1.1 “Ad Account” means a predefined advertising account (i) registered with Smartly.io and associated with the advertising account(s) on the Online Advertising Platform or (ii) to which the Service applies to as agreed between the Parties regardless of whether this advertising account is registered with Smartly.io.
1.2 “Advertising Spend” means all charges payable by the Customer for all advertising conducted with respect to an Ad Account in the Online Advertising Platform and regardless of whether the Customer conducted advertising campaigns using the Service or not.
1.3 “Affiliate” means an entity which is a subsidiary or parent of, or under common control with, the Party. For these purposes, an entity shall be treated as being controlled by another if that other entity has fifty (50) per cent or more of the voting shares in such entity, or that other entity is able to direct the Party’s affairs or is able to appoint a majority of the members of the board of directors or an equivalent body.
1.5 “Customer Content” means any advertising content and/or materials and other information provided by Customer to Smartly.io for the purpose of the Service, including without limitation any third party content licensed or acquired: (i) by the Customer, or (ii) by Smartly.io on behalf of and with the authorization of the Customer.
1.6 “Online Advertising Platform”: means any platform, website or social media channel accessible online where advertisements may be displayed or otherwise distributed by using the Service.
1.8 “Party” means Smartly.io or Customer separately. Customer and Smartly.io together are referred to as the “Parties”.
1.9 “Personal Data” means any information relating to an identified or identifiable natural person.
1.10 “Service” means the provision of the services based on Customer’s active Subscription(s).
1.11 “Smartly.io Software” means Smartly.io’s proprietary advertising software, including any changes, updates, upgrades, modifications and enhancements made thereto, and any related Smartly.io’s proprietary modules, add-ons, tools, browser plugins, scripts and applications as well as any documentation relating thereto all of the foregoing to the extent offered by Smartly.io.
1.12 “Subscription” means the services described in each individual Order Form. In case there are multiple active Order Forms between Smartly.io and Customer, the services provided under each Order Form are considered as a separate Subscription. In case the Customer has not subscribed to the service through an active Order Form, the Subscription means the provision of access to Smartly.io’s Software-as-a-Service advertising tool and documentation that can be used by Customer via the Internet to create, manage and optimize advertising campaigns on supported Online Advertising Platform(s) and access to the Smartly.io knowledge base and in-app support chat.
2.1 The Service consists of the Subscription(s) agreed between the Parties.
2.2 The Service is designed to help the Customer in creating, managing and/or optimizing its advertising campaigns but the Customer remains responsible for how the Customer uses the Service and for achieving the intended goals and results of Customer's advertising campaigns. Smartly.io’s Service operates between the Customer and the Online Advertising Platform on which the advertising campaigns are being conducted, and it is the responsibility of the Customer to ensure that the output and results of the Service meet Customer's expectations and requirements.
2.3 Smartly.io is entitled to produce the Service as it deems appropriate. The Service and the Online Advertising Platform are constantly evolving and, as a result, the features made available on the Service may change. In the event of any substantial or major change to the Service, Smartly.io will inform the Customer on its website at http://smartly.io/ or via the Service (e.g., in the platform, via the knowledge base or by email to the email address on record with Smartly.io).
2.4 Smartly.io provides support as set forth in the Order Form. Customer requesting support must allow Smartly.io to access the applicable ad accounts and provide any additional information as is reasonably necessary to provide the support. As reasonably necessary to address Customer’s support request, Smartly.io's personnel may view Customer’s ad accounts, settings, and campaigns and access the specific user view of Customer’s user, to respond to the Customer's issue. Upon the Customer’s request or approval, Smartly.io’s personnel may also modify Customer’s advertising campaigns and other settings in Customer’s Ad Accounts, but Customer shall remain responsible for these advertising campaigns and the goals and results thereof.
2.5 The Service does not include, and Smartly.io does not offer, any telecommunication or networking services or equipment, security services or systems, or hardware or other equipment. If Customer requires any of the foregoing, Customer must obtain such systems, services and equipment at its own expense from third party vendors.
2.6 The Customer undertakes not to use the Service for any unlawful purpose. The Customer also undertakes to comply with Smartly.io's reasonable directions and requests related to the Service.
2.7 The Customer is responsible for complying with all laws, rules and regulations applicable to Customer, including all laws, rules and regulations related to advertising and conducting advertising campaigns.
3.1 Unless otherwise agreed, the Customer shall register on https://app.smartly.io/ before commencing the use of the Service. In connection with the registration, the Customer shall authorize Smartly.io to access and use the Customer’s Online Advertising Platform accounts, ad accounts, and all the information therein as well as Online Advertising Platform accounts of Customer’s personnel using the Service to enable proper fulfillment of this Agreement. Customer shall register the Ad Accounts with the Service. Smartly.io shall confirm Customer's registration in due course after having received the registration. Unless otherwise agreed, the Customer may add and remove its Ad Accounts in the Service at any time in its sole discretion. The Customer represents and warrants that it has full rights and authority to give the Smartly.io the rights above and to register the ad accounts with the Service. For clarity, if the Customer uses the Service on behalf of a third party (e.g. its end customer), the Customer shall ensure that the aforementioned authorization and registration obligations are complied with also with respect to such third party.
4.1 Subject to the Customer’s compliance with all the terms of this Agreement, Smartly.io grants the Customer a non-exclusive, non-transferable, limited right to access and use the Service, against due payment of the applicable fees, solely in connection with the Ad Accounts in the applicable Online Advertising Platform.
4.4 If the Customer provides feedback, requests features, changes or tools, or otherwise provides comments relating to the Service or provides suggestions or ideas for improving the Service (all the aforementioned referred to as “Feedback”), notwithstanding anything stated to the contrary in this Agreement, the Customer agrees that such Feedback will be fully assigned to Smartly.io without any obligation for Smartly.io to pay separate compensation, and Smartly.io shall have the title of, and own all rights to, such Feedback and may thus use and incorporate them into its product offerings.
4.4 For the avoidance of doubt, if the Customer uses or Service includes third-party solutions for which the Customer has a direct contractual relationship with the providers of these third-party solutions (such as mobile measurement providers and analytics providers) regardless of anything to the contrary stated herein, their use shall be exclusively governed by their provider's terms and conditions in their standard form, or as negotiated between the Customer and such third party, applicable to such solutions. This Agreement does not modify or amend, and is not in lieu of, any terms, policies or rules of an Online Advertising Platform or any other third-party provider used by Customer.
5.1 Unless expressly stated otherwise in the Order Form, if the Customer has multiple Subscriptions, Smartly.io's fee percentage is based on Advertising Spend incurred under each Subscription separately and the Advertising Spend is not aggregated between Subscriptions. The fee shall be calculated and invoiced after each calendar month based on the Customer’s Advertising Spend. For the first calendar month of use (partial or not), at least a monthly minimum fee is charged. Unless otherwise expressly agreed in an Order Form, Smartly.io’s fee is a defined percentage of Customer's Advertising Spend per Ad Account(s) and a required monthly minimum fee that are both set forth in the price list made publicly available at http://smartly.io/pricing. The fee shall be calculated and invoiced after each calendar month based on the Customer’s Advertising Spend. For the first calendar month of use (partial or not), at least a monthly minimum fee is charged.
5.2 If the Agreement is terminated as described hereinafter in Section 9, for the last month of use, at least a monthly minimum fee is charged if the Agreement had terminated before the end of the calendar month.
5.3 Unless explicitly stated to the contrary in the Order Form, Smartly.io may change the pricing from time to time upon thirty (30) days prior written notice (email being sufficient). The change shall not affect the fees for invoicing periods commenced before the effective date of the change. In case of a price change, the Customer shall be entitled to terminate this Agreement to end on the effective date of the price change by notifying Smartly.io thereof in writing.
5.4 The fees for the Service are invoiced monthly in arrears via credit card or invoice, depending on the payment method offered by Smartly.io at the time and chosen by the Customer. Customer shall remit payment thirty (30) days net from the date of the invoice. Interest on delayed payments accrues at 12% per annum or the maximum legal interest rate for late payment, whichever is less. The Customer is liable to pay Smartly.io’s reasonable expenses and fees relating to collection of late payments. Customer shall provide Smartly.io with correct invoicing information (including without limitation any purchase order numbers) by the last business day before the end of the invoiced calendar month and must ensure that Customer’s invoicing information remains correct and up to date. If Customer in good faith believes that Smartly.io has charged Customer incorrectly, Customer shall contact Smartly.io in writing no later than ten (10) business days after the date of the first invoice in which the error appeared, in order to receive an adjustment or credit.
5.5 The fees are exclusive of VAT and any other governmental taxes and levies. However, to the extent that any US state sales tax is applicable, Smartly.io shall add the applicable sales tax amount directly to the invoice. Except with respect to sales/use taxes in the US that Smartly.io is lawfully obligated to charge, the Customer shall be solely responsible for VAT and other taxes and levies imposed on the Customer by applicable laws and authorities in relation to the fees. The Customer shall be solely responsible for VAT and other taxes and levies imposed on the Customer by applicable laws and authorities in relation to the fees and shall without undue delay after Smartly.io’s request provide Smartly.io with a tax certificate or any other such document, proof or certificate in order to process any refunds Smartly.io is entitled to under applicable laws and the Customer shall carry all the costs and expenses incurred by Smartly.io due to Customer failing to comply with this obligation.
6.1 Smartly.io makes commercially reasonable efforts to ensure that the Smartly.io Software will be available for use on a 24/7 basis excluding temporary maintenance, updating and repairs. Smartly.io does not assume any liability for usage interruptions, breaks or errors, but it endeavours to inform the Customer of any issues with the Smartly.io Software whenever reasonably possible.
6.2 Smartly.io will provide the Service in a good and workmanlike manner and in accordance with the applicable industry practices and standards. Smartly.io does not warrant that the Service will be uninterrupted or error-free. However, Smartly.io agrees to use commercially reasonable efforts to be available to support the Customer and to correct any material error or deficiency in the Service.
6.4 The Customer acknowledges that the use of the Service is dependent on the applicable Online Advertising Platform in which Customer's advertising campaigns are carried out and that the actions of the Customer and third-party solution providers may also affect the use of the Service. Customer is responsible for accepting and complying with any agreements, terms, policies and guidelines of Online Advertising Platforms and third-party solution providers it uses in connection with the Service. Smartly.io does not accept any liability for the operation and function of any Customer or third-party products, services, actions or omissions, including but not limited to, those of third-party solution providers, the Online Advertising Platforms or any third party that operates in or with the applicable Online Advertising Platform.
6.5 TO THE EXTENT ALLOWED BY MANDATORY LAW, SMARTLY.IO DOES NOT HAVE ANY OTHER RESPONSIBILITY OR LIABILITY FOR THE SERVICE. THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" AND SMARTLY.IO EXPRESSLY DISCLAIMS ALL OTHER EXPRESS OR IMPLIED WARRANTIES, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, CORRECTNESS AND FITNESS FOR A PARTICULAR PURPOSE.
7.1 Smartly.io will defend or settle any third party claim made against the Customer alleging that the (i) Smartly.io Software; (ii) Smartly.io-owned part of the Deliverables prepared by Smartly.io for the Customer under the Creative Service; or (iii) actions of Smartly.io under the Managed Service for which Smartly.io is responsible under the Agreement, infringes a third party intellectual property right. Customer agrees i) to promptly notify Smartly.io in writing of any such claim, ii) to allow Smartly.io to have sole control over the defence, litigation and/or settlement of any such claim and iii) to cooperate with Smartly.io in the investigation, defence and settlement thereof. Smartly.io shall indemnify Customer for such claim by paying the costs and reasonable attorneys’ fees Customer incurs as a result of such claim, including damages awarded to such third party in a judgment finally awarded against Customer or settlement approved by Smartly.io. If such claim is made or, in Smartly.io's opinion, is likely to be made, then Smartly.io may, at its sole discretion, (i) modify the Service or if it’s not commercially reasonable for Smartly.io to modify the Service, (ii) terminate the Service and/or the Agreement with immediate effect. Smartly.io shall have no obligations under this Section 7.1 to the extent any infringement claim arises from: a) the Customer’s combination of the Service or Smartly.io Software with other software or services or Customer’s modification to any part of the Service or Customer’s violation of Section 4.2 if such claim would not have been made but for Customer’s combination or modification or Customer’s violation of Section 4.2; or b) information or materials provided by the Customer and used by Smartly.io for the performance of the Service in accordance with this Agreement or c) the Customer Content. In no event shall the termination of the Service or the Agreement due to infringement relieve Smartly.io from its obligation to defend and indemnify Customer as set forth herein. Smartly.io shall not settle any claim on behalf of Customer without Customer’s prior written consent if the settlement requires any admission of fault by Customer.
7.3 The foregoing remedies constitute Customer’s sole and exclusive remedies and Smartly.io’s entire liability with respect to third party infringement claims.
7.4 NEITHER PARTY SHALL BE LIABLE FOR ANY SPECIAL, INDIRECT, INCIDENTAL, PUNITIVE OR CONSEQUENTIAL DAMAGES OF ANY KIND WHATSOEVER (INCLUDING ATTORNEYS' FEES RELATING TO SUCH EXCLUDED DAMAGES) IN ANY WAY ARISING IN CONNECTION WITH THE SERVICE OR THIS AGREEMENT, OR FOR ANY LOSS OF DATA, LOST BUSINESS OPPORTUNITIES OR LOST PROFITS, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
7.5 EACH PARTY’S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT WHETHER ARISING OUT OF OR IN CONNECTION WITH BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE) OR ANY OTHER THEORY OF LIABILITY MAY NOT IN ANY CALENDAR YEAR STARTING FROM THE EFFECTIVE DATE OF THE ORDER FORM OR FROM FIRST USE OF THE SERVICE, WHICHEVER IS EARLIER, EXCEED AN AMOUNT EQUAL TO THE AGGREGATE AMOUNT OF FEES RECEIVED BY SMARTLY.IO FROM THE CUSTOMER UNDER THE APPLICABLE SUBSCRIPTION DURING THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO SUCH LIABILITY.
7.6 THE LIMITATIONS SET FORTH ABOVE IN SECTION 7.4 AND 7.5 SHALL NOT APPLY TO (i) A VIOLATION OF SECTION 4.2; OR (ii) THE INDEMNIFICATION OBLIGATIONS SET FORTH IN SECTIONS 7.1 AND 7.2.
8.1 Each Party (“Receiving Party”) shall keep in confidence all material and information received from the other Party (“Disclosing Party”) that is marked as confidential or which should be understood to be confidential (“Confidential Information”), and may not use Confidential Information of the Disclosing Party for any purpose other than for the proper fulfilment of the Agreement. The confidentiality and non-use obligations shall not, however, be applied to material and information: (a) which is generally available or otherwise public; or (b) which the Receiving Party has received from a third party without any obligation of confidentiality; or (c) which was in the possession of the Receiving Party prior to receipt of the same from the Disclosing Party without any obligation of confidentiality related thereto or breach of confidentiality obligations. Receiving Party may also disclose the Disclosing Party’s Confidential Information to the extent required by applicable law, regulation, court order or lawful request of a governmental body.
8.2 Notwithstanding the confidentiality provisions, Smartly.io may collect, use and analyse the Customer’s advertising spend data, settings and trends but may only disclose this Customer data if the data is de-identified or if it is not attributable to any individual or company. In addition, Smartly.io may collect, create, analyze, and use aggregated data, de-identified data and other information (such as product or feature usage, device metrics/metadata etc.) to facilitate market research and analysis, quality control, product and service development/improvement and to provide support and maintenance services. Smartly.io may use, store, or disclose such information or material derived from such information, as long as it is in a de-identified form or is not attributable to any individual or company.
8.3 Receiving Party shall promptly upon termination of the Agreement cease using the Disclosing Party’s Confidential Information and has no longer an obligation to store Disclosing Party’s Confidential Information. Disclosing Party has the right at any time to request the Receiving Party to have the Disclosing Party’s Confidential Information deleted and the Receiving Party is obliged to comply with such request without undue delay. Each Party shall, however, be entitled to retain the copies required by law or regulations and Smartly.io may continue the use of information as permitted under Section 8.2.
8.4 This Agreement will remain in force with respect to any Confidential Information disclosed during the term of this Agreement for five (5) years from the disclosure of each respective Confidential Information except that the foregoing time limit shall not apply to trade secrets for which the time limit shall continue as long as the information qualifies as trade secret under the governing law of this Agreement.
9.1 After the Initial Term, Customer may terminate: (i) the Agreement and the use of the Service, or (ii) an independent Subscription under a specified Order Form, with immediate effect (except Managed Service or Creative Service that require thirty (30) days’ prior written notice) by a prior written notice (email being sufficient) to the account manager assigned to Customer or to email@example.com, in which case Smartly.io shall send the Customer a written confirmation (email being sufficient) regarding termination without undue delay. In case of termination of a Subscription under a specified Order Form, the rest of the Agreement and the use of the Service remains unaffected. Upon termination Smartly.io shall end charging of the Customer for all the terminated Subscriptions. However, at least a monthly minimum fee is charged if the Subscription has been terminated before the end of the calendar month.
9.2 Smartly.io may terminate: (i) the Agreement and the use of the Service, or (ii) an independent Subscription under a specified Order Form, for convenience upon thirty (30) days prior written notice (email being sufficient). In case of termination of a Subscription under a specified Order Form, the rest of the Agreement and the Service remains unaffected.
9.3 Either Party may terminate (i) this Agreement or (ii) an independent Subscription under a specified Order Form with immediate effect, if the other Party is in material breach of its obligations hereunder and fails to remedy such breach within fourteen (14) days after written notice (email being sufficient) is given by the non-breaching Party.
9.4 Upon full or partial expiration or termination of this Agreement, the Customer is obliged to cease the use of the affected parts of the Service and shall return or, upon Smartly.io’s request, destroy Smartly.io’s material in its possession to the extent said material relates to the affected parts of the Service, and upon Smartly.io's request confirm in writing that it has complied with the aforesaid.
9.5 Upon termination for whatever reason, no paid fees will be returned by Smartly.io, and the Customer is obliged to pay the fees past due at the effective date of such termination. In the event that fees are not fully paid when due or the obligations set out in this Agreement are not otherwise followed by the Customer, Smartly.io reserves the right to terminate the Customer’s right to use the Service with immediate effect.
10.1 The Customer expressly acknowledges and agrees that it is Customer's obligation to observe and to comply with any and all privacy and data protection laws (including but not limited to the EU General Data Protection Regulation, GDPR and the California Consumer Privacy Act, CCPA), regulations and terms applicable to Personal Data contained in the materials provided by the Customer for the purposes of the Service regardless of the country/state in which the Customer is based. The above mentioned includes, but is not limited to, complying with the terms and restrictions related to Customer's use of customer/contact databases and complying with any applicable privacy policies and cookie opt-in policies.
The applicable law and the dispute resolution process shall be determined based on the contracting Smartly.io entity as follows:
11.1 Smartly.io Solutions Oy:
The Agreement will be governed by the laws of Finland excluding its provisions relating to the choice of law.
Any dispute, controversy or claim arising out of or relating to this Agreement, or the breach, termination or validity thereof, shall be finally settled by arbitration in accordance with the Arbitration Rules of the Finland Chamber of Commerce. The proceedings shall take place in the English language in Helsinki, Finland.
Existence of arbitral proceedings, the proceedings, any material presented or drafted in relation to the proceedings and the verdict shall be considered as Confidential Information under this Agreement.
11.2 Smartly.io Solutions Inc.:
The Agreement will be governed by the laws of the State of California as such laws apply to contracts between California residents performed entirely within California, without regard to conflict of law provisions.
Any action or proceeding arising from or relating to this Agreement may only be brought in the State and Federal courts located in Santa Clara, California and each Party irrevocably submits to such exclusive jurisdiction and venue. Each Party irrevocably waives its rights to trial by jury in any action or proceeding arising out of or relating to this Agreement or the transactions relating to its subject matter.
12.1 Smartly.io is entitled to change the working methods, hardware, data communication links, software, user interface or other system components used in the Service. Smartly.io may also use subcontractors.
12.2 Smartly.io is entitled to use Customer's name and logo as a reference for advertising purposes.
12.3 If Customer has agreed to provide Smartly.io with a case study, testimonial or any similar co-marketing deliverable (hereinafter referred to as “Co-Marketing Deliverable”) in connection with this Agreement, the Customer hereby grants Smartly.io an exclusive, transferable, sublicensable, irrevocable, fully paid up, royalty-free, world-wide right to use, copy and display any Co-Marketing Deliverables in any medium during and after the term of this Agreement for its business purposes including without limitation to use the Co-Marketing Deliverable in Smartly.io’s website, events, ads, social media and marketing videos and to format the same to fit the medium(s) chosen by Smartly.io.
12.4 Neither Party may assign this Agreement without the other Party’s prior written consent. Parties shall, however, be entitled to assign this Agreement in whole or in part to its Affiliates and in connection with a merger or acquisition process including but not limited to the transfer of business and/or any other corporate transaction or restructuring.
12.5 No provision or right under this Agreement shall be considered waived without an explicit written statement or agreement signed by the waiving Party in each specific case. A waiver of any term, provision or right under this Agreement shall not be construed as a waiver of any other term, provision or right hereunder.
12.6 Neither Party shall be liable to the other for any failure to perform any of its obligations (except payment obligations) under this Agreement during any period in which such performance is delayed by circumstances beyond its reasonable control, such as fire, flood, storm, volcanic eruption, war, embargo, strike, riot, terrorism, accident, breakdown of plant or machinery, malicious damage, order by government or authority or the intervention of any governmental authority or any other events or circumstances beyond the reasonable control of the party affected, whether similar or dissimilar to any of the foregoing (a “Force Majeure”). In such event, however, the delayed Party must promptly provide the other Party with written notice (email being sufficient) of the Force Majeure. The delayed Party’s time for performance will be excused for the duration of the Force Majeure.
12.7 This Agreement and the information submitted by the Customer during the registration process for the Service constitute the entire agreement with respect to its subject matter and replaces and supersedes any prior written and/or verbal communications. Any Customer terms and conditions, policies and other documents provided by the Customer to Smartly.io shall not become part of this Agreement or be binding upon Smartly.io without a written agreement signed by an authorized representative of Smartly.io explicitly incorporating those terms into the Order Form. Nothing in this Agreement shall be deemed or implied to create a partnership, agency, partnership or joint venture of any kind between the Parties.
12.8 If any provision herein is held to be invalid or unenforceable to any extent, then such provision will be interpreted, construed and reformed to the extent reasonably required to render it valid, enforceable and consistent with its original intent.
1.1 This Annex on data processing agreement (“DPA”) is an annex to and forms an integral part of the service agreement or other written or electronic agreement (“Agreement”) which governs the use of Services (as defined in Section 2) provided by Smartly.io to the Customer, as defined below.
1.2 In the course of providing the Service to the Customer pursuant to the Agreement, the Smarty.io may process Personal Data on behalf of Customer. The purpose and scope of this DPA is to agree on the terms and conditions for the Processing of Personal Data by Smartly.io on behalf of the Customer in connection with the Services. This DPA together with the Agreement forms a data processing agreement in the meaning of applicable Data Protection Laws. For the purposes of this DPA only, and except where indicated otherwise, the term "Smartly.io" shall also include Smartly.io’s Affiliates.
1.3 The parties acknowledge and agree that, by executing the Agreement to which this DPA is attached, the Customer enters into this DPA on behalf of itself and, as applicable, in the name and on behalf of its Affiliates authorised to use the Services, thereby establishing a separate data processing agreement between Smartly.io and each such authorized Affiliate. Each authorized Affiliate agrees to be bound by the obligations under this DPA and, to the extent applicable, the Agreement. Customer remains fully liable towards and for any of its Affiliates whose Personal Data is processed by Smartly.io. Smartly.io’s and all of its Affiliates’ total aggregate liability arising out of or related to this DPA (including claim back right under Art. 82 of the GDPR) and all data processing agreements between Smartly.io and Customer’s Affiliates, whether in contract, tort or under any other theory of liability, is subject to the limitations of liability of the Agreement.
2.1 For the purpose of this DPA, unless expressly otherwise stated or evident in the context, the following capitalised terms shall have the following meanings, the singular (where appropriate) shall include the plural and vice versa, and references to Sections or Subsections shall be references to sections and subsections of this DPA.
“Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with the Customer or Smartly.io. “Control,” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity. Smartly.io’s Affiliates are listed at www.smartly.io or its subpages.
“CCPA” means the California Consumer Privacy Act of 2018, Cal. Civ. Code 1798.100 et seq.
“Controller” means the entity, which determines the purposes and means of the Processing of Personal Data.
“Customer” means Smartly.io’s customer or other business partner for which Smartly.io is providing the Services.
“Data Protection Laws” means applicable data protection regulations and legislation, including but not limited to the GDPR and the data protection or privacy laws of any other country.
“Data Subject” means the identified or identifiable person to whom Personal Data relates.
“EU” means European Union.
“EEA” means the European Economic Area.
“GDPR” means the Regulation (EU) 2016/679 of the European parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC.
“Personal Data” means any information relating to an identified or identifiable natural person.
“Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Processor” means the entity which Processes Personal Data on behalf of the Controller.
“Services” mean the services described in the Agreement and other services supplied by or on behalf of Smartly.io to the Customer either directly or through a third party engaged by the Customer.
“Standard Data Protection Clauses” has the meaning given to it in Section 5.3.
“Sub-processor” means another processor engaged by Processor in the Processing of Personal data and, where applicable, possible other Processor engaged by the Sub-processor of Smartly.io.
“Supervisory authority” shall have the meaning set forth in the GDPR.
2.2 In addition, unless expressly otherwise stated, the applicable definitions provided in the Agreement shall be applied to this DPA. In case a definition provided in this DPA and a definition provided in the Agreement conflicts, for the purposes of this DPA the definition provided in this DPA shall prevail.
3.1 Roles of the Parties
3.1.1 For the purposes of the Processing of Personal Data the Customer shall be either the Controller, or the Processor on behalf of its end-clients, and Smartly.io shall be the Processor on behalf the Customer. There are also other parties involved in the provision of the Services (such as providers of Online Advertising Platforms). However, Smartly.io does not have access to the personal data held and processed by such third parties and such processing is not in the scope of this DPA.
3.2 Subject matter, nature and purpose
3.2.1 For the purposes of performing the Services, Smartly.io Processes Personal Data on behalf of the Customer.
3.2.2 The nature and the purpose of the Processing is to supply and enable the Services provided by Smartly.io to the Customer. The Processing of Personal Data shall take place solely for the purposes defined herein and Smartly.io shall not be entitled to use the Personal Data for any other purposes, unless otherwise stated in the Agreement. The Customer hereby authorises Smartly.io to transfer Personal Data to those Online Advertising Platforms and other third parties who are involved in the provision of the Services.
3.2.3 Nothing in this DPA shall operate to transfer, assign or otherwise grant to Smartly.io any right or interest to the Personal Data, unless otherwise stated in the Agreement.
3.2.4 For clarity, Smartly.io will not sell to third parties the Personal Data it Processes on Customer’s behalf under this DPA.
3.3 Personal data and Data subjects
3.3.1 The Customer may submit Personal Data to the Services, the extent of which is determined and controlled by the Customer in its sole discretion.
3.3.2 The types of Personal Data subject to the Section 3.2.1, considering the nature of the Services, consist of the end-user data of the Online Advertising Platforms used by the Customer, and possible direct and indirect Personal Data included in the custom conversion data provided by the Customer or conversion data provided by Smartly.io’s integrations.
3.3.3 Personal Data may also include other types of Personal Data if required by the purpose of the Processing as agreed between the Parties.
3.3.4 Personal Data may also concern other categories of Data Subjects if required by the purpose of the Processing as agreed between the Parties.
3.4 Duration and termination of the Processing
3.4.1 This DPA becomes effective simultaneously with the Agreement and shall continue to be in effect until the Agreement is terminated. The duration of the Processing of Personal Data is conditional to the term of the Agreement. Certain Processing activities shall be conducted as long as such Processing is required for the supply of the Services.
3.4.2 If any Processing by Smartly.io is required after termination of the Agreement, e.g. in order to transfer data back to the Customer such Processing shall be conducted in accordance with the provisions of this DPA.
3.4.3 In the event of termination of the Agreement, Smartly.io shall delete the Personal Data, or if requested by the Customer in writing, return the Personal Data to the Customer in commonly used format as soon as practically possible after the end of the Agreement and shall be deleted thereafter from the systems of Smartly.io.
3.4.4 If and to the extent it is required by law that any Personal Data need to remain in the possession of Smartly.io, the Customer shall be notified thereof and shall be provided with copies of such data. In such case, Smartly.io shall ensure the confidentiality of all such Personal Data and shall ensure that such Personal Data is processed only when necessary for the purpose(s) specified in the applicable laws requiring such storage and for no other purpose.
3.4.5 After the termination of the Agreement, Smartly.io shall provide, upon the Customer’s request, the Customer with a written certification that it has fully complied with the Subsections from 3.4.3 to 3.4.4 above.
3.5 Instructions for Processing
3.5.1 The Personal Data shall be processed in accordance with Customer’s documented instructions for Processing of the Personal Data. This DPA and the Agreement are Customer’s complete and final documented instructions at the time of signature of the Agreement to Smartly.io for the Processing of Personal Data. Any additional or alternate instructions must be agreed upon separately. For the avoidance of doubt, Customer’s instructions for the Processing of Personal Data shall comply with Data Protection Laws.
3.5.2 Smartly.io shall process the Personal Data only according to documented instructions given by the Customer, including with regard to transfers of Personal Data to a country outside the EU/EEA.
3.5.3 If Smartly.io may not follow the instructions given by the Customer due to applicable compelling laws or it considers an instruction to infringe any law, Smartly.io shall immediately inform the Customer of such matter.
3.6 General obligations of the Parties
3.6.1 Customer shall, in its use of the Services, Process Personal Data in accordance with the requirements of Data Protection Laws. Customer shall have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which Customer acquired Personal Data and for allowing Smartly.io to Process such Personal Data under this DPA.
3.6.2 Parties shall comply with all applicable Data Protection Laws in the Processing of the Personal Data. In addition, Smartly.io must adhere with good practices of the industry.
3.6.3 Smartly.io shall implement appropriate technical and organisational measures for security of Processing in order to ensure an appropriate level of security as required by the Data Protection Laws and considering the Personal Data specified in Section 3.3, including the measures provided in the Section 6 below.
3.6.4 Smartly.io shall provide reasonable assistance to the Customer in ensuring the compliance with the provisions on security of the Personal Data as set forth in the Data Protection laws.
3.6.5 Smartly.io shall assist the Customer by appropriate technical and organisational measures in the fulfilment of the Customer’s obligation to respond to requests for exercising the data subject’s rights under the Data Protection Laws.
3.6.6 Smartly.io shall make available to the Customer all information necessary to demonstrate compliance with the obligations laid down in this DPA and the Data Protection Laws, in particular with the principles relating to Processing of Personal Data as laid down in the GDPR.
4.1 Customer acknowledges and agrees that (a) Smartly.io’s Affiliates may be retained as Sub-processors; and (b) Smartly.io and its Affiliates respectively may engage third-party Sub-processors in connection with the provision of the Services.
4.2 Upon Customer’s request, Smartly.io shall inform the Customer in writing of the Sub-processors used in the Services and the specific Processing activities they are engaged for. Smartly.io shall also inform the Customer in writing of any intended changes concerning the addition or replacement of Sub-processors, thereby giving the Customer the opportunity to object to such changes.
4.3 Where Smartly.io engages a Sub-processor for Processing, Smartly.io has entered into a written agreement with each Sub-processor containing data protection obligations not less protective than those in this DPA with respect to the protection of Personal Data to the extent applicable to the nature of the Services provided by such Sub-processor, in particular regarding the provision of sufficient guarantees to implement appropriate technical and organizational measures in such a manner that the Processing will meet the requirements of the applicable Data Protection Laws.
4.5 Smartly.io hereby enters into this Agreement for and on behalf of each of its Affiliates, thereby establishing a separate data processing agreement between the Customer and each such Smartly.io Affiliate. Addition or replacement of such Smartly.io Affiliates shall be subject to Subsection 4.2 above. The Customer may not object such additions or replacements without a cogent reason.
4.6 Where a Sub-processor fails to fulfil its data protection obligations, Smartly.io shall remain fully liable to the Customer for the performance of the Sub-processors obligations and any liabilities related thereto to the same extent Smartly.io would be liable if performing the services of each Sub-processor directly under the terms of this DPA.
5.1 The provisions of Sections 5.2-5.4 shall apply to any transfers of Personal Data processed under this DPA from the EU/EEA to countries that do not ensure an adequate level of data protection within the meaning of Data Protection Laws of the foregoing territories.
5.2 Smartly.io may transfer to or process Personal Data in a non-EU/EEA country, which the EU Commission has not found to provide an adequate level of protection. In case Smartly.io or Sub-processor engaged by Smartly.io processes or in any way makes the Personal Data accessible outside the EU/EEA countries it must secure that such Processing is performed under appropriate safeguards and otherwise complies with the statutory requirements regarding the Processing of Personal Data outside the EU/EEA countries.
5.3 When applicable, Smartly.io shall assist the Customer to enter into appropriate contractual arrangements with the recipient in a non-EU/EEA country for the transfer of Personal Data to the applicable third countries outside the EU/EEA as adopted and approved by the EU Commission or competent data protection regulatory authority in accordance with applicable Data Protection Laws (“Standard Data Protection Clauses”). Alternatively, the Customer may authorise Smartly.io to enter into Standard Data Protection Clauses on its behalf.
5.4 Upon the Customer’s request, Smartly.io shall provide written information about the location(s) in which Personal Data is processed pursuant to this DPA.
6.1 Smartly.io shall implement and maintain at all times appropriate operational, administrative, physical and technical measures in accordance with common industry practice to protect the Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data transmitted, stored or otherwise processed.
6.2 Smartly.io shall ensure that persons authorised to process the Personal Data have committed themselves to appropriate confidentiality or are under an appropriate statutory obligation of confidentiality.
6.3 Smartly.io shall limit access to the Personal Data to personnel on a need-know-basis. The Personal Data and the persons accessing any Personal Data shall be limited to what is necessary in relation to specific Processing activities.
7.1 In case of any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data (“Data Breach”), Smartly.io shall notify the Customer thereof in writing without undue delay after having become aware of it. The notification shall at least:
(a) describe the nature of the Data Breach, the affected Personal Data, including the categories and approximate number of Data Subjects concerned and the categories and approximate number of Personal Data records concerned;
(b) communicate the name and contact details of a contact point where more information can be directly obtained in case such person is other than the contact person under the Agreement;
(c) describe the likely consequences of the Data Breach, in particular to the Personal Data; and
(d) describe the measures taken or proposed to be taken by Smartly.io to address the Data Breach, including, where appropriate, measures to mitigate its possible adverse effects.
7.2 Where, and in so far as, it is not possible to provide the information under the Section 7.1 at the same time without undue delay, the information may be provided in several parts within the time limit.
7.3 Upon the Customer’s request, Smartly.io shall assist the Customer with reasonable effort to document an occurred Data Breach as required by Data Protection Laws.
7.4 Upon the Customer’s request, Smartly.io shall assist the Customer with reasonable effort in reporting the Data Breach to the supervisory authority and to the data subjects in accordance with the Customer’s instructions.
8.1 The Customer or another auditor mandated by the Customer may, once a year at most, audit the level of the data protection on and appropriateness of the Processing of Personal Data by Smartly.io upon fourteen (14) working days’ prior written notice to ensure the compliance with this DPA and Data Protection Laws.
8.2 The auditor mandated by the Customer may not be a direct or indirect competitor of Smartly.io. Smartly.io has a right to require the mandated auditor to enter into an appropriate confidentiality agreement prior to the audition.
8.3 Smartly.io shall contribute to the aforementioned audits and make available all information required to complete the audits. The audits shall be performed during the normal working hours and shall not unreasonably disturb the operations of Smartly.io.
8.4 Customer shall carry its own costs relating to the audits and shall reimburse Smartly.io for any reasonable costs and expenses that Smartly.io may incur due to any such audit. Before the commencement of any such on-site audit, Customer and Smartly.io shall mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which Customer shall be responsible.
8.5 The Parties agree that Smartly.io has the right to provide the Customer with an audit report covering the data processing and especially the technical and organizational security measures at its own costs. In this case, the Customer agrees that the rights to audit Smartly.io have been satisfied and that the Customer has no additional rights under this Section 8 to audit Smartly.io provided that:
a) the audit has been performed by a recognized, independent third party with proven experience in the field; and
b) the audit report is no older than twelve (12) months.
With respect to Personal Data that qualifies as Personal Information as defined in the CCPA the Parties agree that Smartly.io:
(i) acts as the Service Provider (as defined in the CCPA) with respect to the Personal Information it processes on Customer’s behalf under this DPA;
(ii) will only retain, use, or disclose Personal Information it Processes under this DPA for the purposes of performing the Services set forth in the Agreement (“Business Purpose”);
(iii) will not sell to third parties the Personal Information it processes on Customer’s behalf under this DPA; and
(iv) certifies that it understands the restrictions in this Section 9 and will comply with them.