DATA PROTECTION AGREEMENT
By accepting this Agreement, either by clicking on the START button, or by using our Services, you agree to follow and be bound by the terms and conditions of this Agreement. This Agreement also applies to the Free Trial period. If you do not agree with the terms and conditions of this Agreement you must not accept this Agreement and cannot use our Services.
Maxibooking.com is Software as a service (SaaS) offered by Maxibooking Limited.
1. DEFINITIONS
Maxibooking – Maxibooking Limited, software as a service provider.
You / Customer – individual, company or other legal entity entering into this Agreement to receive Services.
Parties – Maxibooking and You / Customer.
Services – services provided by Maxibooking that consist of system administration, system management and system monitoring that Maxibooking performs with respect to Maxibooking Software and that include the right to access and use Maxibooking Software.
Maxibooking Software — software owned by Maxibooking to which Maxibooking grants you the access as part of the Services including any program updates, user manuals and any other materials provided by Maxibooking as a part of the Services.
Personal Information — any information that can be used to identify an individual.
Personal Data shall mean any information relating to an identified or identifiable natural person.
2. DATA PROTECTION
You are the controller of Personal Data which is processes using the Services and Maxibooking is the processor of such data. Maxibooking agrees:-
2.1. To only process the personal data on your documented instructions, unless required to do so by law.
2.2. That it will not transfer the personal data to a recipient outside the EEA without your prior written consent, unless the transfer is subject to the terms of a contract incorporating the standard contractual clauses in the form adopted by the European Commission; the recipient is in a country the subject of an adequacy decision by the European Commission or the transfer is to the US to an entity that is a certified member of the EU/US Privacy Shield Scheme.
2.3. That it will impose a duty of confidentiality on its staff and sub-contractors where applicable with access to the personal data.
2.4. That it will implement technical and organisational security measures appropriate to the risks of processing the personal data.
2.5. That it will not engage another processor to carry out its services to you without prior specific or general written authorisation.
2.6. That it will require any sub-processor that it engages to process the personal data to adhere to the same obligations that apply to it and it will remain fully liable for any breach by any sub-processor of its obligations.
2.7. That it will assist you to respond to individual’s request to exercise their rights under Data Protection law where it is the processor.
2.8. That it will assist you in ensuring compliance with your obligations under Data Protection law, including data breach notification to the supervisory authority (Data Protection Commission).
2.9. At your request that it will delete all the personal data after the end of the provision of its services and delete existing copies unless the law requires storage of that personal data.
2.10. To make available to you all information required to demonstrate compliance with the obligations laid out in Article 28 of the General Data Protection Regulation (and implementing legislation) when requested and allow for and contribute to audits, including inspections conducted by you or our agent.
2.11. To inform you if in its opinion, an instruction of yours infringes the GDPR or other Data Protection law.
Date: June 05, 2018.
