- Introduction
- These Terms and Conditions (“T&C”) cover the use, functionality and access to the Services (as defined below). The T&C are a binding agreement between POWERFUL MEDICAL s. r. o., a limited liability company organized and existing under the laws of the Slovak Republic, with its registered seat at Bratislavská 81/37, 931 01 Šamorín, Slovak Republic, Company ID No. 50 948 431, registered with the Commercial Register maintained by District Court Trnava, section Sro, file No. 46781/T, email: support@powerfulmedical.com (“Powerful Medical”) and the Customer (as defined below). The Customer accepts the T&C prior to using the Services and agrees to comply at all times with the terms set out in the T&C. The T&C, together with the attached Data Processing Addendum, constitute the full contract between the Customer and Powerful Medical.
- Terms of the T&C, in particular, without limitation, obligations accepted by the “Customer” within these T&C, except Sections 3 and 4, shall also apply to each User who uses the PMcardio Digitize Web Platform without a Subscription Plan. Such User acknowledges and accepts the terms of these T&C and the obligations imposed on the Customer herein, except Sections 3 and 4.
- Definitions
In these T&C, the capitalised terms have the following meanings given to them below:
PMcardio Digitize Web Platform” means web platform named PMcardio Digitize which is a web application, providing ECG signal digitization.
“Billing Period” means the periodicity of billing outlined under the terms of a Subscription Plan, otherwise one month starting on the Effective Date and at the start of each following month of the term of the Subscription Plan.
“Consumer” means a natural person who, when concluding and performing this T&C, is not acting within the scope of his or her business activity.
“Customer” means either a legal entity that has ordered the Services or a User that has ordered the Services.
“Data Processing Addendum” means addendum to the T&C governing the relationship between Powerful Medical and the Customer in relation to processing of personal data.
“ECG” means electrocardiogram – the result of a cardiovascular test that measures electrical activity of the heart.
“Effective Date” means the date the Customer has accepted these T&C in accordance with Section 3.3.
“License” has the meaning given in Section 8 of the T&C.
“Powerful Medical” means Powerful Medical (as defined above) and includes any and all entities affiliated to Powerful Medical by common control, management or ownership on behalf of which Powerful Medical is acting.
“Privacy Notice” means the notice provided to the Customer and the relevant data subjects informing them about the processing of personal data in relation to the PMcardio Digitize Web Platform and their respective rights and available at https://www.powerfulmedical.com/legal/pmcardio-digitize-privacy.
“Report” means the result of ECG digitization, which is created through the PMcardio Digitize Web Platform.
“Report Credit” means the right of the User to create one Report.
“Right of Termination for Consumers” means information on the exercise of the Consumer’s right to terminate the T&C as attached in Schedule 2.
“Services” mean the PMcardio Digitize Web Platform provided by Powerful Medical to the Customer.
“Subscription Plan” means a plan granting the Customer the use of the Services based on terms defined by Powerful Medical and accepted by the Customer, in particular the duration, periodicity, payment, number of users, number of Report Credits or other criteria.
“User” means anyone who uses the PMcardio Digitize Web Platform. - Scope of T&C
- Powerful Medical undertakes to provide the Services as defined in these T&C and in the relevant Subscription Plan and the Customer undertakes to use the Services in compliance with the T&C and pay the agreed price for Services.
- Each of the following constitute an offer from Powerful Medical:
- Subscription Plan accessible via website of Powerful Medical; or
- specific offer from Powerful Medical.
- The T&C is concluded upon Customer´s acceptance of the offer, by:
- placing an order for the Subscription Plan via website of Powerful Medical; or
- accepting a Subscription Plan based on a specific written offer from Powerful Medical.
- Fees, Payments and Subscription Plan
- The Customer agrees to pay the fee specified for the relevant Subscription Plan on the date of placing the order.
- Powerful Medical reserves the right to unilaterally change the fees. Powerful Medical will inform the Customer about such change at least 2 months before the change takes effect. If such changed fees are not acceptable to the Customer, the Customer may choose not to renew the Subscription Plan after the end of the Billing Period.
- The Customer may cancel or change its Subscription Plan at any time. Such change will take effect the next Billing Period. The Customer’s obligation to pay for Reports already created before cancellation is not affected.
- Functionality and Access
- Using the PMcardio Digitize Web Platform
- To use the PMcardio Digitize Web Platform, each User must create an account. The User must provide the following details to successfully create an account: e-mail, password.
- PMcardio Digitize Web Platform Users must keep their log-in credentials confidential, not disclose them to third parties and ensure their adequate protection to avoid any access to the PMcardio Digitize Web Platform by an unauthorized party.
- The registration is complete after the User logs in to the PMcardio Digitize Web Platform for the first time.
- The User is not allowed to log in using registration details of other Users, nor is the User allowed to obtain or collect registration details of other Users.
- The User must not use the PMcardio Digitize Web Platform in life supporting or sustaining systems, nor in ECG-monitoring and/or alarm devices.
- Reports
- The Customer acknowledges and agrees that once all Report Credits purchased as part of Subscription Plan have been exhausted, the functionality of the PMcardio Digitize Web Platform will be limited and therefore the Customer will not be able to create additional Reports. The Customer may purchase additional Report Credits via the PMcardio Digitize Web Platform.
- Using the PMcardio Digitize Web Platform
- Rights and Obligations of Customer
- The Customer acknowledges and agrees that:
- The Customer shall use the Services exclusively in accordance with the T&C, the laws of the Slovak Republic, European Union and the United Kingdom, and, if a Customer´s use of Services is subject to any other laws, in accordance with any such applicable laws and regulations; this Section 6.1.1 is without prejudice to Section 15.1 of the T&C;
- the Customer will not disrupt or damage the operation of Services (or attempt to do so), violate rights of third parties, or conduct any activities that may be considered unethical, illegal or contrary to good faith;
- the Customer will not make any fully automated decisions on the basis of information provided by Powerful Medical during the use of the Services and must always ensure appropriate human intervention by a User, review and verification before using such information for any purpose;
- the Customer is fully and exclusively responsible for using the Services and for any consequences of that use;
- the Customer must not (i) make and distribute copies of the PMcardio Digitize Web Platform; (ii) attempt to copy, reproduce, alter, modify, reverse engineer, disassemble, decompile, transfer, exchange or translate the PMcardio Digitize Web Platform; or (iii) create derivative works of the PMcardio Digitize Web Platform of any kind whatsoever; nor allow any third parties to do anything under (i), (ii) or (iii) above on Customer’s behalf;
- The Customer acknowledges that Powerful Medical is based in the European Economic Area and the Customer is responsible for the compliance with obligations relating to the transfer of data from the Customer’s country outside of the European Economic Area to the European Economic Area.
- The Customer agrees to compensate to Powerful Medical any damages arising as a consequence of the violation of the T&C by the Customer.
- The Customer acknowledges and agrees that once a quota of 200 Reports per User per month has been reached, Powerful Medical may limit the functionality of the Application, and upon such limitation, the Customer may not be able to create additional Reports.
- The Customer and the User specifically acknowledge and agree that the functionality of the PMcardio Digitize Web Platform, as a software, may be subject to errors.
- PMcardio Digitize Web Platform must not be used in relation to providing healthcare to a patient or related service.
- The Customer acknowledges and agrees that:
- Rights and Obligations of Powerful Medical
- Powerful Medical is entitled to change the scope of Services. In such case, the Customer is not entitled to demand any compensation for damage or other compensation, unless stated otherwise by Section 12.4 of the T&C. The Customer is entitled to terminate the T&C in line with Section 14.3 of the T&C.
- Powerful Medical does not offer any guarantee relating to Services other than that provided in these T&C. Specifically, without the following list being exhaustive, Powerful Medical does not guarantee that (i) the Services are free from any programming or other errors, (ii) the Services meet all expectations of all Customers, (iii) the Services will not be subject to any malfunctions, (iv) the Services will provide accurate or reliable results or (v) the use of Services will be without interruptions.
- If Powerful Medical determines that the use of the Services by the Users, is in violation of the T&C or applicable legal regulations, Powerful Medical may, at its discretion, cancel the registration of the particular User or temporarily or permanently block the access of such User, access to the Services, or terminate the T&C.
- Intellectual Property and License
- The PMcardio Digitize Web Platform are subject to intellectual property rights of Powerful Medical, in particular copyright and trademarks.
- By concluding the T&C, Powerful Medical grants the Customer a non-exclusive, non-transferable, non-sublicensable, revocable license to use the PMcardio Digitize Web Platform in accordance with and for the purposes set forth in these T&C (the “License”). The License is granted for the term of the T&C. The Customer must not modify the PMcardio Digitize Web Platform or its source code in any way nor update the PMcardio Digitize Web Platform or their source code in any manner.
- Content Provided by the Customer
- In connection with the use of the Services, the Customer may provide images, feedback, recommendations, contribute to improvements of the Services or participate in various surveys, by which the Customer provides to Powerful Medical information or materials (including documents in writing, photographs, video or audio recording, software, statistical data, databases), including but not limited to materials that may be protected by intellectual property rights (the “Customer Content”).
- The Customer agrees that Powerful Medical is entitled to unhindered use, including commercial use, of Customer Content to the fullest extent possible. To achieve such unhindered use, the Customer hereby agrees to the following:
- If the Customer provided the Customer Content upon request by Powerful Medical, such Customer Content shall be deemed as “work for hire” (in Slovak: dielo na objednávku) in accordance with Section 91 of Act no. 185/2015 Coll., the Copyright Act and Powerful Medical shall be the holder of the economic rights relating to such Customer Content.
- If the Customer provided the Customer Content otherwise or if, for any reason, the rights granted to Powerful Medical do not allow the full and unhindered use of Customer Content, the Customer grants to Powerful Medical, upon disclosure of Customer Content an exclusive, sublicensable, perpetual, irrevocable, royalty-free, worldwide license for the full unhindered use of Customer Content as outlined in Section 9.2 above. For the avoidance of any doubts, such use shall include, but not be limited to, reproduction, adaptation, translation, modification, transformation, and development of derivative works of, public display, public performance, sublicensing, making available and distribution of Customer Content and any derivative works.
- Availability
- The PMcardio Digitize Web Platform is provided via the internet and mobile networks, and thus the quality and availability of the PMcardio Digitize Web Platform may be affected by factors outside of reasonable control of Powerful Medical.
- Powerful Medical may discontinue the performance of Services in certain countries due to regulatory limitations without Customer’s consent.
- Powerful Medical may pause access to the Services for a limited period of time to make necessary updates, maintenance and changes to the Services without Customer’s consent.
- Powerful Medical does not accept any responsibility for unavailability of Services, nor for any other communications system failure that may result in the Services being unavailable.
- System Requirements
- To use the PMcardio Digitize Web Platform, the Customer must have device with internet access and a compatible web browser.
- The version of the PMcardio Digitize Web Platform software may be upgraded from time to time to add support for new functionality and services, to improve user experience, or to remove bugs or certain features.
- Data Protection
- The parties acknowledge and agree that the Services provided by Powerful Medical may involve the processing of personal data of individuals on behalf of the Customer and that, with respect to such personal data, Powerful Medical will be acting as a processor and the Customer will be acting as controller of such personal data. Such processing is subject to the Data Processing Addendum, which forms part of these T&C. The Privacy Notice provides a full description of the processing by Powerful Medical within the Services.
- Customer´s Obligations as a Controller of Personal Data
- The Customer commits to fully comply with applicable data protection laws and regulations, in particular by providing appropriate notice and by having an appropriate legal basis for the full processing of personal data as outlined in these T&C and performing any assessments as may be required by applicable data protection laws.
- The Customer acknowledges that it is solely accountable and responsible for its own processing, systems, IT infrastructure, mobile or other devices used. The Customer must ensure compliance with applicable laws and maintain appropriate technical and organizational measures.
- The Customer must ensure that (i) only such individuals use the Services and have access to personal data within the Services who have a need to know, (ii) individuals using the Services are subject to a binding confidentiality obligation, and that (iii) any individual using the Services uses the PMcardio Digitize Web Platform only in accordance with the instruction of the Customer as the controller and only in compliance with the T&C. The Customer shall ensure that appropriate access controls and appropriate technical and organizational measures are in place to ensure the foregoing requirements.
- The parties acknowledge and agree that the Services provided by Powerful Medical may involve (i) the processing of personal data of the Customer or its representatives or (ii) in de-identified or pseudonymized form of the individuals whose data the Customer collects, or (iii) processing for purposes linked to regulatory requirements (e.g., vigilance) or legal claims. Powerful Medical will be acting as a controller in relation to such processing.
- Further information relating to data protection and the cases in which Powerful Medical acts as a controller can be found in the Privacy Notice.
- Confidentiality
- The following information is considered as confidential (the “Confidential Information”):
- all trade secrets, know-how, procedures, ideas, proposals, proprietary technologies and techniques and all related information made available or disclosed, whether orally, in writing, in the form of an electronic document, visual or audio recording or by any other means;
- information of a technical, economic and commercial character, information about prices and their calculation, information about products and/or related documentation and manuals, including their content, any information about research and development, including research and development plans, business and development plans, business and product marketing plans, past and present economic results, forecasts and estimates of economic results, budgets and other economic data, details of the internal structure of Powerful Medical and its employees, as well as any future strategies of Powerful Medical made available or disclosed, whether orally, in writing, in the form of an electronic document, visual or audio recording or by any other means;
- the existence and content of any discussions relating to the subject matter of the T&C, unless agreed otherwise;
- any information designated by Powerful Medical as confidential; and
- any notes, records or copies relating to information referred to in 13.1.1 to 13.1.4 above made by one of the parties or one of their personnel.
- Powerful Medical may provide the Customer the access to the Confidential Information. The Confidential Information made available shall be used only in accordance with the purpose for which it was provided, but not for any other purpose.
- Confidential Information that are being disclosed must be kept confidential by the Customer and must not be disclosed to any third parties and persons, unless agreed otherwise by Powerful Medical and the Customer or as provided in this MSA.
- The Customer undertakes to ensure the confidentiality and protection of Confidential Information against access by unauthorized persons, and to notify Powerful Medical without undue delay of a suspicion of breach of this Section 13. The Customer further undertakes to return all Confidential Information provided, at any time upon Powerful Medical’s request. If the Confidential Information are on material documents, the Customer obliged to return them physically. In the event that the Confidential Information is stored in electronic form, the Customer is obliged to securely delete all Confidential Information stored in electronic form and destroy any media to the extent it contains such Confidential Information. The Customer is obliged to provide Powerful Medical with a written certification of deletion and destruction.
- All Confidential Information belonging to each party will remain the sole property of and available to that party and the recipient does not acquire any rights related to the Confidential Information upon their provision, unless otherwise provided in the MSA.
- The following information is considered as confidential (the “Confidential Information”):
- Term of the T&C and Termination
- The T&C is concluded on the Effective Date for an indefinite period of time, unless otherwise terminated. The T&C is valid and the Customer remains to be bound by the T&C as long as the Customer uses and/or has access to the Services.
- The Customer may terminate the T&C without giving any reason by filled in written notice as attached in Schedule 1 to these T&C addressed to support@powerfulmedical.com at any time with effect from the next Billing Period. If the Customer subscribing to a Subscription Plan terminates the T&C, the T&C is terminated with immediate effect and the Customer is not entitled to a refund of purchased but unused Report Credits. The Customer acknowledges that the Customer loses access to the Services upon effectiveness of the termination of the T&C.
- A Consumer may terminate the T&C in accordance with the Right of Termination for Consumers as attached in Schedule 2 of these T&C.
- Powerful Medical is entitled to terminate the T&C at any time without giving any reason by a written notice with effect from the next Billing Period.
- If Powerful Medical terminates the T&C or stops providing Services to the Customer for whatever reason, the Customer is entitled to a refund for purchased but unused Report Credits.
- Limitation of Liability
- Maximum aggregate liability of Powerful Medical under the T&C whether in contract, tort (including negligence) or otherwise, shall in no circumstances exceed the amount of EUR 500. The parties agree that the limited liability for damages arising out of any breach of the T&C is appropriate to the circumstances of the subject matter of the T&C and business relations. The limitation of the extent of compensation for damage represents a foreseeable and reasonable rate of compensation for damage, which, on the date of concluding the T&C the parties anticipated as the possible consequence of the breach of obligations arising out of the T&C, and which could be anticipated in connection with the given facts and objectives of the T&C. Nothing in the T&C shall limit or exclude liability of Powerful Medical caused by gross negligence or any liability which cannot be excluded by law including death or personal injury arising from the negligence of Powerful Medical.
- Powerful Medical is not liable to the Customer for any damage or alteration to their equipment, including but not limited to computer devices or mobile telephones as a result of the use of the PMcardio Digitize Web Platform or by any use of the Services by the Customer in violation of these T&C.
- The clause 15.1 above shall not apply to Consumers.
- Modification of the T&C
- Powerful Medical reserves the right to amend and supplement any part of the T&C at any time for the following reasons:
- changes made to the functionality of the PMcardio Digitize Web Platform that require an update to the T&C;
- addressing changes in legal, regulatory, and other documents referenced in this T&C; or
- changes in the internal functioning, structure, or details of Powerful Medical that must be reflected in this T&C.
- Provision 16.1 above is without prejudice to the rights and obligations that have already arisen during the effective period of the previous version of the T&C.
- In the event of any modification or update of the T&C, Powerful Medical will notify the Customer by email reasonably in advance before any such modification becomes effective to the email address indicated in the Customer’s account.
- In the event of any modification of these T&C, except for any modification merely reflecting changes in applicable legislation, the Customer has the right to reject the planned changes to the T&C and to terminate the T&C without giving any reason in accordance with Section 12 of these T&C. The termination pursuant to the preceding sentence shall take effect at the end of the current Billing Period.
- Powerful Medical reserves the right to amend and supplement any part of the T&C at any time for the following reasons:
- Applicable Law and Jurisdiction
- The T&C and any dispute or claim arising thereof or in connection therewith shall be governed by and construed in accordance with Slovak laws and the parties jointly agree that Slovak Act no. 40/1964 Coll., the Civil Code, shall govern the T&C.
- Should any dispute arise in connection with the T&C, Data Processing Addendum or with the provision of Services described herein, the parties will attempt to settle any such dispute amicably without pursuing legal action.
- All disputes or claims arising out of or in connection with the T&C, including disputes relating to its validity, breach, termination or nullity.
- Notifications and Communication
- The Customer consents to any communication sent by Powerful Medical or any notifications anticipated under the T&C being sent to the Customer via email to the email address provided in the Customer’s account.
- Any notifications, comments, feedback or any questions must be sent to Powerful Medical in accordance with the T&C using the following email address: support@powerfulmedical.com.
- Final Provisions
- The Customer declares that they consider the rights and obligations set out in the T&C to be fair, comprehensible and fully agrees with them.
- The T&C and, if applicable, the specific offer from Powerful Medical, constitute the entire agreement between the parties and supersedes all previous agreements, promises, assurances, warranties, representations and understandings between them, whether written or oral, relating to the subject matter.
- The Customer is not entitled to assign or transfer any rights or claims under the T&C or arising in connection with the T&C to any third party, in whole or in part, without prior consent of Powerful Medical, other than explicitly permitted by these T&C.
- Data Processing Addendum are an inseparable and integral part of the T&C concluded between the Customer and Powerful Medical.
- If any provision of the T&C or Data Processing Addendum, or any part of such provision, is or becomes invalid, illegal or unenforceable, it shall be deemed amended to the least extent necessary to make it valid, legal and enforceable. If such amendment is not possible, the relevant provision or part shall be deemed deleted without affecting the remainder of the T&C.
DATA PROCESSING ADDENDUM
(the “Addendum”)
- Introduction
- This Addendum describes privacy practices of Powerful Medical regarding the Processing of Personal Data on behalf of the Customer, to the extent applicable, as part of the provision of Services to the Customer. Where Powerful Medical provides Services to the Customer, Powerful Medical acts as a Processor and the Customer acts as a Controller. This Addendum applies globally to any and all Services provided by Powerful Medical to the Customer, unless otherwise agreed by the parties.
- For the avoidance of doubt, this Addendum does not apply to such Processing where Powerful Medical acts as a Controller. Powerful Medical refers to its separate Privacy Notice for more information about what specific activities are conducted by Powerful Medical as Controllers.
- Powerful Medical reserves the right to update this Addendum in accordance with Section 14 of the T&C.
- Definitions
Any capitalized terms not defined herein shall have the meaning given to them in the T&C. Solely for the purposes of this Addendum, the capitalized terms below have the following meanings:
“Act” means the Act no. 18/2018 Coll. on Personal Data Protection.
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
“Data Protection Legislation” means the Act and the Regulation.
“Personal Data” mean any information about an identified or identifiable natural person or which may directly or indirectly identify a natural person processed by Powerful Medical as Processor in accordance with Section 3.1 of this Addendum.
“Processing” means any operation or set of operations which is performed upon Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaption or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Processor” means the party, which Processes Personal Data on behalf of the Controller.
“Regulation” means Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC. - Processing of Personal Data
- Powerful Medical will process (i) data provided by the Customer, in particular ECG image, and further data required to create a report for those individuals that the Customer determines (e.g. volunteers, patients), and (ii) identification, contact details of the Customer (ECG digitization)).
- Powerful Medical will not provide Personal Data to any third party other than (i) as necessary to perform activities and Services outlined in the T&C; (ii) in accordance with the documented instructions of the Customer; (iii) within entities affiliated to Powerful Medical by common control, management or ownership; (iv) as part of a merger, acquisition or other investment by a third party into Powerful Medical, or (v) as required to comply with Data Protection Legislation or other laws to which Powerful Medical is subject, in which case Powerful Medical shall (to the extent permitted by law) inform the Customer of that legal requirement before Processing the Personal Data.
- In addition, Powerful Medical is allowed to use (i) aggregated data, to the extent they can no longer be considered personal data, or (ii) de-identified data (i.e., data which does not allow an identification of the patient) for scientific research purposes, for internal operations, including troubleshooting, data analysis, testing, research, for statistical purposes and for improving the quality of Services, or (iii) personal data in accordance with the Privacy Notice and Section 11 of the T&C.
- In the event this Addendum, or any actions to be taken or contemplated to be taken in performance of this Addendum, do not or would not satisfy either party’s obligations under future Data Protection Legislation, rules, regulations, orders or guidance adopted, enacted, implemented, promulgated, issued, entered or deemed applicable by or under the authority of any governmental body having jurisdiction over matters covered by this Addendum, Powerful Medical and Customer must cooperate with each other in good faith and must execute an appropriate amendment to this Addendum or the T&C or, if applicable, conclude another type of agreement, including a data processing agreement or a join-controllership agreement, to give effect to either party’s obligations under such future Data Protection Legislation, rules, regulations, orders or guidance.
- Obligations of Powerful Medical
- Powerful Medical undertakes to:
- process the Personal Data only on documented instructions from the Customer, including with regard to transfers of personal data to a third country or an international organization, unless required to do so by European Union or Member State law to which Powerful Medical is subject; in such a case, Powerful Medical will inform the Customer of that legal requirement before processing, unless that law prohibits such information on important grounds of public interest. The documented instructions are contained in this Addendum and the T&C;
- take all commercially reasonable technical and organizational measures to protect the Personal Data in conformity with the provisions of Article 32 of the Regulation;
- assist the Customer, as the Controller, to perform their obligations resulting from Article 32-36 of the Regulation taking into account the nature of processing and the information available to the processor;
- taking into account the nature of the Processing, assists the Controller by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of the Controller’s obligation to respond to requests exercising the data subject’s rights laid down in Chapter III of the Regulation, subject to Section 5 of this Addendum;
- ensure that the persons authorized to process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;
- inform the Customer about a Personal Data breach without undue delay after Powerful Medical becomes aware of it, specifying (1) the nature of the Personal Data breach, (2) the likely consequences and (3) the measures taken to address the Personal Data breach; such information may be provided gradually if not readily available. Powerful Medical shall provide full cooperation to the Customer and act as instructed by the Customer to assist in the investigation and remediation of such Personal Data breach;
- at the choice of the Customer, delete or return all Personal Data without undue delay after the termination of the T&C, delete existing copies of Personal Data, unless otherwise provided by law or agreed by the parties in the T&C and this Addendum;
- make available to the Customer upon reasonable request all information necessary to demonstrate compliance with the obligations laid down in Article 28 of the Regulation and allow for, and upon reasonable prior notice not shorter than 2 weeks contribute to, audits, including inspections if provision of documents is insufficient to demonstrate compliance, conducted during regular business hours, not more often than once per year by an independent third party expert auditor mandated by the Customer at the expense of the Customer.
- Powerful Medical undertakes to:
- Data Subject Requests
- The Customer, acting as a controller, is solely responsible for handling all data subject requests addressed to the Customer. Powerful Medical will support Customer in handling data subject requests as described below.
- Deletion Requests
- If the Customer receives a deletion request (Art. 17 of the GDPR) from a data subject or if the data subject otherwise requests deletion (including deletion in accordance with Section 4.1(vii) of this Addendum), Powerful Medical will revoke any access to the Personal Data and Powerful Medical will only process such data for storage purposes for 180 days after receiving the deletion request by the Customer. Upon lapse of the 180 days, Powerful Medical will definitely and irreversibly delete the requested Personal Data, unless necessary to comply with a legal request from public authorities (including healthcare authorities), compliance with legal obligations, or for the establishment, exercise or defence of legal claims.
- Access Requests
- If the Customer receives an access request (Article 15 of the Regulation) from a data subject, the Customer must verify the identity of the data subject and, subsequently, the Customer must instruct us to provide a copy of Personal Data and Powerful Medical will undertake the following:
- either provide the relevant Personal Data directly to the data subject using the contact details which the Customer provides to Powerful Medical, or
- provide the relevant Personal Data to the requesting User, who will comply with their obligation as an independent controller and respond to the data subject.
- If the Customer receives an access request (Article 15 of the Regulation) from a data subject, the Customer must verify the identity of the data subject and, subsequently, the Customer must instruct us to provide a copy of Personal Data and Powerful Medical will undertake the following:
- Subprocessors and Recipients
- Powerful Medical may appoint certain third parties to provide parts of the Services or assist with providing technical or professional support. By accepting the T&C, the User authorizes Powerful Medical to subcontract the Processing of Personal Data to subprocessors, in particular to procure services, such as regulatory compliance, chat functionality, authentication, customer support. Subprocessors are, in each case subject, to binding obligations between Powerful Medical and the subprocessor, which contain substantially similar provisions as those set out in this Addendum. Powerful Medical will inform the Customer of the details of such subprocessor(s) upon a written request from the Customer.
- Powerful Medical may share Personal Data with third parties, in particular (i) as necessary to perform activities outlined in the T&C,; (ii) as required to comply with applicable regulatory requirements, (iii) within entities affiliated to Powerful Medical by common control, management or ownership; (iv) as part of a merger, acquisition or other investment by a third party into Powerful Medical; or (v) as required to comply with the Regulation or other laws to which Powerful Medical is subject, in which case Powerful Medical will (to the extent permitted by law) inform the Customer of that legal requirement before Processing the Personal Data.
- International Data Transfers
- Powerful Medical stores and processes Personal Data within the European Economic Area (the “EEA”) or within countries recognized by the European Commission as providing adequate level of protection of personal data. Powerful Medical may, however, transfer Personal Data to countries outside the EEA in the following circumstances:
- if the Customer resides, is based in or operates the Services from a country outside of the EEA, the Personal Data from such use will be transferred to the EEA;
- with Affiliates of Powerful Medical located outside of the EEA, if relevant for the provision of Services;
- in the limited circumstances where Powerful Medical uses subprocessors located outside the EEA; and
- if Powerful Medical shares Personal Data with other recipients strictly as necessary and in accordance with these T&C or the Privacy Notice.
- Any transfer of Personal Data outside of the EEA is undertaken in compliance with the Regulation, in particular Chapter V of the Regulation and subject to the conclusion of SCCs.
- Powerful Medical stores and processes Personal Data within the European Economic Area (the “EEA”) or within countries recognized by the European Commission as providing adequate level of protection of personal data. Powerful Medical may, however, transfer Personal Data to countries outside the EEA in the following circumstances:
- Liability
- The Customer commits to Process all Personal Data, in particular to provide the Personal Data to Powerful Medical, in accordance with Data Protection Legislation, including, without limitation:
- ensuring that all notifications to and approvals from regulators, which are required by Data Protection Legislation, are made and maintained by the User; and
- ensuring that all Personal Data is processed fairly and lawfully (in particular, the User has a valid legal basis for any Processing necessary in accordance with the T&C and this Addendum), in a transparent manner (in particular, the User has provided appropriate privacy notices to data subjects), is accurate and up to date.
- The Customer commits to Process all Personal Data, in particular to provide the Personal Data to Powerful Medical, in accordance with Data Protection Legislation, including, without limitation:
- Final Provisions
- Powerful Medical may charge reasonable fees for any activities or assistance undertaken upon request by the User which go beyond the scope of Services.
- This Addendum has been concluded for the term of the T&C (as defined in the T&C) and shall be governed and subject to the same laws and jurisdiction as the T&C.
Schedule 1
Termination form
(If you want to terminate the Contract, please fill out this form and return it.)
To
POWERFUL MEDICAL s. r. o.
Bratislavská 81/37, 931 01 Šamorín
Slovak Republic
email: support@powerfulmedical.com
– I/we (*) hereby revoke the Contract concluded by me/us (*) for the purchase of the following goods (*)/the provision of the following Services (*)
– Ordered on (*)/received on (*)
– Name of the Consumer(s)
– Address of the Consumer(s)
– Signature of the Consumer(s) (only in case of communication on paper)
– Date _______________
(*) Delete as applicable
Schedule 2
Right of Termination for Consumers
If the Customer is a Consumer within the meaning of the Slovak Civil Code, he/she has a 14-day right of termination in the event of the conclusion of the T&C. According to the Slovak Civil Code, a consumer is any natural person who concludes a legal transaction for purposes that predominantly are outside his/her trade, business or profession. In the following the customer is informed about his/her right of revocation:
- Right of termination:
You have the right, within fourteen days to revoke these T&C without giving any reason. The termination period is fourteen days from the day of the conclusion of the T&C.
In order to exercise your right of revocation, you must inform us (POWERFUL MEDICAL s. r. o., having its registered office at Bratislavská 81/37, 931 01 Šamorín, Slovak Republic, Company ID: 50 948 431, registered in the Commercial Register maintained by District Court Trnava, Section Sro, Insert 46781/T, e-mail: support@powerfulmedical.com) by means of a clear statement (e.g. a letter sent by post or e-mail) of your decision to revoke these T&C. You can use the attached model termination form for this purpose, but this is not mandatory. In order to comply with the revocation period, it is sufficient to send the notification that you are exercising the right of termination. - Consequences of termination:
If you terminate these T&C, we shall reimburse you for all payments we have received from you, including delivery charges, immediately and no later than fourteen days from the date we receive notification of your termination of these T&C. We will use the same means of payment for this refund as you used for the original transaction, unless expressly agreed otherwise with you; in no event will you be charged for this refund.
If you have requested that the Services should commence during the cancellation period, you shall pay us a reasonable amount corresponding to the proportion of the Services already provided by the time you inform us of the exercise of the right of cancellation in respect of these T&C compared to the total amount of Services provided for in the T&C.