Mapotempo applications: privacy policy and terms of use

Please review the privacy policy and terms of use for Mapotempo solutions. For any additional information, please contact us

Preamble

Mapotempo (hereinafter referred to as “the Supplier”), a Service-Oriented Publisher, designs their software offering in a way to provide their applications in a hosted mode so as to meet the various needs of companies.

This service agreement (hereinafter the “Agreement”) describes the conditions under which the Service Provider delivers a mobile and route optimization service (hereinafter the “Service”) to their customer (hereinafter the “Customer”).

Access to this Service is subject to compliance with this agreement. Any company and/or Web user wishing to access it must have read this agreement beforehand and undertakes to respect it unconditionally.

If the Customer disagrees with the terms of this Agreement, they are not permitted to use the Service Provider’s Services.

The Customer is not a professional in the field of IT systems and solutions. As such, they call upon external personnel, from whom they expect, in particular, professional services, advice and warnings.

The Service Provider, after analysis of the Customer’s needs, has declared themselves competent to carry out this mission and sent their service proposal to the Customer.

As a result, the Customer chose the Service Provider (the latter having assured the Customer of their competence and the availability of efficient teams) in order to use the Software Solutions offered by the Service Provider according to the “ASP” (Application Service Provider) operating mode.

This Agreement is only binding on the Service Provider in respect of the Services they offer. Consequently, as such, the hosted content may in no way incur liability of the Service Provider.

The Parties acknowledge that this Agreement has been negotiated between them and that it reflects the negotiation and their agreement.

Article 1. Definitions

“Subscription”: refers to the granting of non-exclusive, named, personal and temporary user rights to the Software Solutions hosted by the Service Provider.

“Access”: services to make the Software Solutions hosted by the Service Provider accessible under optimal performance and security conditions.

“Anomaly”: any design and/or hosting and particularly performance failure, bug, errors which manifest themselves through operating difficulties preventing the Customer from accessing all or part of the Software Solutions.

“Blocking Anomaly”: anomaly that prevents the use and/or normal operation of a Software Solution and causes abnormal difficulty for the Customer.

“Partly-Blocking Anomaly”: anomaly that allows the use and/or operation of the Software Solutions for part of their functions.

“Minor Anomaly”: anomaly that allows the use and/or operation of the Software Solutions, even if it is done by a bypass procedure.

“ASP”: Application Service Provider – A Supplier of Software Solutions accessible via the Internet. This is for use of a software package where provision of the operating infrastructure (server, data storage, monitoring and backup system, helpdesk etc.) and the application (professional or personal software) is entrusted to a third party.

“Agreement”: refers to this service agreement, its appendices and any amendments thereto;

“Data”: refers to the Customer’s personal or non-personal computerized data accumulated during their use of the Software Solution provided to them and stored on the Service Provider’s servers.

“Personal data”: data which, irrespective of the form, and whether directly or indirectly, allow the identification of a natural person to which they apply, whether processed by a natural person or legal person as defined by Regulation (EU) 2016/679.

“Credentials”: refers to the Customer’s names and password enabling them to get access to their Data and the Software Solutions hosted by the Service Provider.

“Internet”: a worldwide set of interconnected IT or telecommunication networks, allowing users to access content via servers; each element of that network belongs to private and public organizations that operate them cooperatively, without any reciprocal guarantee of quality.

“Maintenance”: refers to the ongoing and/or corrective maintenance actions required to keep the Software Solution in operating conditions within the context of its use by the Customer as provided for in this Agreement.

“Services”: refers to the set of services such as remote provision of Software Solutions hosted by the Service Provider, the processing of sent data, backing up, or the maintenance of the Software Solutions provided.

“Software Solutions”: computer programs hosted on behalf of the Service Provider and able to be run remotely by the Customer.

“Confidential Information”: refers to all written or oral information identified as such at the time of disclosure and made available to the other party under the Agreement.

• Written Confidential Information shall be marked as “confidential” or “proprietary”.
• Oral Confidential Information shall be stipulated to the other party as confidential at the time of disclosure.

The parties agree that the Software programs and MAPOTEMPO Documentation are confidential information.

Article 2. Purpose

The purpose of this Agreement is to define the terms and conditions under which, on the one hand, the Service Provider makes available to the Customer the Software Solutions, meeting the Customer’s specific needs and accessible via the Internet address 

• https://app.mapotempo.com/
• https://play.google.com/store/apps/details
• id=com.mapotempo.mapotempo_fleet_android&hl=fr 

and on the other hand, the conditions under which the Customer accesses and uses these Software Solutions.

This agreement also defines the various services related to the provision of such Software Solutions offered by the Service Provider and chosen by the Customer, which are stated below:

• Rental hosting on secure servers;
• Backup of data contained on secure servers;
• Corrective, technical and ongoing maintenance;
• Support;
• Training.

Mapotempo Services are marketed in the form of monthly or annual subscriptions. The services offered may change in terms of functionality or ergonomics without prior notice to the Customer. Such changes shall not have a material or detrimental impact of the Cutomers use of the system. These changes shall on no account modify the Agreement between the Service Provider and the Customer, but if such changes are either material or detrimental the Customer shall be entitled to terminate the contract and be paid a refund for the proportion of the unused service period.

Article 3. Duration

This agreement starts from the commissioning date of the ordered Service.

It is concluded for a period of 36 (THIRTY SIX) months, and is renewable for an equivalent period, unless the agreement is terminated by the Customer by registered letter with acknowledgment of receipt sent at least 3 (THREE) months before the expiration of term.

Article 4. Description of equipment and hosted Software Solutions

4.1 General provisions

In the context of the remote provision of Software Solutions, the Customer confirms that they have read, prior to the signing of this Agreement, the documentation provided by the Service Provider for the Software Solutions offered.

Therefore, the Customer is aware of the functioning of the Services and acknowledges that connectivity is provided through the Internet and their own access network: the proper functioning thereof is at the Customer’s expense and the Service Provider cannot be held responsible for any malfunction or unavailability related to the latter.

.2 Description of the Software Solutions chosen by the Customer

In light of the needs previously stated by the Customer, the Parties jointly agreed that the remote provision of Software Solutions would concern the Mapotempo software accessible in ASP mode.

4.3 Description of the parties’equipment

The Parties also ensure that they each have the necessary and perfectly fitted equipment to allow remote access and use of such Software Solutions.

As such, the Customer is already equipped with the following internal equipment:

• Computer, smartphone;
  
• Internet connection and mobile data option matching the number of accounts subscribed in terms of speed and availability;
  
• Browsers & thick clients matching the subscribed functions.

The Service Provider is also equipped with the following equipment:

• one or more dedicated servers (in compliance with the various security standards);
  
• remote access to administer the servers; equipment enabling the Service Provider, in particular, to provide the Customer with the Services related to the remote provision of the Software Solutions detailed above.

Article 5. Description of related Services

After having taken note of the various related services they can be provided with, the Customer chooses, in accordance with the price schedule available in Article 13, the Related Services and the terms and conditions to which they wish to subscribe, as described below, and which best meet their needs:

5.1 Access to Software Solutions and Data

The Service Provider shall provide the Customer with technical information on how to connect to the Software Solutions by means of a guide or online.

It is hereby specified that the Customer is responsible for the supply and implementation of the equipment (hardware and software) necessary to access the services over the Internet.

It is hereby specified that access to the Software Solutions made available and hosted by the Service Provider is secured, in order to permanently protect from third parties or other users not authorized to access them, all Customer Data that may circulate through the systems when using the Services.

For this purpose, the Service Provider sends to the Customer personal and confidential access codes and credentials (login + password), which the Customer is required to modify and submit to the Service Provider for approval.

The Customer is solely responsible for the use and protection of their login and password. Therefore, any loss or unintentional disclosure of information that could allow a third party to learn the Customer’s IDs and passwords must be immediately reported in writing to the Service Provider.

The parties expressly agree that the use of the Customer’s account by themselves or by a third party will be proof between them of the acceptance of the transaction, whatever the amount and whatever the medium used.

The recording systems of the Service Provider are considered as proof of the date and duration of use.

All elements relating to the use of the account will be kept and archived by the Service Provider. The Service Provider may avail themselves, in particular for purposes of proof, of any act, file, recording, tracking report, statistics on all media including computer media established, received or retained by it.

These methods of proof constitute a presumption which could be reversed only in the presence of elements establishing that the means of recording and storage of the Service Provider were effectively defective.

5.2 Hosting

Under the terms of this agreement, the Service Provider undertakes to deliver the Customer a hosting service providing the following characteristics: For this service, the Service Provider will outsource the hosting to a professional hosting company having servers in France: OVH – RCS Roubaix-Tourcoing 424 761 419 00045.

The actual hosting of the Software Solutions made available to the Customer and the Data created from the use of Solutions sites includes:

• monitoring the proper operation of the infrastructure required for hosting;
  
• monitoring access to the hosted Software Solutions and Data.
  As part of the hosting of the Software Solutions, it is specified that the Service Provider undertakes to ensure physical security with regard to access to the Customer’s Data, with the following characteristics:
• The room in which the above-mentioned servers are located meets all the relevant standards. In particular, it is equipped with an air conditioning system, an anti-intrusion protection and a generator.
  
• All the servers used to host the Software Solutions made available to the Customer and the Customer’s Data are located in a clean room that meets the constraints regarding thermal, hygrometric and water damage protection;
  
• Access to the premises is limited to accredited employees only and requires the use of a magnetic badge;
  
• A remote monitoring system is in place in addition to a set of warning and guarding procedures, 24 hours a day, 7 days a week.

The Service Provider may not, under any circumstances, during the life of the Agreement, decide to change the hosting location of the Customer Data, in particular outside a Member State of the European Union.

5.3 Backups

It is specified that as part of the backup service offered by the Service Provider, the Data shall be backed up on an incremental and daily basis.
p class=”western”>Backup and recovery tests shall be performed regularly, including with each new version of the platform.
p class=”western”>During the subscription period, the history of the tour reports shall be archived
For 36 months.
p class=”western”>However, upon expiration of a subscription to the Mapotempo Services, the Service Provider shall not assume any obligation to archive the data. They undertake to keep the recorded data for a period of 60 (SIXTY) days following the Agreement’s expiry date. The data recorded shall be permanently deleted after a period of 12 (MONTHS) following the expiration of a subscription to the Services.
p class=”western”>The data recorded can also be exported by the Customer to a free format file (CSV). The Customer undertakes to make regular backups.

5.4 Maintenance / support

Under the terms of this agreement, the Service Provider undertakes to provide the Customer with a maintenance and support service, the characteristics of which are detailed below.

The Service Provider ensures the monitoring and maintenance of the hosted Software Solutions in order to ensure their continuity and availability.

However, it is specified in advance that the Service Provider has a best-endeavor obligation concerning the availability of the data, i.e. the proper operation of the servers, both in terms of software and hardware, regardless of the Internet connection.

As such, the Service Provider undertakes to deliver the following maintenance and support services under the conditions detailed below:

• support-type technical and functional assistance;
  
• corrective maintenance;
  
• ongoing maintenance;
  
• technical maintenance.

Support: the purpose of Support services is to allow Mapotempo’s technician to resolve requests and malfunctions remotely by phone and/or email and/or via a tracking tool, and to help using the software and resolving exceptional problems under the conditions provided below. The Customer undertakes to cooperate effectively with the Service Provider for the proper performance of the Support Services.

Corrective maintenance: corrective maintenance services for minor anomalies can only be performed on the latest installed version of the hosted Software Solutions. The corrective maintenance services include the correction or, by default and by way of exception, the bypassing of any bugs or anomalies that may appear in the proper use of the systems. The Service Provider undertakes to carry out a quarterly review of the applications’ conditions and to provide corrections for non-blocking anomalies in the context of new versions. The Service Provider undertakes to correct any Blocking Anomalies within the time limits set out in the table below.

Ongoing maintenance: this maintenance includes the provision of modifications, excluding the supply of new versions. “New versions” means versions of the Software Solutions with new functions compared to the initial solutions used. For technical reasons, the Service Provider reserves the right, in a current contract, to install a higher version of used software (without additional costs and without reduction of the functional coverage).

Technical maintenance: the provider undertakes to maintain the equipment hosting the Software Solutions on their premises.

Given the highly technical nature of the software and the limits of the state of the art, the Service Provider cannot guarantee that the Services will operate without incidents or interruptions, or that their action will resolve the incident encountered, or that after their action the incident encountered will not reappear, or that any other difficulty will not be generated as a result of this same action.

Any operation not falling within the scope of the maintenance services described above may be performed by the Service Provider subject to the agreement of both parties.

The Service Provider also undertakes to provide a maintenance and support process as follows:

• remote management;
  
• supervision system for incident management;
  
• communication of maintenance information;
  
• Automatic incident ticket generation system when an incident occurs at the Customer’s premises. The list of tickets may be provided to the Customer upon request;
  
• provision of a telephone number, email, and contact form:
  
• Phone: +33 (0)5 64 27 04 59 (local call rates)
  
• Email: support@mapotempo.com

Action times: all timeframe are imperative unless otherwise stipulated.

They are calculated from the time the Service Provider receives an action request by telephone, email or via the contact form.

Action type	Action times from 9 a.m. to 5 p.m. Monday to Friday (excluding public holidays)	Resolution times from 9 a.m. to 5p.m. Monday to Friday (excluding public holidays)
Support	Phone : 15 minEmail : 2 working hours	The Service Provider undertakes to make their best efforts to provide an immediate response. A ticketing tool is available with a customer portal that allows SLA reporting on anomalies.
Blocking anomaly	2 working hours	Correction of the anomaly within 24 working hours, with an alternative solution given within 2 working hours
Partly-blocking anomaly	4 working hours	Correction of the anomaly as quickly as possible, with an alternative solution given within 8 working hours
Minor anomaly	4 working hours	The Service Provider undertakes to make their best efforts to provide an immediate response

Any maintenance task ends with tests to check that the system is working properly once the task has been completed. More generally, the Service Provider undertakes to implement the means necessary for the normal operation of the Software Solutions hosted and made available to the Customer, without this resulting in an obligation of result for the Service Provider other than the points mentioned in the “Liability” clause.

5.5-Limits

The maintenance services described above do not include any communication services between the software and other operating/information systems.

These maintenance services also exclude unless otherwise agreed in writing:

• development of specific computer programs;
  
• additions or modifications to existing programs not required by a change in current regulations;
  
• incidents due to misuse of the software;
  
•  
• Customer’s refusal to collaborate with the Service Provider in the resolution of the anomalies and in particular to answer questions and requests for information;
  
• unauthorized modification of the Solutions by the Customer or by a third party;
  
• implementation of any software package, software or operating system not compatible with the application Services.

5.6 Training

The Service Provider undertakes, as part of the provision of the Services, to ensure training that meets the following objectives:

• connection to the platform;
  
• help in getting started;
  
• training in the use of the entire platform;
  
• setting up the activity for use in operational conditions;
  
• simulations regarding the calculation, optimization and export of results.

Article 6. Service Provider Obligations

The Service Provider acknowledges that they have taken note of the Customer’s needs and undertakes to provide the Customer with the appropriate Software Solutions and related services to best meet the expectations of the co-contracting party.

The Service Provider undertakes to make every effort to ensure permanent access to such Software Solutions in accordance with the Service Level Agreement clause.

As a general rule, the Service Provider undertakes, in addition to providing the Customer with the Services in accordance with this agreement, to implement all technical means, in accordance with the state of the art, to maintain the integrity, security and confidentiality of the Customer’s Data, as well as to guarantee the security of access to the Customer’s information systems.

The parties agree that the Service Provider’s clear failure to comply with this essential safety obligation may result in the termination of this agreement in accordance with the provisions of Article 15 below.

In addition to the obligations detailed above, the Service Provider undertakes to:

• Fulfill the Agreement in a professional manner, in compliance with the trade practices, the methodological rules, the standards and regulations in force;
  
• Submit to a general obligation of advice, information and warning;
  
• Advise the Customer on any choice or request made by the Customer that could affect the Services or have an impact on the conditions for their implementation;
  
• Warn the Customer, with reasons, of any event that may affect the proper performance of the Services;
  
• Advise the Customer on the choices to be made during the execution of the Agreement;
  
• Ensure that the services they provide meet the level of quality, security and confidentiality defined in the Agreement;
  
• Make all necessary recommendations for the Customer to adjust their equipment;
  
• Keep the Customer informed of any development or incident of which the Service Provider becomes aware within the framework of the Agreement which could affect the general interest of the Agreement by proposing, if necessary, any addition or modification to the services provided within the framework of the Agreement or in relation to their organization;
  
• Ensure that the personnel assigned is in adequate number and competent for the proper performance of the services covered by the Agreement.

Article 7. Customer Obligations

The Customer confirms that they have read, prior to the signing hereof, the technical characteristics of the Software Solutions as well as of the specific features for the use of such service(s).The Customer undertakes to use the information concerning the Software Solutions made available only for their own needs or those of their contracting structure and only for the purposes specified in this agreement.

Any processing, transmission, distribution or representation of information or data via the Software Solutions by the Customer is carried out under their sole and entire responsibility and in strict compliance with the legal and regulatory provisions.

In particular, the Customer undertakes to process, distribute, download or transmit via the Software Solutions only information and data, the use of which does not violate any intellectual or industrial property right or any other proprietary right, or does not constitute the commission of an offense.

The Customer undertakes not to market the software solutions covered by this agreement or products likely to compete with it. Furthermore, the Customer shall not resell the services subscribed to. In order to ensure close collaboration between the parties, the Customer appoints a person among their members in each country of operation to ensure communication with the Service Provider’s departments.

Moreover, the Customer undertakes to report any anomaly concerning the operation of the system promptly.

In addition, the Customer undertakes to ensure that their subscription in terms of number of vehicles reflects reality.

The Customer also agrees not to interfere with or disrupt the Services and the Service Provider’s servers and to comply with the requirements, procedures and general rules communicated to the Customer by the Service Provider for the proper implementation of the Software Solutions. The Customer therefore acknowledges that they are fully and exclusively responsible for their login and password. The Customer alone shall bear the consequences that may result from the use of these by third parties who may have become aware of them.

In case of loss of their password, the Customer agrees to inform the Service Provider in writing as soon as possible.

Article 8. Ownership of Hosted Software Solutions

This agreement does not give the Customer any intellectual property rights on the software solutions, which remain the sole and exclusive property of the Service Provider who has given the Customer the right to distribute such software solutions.

As such, the Service Provider expressly reserves the exclusive right to work on the hosted Software Solutions to allow their use in accordance with their intended purpose.

The Customer is therefore formally prohibited from working or having a third party work on the Software Solutions.

Provision of the Software Solutions shall not be considered as a transfer of any intellectual property right to the Customer within the meaning of the Intellectual Property Code.

In addition, as a licensee with respect to the authors of the Free Software on which they works, and not being able to transfer more rights than they own themselves, the Service Provider offers, in case of transfer to the Customer, said software under their original Free License or any other Compatible License.

Finally, some components used by the Customer (such as connectors) are not the property of the Service Provider: the Customer is then directly linked to the editors of said components, without the Service Provider being party to the agreement.

Article 9. Rights of use granted for the Software Solutions

The hosted Software Solutions made available to the Customer by the Service Provider must be used under the conditions described below.

It is hereby stipulated that the Customer has, for the whole world and until the termination of the agreement, a non-exclusive right to use the hosted Software Solutions made available, which formally precludes:

• the permanent or temporary reproduction of the Software Solutions made available, in whole or in part, by any means and in any form, including when loading, displaying, running or storing the software;
  
• the adaptation, translation, rearrangement, modification, export of the Software Solutions, and the merging of these with other computer applications;
  
• any copy of all or part of the Software Solutions;
  
• the modification (in particular by decompiling), alteration, adaptation (in particular by translating) rearrangement and more generally modification of all or part of the Software Solutions;
  
• the override of rights and permissions contractually granted.

Without prejudice to the preceding paragraphs, as an alternative, the Software Solutions are made available under an open source license. The Customer is of course free to use these versions, but may not claim on them the Related Services available under this agreement.

Article 10. Processing of the Customer’s Data

Personal data treated by Mapotempo.

The use of personal data by Mapotempo is done in accordance with the current legislation in force. The treatment of these data is necessary to the implementation of Mapotempo’s services and products.

Mapotempo collects personal data from smartphones, tablets and computers on which applications released by Mapotempo are installed. Personal data collected by Mapotempo include:

• data corresponding to time-stamped locations, including latitude, longitude, speed, direction, altitude and address ;
• data provided by users when their user account is created, including username, password, email and phone number ;
• data corresponding to the application usage, used and unused fonctions ;
• settings and selections, especially geolocation permission settings.

Mapotempo collects personal data in order to:

• view geolocation data into a cartographic representation ;
• retain data for history ;
• allow Mapotempo’s users to receive notifications and geolocalized alerts.

Processing of the Customer’s Data

The Parties undertake to comply with the legal and regulatory obligations relating to the processing of personal data, depending on their involvement and their capacity as data controller or processor on behalf of the data controller. In particular, the Service Provider undertakes to comply with the provisions of the European Regulation (EU) of the European Parliament and of the Council of 27 April 2016 (hereinafter the “GDPR”), amending the French data protection law.

Processing of Confidential Information, including personal data

The Service Provider shall not use the Confidential Information provided by the Customer, including the Personal Data of the Customer’s employees as defined by the GDPR, for any purpose other than the performance of the Services covered by this Agreement.

The Customer acts as the controller as defined in the GDPR and the Service Provider acts as the processor who operates in the context of the processing implementation on behalf of the Customer. The Service Provider may only process personal data in strict compliance with the Agreement.

As such, the Confidential Information may not be used by any subcontractor or any person acting under the authority of the Service Provider, for any operation other than those provided for in this Agreement.

Accordingly, the Service Provider undertakes:

• To process Confidential Information only on instructions from the Customer and to refrain from any use or processing of the data that does not comply with the Customer’s written instructions or that is unrelated to the performance of this Agreement and, in particular, to make no personal use, including for commercial purposes, of the personal data transmitted to or collected from the Customer or during the fulfillment of the Agreement;
• To keep the Confidential Information processed in a form that allows the identification of persons, only for the duration of the Agreement and the period planned for archiving in this Agreement;
• To communicate, at the latest within 5 working days from the Customer’s request, all information enabling the Customer to respond a data subject’s request to access or be provided with personal data processed on the Customer’s behalf by the Service Provider, and to inform the Customer promptly of any request addressed directly to the Service Provider.

Security and confidentiality of processing

The Service Provider will take all necessary measures to preserve and ensure the integrity and confidentiality of the Confidential Information.

The Service Provider undertakes in particular to implement the technical and organizational measures necessary to ensure, taking into account the current trade practices, a level of security and confidentiality appropriate to the risks presented by the processing and the nature of the Confidential Information processed.

In particular, the Service Provider undertakes:

• • To keep and process Confidential Information separately from their own data or the data from other customers or suppliers;

To protect Confidential Information from accidental or unlawful destruction, accidental loss, alteration, disclosure or unauthorized access;

• To make the Confidential Information processed available and searchable only to the Service Provider’s personnel duly authorized and empowered by reason of their functions and capacity, within the strict limit of what is necessary for the performance of their functions, and provide the Customer with the list of persons so empowered at the first request;
• To ensure that persons authorized to process personal data under this agreement have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality and receive the necessary personal data protection training.

 

The Service Provider undertakes to provide the Customer with a detailed description of the technical and organizational system implemented to ensure strict observance of the provisions relating to processing of and compliance with the obligation of security and confidentiality.

Communication to third parties

The Confidential Information processed in the fulfillment of the Agreement shall not be disclosed to third parties except in the cases provided for in the Agreement or those provided for by a legal or regulatory provision.

The Service Provider shall implement procedures to ensure that third parties it authorizes to access Confidential Information, including subcontractors, respect and maintain the confidentiality and security of Confidential Information. For this purpose, the Service Provider undertakes to create for their subcontracting provider(s) any obligations necessary so that the confidentiality, security and integrity of the data are observed and said data cannot be transferred or leased to a third party, whether free of charge or not, or used for purposes other than those set out in this Agreement, and shall be responsible for ensuring that such provider(s) respect their obligations.

The Service provider can call on another subcontractor (hereafter ‘the Sub-processor’), to conduct specific processing activities. In this case, it shall inform the Customer beforehand and in writing of any change considered regarding the addition or replacement of other sub-processors. This information must clearly specify the processing activities subcontracted, the identity and contact details of the sub-processor and the dates of the subcontract. The Customer has seventy-height (72) working hours from the date of reception of this notification to present their objections. This subcontracting can only be carried out if the controller has not issued any objection during the agreed time.

The Service Provider is responsible for ensuring that the Sub-processor has sufficient guarantees regarding the implementation of the appropriate technical and organizational measures such that the processing complies with the GDPR requirements. If the Sub-processor does not fulfill their Personal Data protection obligations, the Service Provider remains fully liable to the Customer for performance by the Sub-processor of their obligations.

The Service Provider shall inform the Customer of any third party’s request to access or be provided with data in accordance with permissions arising from the application of legal or regulatory provisions. Before any access or data provision, the Service Provider must have carried out the necessary checks as to the validity of the transmission request, in particular with the Customer.

Data transfers outside the European Union

The Service Provider undertakes to host and process Confidential Information exclusively on the territory of a member state of the European Union.

The Service Provider undertakes not to disclose or transfer the Confidential Information, even for transit purposes, to a controller or processor in a third country outside the European Union.

The Service Provider shall ensure that no Confidential Information is transferred outside the European Union by their own subcontractors or partners.

The Customer reserves the right to carry out any verification that they deem useful to ascertain compliance with the obligations arising from compliance with this article.

Record Keeping

At the end of the Agreement, the Service Provider undertakes to return or destroy, according to the Customer’s instructions, all Confidential Information processed on behalf of the Customer in an automated or manual manner. The Service Provider shall also return all data, records or manual files they hold.

The Customer reserves the right to carry out any verification that they deem useful to ascertain compliance with these obligations.

This article shall survive the termination or expiration of the Agreement for any reason whatsoever.
Provisions introduced by European Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016

In accordance with the European Regulation amending the French data protection law, the Service Provider undertakes to comply with the following provisions:

a) processes the personal data only on documented instructions from the controller, including with regard to transfers of personal data to a third country or an international organization, unless required to do so by Union or Member State law to which the processor is subject; in such a case, the processor shall inform the controller of that legal requirement before processing unless that law prohibits such information on important grounds of public interest;

b) ensures that persons authorized to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;

c) takes all measures required pursuant to Article 32 of the above-mentioned European Regulation;

d) respects the conditions referred to in paragraphs 2 and 4 of the above-mentioned European Regulation for engaging another processor;

e) taking into account the nature of the processing, assists the controller by appropriate technical and organizational measures, insofar as this is possible, for the fulfillment of the controller’s obligation to respond to requests for exercising the data subject’s rights laid down in Chapter III of the above-mentioned European Regulation;

f) assists the controller in ensuring compliance with the obligations pursuant to Articles 32 to 36 of the above-mentioned European Regulation taking into account the nature of processing and the information available to the processor;

g) at the choice of the controller, deletes or returns all the personal data to the controller after the end of the provision of services relating to processing, and deletes existing copies unless Union or Member State law requires storage of the personal data;

h) makes available to the controller all information necessary to demonstrate compliance with the obligations laid down in this Article and allow for and contribute to audits, including inspections, conducted by the controller or another auditor mandated by the controller.

With regard to point (h) of the first subparagraph, the processor shall immediately inform the controller if, in its opinion, an instruction infringes this Regulation or other Union or Member State data protection provisions.

Where a processor engages another processor for carrying out specific processing activities on behalf of the controller, the same data protection obligations as set out in the contract or other legal act between the controller and the processor as referred to in paragraph 3 of the above-mentioned European Regulation, shall be imposed on that other processor by way of a contract or other legal act under Union or Member State law, in particular providing sufficient guarantees to implement appropriate technical and organizational measures in such a manner that the processing will meet the requirements of this Regulation. Where that other processor fails to fulfill its data protection obligations, the initial processor shall remain fully liable to the controller for the performance of that other processor’s obligations.

Each processor and, where applicable, the processor’s representative shall maintain a record of all categories of processing activities carried out on behalf of a controller, containing:

a) the name and contact details of the processor or processors and of each controller on behalf of which the processor is acting, and, where applicable, of the controller’s or the processor’s representative, and the data protection officer;

b) the categories of processing carried out on behalf of each controller;

c) where applicable, transfers of personal data to a third country or an international organization, including the identification of that third country or international organization and, in the case of transfers referred to in the second subparagraph of Article 49(1) of the above-mentioned European Regulation, the documentation of suitable safeguards;

d) where possible, a general description of the technical and organizational security measures referred to in Article 32(1) of the above-mentioned European Regulation.

The records referred to in paragraphs 1 and 2 shall be in writing, including in electronic form.

The controller or the processor and, where applicable, the controller’s or the processor’s representative, shall make the record available to the supervisory authority on request.

The processor shall notify the controller as soon as they become aware of a personal data breach.

The notification shall at least:

a) describe the nature of the personal data breach including where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned;

b) communicate the name and contact details of the data protection officer or other contact point where more information can be obtained;

c) describe the likely consequences of the personal data breach;

d) describe the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.

The Service Provider shall provide the Customer with the contact details of its data protection officer, if they have appointed one in accordance with Article 37 of the GDPR:

Article 11. “Service Level Agreement” clause»

Under the terms of this agreement, the provider undertakes to guarantee the availability and accessibility of the Software Solutions covered by this agreement.

In particular, the Service Provider has set up a redundant system allowing for uninterrupted service, which guarantees an availability rate of 99.9%.

SLA reporting shall be provided to the Customer

In the event of an incident, the Service Provider undertakes to ensure that the maximum period of interruption of access to the Software Solutions and/or data does not exceed 2 hours.

Due to the characteristics of the distributed network that define the Internet, the Service Provider cannot be held responsible for any slowdowns or difficulties in accessing the services provided from other sites in the world.

Article 12. Order

The transmission of a Purchase Order or a quotation manually or electronically signed by the Customer, the partial or full payment of the subscription to one of the Mapotempo Services or the activation of a free trial entails the express and unreserved acceptance, by the Customer, of the latest version of the General Terms and Conditions of Use.

The order is deemed to be firm and definitive from the signing of the Purchase Order or the quote or the partial or full payment of the subscription to one of the Mapotempo Services.

Article 13. Prices and financial conditions

The price of the Services does not include the cost of telecommunications and Internet access allowing the use of the Services which remain the responsibility of the Customer.

Depending on the Customer’s request, the payment can be annualized or monthly.

In the case of monthly payment, billing will take place on the 1st day of each monthly billing period, from the date of subscription, it being understood that the services will be billed in advance. Payment will be made by direct debit, on a due date no more than 10 days after the date of the invoice.

Any increase in the VAT rate will be reflected immediately and automatically by the Service Provider on the prices without giving rise to the right to early termination.

The Service Provider reserves the right to suspend the execution of the services and to block access to the service in the event of non-payment, after formal notice by Email remained more than 8 (EIGHT) unsuccessful days, until payment of the invoice. overdue, without this suspension being considered as a termination of the contract by the Service Provider, nor opening any right to compensation for the Customer.

Article 14. Warranties and Liability

The Service Provider guarantees that they have all the intellectual property rights necessary to enter this agreement and that, as such, they guarantee that the services they have undertaken to provide do not constitute an infringement of pre-existing work of any kind.

Under these conditions, the Service Provider holds the Customer harmless against any recourse or action for infringement brought against the Service Provider by any person claiming an intellectual property right relating to any of the services provided by the Service Provider or to the Software Solutions hosted and made available to the

Customer under the conditions described in this agreement (in particular against any claims, demands, claims for prohibition of use, claims for damages and, in general, against any civil or criminal action by a third party relating to the software Solutions and/or the services). In particular, the Service Provider holds the Customer harmless against any action for unfair competition or parasitism which would concern all or part of the software Solutions or the services.

The Customer agrees to notify the Service Provider immediately of any infringement of the Software Solutions of which they are aware, the Service Provider being then free to take the measures they deem appropriate.

The parties agree that the Service Provider shall bear all the financial consequences resulting from such recourse or action, including in the event of a settlement, as well as compensate the Customer for the damage suffered.

Moreover, the Service Provider shall replace the infringing elements at their own expense, if an alternative element of equal or superior characteristics and performance exists on the French or foreign market, or by developing another non-infringing element.

If prohibition of use is imposed as a result of such action or as a result of a settlement signed with the plaintiff of such action, the Service Provider undertakes, at their own discretion and expense:

• to obtain the right for the Customer to proceed with the use; or
• to replace the computer programs, the deliverable or the result which is the subject of the proceedings by an equivalent element which is not the subject of an infringement or unfair competition or parasitism action; or
• to modify the computer programs, the deliverable or the result.

The Service Provider is only bound, with respect to the commitments contained herein, by a best-endeavors obligation concerning access to services that depend on the Internet. Likewise, the Service Provider is only bound, with respect to the commitments contained herein, by a best-endeavors obligation concerning the results produced by the software and databases they provide to their Customers.

Nevertheless, in accordance with this agreement, they undertake to implement all necessary means for an optimal use of the following software:

• OSRM for routing computation (http://project-osrm.org/)
• OTP for multimodal routing computation (http://www.opentripplanner.org/)
• ORTools(https://code.google.com/p/or-tools/), Jsprit (https://github.com/graphhopper/jsprit) et Vroom (https://github.com/VROOM-Project/vroom) pour les algorithmes d’optimisation
• Addok for geocoding (https://addok.readthedocs.io/en/latest/)
• OpenStreetMap for mapping database (http://www.openstreetmap.org/)

The parties expressly agree that the Service Provider shall not be liable for any interruption of the Services or for any Damage related to:

• a case of force majeure or a decision from the authorities;
  
• an interruption in the supply of electricity or transmission lines due to public or private operators;
  
• an abnormal or fraudulent use by the Customer or third parties requiring the service to be stopped for security reasons;
  
• a malfunction in the equipment, the hosted Software Solutions or in the access to the Customer’s Internet system or a misuse of the Software Solutions by the Customer;
  
• a third party fraudulently accessing or remaining in the system, or the illicit extraction of data, despite the implementation of security measures in accordance with the current state of the art, the Service Provider bearing only a best-endeavors obligation in relation to known security techniques;
  
• the nature and content of the information and data created and/or communicated by the Customer; more generally, the Service Provider shall not be held liable for any data, information, results or analyses originating from a third party, transmitted or received through the use of the hosted Software Solutions made available to the Customer;
  
• a delay in the transmission of information and data, when the Service Provider is not the cause of this delay;
  
• the operation of the Internet system or telephone or cable systems for accessing the Internet not implemented by the Service Provider;
  
• The Service Provider shall not be liable for any consequential damage or any damage not resulting directly and exclusively from a failure of the Services.

The Service Provider reserves the right to interrupt the service in order to perform technical and maintenance operations, and undertakes, as far as possible and except in exceptional circumstances, to interrupt the service during periods of low use by the Customer. These interruptions will be announced to the Customer 15 days beforehand for the date of maintenance and 24 hours beforehand for the confirmation of the action time. They can in no way justify data losses.

Article 15. Termination

In addition to the possibility provided to each party not to renew the agreement on each anniversary date, subject to compliance with the notice period provided for in Article 3, unilateral termination of such agreement may be pronounced by one of the parties in the event of a serious breach by the other party under the following conditions.

Any serious breach by a party of any of their obligations under this agreement, not remedied within 30 (THIRTY) days from the sending of a registered letter with acknowledgment of receipt, shall entitle the other party to invoke the termination of this agreement unilaterally, without prejudice to any damages to which the latter may be entitled hereunder.

According to this clause, the parties expressly intend to be able to implement, as an exception to the provisions of Articles 1184 et seq. of the French Civil Code, such an extrajudicial termination of this agreement instead of its judicial resolution.

After termination, the Customer agrees to return to the Service Provider within 30 (THIRTY) days, or to stop using, the access codes to the hosted Software Solutions made available to them.
The Service Provider undertakes to return the data belonging to the Customer according to the procedure described below in the “Reversibility” clause.

Article 16. Force majeure

Neither of the Parties may be held responsible for the non-performance of one of their contractual obligations resulting from a case of force majeure. The Parties expressly agree that any event of an unforeseeable, unavoidable and external nature at the same time may be considered as a case of force majeure.

The Parties agree that a case of force majeure justifies the suspension of their obligations impacted by such case of force majeure, for the whole duration of its existence. Therefore, neither of the two (2) Parties may be held responsible for the non-performance, failures or delays in the performance of any of their obligations resulting from a case of force majeure, subject to informing the other Party as soon as possible after the occurrence of the case of force majeure in question by registered letter with acknowledgment of receipt.

The Party that is the victim of the failure shall take all necessary measures to limit the consequences of such event and its duration.

As soon as this case of force majeure ceases, the obligations of the Agreement shall come back into force for the remaining period.

However, if the case of force majeure continues for more than THREE (3) months, the Agreement may be terminated by either of the Parties, without this termination being considered as a fault.

In such a case, the termination must be notified by registered letter with acknowledgment of receipt and will take effect on the date of receipt of said letter.

Article 17. Reversibility

In the event of termination of the contractual relations for any reason whatsoever, the Service Provider undertakes to provide the Customer with access to the Customer’s data by means of an FTP access (or any other means, at the Service Provider’s convenience).

In addition, the Service Provider undertakes to make the Mapotempo software and all its documentation available to their Customers so that said software can be installed and hosted by another service provider, temporarily or permanently.

The Service Provider undertakes to carry out the reversibility operations relating to the software in order to allow the Customer or a third party provider, freely chosen by the Customer, to resume the operation of the software, including the hosting and maintenance services. As such, the Service Provider undertakes to inform the Customer of any changes that may affect reversibility;

In any case, it is expressly stipulated that reversibility of the services is included in the price of the services mentioned in the Agreement.

Article 18. Audit

In the context of the performance of this agreement, it is expressly agreed between the Parties that the Customer may carry out or have carried out, at its own expense, audits in order to check the Service Provider’s compliance with all of their commitments under the Agreement.

The Customer undertakes to notify the Service Provider of any audit by registered letter with acknowledgment of receipt at least ten (10) working days from the date of the planned audit. Among other things, this will include the purpose and duration of the audit and the names of the auditors.

The Service Provider undertakes to cooperate in good faith with the auditor appointed by the Customer. Therefore, the Service Provider undertakes to facilitate the auditor’s access to any document or information or any other element useful for the proper conduct of the audit, in particular by answering any question and by granting them access to all the tools and means necessary for the audit. In such a case, the Customer shall employ their best efforts to ensure that the audit operations do not disrupt the Service Provider’s normal business operations.

It is expressly agreed between the Parties that the Customer shall carry out a maximum of one (1) audit per period of one (1) year, said period starting from the effective date of the Agreement.

A copy of the audit report drawn up by the auditor shall be given to each of the Parties and may be commented upon by the Service Provider.

After the audit report is issued and in the event that the report reveals non-conformities, the Service Provider undertakes to carry out in good faith the corrections and/or modifications requested by the Customer according to a schedule that will be expressly defined by the Parties. These corrections and modifications shall not entail any additional remuneration or compensation for the Service Provider. The Customer shall have the option of terminating the Agreement in the event that the modifications and corrections cannot be validated by the Customer at the end of the aforementioned period.

The costs shall be borne by the Customer unless the audit demonstrates a fault on the part of the Service Provider. In this case, the latter will be required to reimburse the Customer.

Article 19. Insurance

The Service Provider certifies having taken out, with an insurance company known to be solvent, a professional liability insurance which covers the risks, including those relating to the supplies and services provided for in the Agreement. In this respect, the Service Provider shall present, at the Customer’s first request, the certificate for this professional liability insurance, specifying the amount and conditions of the coverage, the activities concerned and the exclusions.

Article 20. Non-solicitation of staff

Each party shall refrain from hiring the other party’s staff throughout the term of this agreement and for 60 (SIXTY) months after the termination of the contractual relations.

Failure to comply with this clause shall entail the obligation for the offender to pay the other party, by way of compensation, the equivalent amount of the gross remuneration received by the employee during the last 12 (TWELVE) months prior to their departure.

Article 21. Non-assignment

Insofar as the Service Provider is the sole owner of the commercial exploitation rights of the Software Solutions hosted and made available to the Customer, the parties agree that the Customer has a personal, one-time, non-transferable and non-exclusive right of use.

Under these conditions, it is expressly agreed that this agreement may not be transferred to a third party by the Customer, unless the Service Provider has given prior written approval.

Article 22. Confidentiality

Each party undertakes to treat as confidential, and not to reproduce or disclose, other than for the sole purpose of fulfilling the agreement, information and documents provided by the other party for the implementation and during the fulfillment of the agreement and which, due to their technical, commercial or financial content, should be treated as confidential as they contain elements which are not publicly disclosed and/or are purely personal to the party in question.

These obligations relating to confidentiality shall remain in force throughout the term of the agreement and any amendments thereto, as well as for a period of TEN (10) years from the date of termination of said contractual relations.

Article 23. Entirety

This agreement constitutes the entire understanding between the parties.

It can only be modified by a mutually agreed amendment.

Article 24. Governing law and jurisdiction

For all disputes arising in connection with the application of this agreement, the parties undertake to settle their disagreements out of court or, if necessary, by jointly appointing a conciliator.

If an out-of-court settlement cannot be reached between the parties concerning the interpretation or fulfillment of the Agreement, the Court of Pau (France) is deemed to have exclusive jurisdiction to settle any disputes, it being expressly understood that the law governing the contractual relations between the parties isFrench law.

Article 25. Address for service

The address of the parties is their registered office, unless where expressly stated otherwise in the special conditions.

All notifications, in order to be valid, must be made by registered letter with acknowledgment of receipt to the designated address.