Incident) that has arisen, nor that the alleged problem (or Incident) will no longer occur after its intervention, or that no other difficulties shall arise.

7.7        The Client bears at all times the responsibility for its existing infrastructure and the proper functionality and safety of all its working materials.

7.8        Rombit shall, where practicable, give to the Client at least ten (10) Business Days’ prior written notice of scheduled maintenance Services that are likely to affect the availability or functioning of the Platform or are likely to have a material negative impact on the  Platform.

7.9        Support on (i) deliverables resulting from Services offered by Rombit or Third Parties, or (ii) on Client-Induced Incidents is not included in the Services. In case Rombit accepts to provide Services on Client-Induced Incidents or any other out of scope incidents, such Services shall be separately invoiced to the Client.

7.10     The Client shall initiate a first review of any Incident encountered by the Client or the Users when using the Platform and shall notify Rombit of such Incident. The Client shall notify Rombit by sending an email to: support@romware.com. Upon the receipt of a notification of an Incident by the Client, Rombit shall further investigate the origin of the malfunction and determine whether the Incident is caused by the Platform or is qualified as a Client-Induced Incident or out of scope incident. In the event that Rombit is unable to replicate the Incident, the Incident shall be considered as a Client-Induced Incident. Incidents shall be dealt with in accordance with the procedure and service levels set out in Schedule 3.

8. Hosting Services

8.1        At the Effective Date, the hosting services are provided by Rombit’s hosting partner, Amazon Web Services  (“Hosting Services”). At all times during the Term, the Client shall have the right to choose another hosting partner offering similar guarantees in terms of availability.

8.2        The Client acknowledges and agrees to accept and comply with the last version of the terms and conditions of Amazon Web Services which are available via (https://aws.amazon.com/) (the “Hosting Terms”). The Client acknowledges and agrees that Amazon Web Services may update the Hosting Terms from time to time. In case the Hosting Terms are updated, Rombit shall notify the Client thereof. Rombit shall use its best efforts (via its hosting partner) to ensure an availability of the Hosting Services of 99.5% during Business Days. Rombit cannot be held liable for any malfunctioning of the Hosting Services.

9. External Components

9.1        The Client acknowledges (i) that the supply and the functioning of the Products and Services depend on services provided by third-party providers, including, but not limited to, providers of wireless communication, telecommunication, internet connection, Third Party hosting services and standards such as UWB, GPRS, LTE, GNSS/GPS, LoRaWAN etc. (“External Components”); (ii) that Rombit cannot guarantee the error-free and continuous functioning of these External Components and (iii) that Rombit shall not be liable for any damages resulting from the malfunctioning, errors, delays or other issues caused by or related to such External Components.

9.2        Some functionalities require a SIM-card to be preinstalled within the Hardware. The Client acknowledges that:

(i)              SIM-cards shall only be installed by Rombit within the Hardware when this is explicitly requested in the initial Order Form;

(ii)            Rombit shall not have any obligation to install SIM-cards in Hardware that was initially ordered for functionalities that do not require the use of SIM-cards;

(iii)           the Client is not allowed to install or remove SIM-cards within the Hardware, nor to have them installed or removed by a Third Party;

(iv)           the use of the pre-installed SIM-cards is restricted geographically;

(v)            under no circumstances shall preinstalled SIM-cards be changed by other SIM-cards; and

(vi)           additional (Third Party) conditions apply to the use of SIM-cards, as may be communicated from time to time by Rombit.

9.3        In case of modifications by the third-party providers to the External Components or any terms and conditions governing the use of such External Components, Rombit reserves the right to make modifications to this Agreement accordingly.

10. Collaboration between the Parties

10.1        At all times during the Term, the Client shall, at no cost to Rombit, collaborate with Rombit, its affiliated entities or its subcontractors to execute the Agreement in the most optimal way and will facilitate any interaction with internal or external stakeholders. The Client shall, among other things, provide timely, complete and accurate information, documents, technical data, clarification or explanation necessary or useful in providing the Products and/or Services, in particular all safety related information, and will respond diligently to any enquiries from Rombit.

11. Compliance with laws

11.1        The Clients warrants that it has and shall maintain during the Term all approvals, agreements, authorizations, allowances, licenses and permissions which may be required for the receipt and use of the Products and the Services, and for all activities in the framework of this Agreement.

11.2        The Client shall comply with all legal requirements and relevant legislation.

11.3        The Client acknowledges that Rombit has no knowledge of the specific legislation that applies to the region, country or state in which the Client operates and shall therefore not be responsible or liable for the Client’s compliance with this specific legislation in relation to the Client’s receipt and/or use of the Products or Services. The Client shall hold Rombit harmless for any costs, expenses and liability caused by the non-compliance with this specific legislation by the Client.

12. Client Data

12.1        The Client hereby grants to Rombit a non-exclusive licence to copy, reproduce, store, distribute, publish, export, adapt, edit and translate the Client’s Data to the extent reasonably required for the performance of Rombit’s obligations and the exercise of Rombit’s rights under this Agreement, including for analysis and improvement purposes. The Client also grants to Rombit the right to sub-license these rights to its hosting, connectivity, telecommunications service providers or any other Third Party to the extent reasonably required for the performance of Rombit’s obligations and the exercise of Rombit’s rights under this Agreement, subject always to any express restrictions elsewhere in this Agreement.

12.2        The Client warrants to Rombit that the Client Data when used by Rombit in accordance with this Agreement will not infringe the Intellectual Property Rights or other legal rights of any person, and will not breach the provisions of any law, statute or regulation, in any jurisdiction and under any applicable law.

12.3        The Client acknowledges and agrees that for the performance of the Agreement and in order to use the functionalities of the Products, specific Client Data can be disclosed to Third Parties. Such disclosure shall explicitly not constitute a breach of confidentiality.

13. Warranties

13.1        Rombit warrants that the Products shall be, if applicable, certified in accordance with applicable law.

13.2        The Products are delivered on an “as-is” basis and Rombit hereby, to the maximum extent permitted under applicable law, disclaims all warranties, express or implied, including, without limitation, the warranties of merchantability, merchantable quality, non-infringement of Third Party rights or fitness for any particular purpose, the warranty that the Products will operate error free or that all errors in the Products will be corrected.

13.3        The Client is solely responsible for backing up its data and shall back up its systems and data before the installation of the Products and on a regular basis thereafter during the remainder of the Term.

13.4        The Client recognizes that the Products cannot in any way be considered as an exclusive tool to monitor or guarantee the safety of the premises and the Personnel, subcontractors or visitors of the Client. The Client shall take all safety precautions alongside the Products including, but not limited to, assigning a safety manager within its organisation.

13.5        In case of malperformance or unexpected behaviour of the Products, Rombit shall use  reasonable efforts to solve the problem but does not guarantee that the Products will be error-free, nor will Rombit commit to a timeframe to solve the problem in case the cause of the specific problem still needs to be investigated. When the Products are being used in conjunction with equipment from other suppliers (for instance, Third Party communication infrastructure), Rombit shall not be responsible for malfunction or poor performance of the equipment from said other suppliers.

13.6        No guarantee is provided in the event of Client’s or any User’s failure to comply with the Documentation, the Agreement or with standard industry practice. Any guarantee is always excluded in case of (i) failure to comply with Rombit’s instructions on installation, integration or operation of the Products; (ii) failure to carry out proper maintenance or performing a modification without prior written authorization from Rombit; (iii) use of unauthorized software, firmware or spare parts; (iv) work, maintenance or handling of the Products by non-authorized or insufficiently skilled persons; (v) any deterioration or problem of a purely aesthetic nature; and/or (vi) modification or use combined with other systems not supplied or approved by Rombit.

14. Intellectual Property Rights

14.1        All Intellectual Property Rights belonging to a Party prior to the Effective Date of the Agreement shall remain vested in that Party. The Intellectual Property Rights on the Products and Documentation is owned by Rombit and/or its licensors. Nothing herein shall convey title or any proprietary rights in or over Products or Documentation to the Client or any Third Party. The Client shall not in any way acquire any title, rights of ownership, copyright, Intellectual Property Rights or other proprietary rights of whatever nature in or relating to the Products or Documentation including any materials provided under Services or in any copies of it, unless stated otherwise in the Agreement.

14.2        The Client agrees not to remove, suppress or modify in any way any proprietary marking, including any trademarks or copyright notices, on or in the Products or visible during its operation, on media or on any Documentation. Client shall incorporate or reproduce such proprietary markings in any permitted back-up or other copies.

15. Third Party Infringement Claims

15.1        Rombit will be given prompt written notice by the Client of any Third Party claim on an alleged or actual infringement by the Products or other materials offered or made available by Rombit and will be granted the right to control and direct the defense and settlement of such a claim. The Client shall be entitled to participate in such proceedings at its own cost. Rombit shall keep the Client regularly informed of the status of the proceedings and/or settlement negotiations. The Client agrees to reasonably cooperate with Rombit in the defense and settlement of such a claim. In the event the Products or such other material, in Rombit’s reasonable opinion, are likely to become or actually become the subject of a claim of infringement as set out above, Rombit shall have the right, at its option and expense, to (i) modify or replace the (alleged) infringing material so that it becomes non-infringing while preserving substantially equivalent functionality; or (ii) obtain for the Client the right to continue to use, market and distribute such material as per the terms of this Agreement.

15.2        The Client shall indemnify, defend and hold Rombit and its affiliates harmless from and against any damages, losses, costs and expenses (including reasonable attorneys’ fees) suffered or incurred by Rombit arising out of Client’s infringement of any Third Party’s Intellectual Property Rights.

15.3        Rombit shall have no liability for any claim which is based upon (i) Client’s unauthorized use of the Products, (ii) Client’s or any Third Party’s modification of any of the Products or (iii) Client’s use of the Products in unauthorized or incompatible combination with any Third Party products or services.

16. Confidentiality

16.1        Each Party shall treat as confidential and keep secret all Confidential Information relating to the other Party and shall not disclose to any Third Party, other than its agents, officers, Personnel, professional advisors, insurers, subcontractors or consultants where such disclosure is necessary, any Confidential Information received during the negotiation and performance of the Agreement. Confidential Information disclosed under this Agreement shall not be used by the recipient thereof for any purpose other than as required for the performance of its obligations under the Agreement.

16.2        Both Parties shall take precautions to maintain the confidentiality of the Confidential Information and in particular the Parties agree that they: (i) shall not copy or otherwise exploit any component of the Confidential Information other than as herein provided, nor make any disclosures with reference thereto to any Third Party; and (ii) shall promptly notify the other Party if it becomes aware of any breach of confidentiality and give the other Party all reasonable assistance in connection with the same.

16.3        The provisions of this article shall not apply to any secret or information which: (i) is published or comes into the public domain other than by a breach of the Agreement; (ii) can be shown to have been known by the receiving Party before disclosure by the disclosing Party; (iii) is lawfully obtained from a Third Party; or (iv) can be shown to have been created by the receiving Party independently of the disclosure.

16.4        The restrictions in this article do not apply to the extent that any Confidential Information is required to be disclosed by any law or regulation or by any judicial or governmental order or request.

16.5        The provisions of this article shall continue in force during five (5) years following the termination of this Agreement.

17. Payment Terms

17.1        All payments under this Agreement shall be done by bank wire (using such payment details as notified by Rombit to the Client).

17.2        Unless explicitly indicated otherwise in the Order Form, the Client accepts that invoices shall be sent electronically in PDF-format to the Client’s email address set out in the Order Form.

17.3        All fees payable to Rombit under this Agreement shall be paid without the right to set off or counterclaim and free and clear of all deductions or withholdings whatsoever, unless the same are required by law, in which case the Client undertakes to pay Rombit such additional amounts as are necessary in order that the net amounts received by Rombit after all deductions and withholdings shall not be less than such payments would have been in the absence of such deductions or withholding. Sums stated to be payable under this Agreement do not include any applicable value added tax or other taxes, which shall be additionally charged to the Client. The Client is responsible for payment of all general, state or local import, usage, value added, withholding or other taxes associated with the supply or use of the Products or Services. The Client shall promptly reimburse Rombit for any such taxes or duties paid by Rombit.

17.4        Client undertakes to make all payments within thirty (30) days after the invoice date and in euro, unless Parties have agreed otherwise in writing. In the event of late payment, all payment obligations of the Client to Rombit will immediately become due and payable.

17.5        The amount of any invoice which has not been paid within thirty (30) days from the invoice date shall automatically be subject to a late payment interest equal to the legal interest rate of the Act of August 2nd, 2002 on late payment interests in commercial transactions, which interest shall be compounded monthly as of the due date until receipt of full payment by Rombit. In addition, Client shall pay all costs incurred by Rombit as a result of the (extra)judicial enforcement of the Client’s payment obligation under this article, with a minimum of 150 EUR. If Client fails to pay any outstanding amounts within fifteen (15) days from receipt of a written default notice, Rombit shall be entitled to suspend its obligations and the Client’s rights hereunder until receipt of payment of such outstanding amounts.

17.6        All fees mentioned in the Order Form shall be due by the Client during the entire Term, even if the number of actual Users is lower than the number of Users indicated in the Order Form, in accordance with the payment schedule set out in the Order Form.

1.7        Upon expiry of the Initial Term and of each Renewal Term, and to the extent permitted by applicable law, Rombit shall have the right to increase the fees, by informing the Client at least sixty (60) Calendar Days prior to the expiration of the Initial Term or any (subsequent) Renewal Term and in writing of the new fees. During a period of thirty (30) Calendar Days following the receipt of such notification, the Client shall have the right to give a written notice of non-renewal. If no such notice is given by the Client, the Client shall be deemed to accept the updated fees the updated fees shall start to apply as from the ensuing Renewal Term.

1.8        Each invoice made by Rombit shall be deemed to have been accepted by the Client if it is not disputed within ten (10) Calendar Days after the invoice date of the disputed invoice by registered letter sent to Rombit wherein the reason for the dispute is explained.

18. Limitation of Liability

18.1        The limitations and exclusions of liability set out in this article and elsewhere in this Agreement govern all liabilities arising under this Agreement or relating to the subject matter of this Agreement, except to the extent expressly provided otherwise in this Agreement.

18.2        Rombit shall not be held liable for any defaults vis-à-vis the Client unless it is demonstrated that it has made specific faults regarding the Client or faults resulting in specific damage for the Client.

18.3        To the extent permitted by applicable law, the Client accepts that only Rombit’s liability as a legal entity may be invoked under any Agreement and waives the right to invoke the liability of an employee, director or shareholder of Rombit or affiliated company.

18.4        To the maximum extent permitted by law, even when the warranty is invoked and in all cases of proven damage caused to the Client, Rombit’s liability is limited to direct, foreseeable damage resulting from its and its employees’ wilful misconduct or gross negligence, to the exclusion of any consequential or special loss. Under no circumstances shall Rombit be liable to the Client for (i) any indirect, punitive, special, consequential or similar damages (including but not limited to damages for loss of profit, anticipated savings, lost revenue or income, loss of use or production, loss of business, loss or corruption of data, loss of database or software, loss of customers and contracts, loss of goodwill, the cost of procuring replacement goods or services, and reputational damage) whether arising from negligence, breach of contract or of statutory duty or otherwise howsoever; (ii) Third Party claims ; (iii) any direct and indirect damages caused in whole or in part by software or hardware supplied or created by Third Parties, or by any changes made by the Client or any Third Parties to the Client’s systems, software or hardware after the installation of the Products.

18.5        Rombit’s liability is always excluded in the case of damage caused jointly by a fault of Rombit and the fault of the victim or a person for whom the victim is responsible.

18.6        In any case, Rombit’s aggregate liability shall be limited to the fees paid by the Client under this Agreement in the twelve (12) months preceding the event that gave rise to the liability. Rombit will under no circumstances be liable for an amount that is higher than the amount for which Rombit has liability insurance.

18.7        The exclusions and limitations of liability under this article shall operate to the benefit of Rombit’s affiliates and subcontractors under this Agreement to the same extent such provisions operate to the benefit of Rombit.

19. Term and Termination

19.1        The Agreement shall commence on the Effective Date and continue in effect for the Initial Term and shall thereafter automatically and tacitly renew for successive one-year periods (each a “Renewal Term“) unless written notice of non-renewal is given by either Party at least sixty (60) Calendar Days prior to the expiration of the Initial Term or any (subsequent) Renewal Term.

19.2        Rombit may terminate this Agreement and/or user rights granted hereunder by written notice to the Client if the Client fails to pay to Rombit any amount due hereunder and the Client fails to cure such failure to pay within fifteen (15) Calendar Days from the date of such notice. The Client acknowledges and agrees that any use of the Products outside the scope set forth in the Agreement, unless such use has been expressly approved in writing by a duly authorized representative of Rombit, shall entitle Rombit to immediately terminate (or alternatively, at Rombit’s option, suspend) one or more of the licenses granted hereunder and/or the Agreement for material breach by the Client, without any formalities being required and without prejudice to any other right or remedy available to Rombit pursuant to this Agreement or under applicable law.

19.3        Either Party may terminate this Agreement by written notice to the other Party if the other Party materially breaches this Agreement, other than by non-payment, and fails to cure such breach within thirty (30) Calendar Days from the date of receipt of such notice by the breaching Party, provided that Rombit shall be entitled to terminate the Agreement (or alternatively suspend the user rights granted hereunder) on giving written notice in the event the Client breaches the Agreement or infringes Rombit’s Intellectual Property Rights. For the avoidance of doubt, downtime caused directly or indirectly by any of the following shall not be considered a breach of this Agreement: (i) the hosting provider, (ii) a Force Majeure Event, (iii) External Components, or (iv) scheduled maintenance carried out in accordance with this Agreement.

19.4        Either Party may terminate the Agreement by written notice to the other Party, effective as of the date of delivery of such notice, if the other Party becomes the subject of a voluntary or involuntary bankruptcy, insolvency or similar proceeding or otherwise liquidates or ceases to do business.

19.5        Upon termination of the Agreement for whatever reason, the Client shall promptly pay Rombit all fees and other amounts earned by or due to Rombit in respect of the Products, up to and including the date of termination.

20. Privacy and Data Protection

20.1        Each Party shall comply with the Data Protection Laws with respect to the processing of Personal Data.

20.2        The Client warrants to Rombit that it has the legal right to disclose all Personal Data that it does in fact disclose to Rombit under or in connection with this Agreement and that the Client has obtained sufficient consent from all data subjects concerned (if applicable).

20.3        The Client shall only supply to Rombit, and Rombit shall only process, in each case under or in relation to this Agreement, the Personal Data of data subjects falling within the categories specified in the data processing agreement concluded between the Parties and set out in Schedule 2.

20.4        If any changes or prospective changes to the Data Protection Laws result or will result in one or both Parties not complying with the Data Protection Laws in relation to processing of Personal Data carried out under this Agreement, then the Parties shall use their best endeavours promptly to agree such variations to this Agreement as may be necessary to remedy such non-compliance.

21. Miscellaneous

21.1        Severability – If any provision of this Agreement is held to be unenforceable, the other provisions shall nevertheless continue in full force and effect. Each Party shall use its best efforts to immediately negotiate in good faith a valid replacement provision with an equal or similar economic effect.

21.2        Survival – The provisions of this Agreement that are expressly or implicitly intended to survive termination, shall survive any expiration or termination of this Agreement.

21.3        Amendments – This Agreement may be modified or amended only by written agreement executed by a duly authorized representative of both Parties hereto.

21.4        Waiver – This Agreement may be waived only by a written document signed by the Party entitled to the benefits of such waiver. Each such waiver or consent shall be effective only in the specific instance and for the purpose for which it was given and shall not constitute a continuing waiver or consent.

21.5        Entire Agreement – This Agreement constitutes the entire agreement and understanding between the Parties with respect to the subject matter hereof and supersedes all prior oral or written agreements, representations or understandings between the Parties relating to the subject matter hereof. No statement, representation, warranty, covenant or agreement of any kind not expressly set forth in this Agreement shall affect, or be used to interpret, change or restrict, the express clauses of this Agreement.

21.6        Notices – Unless explicitly stated otherwise in the Agreement, any notice required to be served by this Agreement shall in first instance be given by electronic mail to the email addresses set out in the Order Form. All notices given by electronic mail, shall only be valid upon confirmation of receipt expressly given by electronic mail by the receiving Party. Any notices can be given in writing and served by personal delivery or registered letter, addressed to either Party at its address given in the Order Form or to such other address as a Party may designate by notice hereunder. All notices shall be deemed to have been given either (i) if by hand, at the time of actual delivery thereof to the receiving Party at such Party’s address, (ii) if sent by overnight courier, on the next Business Day following the day such notice is delivered to the courier service, or (iii) if sent by registered or certified mail, on the 5th Business Day following the day such mailing is made.

21.7        Publicity – Rombit shall have the right (unless otherwise indicated in the Order Form) to use any trademarks or other marks of the Client (including the Client’s corporate name) for marketing or promotion purposes, such as (but not limited hereto) client references on Rombit’s website and sales presentations.

21.8        Interpretation – In this Agreement (unless the context shall otherwise require or permit): (i) reference to any statute or statutory provision includes a reference to that statute or statutory provision as from time to time amended, extended or re-enacted; (ii) words importing the singular include the plural, words importing any gender include every gender and words importing persons include bodies corporate and incorporate; and each case vice versa; (iii) the headings or captions to the articles are for ease of reference only and shall not affect the interpretation or construction of this Agreement.

21.9        Relationship between the Parties – The relationship between Rombit and the Client is that of independent contractors. Neither Party is agent for the other and neither Party has any authority to make any contracts, whether expressly or by implication, in the name of the other Party, without that Party’s prior written consent for express purposes connected with the performance of this Agreement.

21.10     Force Majeure – Rombit shall not be liable for any delay in performing, or failure to perform, any of its obligations under this Agreement due to a Force Majeure Event.

21.11     Non-Assignment – Client shall not assign or otherwise transfer any of its rights or obligations under this Agreement without Rombit’s prior written consent. Rombit’s consent should be requested by registered letter, disclosing the identity of the prospective transferee. Subject to any restrictions on assignment herein contained, the provisions of this Agreement shall inure to the benefit of and shall be binding upon the Client hereto and his respective heirs, legal representatives, successors and assignees. Rombit can assign or transfer any of its rights or obligations under this Agreement without the Client’s prior written consent.

21.12     Subcontractors – Rombit shall have the right to subcontract part or all of its obligations under the Agreement.

21.13     Language – The Agreement is in the English language only, which language shall be controlling in all respects. Furthermore, all communications and notices made or given pursuant to the Agreement shall be in English.

21.14     Applicable law and jurisdiction – This Agreement shall be governed by and construed in accordance with the laws of Belgium and the Parties hereto submit to the exclusive jurisdiction of the competent courts of Antwerp, division Antwerp. The United Nations Convention for the International Sale of Goods shall not apply to this Agreement.

Data Processing Agreement

This Data Processor Agreement (“DPA”) supersedes and replaces all previous agreements made in respect of Processing Personal Data and data protection in relation to the Agreement. Parties agree that Rombit is a Processor and the Client is a Controller in respect of the performance of the Agreement. The aforementioned indication of the Parties as Controller and Processor is consistent with the terms and definitions given within the GDPR. In the performance of the Agreement, the Processor will receive and process Personal Data for the benefit of the Controller and according to its instructions and purpose. The legislation applicable to the processing of Personal Data includes, among others the GDPR with its implementing laws. By means of this DPA Parties wish to lay down their specific agreements in respect to the Processing of Personal Data within the framework of the Agreement.

1. Definitions

1.1        “Belgian Privacy Act” means the Belgian Act of July 30th, 2018 regarding the protection of natural persons in respect of processing of personal data (Wet betreffende de bescherming van natuurlijke personen met betrekking tot de verwerking van persoonsgegevens);

1.2        “Data Processing Details” means the data processing details provided by the Client and set out in Annex 1 to this Schedule 2;

1.3        “GDPR” means Regulation (EU) 2016/679 of the European Parliament and of Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation);

1.4        “Sub-processor” means any third party engaged by the Processor for the Processing of Personal Data for the performance of the Agreements made between the Parties;

1.5        All other terms and definitions with capital letters and which are not defined expressly in this DPA, are defined as set out in the GDPR or the Agreement.

2. Object of this DPA

2.1        This DPA determines the conditions of the Processing by the Processor of Personal Data communicated by or at the initiative of the Controller in the context of the Agreement. The Processing will exclusively take place for the benefit of the Controller and for the purpose(s) as defined by the Controller in the Data Processing Details.

2.2        The nature and purpose(s) of the Processing, a list and the types of Personal Data as well as the categories of the Data Subjects, are detailed in the Data Processing Details.

2.3        The Processor will only process the Personal Data according to the documented instructions of the Controller and will not use these Personal Data for its own purpose(s).

2.4        If the Processor is legally obliged to proceed with any Processing of Personal Data, the Processor, unless this would violate applicable mandatory rules, will inform the Controller of such obligation.

3. Term

3.1        This DPA is applicable to every Processing of Personal Data executed in the context of Agreement and applies as long as the Processor Processes Personal Data on behalf of the Controller in the context of the Agreement. This DPA ends automatically upon termination or expiry of the Agreement (or at the moment the Processing by the Processor is terminated); the provisions of this DPA that are either expressly or implicitly (given their nature) intended to have effect after termination or expiry of the DPA shall survive the end of the Agreement with regard to the Personal Data communicated by or at the initiative of the Controller in the context of the Agreement.

4. Technical and organizational measures

4.1        The Processor offers adequate guarantees with regard to the implementation of appropriate technical and organizational measures so that the Processing complies with GDPR requirements and that the protection of the Data Subject’s rights is guaranteed. The technical and organizational measures implemented by the Processor shall be made available to the Controller at the Controller’s request (at the moment of signing this DPA and as updated from time to time). The Controller acknowledges those measures to be adequate for the Processing of its Personal Data at the moment of signing of this DPA.

4.2        The Processor shall take all appropriate technical and organizational measures as referred to in article 32 GDPR to ensure an adequate level of security appropriate to the risk.

4.3        In case the Controller is requesting specific technical and organizational measures to be implemented by the Processor (which the Processor has not implemented by default), the Controller will reimburse the Processor for implementing such measures according to article 14 (Costs) of this DPA.

4.4        Adherence by the Processor to an approved code of conduct as referred to in article 40 GDPR, or an approved certification mechanism as referred to in article 42 GDPR may be used as an element of proof of sufficient guarantees as referred to in GDPR.

5. Storage of Personal Data

5.1        The Processor will not keep the Personal Data any longer than required for Processing of such Personal Data in the context of the Agreement. The Controller will not instruct the Processor to store any Personal Data longer than necessary. The agreed retention period (as defined by the Controller) is set out in the Data Processing Details.

5.2        Unless storage of the Personal Data is mandatory under Union or Member State law, the Processor shall, within a reasonable period after the end of the Processing services, at the option of the Controller, either erase all Personal Data or return it to the Controller and delete existing copies.

5.3        To the extent download functionalities are available, the Controller shall use such functionalities to retain its data.

6. Confidentiality

6.1        Only those employees, contractors or agents of the Processor who are involved in the Processing of Personal Data may be informed about the Personal Data and only to the extent as reasonably necessary for the performance of the Agreement. The Processor ensures that persons authorized to process the Personal Data are committed to confidentiality by contract or are under an appropriate statutory obligation of confidentiality.

7. Data Subject’s rights

7.1        Taking into account the nature of the Processing, the Processor shall use best efforts, by taking appropriate technical and organizational measures, to assist the Controller in the fulfilment of its obligation to respond to requests from Data Subjects.

7.2        For all services performed by the Processor in the context of the treatment of such requests from Data Subjects, the Controller will reimburse the Processor in accordance with article 14 (Costs) of this DPA. Such reimbursement by the Controller shall not be due in case (i) the Data Subject is invoking its rights because of a Personal Data Breach proven attributable to the Processor or (ii) in case such assistance by the Processor does not exceed four (4) hours of work during the Term of the Agreement.

8. Duty to notify

8.1        Upon becoming aware of a Personal Data Breach, the Processor shall notify the Controller thereof without undue delay by contacting the contact person indicated in the Data Processing Details.

8.2        At the request of the Controller, the Processor will cooperate with the investigation and elaboration of the measures necessary in case of any Personal Data Breaches.

8.3        The Parties will keep each other informed of any new developments with regard to any Personal Data Breach and of the measures they take to limit its consequences and to prevent the repetition of such Personal Data Breach.

8.4        It is the responsibility of the Controller to report any Personal Data Breach to the Supervisory Authority or the Data Subject, as required.

8.5        In case a Personal Data Breach occurs, the Processor’s Data Protection Office is at the Controller’s disposal. The Data Protection Office can be contacted by email: dpo@rombit.be.

9. Sub-processing

9.1        The Controller expressly authorizes the Processor to engage Sub-processors for the Processing of Personal Data for the performance of the Agreement. To this extent, the Controller grants a general permission to the Processor to decide with which Sub-processor(s) the Processor cooperates for the fulfilment of its obligations under the Agreement. The Processor shall keep a list of all Sub-processors engaged, which shall be made available to the Controller at the Controller’s request. The Processor will inform the Controller of any intended material changes concerning the addition or replacement of Sub-processors via the Controller’s contact person included in the Data Processing Details. The Controller will have the right to object to the addition or replacement in writing by addressing the Processor’s DPO. Parties will in such case discuss the addition, replacement or alternative in good faith and as soon as reasonably possible after the Controller’s written notice.

9.2        Where the Processor engages a Sub-processor for carrying out specific Processing activities, the same or similar data protection obligations as set out in this DPA shall be imposed on that Sub-processor by way of a written agreement, in particular providing sufficient guarantees to implement appropriate technical and organizational measures (and complying with the relevant technical and organizational measures).

10. Transfers of Personal Data outside the EEA

10.1        The Processing of Personal Data by the Processor will by default take place within the European Economic Area (EEA). In case, for specific purposes or Processing activities or if mandatory under EU or Member State law provisions, Personal Data is transferred or processed outside the EEA, such transfer or processing of Personal Data shall only occur with explicit written consent of the Controller or in compliance with the applicable legislation (e.g. Privacy Shield certification, Standard Contractual Clauses, etc.). To this extent, the Controller grants a proxy to the Processor to sign on the Controller’s behalf the European Standard Contractual Clauses as made available by the European Commission (as amended from time to time) with Sub-processors.

11. Data Protection Impact Assessment and prior consultation

11.1        If the Controller performs a Data Protection Impact Assessment (article 35 GDPR) (“DPIA”) or prior consultation (article 36 GDPR) linked to the Processing of Personal Data in the context of the performance of the Agreement, the Processor shall reasonably assist the Controller. In such case, the Controller will reimburse the Processor for services rendered according to article 14 (Costs) of this DPA. Such reimbursement of costs shall not apply in case (i) the assistance requested from the Processor is less than four (4) working hours during the term of the Agreement, or (ii) the DPIA or prior consultation is triggered by a Personal Data Breach proven attributable to the Processor.

12. Audit – inspection

12.1        The Controller has the right to perform audits regarding the compliance by the Processor with its obligations under this DPA and the applicable legislation in respect of data protection.

12.2        The Processor shall use its reasonable efforts to cooperate with such audits and to make available all information necessary to prove its compliance with the obligations of the Processor.

12.3         The Processor shall immediately inform the Controller if, in its opinion, an instruction infringes the applicable legislation.

12.4        The Controller shall notify the Processor of such audit at least one (1) month prior to the date on which the audit will be performed, by given written notice to Rombit’s Data Protection Office: dpo@rombit.be.

12.5        In case an audit is being performed, all parties involved shall first sign a specific non-disclosure agreement with respect to such audit and the audit results. Upon the performance of any such audit, the confidentiality obligations of the Parties with respect to Third Parties must be taken into account. Both the Parties and their auditors must keep the information collected in connection with an audit secret and use it exclusively to verify its compliance with this DPA and the applicable laws and regulations in respect of data protection.

12.6        The Controller has the option to perform the audit itself or to assign an independent auditor, however such independent audit must duly sign the non-disclosure agreement referred to in this article.

12.7        The Controller and the Processor and where applicable their representatives, shall reasonably cooperate, upon request, with the Supervisory Authority in the performance of its tasks.

12.8        The Controller will reimburse the Processor for the services so rendered in relation to the audit in accordance with article 14 (Costs) of this DPA. It being understood, such reimbursement shall not apply in case the audit is a result of (i) a Personal Data Breach proven attributable to the Processor or, (ii) in case the Processor’s assistance does not exceed four (4) working hours during the duration of the Agreement.

13. Costs

13.1        The assistance to be performed under this DPA for which the Processor may charge the Controller, will be charged on the basis of the hours worked and the standard hourly rates applicable at the time of the request (at the date of signing of Agreement the standard rate is 106,25 EUR/hour excl. VAT during Business Days, which may be updated from time to time by the Processor). The Processor will invoice these amounts on a monthly basis.

13.2        The payment by the Controller to the Processor for the services under this DPA will take place in accordance with the provisions in the Agreement.

14. Liability

14.1 The provisions of the Agreement concerning limitation of liability also apply to this DPA and the damages arising out of it.

15. Other provisions

15.1        The provisions of the Agreement concerning changes, completeness of the agreement, severability, applicable law and competent court are applicable to this DPA.