Terms of use

SIMPLYAI BUSINESS SUITE

Last edited on: 13-06-2024

TERMS OF USE



These Terms of Use comprise of:

A: General Terms
B: Privacy Policy
C: Data Processing Addendum
D: Service Level Agreement
E: Solutions Descriptions



IMPORTANT INFORMATION:

Please read this Agreement carefully before purchasing and/or using our software or services. By using our software or services, you are deemed to accept this Agreement. If you are an individual acting on behalf of an entity (e.g. your employer), you represent that you have the authority to enter into this Agreement on behalf of that entity. If you do not accept the terms of this Agreement, then you must not use our software or services.



DEFINITIONS:

Agreement: The entire contractual relationship between the parties, consisting of the General Terms, Privacy Policy, Data Processing Addendum, Service Level Agreement, Solutions Descriptions, and any other written agreement entered into between SimplyAi and Customer.

Affiliate: An entity that owns or controls, is owned or controlled by, or is under common control or ownership with a party, where “control” is the possession, direct or indirect, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise.

Confidential Information: Information disclosed by the disclosing Party to the recipient during the term of the Agreement that (i) is marked confidential; (ii) if disclosed orally, is clearly described as confidential at the time of disclosure and is subsequently set forth in writing, marked confidential, and sent to the recipient within thirty (30) days following the oral disclosure; or (iii) is of a nature that the recipient knows is confidential to the disclosing party or should reasonably be expected to know is confidential.

Customer or You: The person or entity acquiring the right to use or access the Solutions and which is a party to this Agreement.

Data Processing Addendum: An agreement between a data controller and data processor. It states the rights and obligations of each party concerning the protection of personal data in compliance with the GDPR or any other Privacy Laws.

Fees: The amounts to be paid by you to us for your use of the Solutions.

General Terms: The terms and conditions set forth in this document, which govern the overall relationship between the parties and are applicable to all Solutions and Services provided by SimplyAi.

Party: Either SimplyAi B.V. or the client, as the context requires, and "Parties" refers to both SimplyAi B.V. and the client collectively.

Privacy Policy: The document outlining the policies and practices of SimplyAi B.V. concerning the collection, use, and disclosure of personal data in connection with the Solutions and Services.

Service Level Agreement: The document setting forth the performance standards, availability, and support commitments for the Services provided by SimplyAi B.V.

Services: The services provided by SimplyAi B.V. to Customer as described in the Agreement.

Services Terms: the period during which you are entitled by us to use, receive access or consume a particular Solution.

SimplyAi: SimplyAi B.V., having its registered office in Cuijk at De Nieuwe Erven 12, 5431NT, Cuijk, registered in the commercial register under number 89521811.
Email address: info@simplyapp.ai
Telephone Number: +31640313716
VAT Number: NL865008565B01 

Software: The computer programs, Solutions, and other software components that comprise the Solution.

Solution: The software, tools, and technology provided by SimplyAi  as part of the SimplyAi Business Suite, as described in the Solutions Descriptions.

Solutions Descriptions: The document(s) describing the specific features, functionality, and requirements of the Solutions and Services provided by SimplyAi

Your Materials: Any data, content, or materials provided or submitted by the client to SimplyAi B.V. in connection with the client's use of or access to the Solutions and Services.


1. HOW THIS AGREEMENT WORKS

1.1. The Agreement applies to all of our Solutions under the SimplyAi Business Suite that you purchase, or for which you acquire the right to access or use.

1.2 The Agreement consists of four parts: (1) the General Terms; (2) the Privacy Policy; (3) the Service Level Agreement; and (4) the Solutions Descriptions. Certain terms are defined at the end of these General Terms or in the Solutions Descriptions.

1.3 By purchasing a licence, you unequivocally confirm to have carefully read all five parts of this Agreement, and that you accept them.

1.4 In the event of any contradiction among these documents, the above order of precedence applies to the extent of the contradiction unless it’s clear that a lower ranked document explicitly deviates from a higher ranked document.

2. DURATION

2.1 The Agreement begins on the Start Date and continues until it is terminated as set out below. You may order our Solutions from us by purchasing a licence.

2.2 The Service that you order will start on the earlier of 

(a) your first use of the Service, 

(b) the date you purchased the Service, or 

(c) the start date contained in your invoice, and, in each case, will end at the expiration of the Services Term unless terminated earlier as set out below. If the Service you have purchased is a subscription, it will automatically renew for successive terms of the same duration as the original Services Term, unless either party gives written notice to the other party of its intention not to renew at least 30 days before the expiration of the applicable Services Term (or any subsequent renewal).

3. FEES

3.1 You must pay us the Fees in the amount and in the manner specified per your Licence.


3.2 All prices communicated by us are excluding VAT, where applicable.


3.3  SimplyAi utilizes automated payments for its Solutions, which the Customer must set up when purchasing a License. The Customer acknowledges and agrees that SimplyAi will automatically withdraw the agreed-upon License fees from the provided payment method on a recurring monthly or annual basis, depending on the selected plan, for the duration of the Service Agreement.


3.4 Customer is at all times responsible for ensuring the validity and functionality of their payment details. Any issues arising from the inability to collect Customer payments due to incorrect or outdated payment details will result in the immediate suspension of the Customer Licence, and all Licences associated with the Customer’s organisation, until the payment issues are remedied and any outstanding payments have been collected. 


3.5 SimplyAi may change its prices of the Subscriptions at renewal, upon 30 days prior written notice. No rights can be derived from historic prices.


3.6 After confirmation of initial payment, Customer will receive access to their SimplyBusiness dashboard and be credited their monthly allocated usage per their subscription tier. 


3.7 Monthly allocated usage will reset every 30 days from the start of their subscription, as long as there are no issues with SimplyAi collecting any subsequent monthly payment as per the automated renewal policy.


3.8 The user may downgrade or upgrade their current plan and the number of seats associated with their account at any time. In the event of a downgrade, the user will retain access to the higher plan or seat limit until the end of the current billing cycle. In the event of an upgrade, the user will immediately gain access to the higher plan or additional seats, and the associated costs will be immediately deducted from their payment method.

3.9 Larger organisations may request to pay by invoice. Upon receiving written approval from SimplyAi, an invoice will be issued to the organisations on a monthly or annual basis, corresponding to their selected plan. The invoice must be paid before the plan activates. A new invoice will be sent at least 30 days prior to the renewal date to allow sufficient time for payment. If an invoice is not paid by the due date, the account will be temporarily frozen until payment is received.


4. ENDING THIS AGREEMENT

4.1 A Party may terminate the Agreement on written notice with immediate effect if: (a) the other Party has committed a breach of the Agreement, which, if capable of remedy, the breaching Party fails to remedy within 30 days after receipt of a written notice from the other Party requiring remedy of the breach; (b) the other party suffers an event of insolvency (including the appointment of a receiver or liquidator). In addition, we may, at our option and without limiting our other remedies, suspend (rather than terminate) any Services if you breach the Agreement (including if you don’t pay our Fees after we ask you to) until the breach is remedied.

4.2 Either Party may terminate this Agreement any time if all Services Terms have expired.

4.3 The termination or suspension of a Solution will not terminate or suspend any other active Solution for the remainder of the Agreement, unless specified in the notice of termination or suspension. If the Agreement is terminated in whole, all outstanding Licences and Services will terminate. If this Agreement is terminated in compliance with the above, you agree to pay any amounts to us, on demand, for Services supplied by us up until the date of termination. [For the avoidance of doubt, SimplyAi will deliver a full and detailed overview of any costs incurred by them in the providing of the Services upon request.]

5. WARRANTIES

5.1 We warrant that (a) we have the authority to enter into this Agreement, (b) the Services will be performed in a professional and workmanlike manner, (c) to our knowledge, the Software does not, at the time of delivery to you, include malicious mechanisms or code for the purpose of damaging or corrupting the Software; and (d) the Services will comply in all material respects with laws applicable to SimplyAi as the provider of the Services.

5.2 You warrant that (a) you have the authority to enter into this Agreement, and (b) your use of the Solutions will comply with all applicable laws.

5.3 We do not warrant that the Solutions will operate error-free or uninterrupted. To the extent permitted by law, we specifically exclude and disclaims all other warranties, whether express, implied or statutory, including implied warranties of merchantability. In relation to clause [5.1], your exclusive remedy will be re-performance or re-delivery of the defective Solution, or if we cannot substantially correct a breach within a reasonable time and manner, termination of the relevant Solution, in which case you will be entitled to a pro rata refund of the Fees paid for the defective solution up until the date of termination.

5.4. We guarantee that SimplyAi does not infringe the intellectual property rights of third parties. We shall indemnify you against, and hold you harmless from, all third-party claims for infringement of any intellectual property rights of that third party in relation to the Agreement and Services.

6. CONFIDENTIALITY

6.1 Each party must keep confidential all Confidential Information of the other party disclosed to it. A party may use the other party’s Confidential Information disclosed to it, solely for the purpose of performing its obligations under this Agreement. That party may disclose that Confidential Information only to people who have a need to know and under binding obligations of confidentiality. These obligations of confidentiality do not extend to information that: (a) is or becomes public knowledge without the fault of the receiving party; (b) is or becomes available to the receiving party from a source other than the disclosing party; (c) is required to be disclosed by law or stock exchange regulation; or (d) the information is generally known or easily developed by someone with ordinary skills in the business of the receiving party.

6.2 Upon written request of the disclosing party, the receiving party will promptly return or destroy all Confidential Information, except for Confidential Information stored in routine back-up media not accessible during the ordinary course of business.

7. OUR MATERIALS, RESERVATION OF RIGHTS, REVIEW

7.1 If you provide Your Materials to us in connection with your use of or access to the Solutions, you agree that, subject to clause 6 [Confidentiality], we may use Your Materials in connection with providing the Solutions. You agree that your provision (and our use) of Your Materials under this Agreement does not require any additional consents or Licences, will be in compliance with applicable law, and will not violate any intellectual property, proprietary, privacy, or other right of any third party. As between us and you, you retain all other rights in and to Your Materials.


7.2 We grant you only those rights expressly granted in the Agreement with respect to the Solutions and reserve all other rights in and to the Solutions (including all intellectual property rights). Nothing in this Agreement limits us from providing software, materials, or services for ourselves or other clients, irrespective of the possible similarity of such software, materials or services to those that might be delivered to you. The terms of Section 9 per se will not prohibit or restrict either party's right to develop, use or market solutions or services similar to or competitive with the other party; provided, however, that both of us must comply with this Agreement. 


8. LIABILITY

8.1 You acknowledge that you have satisfied yourself as to the quality and suitability of the Solutions for your purposes and specific business operational requirements, and have not relied solely on our representations, descriptions, skill or judgement.

8.2 To the extent permitted by law, neither party nor its Affiliates, will be liable for any incidental, consequential, special, indirect exemplary or punitive damages, or for any damages for lost or damaged data, loss of profits, lost savings or business or service interruption if such party was advised of the likelihood of such damages.

8.3 To the extent permitted by law, our maximum cumulative liability under or in connection with this Agreement, whether for breach of contract, repudiation, negligence, at law or any other basis will be capped at the total fees paid by you to us in the 12 month period prior to the occurrence of the event that gave rise to the liability. This limitation applies irrespective of the nature of the claim, e.g. a claim relating to our negligence.


8.4 Irrespective of any provision of this agreement, we do not exclude or limit our liability for (a) our liability for personal death or injury if this caused by our negligence or wilful default; (b) our fraudulent conduct; or (c) any other liability that cannot be limited or excluded by law.


9. MISCELLANEOUS

9.1 The Agreement can only be amended by means of a written document signed by the authorised representatives of both Parties.

9.2 Notices must be in English or Dutch, in writing, and will be deemed given upon receipt, after being sent using a method that provides for positive confirmation of delivery to the address(es) or email address provided by you, including through an automated receipt or by electronic log. Billing notices to you will be addressed to the billing contact that you have designated.


9.3 Either party may upon written notice: (a) assign this Agreement to an Affiliate if the Affiliate’s financial condition and creditworthiness are sufficient to satisfy the assigning party’s obligations under the Agreement and the assignment will not affect the non assigning party’s obligations under the Agreement; and (b) assign this Agreement to a successor or acquirer pursuant to a merger or sale of all or substantially all of such party’s assets. Any other assignment will be deemed void and ineffective without the prior written consent of the other party. Subject to the foregoing, this Agreement will bind and benefit the parties and their respective successors and permitted assigns.


9.4 If a provision of the Agreement is or becomes illegal, invalid, void or unenforceable, this shall not affect the validity or enforceability of any other provision of the Agreement. Parties will agree on a new provision with the same purpose, on the condition that the spirit of the original provision of the Agreement is affected as little as possible.


9.5 This Agreement may be executed in counterparts, each of which will be deemed an original and all of which will constitute one and the same document. The parties may exchange signature pages by email or electronic signature process and such signatures will be effective to bind the parties to the Agreement.


9.6 Any provisions of the Agreement that by their nature extend beyond the termination or expiration of the Agreement shall remain in effect.


10 GOVERNING LAW AND DISPUTES

10.1 The Agreement is governed by and shall be construed in accordance with the laws of the Netherlands.


10.2 To the extent permitted by law, the United Nations Convention on Contracts for the International Sale of Goods does not apply.


10.3 Disputes between the Parties which cannot not be resolved amicably, will be adjudicated exclusively by the competent court in Nijmegen, the Netherlands.




SIMPLYAI BUSINESS SUITE
PRIVACY POLICY


1. APPLICABILITY OF PRIVACY POLICY

1.1 The capitalised definitions in this Privacy Policy have the meaning assigned to them in the General Terms. In addition, the following definitions are used:

Personal Data: any data relating to an identified or identifiable natural person that is being processed by SimplyAi or by third parties engaged by SimplyAi.

Website: the website https://www.simplybusiness.ai/ 

User: An individual or entity who accesses, uses, or interacts with the Solution or Services provided by SimplyAi, including, but not limited to, the client's employees, contractors, agents, or representatives authorized by the client to utilize the Solution or Services on the client's behalf.

1.2 This Privacy Policy applies to every use of the Services and Solutions provided by SimplyAi and the Website and regulates the processing of Personal Data via the Solutions and the Website.

1.3 By using the Solutions and/or the Website, the User agrees to this Privacy Policy.


2. CONTROLLER

2.1 SimplyAi is the responsible party or controller for data processing in relation to creating an account. The SimplyAi solutions also process personal or corporate data, which is governed by this privacy policy.


3. PROCESSING OF PERSONAL DATA AND SURFING BEHAVIOUR

3.1 SimplyAi may collect and/or provide the following Personal Data via the Solutions and the Website:

a. names and addresses;

b. location data;

c. contacts;

d. photographs, audio, media and other files;

e. surfing behaviour within the Solutions and Website.

3.2 These Personal Data are collected by means of surfing behaviour or by other use of the Solutions and/or Website.

3.3 SimplyAi will not store these Personal Data of Users any longer than is necessary for the purpose of the processing. SimplyAi will only process the Personal Data in accordance with applicable privacy and GDPR laws.


4. PROCESSING OBJECTIVES

4.1 SimplyAi will only collect and process Personal Data for the objectives specified below:

  a. the normal operation of the Solutions and/or Website;

  b. improvement of the Solutions and/or Website;

c. only with permission of the data subject, for direct marketing purposes.

5. SECURITY

5.1 SimplyAi will take necessary organisational and technical security measures to secure Personal Data and to prevent their misuse, loss or modification.

5.2 SimplyAi ensures the security of your Personal Data by partly processing it on highly secure servers provided by Google. However, in the unlikely event of a security breach on Google's servers that leads to loss, theft, or any other misuse of your information, SimplyAi cannot be held legally liable.

5.3 All other data is stored and processed on secured servers hosted by Cyber Fusion


6. COOKIES

6.1 To ensure the proper operation of the Solutions and the Website, SimplyAi uses cookies.

6.2 Cookies are small pieces of information that are stored by the browser on the User’s computer. SimplyAi uses various types of cookies for various purposes.

a. Functional cookies: cookies needed for the proper operation of the Solutions, including cookies needed to create an account;

b. Analytical cookies: cookies that ensure that insight is obtained into the manner in which Users use the Solutions and/or Website, or parts thereof, so that SimplyAi can improve the Solutions and/or Website, thereby aligning to the extent possible with what Users find interesting and important. SimplyAi does not use the data obtained from cookies to study app use at an individual level, but only at an aggregate level.

6.3 SimplyAi only uses third-party cookies to improve the quality and effectiveness of the Solutions and/or Website.

6.4 In so far as required by law, the User hereby gives unambiguous permission for the use of the aforementioned cookies.

6.5 Most browsers will accept cookies in their default setting. The User can change the browser settings to disable cookies or so that the display indicates when a cookie is being sent. However, some features and services of both the Solutions and the Website may not function properly if cookies have been disabled.

7. THE RIGHT TO ACCESS, CORRECT, PORTABILITY AND DELETION

7.1 You can request SimplyAi for access to your Personal Data processed by SimplyAi. You can also request that SimplyAi correct, supplement, delete, block or transfer your Personal Data. In addition, you may withdraw previously given permission to process your Personal Data. SimplyAi will grant your requests in accordance with applicable privacy laws.

7.2 To avail yourself of such rights, please contact SimplyAi’s customer service.

8. OTHER PROVISIONS

8.1 SimplyAi reserves the right to regularly amend this Privacy Policy. It is your responsibility to regularly read the applicable terms and conditions. This Privacy Policy was most recently amended and revised in May 2023.

8.2 If a provision from this Privacy Policy is void, this will not lead to the other terms and conditions being void. The void provision will be replaced with a valid provision which corresponds as closely as possible to the intention of the void provision.


9. DISPUTES

9.1 This Privacy Policy is governed by the laws of the Netherlands.




DATA PROCESSING ADDENDUM

 

Introduction

 

This Data Processing Addendum and its Annexes (DPA) reflects the parties’ agreement with respect to the Processing of Personal Data by us on behalf of you, in connection with the SimplyAi Terms of Use (available at: Terms of Use) entered into between you and us (the Agreement).


This DPA is supplemental to, and forms an integral part of, the Agreement and is effective after you accepted the Terms of Use, during the sign-up process. Please contact us if you do not agree with the content of our DPA, in which case we will conclude a tailored data DPA.


We update this DPA from time to time. If you have an active SimplyAi subscription, we will let you know when we do via email or via in-app notification. The term of this DPA will follow the term of the Agreement. Terms not otherwise defined in this DPA will have the meaning as set forth in the Agreement. For the purpose of this DPA, SimplAi and the customer are each a Party and together the Parties.

 

Signed version

This SimplyAi DPA is made available at Data Processing Addendum and is incorporated into the SimplyAi Terms of Use. For customers that would like to receive a signed copy of the SimplyAi DPA, we have made this copy available to you. This copy includes signatures on the DPA version last modified on 03/02/2024. No changes made to this copy are agreed to by SimplyAi. Please note that we update this DPA as we describe in the ‘Introduction’ section below. If you have any questions, please contact your SimplyAi representative.


1. DEFINITIONS

The terms defined in the Terms of Service and Privacy Policy shall, unless otherwise specified in this SLA, have the same meaning in this SLA.

Applicable Legislation: The GDPR and all other relevant legislation and regulations in the field of protection of Personal Data, like the Dutch Telecommunications Act (Telecommunicatiewet) regarding the use of cookies.

Controller: You, who as a customer makes use of SimplyAi’s Services to Process Personal Data and determines the purpose and means of the processing.

Data Breach: (suspicion of) A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.

DPIA: Data protection impact assessment.

Data Subject: Any person of which personal data is collected on the basis of this DPA; data subjects within the meaning of what is specified in the GDPR.

EEA: European Economic Area: The Member States of the European Union (EU) and Iceland, Liechtenstein and Norway.

Employee: The employees and other persons engaged by the Processor for the performance of the Agreement.

GDPR: General Data Protection Regulation.

Personal Data: Data which can be used either directly or indirectly to identify a natural person, as intended in the GDPR.

Processing: Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means. Examples are: collection, storage, alteration or use.

Processor: The party which Processes Personal Data on behalf of the Controller.

DPA: The underlying Data Processing Addendum, applicable between Parties.

Recipient: A natural or legal person, public authority, agency or another body to whom/which the Personal Data are disclosed.

Services: The service(s) to be provided by the Processor to the Controller based on the Agreement.

Sub-Processor: Third parties engaged by the Processor for the performance of the Agreement.

Supervisory Authority: An independent public authority which is established by an EU Member State pursuant to the GDPR. In the Netherlands, this is the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

Third Party: A third party other than the Data Subject, the Controller or the Processor, or the person who, under the direct authority of the Controller or Processor, is authorised to process Personal Data.


1. SCOPE

1.1. The DPA applies to all Processing in the performance of the Agreement.

1.2. The DPA is part of the Agreement and replaces all previous arrangements between the Parties regarding the Processing of Personal Data. In the event of any conflict, the provisions of the DPA prevail.

 

2. PARTY’S ROLES

2.1. Within the context of the performance of the Agreement, SimplyAi processes Personal Data on your behalf and is deemed a Processor within the meaning of the GDPR. You are deemed a Controller within the meaning of the GDPR.

2.2. If the Processor determines the purpose and means of the Processing instead of the Controller, the Processor is deemed as the controller for that Processing.

 

3. PERSONAL DATA PROCESSING

3.1. The Processor shall only Process Personal Data:

a) As described in Annex A (Description of Processing Activities);

b) In accordance with the Agreement and to comply with other reasonable instructions provided by the Controller that are consistent with the terms of the Agreement (the Purpose).

3.2. SimplyAi shall act on behalf of and on the instructions of the Controller in carrying out the Purpose.

3.3. The Controller may amend its instructions or issue additional instructions at the Controller’s sole discretion.

3.4. The Processor shall never process the Personal Data for its own benefit, the use of Third Parties and/or other purposes, unless the terms of the Agreement or Applicable Legislation oblige the Processor to perform Processing. The Processor shall notify the Controller of this provision prior to the Processing to the extent permitted by law.

3.5. The Parties shall comply with the GDPR and other Applicable Legislation concerning the Processing of Personal Data. If the Processor suspects that an instruction from the Controller breaches the GDPR or Applicable Legislation, the Processor shall immediately notify the Controller.

 

4. ASSISTANCE AND COOPERATION

4.1. The Processor shall provide the Controller with all necessary assistance and cooperation in complying with the obligations of the GDPR and Applicable Legislation, including:

a)  The security of Personal Data;

b)  The performance of checks and audits;

c)  The performance of DPIA’s;

d)  The prior consultation with the Supervisory Authority;

e)  Compliance with requests from the Supervisory Authority or another public body;

f)   Compliance with requests from Data Subjects;

g)  Reporting Data Breaches.


Requests from Data Subjects

4.2. With regard to requests from Data Subjects, the Processor shall take all reasonable measures to ensure that the Data Subject can exercise its rights.

4.3. If a Data Subject contacts the Processor directly, the Processor shall immediately report this to the Controller, with a request for further instructions. Pending instructions, the Processor shall adequately assist and inform the Data Subject about the next steps.

4.4. If the Processor offers the Services directly to the Data Subject, the Processor is obliged to inform the Data Subject on behalf of the Controller about the Processing of the Data Subject’s Personal Data in a manner that is in accordance with the Data Subject’s rights.


Requests from Supervisory Authority

4.5. With regard to requests from the Supervisory Authority or a Dutch and/or foreign public body, the Processor shall immediately notify the Controller in so far as this is permitted by law. When handling the request or order, the Processor shall observe all of the Controller’s instructions and provide to the Controller all reasonably required cooperation.

4.6. If the Processor is prohibited by law from complying with its obligations on the basis of Article 5.5, the Processor shall promote the Controller’s reasonable interests in the following way:

  1. The Processor shall procure a legal assessment of the extent to which (i) the Processor is required by law to comply with the request or order; and (ii) the Processor is in fact prohibited from complying with its obligations to the Controller based on Article 5.5;

b) The Processor shall only cooperate with the request or order if the Processor is required by law to do so, and the Processor shall object where possible (by legal

    action) to the request or order or the injunction against informing the Controller in this respect or against following the Controller’s instructions;

c)  The Processor shall not provide any more Personal Data than strictly necessary to comply with the request or order;

d)  In the case of a transfer as specified in Article 10, the Processor shall investigate the possibilities for complying with the rules of the GDPR regarding transfers.


Data Protection Impact Assessment

4.7. The Controller shall investigate the necessity under the GDPR to carry out a DPIA and to consult the relevant Supervisory Authority in advance, for the engagement of the Processor.

4.8. The Processor shall provide reasonable assistance to the Controller with any DPA and with any prior consultations to any Supervisory Authority which are required under the GDPR.

 

5. ACCESS TO PERSONAL DATA

5.1.  The Processor shall limit access to Personal Data by Employees, Sub-Processors, Third Parties and other Recipients of Personal Data to a necessary minimum.

5.2. The Processor shall restrict the access to the Personal Data to authorised Employees on a need-to-know basis.

5.3. The Controller authorises the engagement of the Sub-Processor(s) by the Processor listed in Annex C (Sub-Processors).

5.4. Controller provides Processor with a general authorisation to engage Sub-Processors in connection with the provision of the Services.

5.5. The Controller’s consent to outsourcing work to a Sub-Processor does not affect the fact that for the deployment of Sub-Processors in a country outside the EEA requires consent in accordance with Article 10 of this DPA.

5.6. The Processor will impose the same material data protection obligations on the Sub-Processors as set out in this DPA, in particular in relation to the implementation of appropriate technical and organisational measures.

5.7. The Processor shall notify Controller of any intended changes concerning the engagement or replacement of a Sub-Processor and Controller shall be given thirty (30) days to object, duly motivated and in writing, after receiving such notification.

5.8. If the Processor fails to address such an objection, the Controller's sole and exclusive remedy is to terminate the Agreement and this DPA immediately by providing written notice to the Processor.

5.9. In the event the Processor uses Sub-Processors, Processor shall remain fully liable to the Controller for the fulfilment of its obligations under this DPA, the Agreement, the GDPR and the Applicable Legislation.

 

6. SECURITY MEASURES

6.1. The Processor implements all appropriate technical and organisational measures to safeguard a level of security appropriate to the risk, so that the Processing complies with the requirements under the GDPR and Applicable Legislation.

6.2. The Processor shall take at least the security measures included in Annex B (Security Measures).


7. AUDIT

 7.1. At the Controller’s request and with a maximum of 1 (one) time per calendar year, the Controller has the right to have an audit performed by an independent (legal) person authorised by the Controller in respect of the Processor’s organisation, in order to demonstrate that the Processor complies with the provisions of the DPA, the GDPR and other Applicable Legislation and Regulations.

7.2. The costs of any audit are at the Controller’s expense, unless the audit reveals any material non-compliance by Processor (or Sub Processor) under this DPA, in which case the reasonable costs of the audit shall be borne by Processor.

7.3. The Processor shall immediately take all measures that are reasonably necessary according to an audit, to ensure the compliance of the Processor. The associated costs are borne by the Processor.

 

8. DATA BREACH

8.1. The Processor shall notify the Controller of a Data Breach without unreasonable delay and within 36 (thirty-six) hours at the latest. This report includes if possible (at least) all information from the most recent “Data Breaches form” of the Dutch Supervisory Authority.

8.2. If the Processor is unable to simultaneously provide all of the information from the Data Breach, the information may be provided to the Controller step-by-step without unreasonable delay and no later than within 36 (thirty-six) hours after the discovery.

8.3. At the Controller’s request, the Processor will provide the Controller with reasonable assistance as necessary to enable the Controller to notify the Data Breaches to the competent Supervisory Authority and/or affected Data Subjects.

8.4. The Processor has organised adequate policy and adequate procedures to comply with its obligations regarding Data Breaches, including a Data Breach Register. At the Controller’s request, the Processor shall provide information about and allow inspection of this policy and procedures.

 

9. TRANSFERS OF PERSONAL DATA

 9.1. The Processor may only transfer Personal Data to countries outside the EEA or to international organisations if:

a) there is an adequate level of protection and a transfer mechanism of the GDPR can be invoked; and

b) the Controller has given express prior written consent for the transfer.

9.2. The Processor consents to the transfer of Personal Data as described in Annex D (Data Transfers).

9.3. The Processor shall immediately notify the Controller in writing of any (planned) permanent or temporary transfers of Personal Data to a country outside the EEA and shall only give effect to such planned transfers after obtaining the Controller’s written consent. The Controller shall at all times have the right to attach additional conditions to its consent to such processing.

9.4. The provisions in this Article 10 do not apply in case a provision under Union law or under Member State law requires the Processor to perform Processing. In that event, the

Processor shall notify the Controller of this provision in writing prior to the Processing to the extent permitted by law.

9.5. At the Controller’s request, the Processor shall demonstrate that the requirements laid down in Article 10.1 have been met.


10.  CONFIDENTIALITY & NON-DISCLOSURE

10.1. All Personal Data are qualified as confidential and must be treated as such.

10.2. The Parties shall keep all Personal Data confidential and shall not disclose them in any way (internally or externally) unless:

a) disclosure and/or provision of the Personal Data is necessary in the context of the performance of the Agreement or the DPA;

b) any mandatory statutory provision or court decision requires the Parties to disclose and/or provide the Personal Data, in which case the Parties shall first notify the other Party;

c) disclosure and/or provision of the Personal Data takes place with prior written consent from the other Party.


11.  LIABILITY & INDEMNIFICATION

11.1. The Processor is not liable for any loss or damage caused by a breach by the Controller of the GDPR or Applicable Legislation. The Controller indemnifies the Processor against claims of Sub-processors, other Third Parties, Data Subjects or other persons regarding such loss and damage, and against any legal and other expenses incurred by the Processor in that context and any fines imposed on the Processor.

11.2. The Processor’s limitation of liability agreed on in the Agreement and the applicable terms and conditions, apply to this DPA. One or more claims for compensation under this DPA and/or the Agreement jointly can in no event result in exceeding that limitation.

11.3. If no limitation of liability is provided for in the Agreement, the Processor’s liability under this DPA is in any event limited to:

a) the amount of the fee for the assignment under the Agreement; or

b) in any event the part of the assignment to which the liability relates.

 

12.  TERM & TERMINATION

12.1. The DPA constitutes an integral part of the Agreement and shall automatically terminate upon termination of the Agreement.

12.2. The Controller may terminate the DPA if the Processor does not or can no longer comply with the DPA, the GDPR and/or the Applicable Legislation, without the Processor being entitled to any damages. The Controller shall observe a reasonable notice period, unless the circumstances justify immediate termination.

12.3. Within 1 (one) month after termination of the Agreement, the Processor shall:

a) destroy and/or return all Personal Data, including all existing copies held by (legal) persons engaged by the Processor;

b) transfer the Personal Data to the Controller and/or another party to be designated by the Controller, at the Controller’s discretion.

12.4. At the Controller’s request, the Processor shall confirm in writing that the Processor has satisfied all obligations under Article 13.3.

12.5. The Processor shall bear the reasonable costs for the destruction, return and/or transfer of the Personal Data. The Controller may impose additional requirements on the manner of destruction, return and/or transfer of the Personal Data, including requirements on the file format.

 

13.  LEGAL EFFECT

13.1. This DPA shall only become legally binding between the Parties when the Controller has agreed to the Terms of Use, as specified in the Section “Introduction”.

14.  MISCELLANEOUS

14.1. Only written amendments to this DPA shall be valid.

14.2. Obligations under the DPA that are intended by their nature to continue after termination of this DPA will continue to apply after termination of the DPA.

14.3. This DPA replaces all prior agreements between Parties regarding the processing of Personal Data.




ANNEX A - Description of Processing Activities for SimplyMeetings



































ANNEX B - Security Measures




















ANNEX C - Sub Processors




























SERVICE LEVEL AGREEMENT

1. DEFINITIONS

The terms defined in the Terms of Use and Privacy Policy shall, unless otherwise specified in this SLA, have the same meaning in this SLA.

Downtime: A period during which the Software-as-a-Service (SaaS) cannot be accessed. This means that Users are not able to establish a Session.

Emergency Maintenance: Urgent, unscheduled activities performed by SimplyAi to address critical issues, such as security vulnerabilities, hardware failures, or software bugs that could significantly impact the performance, availability, or security of the Software.

Scheduled Maintenance: Planned, routine activities carried out by SimplyAi to maintain, update, or upgrade software, hardware, or infrastructure. These activities are necessary to ensure the optimal performance, security, and reliability of the Software.

Service Credit: Credit approved and given to you in the form of partially extending your Subscription Term. One (1) Service Credit means one (1) day and will not result in a refund of any fees due or previously paid.

Response Time: The duration between when a User submits a request for assistance (such as an email, phone call, or chat message) and when a support representative acknowledges or replies to the request.


2. SERVICE LEVEL COMMITMENT

Software-as-a-Service

This section applies to Customers accessing and using the Software with an active and paid Subscription Term for either the Starter, Pro, Business or Enterprise plan, based on the Software-as-a-Service principle (“Software-as-a-Service" or “SaaS”). SimplyAi is committed to providing a reliable, high-quality product for automating business processes through use of AI technology.

SimplyAi guarantees that its Software-as-a-Service will be available at least 98% of the time during the calendar year.

If the availability of the SaaS drops below the 98% commitment for the given calendar year, you have the right to initiate a Service Credit claim process. If your claim is approved, SimplyAi will credit your account with 30 Service Credit(s).

Service Credit will not be granted under the following circumstances:

  • Scheduled Maintenance: Downtime due to planned or scheduled maintenance.

  • Account Status: Downtime during which your SimplyAi Account is not in good financial standing or when you are in violation of our Terms.

  • Force Majeure: Downtime due to circumstances beyond our control, such as acts of any governmental body, war, embargo, fire, flood, extended unavailability of public utility service, or unavailability or delay in telecommunications or Internet Service Providers.

  • Misuse of Software: Any Downtime resulting from your misuse of the Software.

Self-hosted Licence

This section applies to Enterprise Customers accessing and using the Software on-premises with an active and paid Subscription Term of the Enterprise plan and a sel-hosted Licence agreement. These Customers are accessing and using the Software on their own server infrastructure. SimplyAi does not have access to such on-premises systems and cannot guarantee the uptime of the service to the same extent as the Software-as-a-Service.

Customer Support

This section applies to all Customers with an active and paid Subscription Term. SimplyAi guarantees that the customer support services will be provided within the working hours and Response Times as defined in this SLA.


3. SCHEDULED MAINTENANCE

We will notify you at least 48 hours in advance of any Scheduled Maintenance. We will make reasonable attempts to perform Scheduled Maintenance during historically low-use hours based on average use by our Customers. We reserve the right to occasionally perform Emergency Maintenance, of which you will be informed less than 48 hours in advance.


4. CUSTOMER SUPPORT

Support Channels

SimplyAi is committed to providing exceptional customer care for its Users. To ensure a positive experience, we offer various support channels and resources to address any questions, concerns, or issues you may encounter while accessing and using the Software.

  • Email: If you need any assistance or have specific questions, you can always reach out to our support team via email. Please send it to info@simplybusiness.ai and we will respond promptly and work with you to resolve any issues you may be experiencing.

  • Live chat: For immediate assistance, we offer live chat support during working days (09:00-17:00 CET from Monday to Friday) on the support page which you can find in the main overview of your Simply dashboard.


Tiers of Assistance

SimplyAi offers different tiers of assistance to address Customers' needs, questions, and issues. Each level has distinct roles and responsibilities.

  • Level 1 Standard Support is available to all Customers free of charge.

  • Level 2 Premium Support is available to Customers subscribed to a Pro or Business Licence.

  • Level 3 Enterprise Support is available to Customers subscribed to an Enterprise Licence.


Scope of Support

Our support services are focused on assisting with issues related to SimplyAi's products and services. We do not provide support for matters outside the scope of SimplyAi's products and services, such as server maintenance, operating systems, or general computer errors.


Please note that if our customer support team helps with false reports of critical issues or issues unrelated to SimplyAi's products and services, additional charges may apply.


5. STANDARD & PREMIUM SUPPORT

To deliver the best customer support service, we always try to appoint the most appropriate SimplyAi’s support personnel to you, according to your location, native language, and other preferences. 

Depending on the nature of the issue and for the successful diagnosis and/or resolution of the issue, it might be necessary for you to provide us with some further information, or for us to arrange a remote desktop debugging session with you. Your failure to cooperate with us during the resolution process could hinder the resolution of the issue and invalidate your Service Credit claims.

Response Times are exclusively counted during the standard business hours (09:00 to 17:00 CET) of a typical work week (Monday to Friday) and do not encompass national holidays as officially recognized by the government of The Netherlands.

The table below indicates the Response Times for customer support services provided by SimplyAi. The number of Service Credits (SC) which can be claimed if we exceed Response Times are also indicated in the table.


RESPONSE TIME






















Regular Working Hours

Our customer support team is available during regular working hours as follows:

  • Weekdays: 09:00 to 17:00 Central European Time (CET)

  • Exceptions: SimplyAi reserves the right to be unavailable during any national holidays as  officially recognized by the government of The Netherlands.

6. OUTAGE OR FAILED SERVICE

If you suspect that the Software is unavailable or not functioning correctly or in case of a failed service, you should immediately notify us, but no later than 3 working days after the suspected unavailability or malfunction or a failed service. You must file the service claim via one of the support channels.

You are required to provide the following information:

  • Email address of the affected SimplyAi Account(s).

  • Your contact information.

  • The date and beginning time of the unavailability or malfunction of the Software or a failed service.

  • A brief description of the characteristics of the claimed unavailability or malfunction or a failed service.

Your claim will be considered filed once you receive an automated email confirmation. We will notify you once the claim is being reviewed through the same channel with which we receive your claim. 


7. SERVICE CREDIT CLAIM PROCESS

To initiate a Service Credit claim, please contact us within seven (7) business days after the end time of the claimed outage or failed service for which credit is being requested. SimplyAi will review your request and notify you of the outcome via email. If your request is rejected, the notification will specify the basis for the rejection. If approved, we will issue Service Credit to your SimplyAi Account.

Please note that failure to cooperate with us during the resolution process and Service Credit claim process may invalidate your Service Credit claims.

Also, please be aware of the following:

  • Service Credit claims will be processed exclusively on an individual Customer basis, rather than on a per-account basis.

  • The total number of all Service Credits for all failures occurring in any calendar year cannot exceed 30.

  • Service Credits may not be received in the form of a refund.





SOLUTIONS DESCRIPTION


SimplyMeetings


1. OVERVIEW

1.1 SimplyMeetings is a cutting-edge software-as-a-service (SAAS) solution provided by SimplyAi. This service is accessible through a user-friendly dashboard. It enables users to upload meeting recordings either manually or via integration with their Voice over IP (VOIP) or through the use of our desktop or mobile recorder application.


1.2 SimplyMeetings leverages advanced transcription and data extraction technology to process these recordings, transforming them into a textual format, and extracting pre-defined data points. The user is given the capability to validate the accuracy of these data points before additional processing is conducted.


1.3 The software effectively converts the extracted data into CRM-compatible fields and a conversation summary tailored to the customer's specifications. After a final user review, the data can be exported directly to a customer's CRM or into text-formats such as Word, PDF, etc.


2. LICENCE TYPES

2.1 Starter Licence: Access to the Simply dashboard, export capability to Word, Excel, PDF, and Email (summary only for email), cloud storage integration with Google Drive or One Drive, simple conversation profiles and up to 20 processable recording hours per user per month.

2.2 Pro Licence: All features from the Starter Licence plus CRM integrations, VOIP integration, mobile and desktop recording apps, advanced conversation profiles, faster processing and up to 40 processable recording hours per user per month.

2.3 Business Licence: All features from the Pro Licence, CRM integration, personalised conversation profiles, priority processing and up to 80 processable recording hours per user per month.

2.4 Enterprise Licence: Tailored to fit the needs of large teams or those with unique requirements. The Enterprise Licence offers the possibility of a self-hosted Licence, custom trained AI-model, internal training and premium support, security on enterprise level, on-premise infrastructure and unlimited amounts of processing hours. Details should be discussed directly with our sales team.


3. DEFINITIONS OF FEATURES

3.1 CRM integrations: A feature that allows integration with the customer's Customer Relationship Management (CRM) system, facilitating direct transmission of extracted and validated data points into their CRM.

3.2 Desktop application: A software application that can be installed on a desktop computer, which enables users to record video call meetings and automatically upload the recordings to their SimplyAi dashboard account.

3.3 Mobile application: A software application designed for mobile devices that allows users to record in-person meetings and automatically upload the recordings to their SimplyAi dashboard account.

3.4 VOIP Integrations: A feature that allows integration with the customer's Voice over IP (VOIP) provider, enabling SimplyAi to automatically extract all VOIP call recordings and upload them to the user's account in the SimplyAi dashboard.

3.5 Cloud Storage Integration: A feature that enables users to export the analysis report directly to a folder in their cloud storage as an alternative to CRM integrations.

3.6 Data / Conversation Profiles: Pre-defined sets of data points that a customer wishes to extract from a specific recorded conversation.

3.7 Data Points: Refers to a specific data request that needs to be extracted from an audio recording into the pre-formatted conversation summary. Data points are usually counted in the form of an answerable question. 

3.8 Recording Hour: A recording hour refers to the length of the uploaded audio recording to be processed. To promote fair use, any uploaded recording, regardless of its true length, will always be counted at minimum as 30 minutes in base length. Recordings above 30 minutes in length are from thereon counted per minute and rounded to the nearest minute. A recording hour is not counted at the moment of uploading a recording to the SimplyMeetings dashboard, but once a user starts processing it by clicking the “Start Analysing” button.


4. Governing Law

4.1 This Solutions Description, in conjunction with the General Terms, Privacy Policy,  Service Level Agreement, and Data Processing Addendum forms the contract between SimplyAi and the customer and is governed by the laws of the Netherlands. This document should be read in conjunction with the other elements of the contract.



Data Subjects

Categories

The categories of Data Subjects whose Personal Data is Processed include: 


User: 

Meeting Participant(s):

Personal Data

Categories

SimplyAi Processes the following (special) categories of Personal Data on behalf of the Controller: 


The recordings of conversations between the User and Meeting Participants;

any other (special categories of) Personal Data entered into SimplyAi’s platform by the User in relation to the Meeting Participants (Other Data). 


These Recordings and Other Data may contain (sensitive) personal data, such as: name, date of birth, address, contact information, academic history, professional history, compensatory information, financial data, and any other type of data that may be discussed in a professional setting. 


Description of Processing

SimplyAi offers access to the SimplyMeetings dashboard: an AI-application that turns the conversation between a user and their meeting participants into a structured summary, as more particularly described in the Agreement. Personal Data will be processed in accordance with the Agreement (including this DPA) and may be subject to the following processing activities: 


a. Storage and other Processing necessary to provide, maintain and improve the Service provided to Controller pursuant to the Agreement; 


b. Disclosures in accordance with the Agreement and/or as compelled by applicable law. 


c. To provide customer and technical support to Customer

Frequency of Processing

Continuously and as determined by the Controller.

Retention Period

Subject to the Section “Term & Termination” of this DPA, we will Process Personal Data for the duration of the Agreement, unless otherwise agreed in writing.

SECURITY MEASURES TAKEN BY SIMPLYAI

Access Control

The access to the Personal Data is restricted to the authorised employees on a need-to-know basis.

Encryption

The Personal Data is secured by means of JSON Web Encryption (JWE).

Multifactor Authentication

The access to the Personal Data is secured with two-factor authentication (2FA).

Transmission Control

Standalone version Data in-transit: Secure network connections with Transport Layer Security (TLS) technology or a non-deprecated technology that is similar to TLS.

Non-disclosure

Non-Disclosure Agreements (NDA’s) are concluded in the event that confidential information is exchanged.

Sub-Processor

Purpose of Processing

Entity Location

Policy

Remarks

Processes

Conversation Data?

Slack

Internal communication

tool

USA

Data residency: data is hosted in Europe.

No

Beam

Serverless GPU cloud inference hosting for AI processing.

USA

Data residency: data is processed in the USA, no data is stored.

Yes

OpenAi

Generative AI processor

USA

Data residency: data is processed in the USA, no data is stored.

Yes

Aery

Main server host for data storage.

NL

Data residency: data is processed and hosted in Europe.

Yes

Google

Cloud storage hosting service

USA

Data residency: data is hosted in the USA.

No

FreshWorks

CRM

USA

Data residency: data is hosted in the USA

No

Type of Issue

Description

Standard Support

Premium Support

Enterprise Support

Critical

The whole or a critical part of the Software is unusable, causing immediate impact on all Users.

8 hours


(1 SC/d)


4 hours


(1 SC/h)


2 hours


(2 SC/h)


Major

A significant, but not immediately critical part of the Software is unusable; reduced usability of the service for more than 50% of User

16 hours


(1 SC/d)


8 hours


(1 SC/h)



4 hours


(2 SC/h)


Discomfort

Non-urgent issues that do not compromise the functionality of the Software but cause uncomfortable usage for more than 50% of Users

32 hours


(1 SC/d)



16 hours


(1 SC/h)



8 hours


(2 SC/h)