Terms of Service

The following terms of service apply to the Services provided by MTH to the Customer (each a Party and collectively referred to as the Parties). 

ARTICLE 1. DEFINITIONS

1.1. App refers to the MTH mobile application.

1.2. Order Form refers to the form specifying the Services ordered by the Customer.

1.3. Content refers to the content specified on the Order Form ordered by Customer and to which Customer's End Users are granted access.

1.4. Services refers to all services, including any additional services, provided by MTH to Customer under this Agreement as specified on the Order Form.

1.5. End User refers to a user, being an appointee of the Customer, who can use the Services after accepting the Terms of Use.

1.6. Event refers to an activity organized by a third party (organizer) in the context of which MTH provides certain additional services as specified in the Order Form.

1.7. Event Support refers to the entirety of services as described on the Order Form in the context of Events.

1.8. Terms of Use refers to the terms applicable to each user of the App, as available at https://movetohappiness.com/terms-of-use/.

1.9. App Platform refers to the platform End Users use to consume Content.

1.10. Growth Services refers to the entirety of services as described on the Order Form in the context of unburdening the HR department of the Customer or another department or the entirety of appointees designated by the Customer.

1.11. Customer refers to a company that uses MTH to provide the Services.

1.12. Admin Platform refers to the platform that the Customer uses to manage its professional account.

1.13. Employee Total refers to the total number of employees of the Customer at the time of the Start Date.

1.14. MTH refers to Move To Happiness Hub bv, with registered office at Statieplein 1 bus 1.02, 2560 Nijlen, registered in the KBO under number 0437.586.004.

1.15. Start Date refers to the date on which the Services commence as indicated on the Order Form.

1.16. Onboarding refers to the entirety of services as described on the Order Form in the context of Customer onboarding.

1.17. Agreement refers to these terms of service, including the Order Form and any applicable attachments.

1.18. Fee(s) refers to the fee for providing a service as stated on the Order Form.

1.19. Confidential Information refers to this Agreement and any information, whether in writing or in any other form, communicated to it as confidential by or on behalf of another Party or which by its nature should be considered confidential (including, but not limited to, the know-how, business information related to the disclosing Party such as commercial, financial, sales, marketing, pricing, technical, technology, system, and supplier information).

ARTICLE 2. SERVICES AND ORDER FORM

2.1. The Customer can order various services from MTH, which may include (but are not limited to):

  • Onboarding;
  • Growth Services;
  • Licenses for Admin platform;
  • Licenses for App platform;
  • Licenses for Branded Company app;
  • Licenses for Data insights
  • Event support.

    2.2. The specific services ordered by the Customer are stated on the Order Form, as well as what exactly these services entail. In addition, the Order Form specifies the quantity, the unit price, the type, the VAT percentage, the VAT amount, and the cost price. The same applies to Events.

2.3. The commencement or performance of the Services is determined in consultation with the Customer.

2.4. Any services not included in the Order Form are considered additional services. The Customer may order additional services as specified on the Order Form or as agreed upon between the Parties.

ARTICLE 3. ONBOARDING AND PROCESS OF SERVICES AND EVENTS

3.1. As part of the Onboarding track, MTH and the Customer mutually agree on a launch date. MTH then draws up a plan of action for the launch in collaboration with the Customer. The plan of action is approved by the Customer. After the launch, MTH and the Customer will continue to work together in good faith.

3.2. As part of the Events track, MTH and the Customer shall mutually determine which Event will be participated in.

ARTICLE 4. OBLIGATIONS OF MTH

4.1. MTH shall endeavor to provide the Customer and its End Users with uninterrupted availability of the Services. MTH guarantees an availability of 98%.

4.2. In the event of a planned interruption (e.g., maintenance work), MTH will notify End Users at least five (5) calendar days in advance, unless this proves impossible due to the nature of the interruption (e.g., emergency work). MTH will try to plan interruptions in such a way that the End User is inconvenienced as little as possible.

4.3. MTH takes all appropriate technical and organizational measures to ensure both the proper functioning and security of the Services. Should a security risk nevertheless arise,

4.4. MTH will inform the Customer without delay of any additional measures to be taken by the Customer.

4.4. MTH provides support (general support and technical support) to the Customer, which means that MTH will make every effort to answer any questions the Customer may have in connection with the Services.

ARTICLE 5. OBLIGATIONS OF THE CUSTOMER

5.1. The Customer undertakes to always pay the fees as stipulated in Article 6 correctly and on time.

5.2. The Customer shall make reasonable efforts to ensure that the End User complies with the Terms of Use, as available at https://movetohappiness.com/terms-of-use/.

5.3. The Customer shall comply with all legal obligations applicable to it as a result of its use of the Services. The Customer also makes reasonable efforts to ensure that End Users comply with all legal obligations.

ARTICLE 6. FEES AND PAYMENT

6.1. The Customer undertakes to pay all Fees and any additional fees for additional services correctly and on time at all times. The Fee may be annual or monthly or one-off (periodicity) and may be per End User, per Employee Total, or flat rate (type). This will be stated on the Order Form.

6.2. If the Fee is calculated per Employee Total, the Customer shall notify MTH of the total number of Employees employed or to be employed at the time of the Start Date. This number shall be updated at each renewal of the Agreement.

6.3. If the Fee is calculated per End User, the Order Form determines the number of End Users on the basis of which the Fee was calculated. If the actual usage of the Services exceeds the calculation on the Order Form, MTH has the right to increase the Fee once a month in accordance with the actual usage. Such increase shall correspond to the Fee per additional End User for the remaining duration of the contract period of this Agreement. Actual usage means when an End user activated his account. Only upon renewal of this Agreement in accordance with Article 11.2, the Customer has the right to reduce the number of End Users for the upcoming contract period and the customer receives a discount equal to the difference between the billed- and actual end-use.

6.4. Additional services not included in the Order Form (e.g., events or training sessions) may be ordered by the Customer. The availability or provision of certain additional services may be subject to additional terms and conditions. MTH will provide a price quote before providing these additional services.

6.5. The End Users enter into a direct contract with MTH by accepting the Terms of Use. By paying the Fee on behalf of the End User, the Customer acts as a third-party payer for the contract the End User has with MTH without entering into the rights of MTH. This Agreement is considered a third-party payer agreement as referred to in the Terms of Use. The Customer shall decide for which End Users it wishes to act as a third-party payer.

6.6. All Fees in this Agreement are exclusive of VAT and other taxes.

6.7. Unless expressly agreed otherwise, any discounts apply only to the initial period.

6.8. Unless otherwise expressly agreed, the Fee per Event shall be invoiced ninety (90) days prior to the date of the Event and on an annual basis for all other Services thirty (30) days prior to the Start Date or renewal of this Agreement. All invoices are payable within thirty (30) days of the date of the invoice. Invoices shall be sent electronically to the Customer.

6.9. On every January 1, prices will be automatically indexed based on the following formula: P1 = P0 x (0.2 + 0.8 x I1/I0), where P1 = the new price, P0 = the initial price, I1 = the Belgian Agoria index for wages (national average) of the calendar month preceding the price indexation, I0 = the Belgian Agoria index for wages (national average) of the calendar month of the signing of this Agreement.

6.10. All Services that are part of the Events track cannot be canceled by the Customer without giving any reason as long as the Services have not been performed or preparatory actions have not been taken for them. If the Customer decides to cancel participation in an Event, only the Fees not related to costs already incurred can be refunded. All other Fees, such as hours and services performed, shall remain payable by the Customer.

6.11. Any dispute of an invoice must always be addressed in writing to MTH and at the latest thirty (30) calendar days after receipt of the invoice.

6.12. In case of non-payment, incomplete or late payment, the Customer shall, as of the date of non-payment, incomplete or late payment, by operation of law and after a payment reminder, owe interest on the relevant amount at a rate equal to the legal interest rate for late payment in commercial transactions in accordance with the Law of August 2, 2002, on combating late payment in commercial transactions.

6.13. In the event of non-payment, incomplete or late payment, the Customer shall also be liable by operation of law and without prior notice of default to pay liquidated damages of 10% of the amount in question, with a minimum of EUR 25.00 per invoice, without prejudice to MTH's right to claim higher damages.

6.14. If the Customer does not respond to MTH's payment reminder, MTH may transfer the unpaid or partially paid invoice to a collection agency or other third party handling the collection procedure. All (extra)judicial costs resulting from this shall be entirely borne by the Customer.

6.15. If the Customer does not pay the non-paid or partially paid invoice in full within seven (7) calendar days after MTH's payment reminder, MTH has the right to suspend or terminate this Agreement, unilaterally, without (prior) intervention of a court and without damages by operation of law. In addition, after a payment reminder, MTH has the right to unilaterally cancel the registration for or participation in the Event at its sole discretion. All resulting costs shall be borne by the Customer.

ARTICLE 7. INTELLECTUAL PROPERTY

7.1. The Services and the associated software and database, in particular the Content, the App Platform, and the Admin Platform, are protected by applicable intellectual property rights, being copyrights, software rights, database rights, and all other intellectual and industrial property rights. These property rights belong exclusively to MTH or its licensors and are in no case transferred in whole or in part to the Customer.

7.2. MTH grants the Customer a limited, revocable, non-exclusive, and non-(sub)licensable license to access and use the Content, the App Platform, and the Admin Platform in accordance with the Terms of Use, subject to the correct, complete, and timely payment of the Fee referred to in Article 6 and compliance with the provisions of this Agreement.

7.3. The Customer is not allowed to act outside these rights without the express and written permission of MTH. Artikel 6. The Customer is not permitted to distribute, commercialize, sell or rent, make available, or otherwise reproduce the Content, the App Platform, and the Admin Platform. Nor may he remove, adapt or modify or obscure any notices relating to copyright, trademark, or any other intellectual property right.

7.4. In the event that the Customer adds content to the App Platform or the Admin Platform, then the Customer grants MTH a worldwide, non-exclusive, assignable, (sub)licensable, and royalty-free license to use such content within the purposes of the App Platform or the Admin Platform.

7.5. The Customer undertakes that its actions and those of its appointees shall in no way infringe the intellectual property rights of any third party. In any case, MTH shall not be liable for any infringement of the intellectual property rights of a third party by the Customer or its appointees. In such case, the Customer shall indemnify MTH for any damage that MTH may suffer as a result of such infringement. If any such infringement is found, the Customer is obliged to notify MTH in writing as soon as possible.

ARTICLE 8. PERSONAL DATA

8.1. The Parties guarantee that the processing of personal data for which they act as data controllers will at all times be carried out in accordance with the Regulation (EU) of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.

8.2. For the processing of personal data for which MTH acts as data controller, MTH refers to its privacy statement at https://movetohappiness.com/privacy-policy/. By means of this privacy statement, End Users are informed about the processing of their personal data by MTH as the data controller.

8.3. To the extent that MTH acts as a data processor of personal data at the direction of the Customer, the provisions of Appendix 1 shall apply. Bijlage 1

ARTICLE 9. CONFIDENTIALITY

9.1. Each Party shall, both during and after this Agreement:

  1. refrain from disclosing Confidential Information to its appointees, employees, subcontractors, representatives, or third parties other than as strictly necessary for the performance of this Agreement; and 
  2. ensure that its (former) appointees, (former) employees, (former) subcontractors, (former) representatives, and third parties to whom Confidential Information has been disclosed as referred to above will keep the Confidential Information secret and treat it as confidential.

9.2. The obligations under this article shall not apply to:

  1. Confidential Information that is already generally known or will become so at a future date, other than as a result of a breach of this Article by either Party; 
  2. disclosure by a Party of Confidential Information that it has learned from a third party that lawfully possesses such Confidential Information if such disclosure does not constitute a breach of such disclosing Party's duty of confidentiality to that third party; 
  3. the disclosure of Confidential Information by a Party to the extent required by any applicable law or by a recognized governmental or other regulatory or supervisory person or authority to whose rules the Party making the disclosure is subject, provided that the Party disclosing the Confidential Information shall give prior notice to the Party to whom the Confidential Information belongs of the intended disclosure (and of the circumstances under which the disclosure would be required), and shall take all reasonably practicable steps to avoid and limit the disclosure.

9.3. In the event of a violation of this Article by either Party or by an (ex-)appointee, (ex-)employee, (ex-)subcontractor, (ex-)representative of either Party or by a third party to whom Confidential Information has been disclosed as referred to in Article 9.1, the Parties shall automatically and without any notice of default owe fixed damages of 10,000 EUR per breach, without prejudice to the right of the other Party to claim higher damages if it can prove that its actual damages are higher. 9.1

ARTICLE 10. LIABILITY

10.1. MTH shall make every effort to perform the Services that are the subject of this Agreement with care, where appropriate in accordance with the arrangements established in this Agreement. It is expressly agreed that MTH's commitments under this Agreement are best efforts obligations, unless a result is expressly promised in writing and the relevant result has also been described in sufficiently concrete terms.

10.2. MTH cannot be held liable for inherent application errors in the Services, specifically the software, but undertakes to remedy them to the best of its ability, without prejudice to the content of the other provisions of this Agreement. 

10.3. Various external factors, including network usage and the manner in which the Services or third-party software are used, may impact the performance of the Services. MTH makes no warranty as to the suitability, capacity, or expected performance of hardware, software, or services provided by third parties, and bears no responsibility for the interference of the third-party hardware, software, or services on the Services.

10.4. In the event that the Customer would suffer damage as a result of or in connection with this Agreement, MTH's liability shall in all cases be limited to (i) the direct and foreseeable damage; (ii) the damage which is the direct and immediate result of a serious fault or gross negligence of MTH or its appointees; (iii) the damage reported to MTH by registered mail within two (2) months after the Customer learns of the damage or after the time when the Customer should reasonably have learned of the damage; and (iv) for all damage occurring during a contract year, limited to 100% of the amount paid by the Customer to MTH under the Agreement during the relevant contract year.

10.5. If the Customer is held liable by third parties as a result of the access rights granted to End Users, this cannot lead to liability on the part of MTH.

10.6. MTH shall not be liable either contractually, extra-contractually, or otherwise for any indirect damages of any kind such as loss of profits, business, contracts, revenues, anticipated savings, goodwill, loss of or damage to data, or any indirect losses or damages whatsoever arising under or in connection with this Agreement.

10.7. In the context of Events, the Customer enters into a contract directly with the Event organizer. MTH is not a party to the contract between the Customer and the Event organizer. MTH cannot be held liable for any damage resulting from the cancellation of the Event by the organizer. Should the Customer or any of his appointees suffer direct or indirect damage as a result of an Event, the Customer shall only be able to recover such damage from the responsible organizer of the Event in accordance with the applicable terms and conditions. If the Customer instructs MTH to register appointees to participate in an Event, the Customer warrants that the Customer has consulted the applicable terms and conditions in advance and agrees to them unconditionally, including any limitations of liability. If the Customer has not consulted the applicable terms and conditions or does not unconditionally agree to them, the Customer must notify MTH in writing before giving the instruction to register appointees.

ARTICLE 11. DURATION AND TERMINATION

11.1. The Agreement takes effect on the Start Date for the duration of the fixed initial period stated on the Order Form.

11.2. After the expiry of the fixed initial period, the Agreement will be renewed for periods of one (1) contract year.

11.3. After the fixed initial period, either Party may terminate the Agreement annually in writing provided that three (3) months' notice is given prior to the effective date of the annual contract renewal. Fees already paid (or which should have already been paid) shall not be refunded.

11.4. Notwithstanding Articles 6.15 and 11.3 of this Agreement, either Party may terminate this Agreement if the other Party fails to comply with the provisions of this Agreement and such failure is not corrected within one (1) month after written notice by registered mail, unless the other Party is in a state of bankruptcy. In that case, the Agreement may be terminated immediately and without notice by registered letter. 6.1511.1

11.5. If MTH should be declared bankrupt, if it obtains a judicial composition, or if it is liquidated without the purpose of such liquidation being a reconstitution or merger, the Customer shall be free to terminate the Agreement immediately and unconditionally by giving written notice to MTH or to any physical person or legal entity that takes on the performance of the Agreement.

11.6. Termination of the Agreement, for any reason, shall mean that the Customer and its affiliated End Users will no longer have access to the Application and the content and data available thereon as of the termination. The Customer and the End User may obtain an export of this data upon written request to MTH.

ARTICLE 12. APPLICABLE LAW AND COMPETENT COURT

12.1. This Agreement is exclusively governed by Belgian law.

12.2. In the event of a dispute regarding the application of one or more provisions of this Agreement and/or the Appendices, the Parties undertake to make every effort to resolve the dispute amicably and in good faith.  In the absence of an amicable settlement, only the Dutch-speaking courts of Antwerp shall be competent to take cognizance of disputes originating in this Agreement.

ARTICLE 13. FINAL PROVISIONS

13.1. If a Party is affected by an instance of Force Majeure, it shall immediately notify the other Party of the nature and extent of the circumstances in question. The Parties shall not be liable for any default under this Agreement, or for any delay in performing the Agreement, if such default is due to the occurrence of an instance of Force Majeure.

13.2. This Agreement shall not be assigned by either Party to others without the prior written consent of the other Party. However, this does not apply to transfers to associated or acquired companies or legal successors of either Party, for which no consent is required.

13.3. This Agreement constitutes the entire consensus of the Parties with respect to its subject matter and supersedes all prior or existing agreements between the Parties with respect to its subject matter. This Agreement may only be amended in writing, after joint signature by the Parties.

13.4. The nullity or invalidity of a provision or part of a provision of this Agreement shall not affect the operation and validity of the remaining provisions. In such event, the Parties shall endeavor to replace or modify the provision in question to the extent necessary to make it valid and enforceable. The Parties shall in that case negotiate in good faith and will strive for an adjustment that leaves the original purport of the provision intact as much as possible. If this proves impossible, only that provision shall be considered non-existent.

13.5. If there should be any conflict between the provisions of this Agreement or any of its appendices, the provisions of the Appendix shall prevail. Should there be a conflict between the provisions of this Agreement or the Order Form, the provisions of the Order Form shall prevail. 

Appendices:

Appendix 1 - Data Processing Agreement 

ARTICLE 1. DEFINITIONS

1.1. “General Data Protection Regulation” or “GDPR” refers to the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

1.2. “Data Subject(s)” refers to the identifiable natural person(s) whose Personal Data is (are) processed.

1.3. “Data Breach” refers to a breach of the security of Personal Data that accidentally or unlawfully leads to the destruction, loss, alteration, or unauthorized disclosure of or unauthorized access to data transmitted, stored, or otherwise processed.

1.4. “Employee(s)” refers to the persons authorized by the Parties for the performance of this Data Processing Agreement and who work under their responsibility.

1.5. “Personal Data” refers to any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

1.6. “Privacy Law” refers to the entire Belgian and European legislation applicable to data protection, including the General Data Protection Regulation.

1.7. “Sub-processor” refers to any third party engaged by the Data Processor to process personal data on behalf of the Data Processor, without being subject to the direct authority of the Data Processor.

1.8. “Supervisory Authority” in Belgium refers to the Data Protection Authority.

1.9. “Data Processor” refers to any natural or legal person who processes Personal Data on behalf of the Data Controller.

1.10. “Processing” refers to any operation or set of operations relating to Personal Data or a set of Personal Data, whether or not carried out by automated processes, such as collection, recording, organization, structuring, storage, updating or modification, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction of data.

1.11. “Data Controller” refers to any natural or legal person who determines the purposes and means of the Processing of personal data.

1.12. “Data Processing Agreement” refers to this appendix to the Agreement.

ARTICLE 2. PURPOSE

2.1. The current Data Processing Agreement aims to set out the conditions under which the Data Processor may process Personal Data on behalf of the Data Controller.

2.2. The Parties agree that this Data Processing Agreement forms an integral part of the Agreement between MTH, acting as the Data Processor, and the Customer, acting as the Data Controller.

ARTICLE 3. PERMITTED PROCESSING

3.1. The Data Processor undertakes to process Personal Data only on the basis of written instructions from the Data Processor arising from the Agreement. The Agreement and the Data Processing Agreement jointly determine the subject matter and duration of the Processing.

3.2. The Data Processor and its Employees process the Personal Data on behalf of the Data Controller in the context of the services and purpose described below: any processing necessary to perform the services mentioned on the Order Form or any other processing for which the Data Controller has instructed the Data Processor. This includes at least the following: onboarding, Growth Services, user management, hosting, support, communication, sending e-mails within the Data Controller's organization, and sending invitations to new users for user account registration. In the context of Events, this includes at least also the management of registrations, registration of participants with the organizer, or any changes.

3.3. For the entire duration of the Data Processing Agreement, the Data Processor may subject Personal Data to the following Processing operations: collection, recording, organization, structuring, storage, updating or modification, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction of data.

3.4. The Data Processor processes the following types of Personal Data: basic identification data (e.g., first name, surname), personal characteristics (e.g., date of birth), contact details (e-mail address), professional data or occupational data (e.g., status as an employer or worker, (department, title, or position).

3.5. This Personal Data relates to the following categories of Data Subjects: employees of the Data Controller.

ARTICLE 4. RIGHTS AND OBLIGATIONS OF THE DATA CONTROLLER

4.1. The Data Controller has a duty to provide the information in Articles 13 and 14 of the GDPR to the Data Subjects who are the subject of the Processing operations under the current Data Processing Agreement.

4.2. The Data Processor shall make the Personal Data, as set forth in this Data Processing Agreement, available to the Data Processor. The Data Controller determines the purpose and means of the Processing. It guarantees that the Processing of the Personal Data, including the transfer of the Personal Data, is done in a lawful manner and in accordance with the relevant Privacy Laws.

4.3. The Processing by the Data Processor shall only take place on the basis of written instructions given by the Data Controller. The Data Controller guarantees that the instruction to Process the Personal Data is done in accordance with the Privacy Law. If the order for Processing changes, the Data Controller shall immediately inform the Data Processor.

4.4. If the Employees of the Data Controller process Personal Data themselves, the responsibility for compliance with the requirements of the Privacy Laws of Processing Personal Data is the responsibility of the Data Controller and not the responsibility of the Data Processor.

4.5. The Data Controller shall keep a register of processing activities carried out under its responsibility in accordance with Article 30(1) of the GDPR.

4.6. All information and materials made available by the Data Controller to the Data Processor and containing Personal Data shall always be regarded as the property of the Data Controller.

ARTICLE 5. RIGHTS AND OBLIGATIONS OF THE DATA PROCESSOR 

5.1. The Data Processor may only process Personal Data that are strictly necessary for the performance of the Agreement and undertakes to process the Personal Data only for the purposes described in this Data Processing Agreement. The Data Processor shall not process the Personal Data for any purpose other than as specified by Data Controller.

5.2. The Data Processor undertakes to process the Personal Data only on the basis of the written instructions of the Data Controller and in accordance with the provisions of the Data Processing Agreement. If the Data Processor is expected to transfer Personal Data to a third country or to an international organization pursuant to the law of the European Union or the law of a Member State applicable to it, the Data Processor must notify the Data Controller prior to the Processing, unless if the relevant law prohibits it from such notification on important grounds of public interest.

5.3. The Data Processor guarantees the confidentiality of the Personal Data transmitted to it under the Data Processing Agreement. The Data Processor further warrants that all its Employees have undertaken to observe confidentiality or are bound by an appropriate legal obligation of confidentiality.

5.4. The Data Processor may not store, transfer or otherwise process the Personal Data in a location outside the European Economic Area or transfer it to countries outside the European Economic Area without the prior written consent of the Data Controller. In addition, the Data Processor must ensure that the third country or international organization provides an adequate level of data protection. If this is not the case, appropriate guarantees must be given by contractual means or the express consent of Data Subjects must be obtained.

5.5. The Data Processor shall process the Personal Data transmitted by the Data Controller for as long as necessary for the performance of the Agreement. As soon as the assignment has been performed, the Data Processor shall, within a reasonable time, unless expressly agreed otherwise, cease any use of the Personal Data other than what is necessary to enable the Data Controller to recover the data entrusted to the Data Processor.

5.6. To the extent possible, the Data Processor shall assist the Data Controller in its duty to comply with requests from Data Subjects regarding the right of access, right of rectification, right of data erasure, right of restriction of Processing, right of data portability, or right of objection to automated individual decision-making (including profiling). In the event that a data subject makes such a request to the Data Processor, the Data Processor shall forward the request to the Data Controller, and the Data Controller shall further handle the request, unless explicitly agreed otherwise.

5.7. The Data Processor shall assist the Data Controller with any data protection impact assessment and prior consultation of the Supervisory Authority. In addition, the Data Processor shall assist the Data Controller to respond to requests from the Supervisory Authority. For the execution of such requests, the Parties may agree to attach a compensation arrangement to it.

5.8. If necessary for the performance of the assignment, the Data Processor may make a copy and/or a backup. The Personal Data on these copies and backups shall have the same protection as the original Personal Data.

5.9. The Data Processor shall keep a written register of all processing activities carried out on behalf of the Data Controller. This register shall contain all data required by Article 30(2) of the GDPR.

5.10. The Data Processor guarantees that its Employees have access to the Personal Data only to the extent necessary to perform their duties in the context of the order for Processing. The Employees of the Data Processor are also bound by confidentiality obligations. The Data Processor shall inform its Employees about the obligations of the Privacy Law and of this Data Processing Agreement.

ARTICLE 6. SUB-PROCESSORS

6.1. The Data Controller hereby grants the Data Processor a general authorization to engage other processors (hereinafter "Sub-processors"). The Data Controller may object to the appointment or replacement of other data processors on reasonable grounds of which it shall notify the Data Processor in writing. If the Data Controller reasonably objects to the appointment or replacement of other data processors, the Data Processor shall cooperate in good faith with the Data Processor to effect a commercially reasonable change in service that avoids the use of the proposed Sub-processor, and if such change cannot be effected within one (1) month after receipt by the Data Processor of the notification from the Data Controller, then either Party may terminate the Agreement without judicial intervention and without compensation with effect from the date on which the appointment or replacement takes effect.

6.2. The Data Processor must ensure that the Sub-processor offers the same guarantees with respect to taking appropriate technical and organizational measures in accordance with Article 32 of the GDPR.

6.3. All obligations contained in Article 5 of the current Data Processing Agreement shall apply in full to the Sub-processor. These obligations shall be stipulated in writing in an agreement between the Data Processor and the Sub-processor. The Data Processor remains fully responsible to the Data Controller for compliance by the Sub-processor with its obligations.

6.4. The following sub-processors are used to properly perform the duties as Data Processor: Microsoft, Company Channel, Topware Systems.

ARTICLE 7. CONFIDENTIALITY

7.1. The Data Processor is bound by a duty of confidentiality with respect to the Personal Data it receives from the Data Controller for the Processing order and with regard to all information that it receives in the context of this Data Processing Agreement. This duty of confidentiality applies in full to the Employees of the Data Processor and to any Sub-processors and their Employees.

7.2. This duty of confidentiality arises during the negotiation of the Data Processing Agreement, remains in force during the full term of the  Data Processing Agreement, and also after the termination of the Data Processing Agreement.

7.3. This duty of confidentiality does not apply when the Data Processor is required by the Supervisory Authority, a statutory provision, or a court order to disclose this Personal Data, when the information is publicly known, and when the data disclosure is made on behalf of the Data Controller.

ARTICLE 8. SECURITY MEASURES

8.1. The Data Controller and Data Processor shall take the required and appropriate technical and organizational measures (hereinafter the "Security Measures") to protect the Personal Data against destruction, whether accidental or unlawful, against loss, falsification, unauthorized disclosure or access, in particular when the processing involves the transmission of data over a network, or against any other form of unlawful Processing or use.

8.2. Taking into account the state of the art and the cost of implementation, the Security Measures guarantee an adequate level of security considering the risks involved in the processing and the nature of the data to be protected. The Security Measures are also aimed at preventing unnecessary collection and further processing of personal data.

8.3. The Data Processor shall inform the Data Processor about all Security Measures it takes to comply with the protection obligation. In determining the relevant measures, the state of the art and the cost of implementation shall be taken into account. If changes in technology require changes to the technology used, the Data Processor shall bear the necessary costs thereof.

8.4. The Data Controller and Data Processor shall make all reasonable efforts to ensure that the processing systems used meet the requirements of confidentiality, integrity, and availability, always taking into account the state of the art and reasonable costs of implementation. Likewise, both Parties shall verify that their systems are sufficiently resilient.

ARTICLE 9. NOTIFICATION OF A DATA BREACH

9.1. If the Data Processor discovers a Data Breach, it shall promptly notify the Data Controller after the discovery. This notification shall at least describe or communicate the following:

  1. the nature of the personal data breach, where possible specifying the categories of Data Subjects and Personal Data concerned and, approximately, the number of Data Subjects and Personal Data involved;
  2. the name and contact details of the data protection officer or another point of contact where more information can be obtained;
  3. the likely consequences of the Data Breach in relation to Personal Data;
  4. the measures proposed or taken by the Data Controller to address the Data Breach, including, where applicable, the measures to mitigate any adverse effects thereof.

It is up to the Data Controller to assess whether it will report the Data Breach to the Supervisory Authority or inform the Data Subjects about it.

ARTICLE 10. DURATION AND TERMINATION OF THE DATA PROCESSING AGREEMENT

10.1. This Data Processing Agreement shall be valid for as long as the Agreement is in effect and shall be terminated at the same time as the Agreement. The Data Processing Agreement may not be terminated separately from the Agreement unless the Parties agree that termination is necessary to comply with Privacy Law or Supervisory Authority decisions.

10.2. Upon completion of the processing services, the Data Processor shall, at the option of the Data Controller, delete or return all Personal Data processed under the Agreement and delete existing copies and backups thereof, unless applicable law requires the storage of the Personal Data. Any costs associated with the return of the Personal Data and its destruction shall be borne by the Data Controller. 

Benieuwd naar ons effectieve implementatieplan dat ESG tot leven brengt?
Het is getest en effectief gebleken bij meer dan 7000 werknemers van grote bedrijven zoals Accenture, Nyrstar en vele anderen?
phone icon Plan je ESG Advies Call
mth-logo mth secondary logo
Quick Links
Product
Contact us
Privacy Policy
Terms of Use
Contact
icon

Move to Happiness Hub Bv 
Statieplein 1.02, 2560 Nijlen 
BE0437586004

icon

+32 3 375 54 77

Subscribe to our newsletter

Join our newsletter to stay up to date on features and releases.

By subscribing you agree to with our Privacy Policy and provide consent to receive updates from our company.

2025 Move to Happiness. All right reserved.
Privacy Policy Terms of Service