SKILLGYM – TERMS AND CONDITIONS OF SERVICE
This Agreement and General Terms and Conditions govern the purchase and / or the Trial of the Services offered to the Customer from Lifelike. Selecting (or flagging) the appropriate box on the acceptance, the Customer declares (1) have received a copy of the below Terms and Conditions and / or to have a copy downloaded from the official and / or product website of Lifelike, (2) to have read and understood the contents, and (3) to accept the content in all parts.
Background and Whereas:
A. Lifelike SA, incorporated and registered in Chiasso (CH), V.A.T. number CHE-178.566.624 IVA, whose registered office is at C.so San Gottardo 16, 6830 . Chiasso (CH), hereinafter referred to as “LIFELIKE” or “Supplier”, has developed a software application with the aim of providing a training and / or assessment service (branded as “SkillGym”), by means of an innovative multimedia interactive simulation approach. Scope of SkillGym is the on-line training and / or measurement of the interpersonal communication and negotiation skills of people;
B. SkillGym is a Software as a Service available to subscribers via the internet (the “Service”) on www.skillgym.com or other applicable website (including mobile applications) of the Supplier;
C. The Customer wishes to use the Service to train other physical persons and / or for his personal and / or professional and / or corporate business training and measurement activities according to the Scope of SkillGym;
D. The Supplier has agreed to provide, and the Customer has agreed to take and pay for, the Supplier’s Service, subject to the terms and conditions of this Agreement.
1.1 The definitions and rules of interpretation in this clause shall apply in this agreement as follows:
Authorized User: any physical person who has been delivered, by Lifelike or by the Customer, a personal login to use the SaaS Service as.
Bootcamp: an individual or group subscription plan that allows one or more additional Authorized User to access and use the SaaS Services.
Customer: any company or physical person who purchases the SaaS Services from the Supplier.
Customer Data: the data inputted by the Customer, Authorized Users, or the Supplier on the Customer’s behalf, for the purpose of using the Service or facilitating the Customer’s use of the Service.
Digital Order Form: the order form, available on the Supplier website and / or in-app, detailing the Subscription Term, the price, the currency, the Terms and Conditions of this Agreement and the features of the SaaS Services available to the Customer and / or the Authorized User(s) according to the Plan selected.
Documentation: the document made available to the Customer by the Supplier online via www.skillgym.com or such other web address notified by the Supplier to the Customer from time to time, which sets out a description of the SaaS Services and the user instructions for the SaaS Services.
Main Plan: an individual subscription plan that allows the Customer to access and use the SaaS Services for 12 months.
SkillGym SaaS Services (or “SaaS Services”): the web-based services provided by the Supplier to the Customer and to the Authorized Users under this Agreement with the scope of the on-line training of the interpersonal communication and negotiation skills of individuals as detailed and available on www.skillgym.com.
SLA: means Service Level Agreement, the explanation of the levels of service that Lifelike guarantees their paying Customers about the availability of the SkillGym service.
Subscription Term: means that period specified in each Digital Order Form during which Customer and / or Authorized Users will have on-line access and use of the Software through Lifelike’s SaaS Services.
Token: a voucher that can be purchased in-app by the Customer to enroll one Authorized User to a Bootcamp for 1 month.
Trainer Plan: an individual subscription plan that allows one additional Authorized User to access and use the SaaS Services for 12 months.
User Subscriptions: the user subscriptions purchased by the Customer, in the form of Plans and / or Tokens, which entitle the Customer to grant access to the Service and the Documentation to the Authorized Users for a limited time period.
2. SaaS Services
2.1 Subject to the purchase of the Main Plan User Subscription, Customer will receive a non-exclusive, non-assignable, individual right to access and use the SaaS Services during the relevant Subscription Term and subject to the terms of this Agreement.
2.2 Subject to the purchase of additional Trainer Plans and / or Tokens, Customer will receive a further non-exclusive, non-assignable right to let additional Authorized Users access and use the SaaS Services during the relevant Subscription Term(s) and subject to the terms of this Agreement.
2.3 Customer acknowledges that this Agreement is a services agreement and Lifelike will not be delivering copies of the Software to Customer as part of the SaaS Services.
3. Orders, Invoicing, Payment
3.1 Orders. Customer shall order SaaS Services by completing the Digital Order Form(s). All services acquired by Customer shall be governed exclusively by this SaaS Agreement.
3.2 Invoicing. Lifelike shall invoice the fees detailed in the Digital Order Form on the date of purchase. Applicable taxes shall be billed as a separate line item on each invoice.
3.3 Payment. Payment may be made by credit card. Services will not start until the payment is received.
3.4 Refund. Except as expressly provided otherwise, fees are non-refundable and failure to use the Service purchased brings no obligation to refund / reversal of the price by the Supplier.
4.1 Unless Customer manually deactivates the auto-renewal feature, SaaS Services shall be subject to auto-renewal at the end of the relevant Subscription term.
4.2 Customer can deactivate the auto-renewal feature at any time. The management of the auto-renewals is exclusively managed by an automated SkillGym system, and it is under the sole responsibility of the Customer, which will be solely responsible for the deactivation and / or re-activation of that option.
4.3 The deactivation of the automatic the auto-renewal feature is done by logging in as the user having administrative rights within SkillGym and choosing the corresponding function allowing to deactivate the auto-renewal feature. Any cessation decided by the Customer and executed through SkillGym is immediately and automatically processed by the system.
4.4 Deactivation becomes effective at the expiration of the relevant Subscription Term.
4.5 Mis-management of the option of automatic renewal by the Client excludes the right to reimbursement of the charges made by the Supplier.
4.6 In the event of non-payment or late payment, The Supplier may immediately suspend and / or deactivate the SaaS Services, in whole and / or in part and without notice. The continuation of unsolved payment for more than 15 days after its due date will result in the termination of the contract and the relative deactivation of services.
5.1 Prices charged by the Supplier for the SaaS Services are those in effect at the time of the purchase and / or renewal.
5.2 Pricing and billing policies are subject to change at any time at the sole discretion of the Supplier. An updated version of the price is available on the Digital Order Form. The Supplier will notify the Customer also via electronic mail about any change to the pricing and billing policies that may affect a future renewal of the Service. The Customer undertakes to consult such price list before buying and before any contract renewal. Therefore, the renewal of the contract occurred determines the acceptance of any new and/ or updated price charged.
6. Supplier’s obligations, Warranties and limitation of liability
6.1 The Supplier undertakes that the Service will be performed substantially in accordance with the Documentation and will be provided in a professional manner consistent with general industry standards and with reasonable skill and care and warrants that it has and will maintain all necessary licenses, consents, and permissions necessary for the performance of its obligations under this agreement.
6.2 The Supplier:
(a) does not warrant that the Customer’s use of the Service will be uninterrupted or error-free; nor that the Services, Documentation and/or the information obtained by the Customer through the Service will meet the Customer’s requirements; and
(b) is not responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of data over communications networks and facilities, including the internet, and the Customer acknowledges that the Services and Documentation may be subject to limitations, delays and other problems inherent in the use of such communications facilities; and
(c) Except for the above express limited warranties, the Supplier makes, and the Customer receive no warranties, express, implied, statutory or in any communication with the Customer, and the Supplier specifically disclaims any implied warranty of merchantability or fitness for a particular purpose; and
(d) Is not responsible, not even in any part, for any difficulty, defect, failure, interruption or inability to access and / or use of the Service and / or related to the hardware equipment and software of the customer or his internet connection, or to actions and / or behavior of the Customer (or one or more of its members) which prove to be inappropriate, harmful or against the law (including copyright infringement) whether national or international.
(e) In no event will the Supplier be liable for any damages, including loss of data, lost profits, cost of cover or other special, incidental, consequential or indirect damages arising in any way out of this agreement, or from the use of the Service and the Software and the accompanying Documentation, however caused and on any theory of liability. In any case, any type of compensation may not exceed an amount equal to the fee paid by the customer and collected by the Supplier for the Service, the sum to be understood inclusive of all incidental expenses (legal fees, stationery, Chamber of Arbitration …). This limitation will apply even if the Supplier has been advised of the possibility of such damage and notwithstanding the failure of any limited remedy provided herein. The Customer acknowledges that the consideration agreed reflects this allocation of risks.
7. Customer’s obligations
7.1 The Customer shall:
(a) provide the Supplier with all necessary co-operation in relation to this agreement; and all necessary access to such information as may be required by the Supplier in order to render the Service, including but not limited to Customer Data, security access information and configuration services;
(b) comply with all applicable laws and regulations with respect to its activities under this agreement; and
(c) carry out all other Customer responsibilities set out in this agreement in a timely and efficient manner. In the event of any delays in the Customer’s provision of such assistance as agreed by the parties, the Supplier may adjust any agreed timetable or delivery schedule as reasonably necessary; and
(d) prevent access / unauthorized use of the Service and immediately notify the Supplier any possible access / unauthorized use; and
(e) ensure that the Authorized Users use the Service and the Documentation in accordance with the terms and conditions of this agreement and shall be responsible for any Authorized User’s breach of this agreement; and
(f) obtain and shall maintain all necessary licenses, consents, and permissions necessary for the Supplier, its contractors and agents to perform their obligations under this agreement, including without limitation the Service; and
(g) ensure that its network and systems comply with the relevant specifications provided by the Supplier from time to time; and
(h) assume full responsibility for the accuracy and truthfulness of the information provided to the Supplier and ensures that all the information provided, including any text, graphics, data, images, sounds, are lawfully available, and do not violate any law copyright, trademark, patent or other rights of third parties arising from law, contract or custom. Therefore, undertaking to indemnify the Supplier for any claim of compensation and / or damages claimed by third parties as a result of the publication of these materials; and
(i) be solely responsible for procuring and maintaining its network connections and telecommunications links from its systems to the Supplier’s data centers, and all problems, conditions, delays, delivery failures and all other loss or damage arising from or relating to the Customer’s network connections or telecommunications links or caused by the internet.
7.2 In relation to the Authorized Users, the Customer undertakes that:
(a) In order to use the Services, Authorized Users must obtain a valid SkillGym account, which can be obtained by registering on the website www.skillgym.com (or any other website, including mobile applications, notified to the Customer by the Supplier from time to time) by filling in the registration form, accepting the Authorized User Terms and Conditions and providing all the required information, including a valid e-mail address (“Registration Data”); and
(b) the maximum number of Authorized Users that it authorizes to access and use the Service and the Documentation shall not exceed the number of User Subscriptions it has purchased; and
(c) it will not allow or suffer any User Subscription to be used by more than one individual Authorized User; Authorized Users are responsible for maintaining the confidentiality of account login information (username / password) and are fully responsible for all activities performed on their account.
7.3 The Customer shall not:
(a) except as may be allowed by any applicable law which is incapable of exclusion by agreement between the parties:
- and except to the extent expressly permitted under this agreement, attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the software and/or Documentation (as applicable) in any form or media or by any means; or
- attempt to reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the software; or
(b) access all or any part of the Services and Documentation in order to build a product or service which competes with the Services and/or the Documentation; or
(c) license, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make the Services and/or Documentation available to any third party.
7.4 The Customer shall use all reasonable endeavors to prevent any unauthorized access to, or use of, the Service and/or the Documentation and, in the event of any such unauthorized access or use, promptly notify the Supplier.
8. Customer data
8.1 Referring to the Service and to the use of the software, the parties specify that it has been represented to Customer, and Customer accepts:
(a) the need that the use of the Service and of the Software has to follow the explicit or clear acceptance of the use conditions as established by the present Agreement;
(b) the need that every use of the Service and of the Software has to register (with a tracking log), every kind of use by Customer, and also (where applicable) personal identifying data;
(c) the need that such tracking log (not accessible to the Customer) has to be stored by LIFELIKE during and at the end of each use of the Service.
8.2 Supplier is committed to administrative, physical and technical safeguards to ensure the security, confidentiality and integrity of Customer Data. Supplier also is committed to not access the Customer Data, except to the extent required for the proper delivery of services purchased, including actions to prevent technical problems.
8.3 Supplier declares that no data, of every nature, existing on the computers of the Customer, with the exception for those generated inside every single use of the Service and of the software, will be available to third parties, excluding moreover the presence in the software of spyware or other malware.
8.4 If the Supplier processes any personal data on the Customer’s behalf when performing its obligations under this Agreement, the parties record their intention that the Customer shall be the data controller and the Supplier shall be a data processor and in any such case and data shall be processed according to the rules defined in the Data Processing Agreement in Annex C.
9. Service Support and Service Levels
9.1 The Customer acknowledges that the Service is subject to processes of bug fixing, software updates, or Minor features updates, new apps and new modules. Where this is not dependent on a firm’s service (irrespective of the fact that then, because of circumstances not foreseen to occur) Lifelike will not be required to make any notice to the Customer. If, instead, Major upgrades are made or insertions of functions or operations or infrastructure cloud network will imply a temporary stop of the service, Lifelike will give the customer a notice of 24h, through the system of SkillGym newsletter.
9.2 Technical support is guaranteed by the Supplier provided that the customer notifies the Supplier, for the resolution of any type of problems, solely through the Supplier helpdesk service (through the opening of a ticket). The technical support by the Supplier will be executed in the manner and within the time schedules specified in the table provided in Annex A. As for unscheduled maintenance and downtime service refers to the SLA table provided in Annex B.
10. Proprietary rights
10.1 The Customer acknowledges and agrees that the Supplier owns all intellectual property rights in the Service, in the related technology and the Documentation. Except as expressly stated herein, this agreement does not grant the Customer any rights to, or in, patents, copyrights, database rights, trade secrets, trade names, trademarks (whether registered or unregistered), or any other rights or licenses in respect of the Service and/or the related technology and/or the Documentation. Said provision shall apply also in case Customer should ask for a personalization of the technology and / or the features and / or the contents accessible via Service.
10.2 The software made available online and associated with the Services is protected by copyright laws and international copyright treaties, as well as other intellectual property laws. Lifelike does not allow the activation and / or use of its services for the purposes of monitoring and / or copying and / or testing of the services provided by Lifelike, or comparative analysis not commissioned by Lifelike itself. Lifelike therefore reserves the right to suspend the provision of the service and access to its products whenever there is even a suspicion that the verses in such hypothesis.
11. Use of logos, case histories and screenshot
11.1 The Customer authorizes, with no time limitation, the Supplier to include into his portfolio of publicly displayed references (including but not limited to brochures, technical documentation, web sites), the reference to the Customer (including logo, name of the Customer, case histories and screenshots).
12. Term and termination
12.1 This Agreement shall be concluded for an indefinite period, unless otherwise terminated as provided in this clause, and shall commence on the date of purchase of the Main Plan.
12.2 The Supplier reserves the right to terminate this Agreement and the relevant SaaS Services as detailed in the Renewals Clause. Furthermore, the Supplier reserves the right to terminate this Agreement and at any earliest anniversary of the Main Plan Subscription Term, by giving the Customer due notice by email (at the email address of the Customer) 30 days in advance.
12.3 Customer may terminate this agreement at any time waiving any and all rights to request and/or receive a refund or reimbursement of amounts paid for the services.
12.4 On termination of this agreement for any reason: (i) all rights granted to Customer under this agreement shall immediately terminate and; (ii) the accrued rights of the parties as at termination, or the continuation after termination of any provision expressly stated to survive or implicitly surviving termination, shall not be affected or prejudiced.
13.1 Customer acknowledges that SaaS Services is provided on a non-exclusive basis. Nothing shall be deemed to prevent or restrict Lifelike’s ability to provide the SaaS Services or other technology to other parties.
14. Entire agreement
14.1 This agreement, and any documents referred to in it, constitute the whole agreement between the parties and supersede any previous arrangement, understanding or agreement between them relating to the subject matter they cover.
15.1 Any notice required to be given under this Agreement shall be in writing.
16. Governing law and jurisdiction
16.1 This agreement and any disputes or claims arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) are governed by, and construed in accordance with, the law of Switzerland.
16.2 The parties irrevocably agree that the courts of Lugano have exclusive jurisdiction to settle any dispute or claim that arises out of or in connection with this agreement or its subject matter or formation (including non-contractual disputes or claims).
ANNEX A – HELP DESK AND SUPPORT
1. Support and Maintenance Services
Support and Maintenance Services are included in the SaaS Service subscription and entitles Customer to the following:
- Electronic support in order to help Customer locate and correct problems with the software, accessible by clicking the “Help” tab when logged into the software and throughout the website skillgym.com under the “Resources” section.
- Bug fixes and code corrections to correct Software malfunctions in order to bring such Software into substantial conformity with the operating specifications.
- All extensions, enhancements and other changes that Lifelike, at its sole discretion, makes or adds to the software and which Lifelike furnishes, without charge, to all other Subscribers of the SaaS.
- Up to four (4) dedicated contacts designated by Customer in writing that will have access to Customer Support services available at https://lifelike-eng.zendesk.com.
2. Response and Resolution Goals
- “Business Day and hours” means any day which is not a Saturday, Sunday or public holiday in Switzerland, 9.00 am to 6.00 pm local Switzerland time.
- “Fix” means the repair or replacement of Software component to remedy.
- “Problem” means a defect in software as defined in Lifelike’s standard software specification that significantly degrades such software.
- “Respond” means acknowledgement of Problem received containing assigned support engineer name, date and time assigned, and severity.
- “Workaround” means a change in the procedures followed or data supplied by Customer to avoid a Problem without substantially impairing Customer’s use of the software.
|Problem Severity||Response Goals||Resolution Goals|
|1. The production system is creating a significant impact to the Customer’s business function preventing that function from being executed.||Lifelike will Respond within 2 business hours.||Upon confirmation of receipt, a Lifelike support personnel begins continuous work on the Problem, and a customer resource must be available at any time to assist with problem determination. Customer Support will provide reasonable effort for Workaround or Fix within 24 hours, once the Problem is reproducible or once we have identified the software defect. Lifelike may incorporate Fix in future release of software.|
|2. The production system or application is moderately affected. There is no workaround currently available or the workaround is cumbersome to use.||Lifelike will Respond within 4 business hours.||Customer Support will provide reasonable effort for Workaround or Fix within 7 business days, once the Problem is reproducible. Lifelike may incorporate fix in future release of software.|
|3. The production system or application issue is not critical: no data has been lost, and the system has not failed. The issue has been identified and does not hinder normal operation, or the situation may be temporarily circumvented using an available workaround.||Lifelike will Respond within 8 business hours.||Customer Support will provide reasonable effort for Workaround or Fix within 10 business days, once the Problem is reproducible. Lifelike may incorporate Fix in future release of software.|
|4. Non-critical issues, general questions, enhancement requests, or the functionality does not match documented specifications.||Lifelike will Respond within 24 business hours.||Resolution of Problem may appear in future release of software.|
ANNEX B – SERVICE LEVEL AGREEMENT
The SaaS Services will achieve System Availability (as defined below) of at least 99% during each calendar year of the Subscription Term.
“System Availability” means the number of minutes in a year that the key components of the SaaS Services are operational as a percentage of the total number of minutes in such year, excluding downtime resulting from (a) scheduled maintenance, (b) events of Force Majeure in the SaaS Agreement), (c) malicious attacks on the system, (d) issues associated with the Customer’s computing devices, local area networks or internet service provider connections, or (e) inability to deliver services because of acts or omissions of Customer or any Authorized User. Lifelike reserves the right to take the Service offline for scheduled maintenance for which Customer has been provided reasonable notice and Lifelike reserves the right to change its maintenance window upon prior notice to Customer.
If Lifelike fails to meet System Availability in the year, upon written request by Customer within 30 days after the end of the year, Lifelike will issue a credit in Customer’s next invoice in an amount equal to 1% of the yearly fee for the affected SaaS Services for each 1% loss of System Availability below stated SLA per SaaS Service, up to a maximum of the Customer’s fee for the affected SaaS Services. If the yearly fee has been paid in advance, then at Customer’s election Lifelike shall provide a credit to Customer to be used for additional Authorized Users or term extension. The remedy stated in this paragraph is Customer’s sole and exclusive remedy for interruption of SaaS Services and Lifelike’s failure to meet System Availability.
ANNEX C – Data Processing Agreement
This Data Processing Agreement (“DPA“) sets out the Supplier’s obligations as a contractor of the Customer (“Controller” or “data controller”) related to any data processing performed on his behalf as part of the service “Skillgym” provided by the Supplier to the Customer (the “Service”).
The Supplier shall perform the Processing activities described in DPA-Sub-Annex 1 to this DPA. The purposes of the Processing, as well as the categories of Personal Data to be Processed and the categories of Data Subjects, are described in DPA-Sub-Annex 1 to this DPA.
1.2 Interpretation and Hierarchy
A reference in this DPA to “writing” or “written” includes email.
The Annexes form part of this DPA. Any reference to this DPA includes the Annexes.
|Data Protection Requirements||Means all applicable laws and regulations relating to the Processing of Personal Data, including the General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”), sector-specific laws and applicable guidance and codes of practice issued by supervisory authorities.|
|Data Subject||Means an identified or identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.|
|Personal Data||Means any information relating to a Data Subject.|
|Processing||Means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction erasure or destruction.|
|Security Breach||Shall have the meaning given in Section 9.1.|
|TOMs||Shall have the meaning given in Section 8.1.|
3. Instructions; Compliance with Data Protection Requirements
3.1 Instructions and controller’s obligations
The Supplier shall process Personal Data only within the scope of this DPA and according to specific individual instructions from the Controller. The Controller is the sole responsible of the Data Processing. Therefore, the Controller is in charge of the respect of the Data Protection Requirements and is responsible for ensuring that its processing activities are compliant with the requirements of the EU Regulation 2016/679 and any other relevant applicable law.
The Supplier shall nominate an individual that is duly qualified on Data Protection Requirements who is authorized to represent the Supplier in respect of this DPA and to receive instructions from the Controller. The Controller shall without undue delay confirm oral instructions in writing. The Supplier will inform the Controller in writing if it considers that any instruction issued by the Controller potentially violates Data Protection Requirements.
3.2 Compliance with Data Protection Requirements
The Supplier shall comply with Data Protection Requirements when Processing Personal Data. The Supplier shall reasonably assist the Controller in defending any claim that may be brought against the Controller for the violation of any Data Protection Requirements.
4. Provision of Information and Support
Upon the Controller´ request, the Supplier shall provide all information necessary to comply with the Data Protection Requirements. Moreover, the Supplier shall support the Controller in meeting the Data Protection Requirements, in particular regarding privacy by design, records of Processing activities, fulfilling the Controller’s obligation to respond to requests for exercising the data subject’s rights, cooperation with and notifications to the relevant supervisory authority and security of Processing and conduction of a data protection/privacy impact assessment.
5. No Onward Transfer of Personal Data
5.1 Any Processing of Personal Data under this DPA shall take place on the Supplier premises as specified in DPA-Sub-Annex 1 to this DPA, unless prior written approval to the contrary has been provided by the Controller.
5.2 The Supplier shall not transfer or Process Personal Data outside the European Economic Area without the prior written consent of the Controller; however, in consideration of the European Commission adequacy decision concerning Switzerland, the transfer of Personal Data to Switzerland is permitted.
6.1 Approval Requirement
The Supplier shall receive from the Controller written approval about the appointment of the Subprocessor.
6.2 Auditing of the Subcontractor
The Controller shall be entitled at any time to demand copies of relevant agreements concluded between the Supplier and its subcontractors subject to the reasonable protection of commercial details, and trade and business secrets.
7. Rights to, Confidentiality, Return and Destruction of Personal Data
7.1 Rights to Personal Data
All Personal Data is and shall remain the sole and exclusive property of The Controller. The Supplier hereby: (i) irrevocably assigns, transfers and conveys to The Controller any of its rights, titles and interests in respect of the Personal Data; and (ii) waives any and all rights to cease performance of the Processing and/or to deny fulfilment of any of the obligations under this DPA towards The Controller, provided that the respective counterclaim of Supplier is not undisputed or not established legally binding. Upon The Controller’s request, Supplier shall execute and deliver any documents that may be necessary or desirable under any law to preserve, or enable The Controller to enforce, its rights hereunder with respect to the Personal Data.
7.2 Confidentiality and Notifications
The Supplier shall observe data secrecy and maintain confidentiality when Processing Personal Data under this DPA and shall procure the same from any personnel engaged in connection with this DPA. The Supplier shall therefore only engage employees for Processing Personal Data, who are properly instructed, adequately and regularly trained on Data Protection Requirements relevant to their work, and who are bound to confidentiality. The Supplier shall verify its compliance with this obligation to The Controller on request by means of a signed declaration form.
The parties shall treat as strictly confidential all matters not in the public domain and in particular the business and company secrets of the other party, only to use such information for purposes of this DPA, and not to record, disclose or make use of such information.
Where Personal Data becomes subject to audits, inspections, investigations, search and seizure, an attachment order, confiscation during bankruptcy or insolvency proceedings, disclosure order, any (including pending or threatened) enforcement proceeding, action, lawsuit brought or threatened against the Supplier or a subcontractor relating to Personal Data, or similar events or measures by third parties, the Supplier shall inform the Controller without undue delay. The Supplier shall, without undue delay, notify the Controller to all to such action, that any affected Personal Data is in the Controller’s sole property and area of responsibility, that Personal Data is at the Controller’s sole disposition, and that the Controller is the responsible body in the sense of Data Protection Requirements.
7.3 Deletion or Return of Personal Data
The Supplier shall retain Personal Data only for as long as it is necessary to fulfil the Processing of Personal Data under this DPA. The Supplier shall not create copies or duplicates without the prior written approval of the Controller, with the exception of back-up copies to the extent these are necessary to ensure orderly Processing of the Personal Data, and data required to meet regulatory data retention requirements.
Upon termination or expiry of the Agreement, the Supplier shall at the Controller’ request delete or return in a structured, commonly used and machine-readable format to the Controller all documents, Processing and work results, and data sets relating to the Agreement.
The Supplier shall confirm in writing that it has complied with this Section 7.3 and shall provide a log of the deletion on The Controller’ request.
The Supplier shall retain documentation used to demonstrate the orderly Processing of Personal Data under this DPA beyond the Agreement term in accordance with statutory retention periods.
8. Technical and Organizational Measures; Records
8.1 Technical and Organizational Measures
The Supplier shall implement and maintain, operational, managerial, physical, technical and organizational measures (“TOMs”) to protect the Personal Data against accidental, unauthorized or unlawful destruction, loss, alteration, disclosure or access appropriate to the risk concerning confidentiality, integrity, availability and resilience of systems as required by the Data Protection Requirements. The Supplier’s TOMs shall at all times ensure a strict separation between the Personal Data Processed under this DPA, the Supplier’s own data and the data of the Supplier’s other customers. The TOMs Supplier shall implement as of the date of this DPA are set out in DPA-Sub-Annex 3 to this DPA.
8.2 Information about and changes of TOMs
The Supplier shall inform the Controller of: (i) any planned changes to the TOMs; and (ii) all relevant events (including any audits performed in respect of the Personal Data) in respect of the privacy, confidentiality or protection of the Personal Data. Any changes to the TOMs that the Supplier intends to implement shall require prior written approval of the Controller, except if and to the extent such change has to be implemented immediately in order to safeguard Personal Data without allowing Supplier to wait for The Controller’s approval in which case The Controller’s approval shall be requested ex post and the change shall be maintained only with The Controller’s approval or if indispensable in order to safeguard Personal Data. The security level of defined measures should not be reduced as a result of a change.
9. Security Breaches
9.1 Notification Obligation
The Supplier shall provide the Controller with detailed written notice (for the attention of The Controller’ Chief Information Security Officer and Data Protection Officer) within twelve (12) hours: (i) of discovering or being informed of any loss of or unauthorized access to Personal Data maintained or stored by the Supplier or a subcontractor; or (ii) any violation of the Data Protection Requirements by the Supplier, or a subcontractor (“Security Breach”). The notice shall in particular include a description of: (i) the nature of the Security Breach; (ii) the likely consequences of the Security Breach; and (iii) the measures taken or proposed to be taken to address the Security Breach. In this case the Supplier, in addition to any obligation contained in this DPA and the Agreement, shall at its own expense:
- conduct a state of the art forensic and security review and audit in connection with a Security Breach and inform The Controller of the outcome of such review and the corrective and preventive action taken in order to avoid identical or similar Security Breaches in the future; and
- reasonably cooperate with The Controller in responding to such Security Breach and taking the required corrective and/or preventive action.
10. Rectification, Restriction and Erasure; Rights of Data Subjects
The Supplier may not on its own authority rectify, erase or restrict the Processing of Personal Data, but only on the written instructions of the Controller. Supplier will inform the Controller promptly upon becoming aware of any errors or inaccuracies related to Personal Data which may arise in connection with the Processing of the Personal Data. The Supplier shall promptly correct any errors or inaccuracies in the Personal Data upon the Controller’s written request.
In the event that a Data Subject contacts the Supplier directly in respect of their Personal Data requesting access, rectification, erasure, restriction of Processing or data portability, the Supplier shall immediately forward the Data Subject’s request to the Controller.
The Supplier shall implement technical and organizational measures to, and shall otherwise assist the Controller in responding to requests from Data Subjects exercising their rights in respect of their Personal Data to enable the Controller to comply with Data Protection Requirements. This includes in particular the following: Upon request by The Controller the Supplier will (i) without undue delay provide the Controller via the Supplier with a copy of the data subject’s Personal Data in a structured, commonly used and machine-readable format or, (ii) at the Controller’s discretion, provide reasonable access to the Personal Data, and (iii) promptly provide the Controller with such information regarding the Processing of Personal Data as the Controller may reasonably request.
The Supplier shall permit the Controller and any company within the Controller Group that is a recipient of services under the Agreement, the Controller’ appointed auditors, and where required the relevant supervisory authorities to inspect and audit the Supplier’s Processing operations (including as to the execution of TOMs) and compliance with The Controller’s instructions and Data Protection Requirements. The Supplier shall provide such parties (including their respective authorised representatives) with all information and access rights (including to premises and databases) relating to the Processing of the Personal Data.
In the event of any finding resulting from such inspections or audits, the Supplier shall promptly take all required corrective actions at its own cost and shall procure the same from its subcontractors.
The Supplier shall audit on a recurring basis (at least once a year) its compliance with this DPA, the Agreement and Data Protection Requirements in regards to the Processing. The previous paragraph shall apply mutatis mutandis to findings in such self-audits. The Supplier shall promptly notify the Controller in writing of any findings indicating that the Supplier, or its Processing of the Personal Data, is not in compliance with Data Protection Requirements or the provisions of this DPA and/or the Agreement.
If audits are carried out by a supervisory authority at the Controller Group which in whole or in part relate to this DPA, the Supplier shall provide reasonable support to the Controller via the Supplier within the scope of this DPA.
If a supervisory authority which is responsible for an entity of the Controller Group carries out an audit at the Supplier, this audit shall be carried out in the presence of the Controller.
If audits of the Supplier are carried out by a supervisory authority responsible for the Supplier, the Supplier shall immediately notify The Controller, in particular with regard to any findings that exert a direct or indirect effect on the contractual relationship.
12. Duration of this DPA
The duration of this DPA shall correspond with the duration of the Service. The expiry or termination of the Service shall not relieve the parties of their respective obligations regarding the privacy and data protection of Personal Data for as long as such Processing is performed after such expiration or termination.
Data Description and Processing Activities
1. Details of the Data Processor’s premises where Personal Data will be Processed:
All The Controller‘s Personal Data are managed by the Supplier: Lifelike SA, based on Corso San Gottardo 16, 6830 Chiasso (TI) Switzerland. Lifelike SA stores The Controller‘s Personal Data on dedicated servers which are physically located in the European Union and are housed by Lifelike’s Subcontractor Fastera Swiss SA, Via Penate 16, 6850 Mendrisio (CHE) who, in order to comply to the TOM of Lifelike has physically located all the Lifelike’s server at EQUINIX, Data center IBX® ML2, Milano, Via Savona 125, 20144 – Milano (MI) – Italy. Neither Fastera Swiss SA, nor EQUINIX Data Center has any logic access to the databases of Lifelike, in accordance with the Lifelike’s TOM Policies.
2. Description of the purposes and ways of Processing Personal Data:
The purposes of Processing Personal Data is: to dispose of a personal unique identification access key (personal email) to allow the access to a on-line educational service requested by The Controller to train its personnel on specific educational content related to the job description of certain employees.
3. Processing Activities
- Disclosure by transmission (to the Supplier and/or the Data Controller)
4. Categories of Data Subjects
- Business partners (Providers, clients, brokers, intermediaries…)
5. Categories of Personal Data
- Full name
- Job title/role
- Company /Entity
The following details define the Supplier authorizations to carry out work as the Controller’s contractor:
|Supplier Corporate Name|
|Supplier Registered Offices|
|Corso San Gottardo 16 6830 Chiasso (TI) Switzerland|
|Supplier’s Premises where Processing will occur|
|LIFELIKE Registered Office, with remote secure access to database hosted by EQUINIX, Data center IBX® ML2, Milano, Via Savona 125, 20144 – Milano (MI) – Italy.|
|Subprocessor representative responsible for data privacy (e.g. Data Protection Officer) contact details|
|Arianna Laus, CHRO and CFO of Lifelike SA, C.so San Gottardo 16, Chiasso (CHE)|
Technical and Organizational Security Measures
LifeLike believes that its customers’ confidential and personal information is among the most important data stored in its databases. So Lifelike management and personnel make sure and strive to keep it safe and secured at all times.
LifeLike stores all customer information in redundant databases in our cloud datacentre. Access to this data is restricted to employees working on the project concerned.
LifeLike ‘s appointed IT administrator alone has administration access to the database and database user management credentials.
All additional procedure access or database usage by any other standard user requires formal and written senior management approval before being authorized.
Significant aspects and procedures of Lifelike’s user access management policy and procedures are as follows:
- All access requests (creation/change of access) to Lifelike IT systems storing customer information must be formally approved by a clearly identified set of customer employees.
- Requests to access any of our IT systems storing customer information must be justified on the grounds of a business requirement (creation/change of access) clearly related to the scope of the project for which the data has been stored
- Documented checks ensure that access-rights are provided on a need-to-know basis (least privileged approach)
- Shared user IDs are forbidden (unless formally authorised by security and time limited exception request)
- Lifelike carries out a formal quarterly review of user access to Lifelike’s IT systems storing or handling customer information.
- The datacentre owner cannot access Lifelike’s server
Users must make sure their user IDs and passwords are not used to gain unauthorised access to Company systems by:
- Following the Lifelike’s password policy
- Ensuring that any PC they are using that is left unattended is locked or logged out.
- Leaving nothing on display that may contain access information, such as login names and passwords.
- Informing the IT team of any changes to their role and access requirements.
Network access control
The use of modems on non-Company owned PC’s connected to the Company’s network can seriously compromise the security of the network. The normal operation of the network must not be interfered with. Lifelike’s IT team must give specific advance approval to the connection of any equipment to the Company’s network, which is normally denied if not in connection with the specific purposes of the company and/or the projects.
Remote supplier access to the Company network
Partner agencies and 3rd party suppliers must not be given details of how to access the Company’s network without permission from IT team. The IT team must be informed immediately of any change to a supplier’s connections so that access can be updated or stopped. All permissions and access methods must be checked by our IT team.
Partners and 3rd party suppliers must contact the IT team before connecting to the company network and a log of activity must be maintained. Remote access software must be disabled when not in use.
Operating system access control
Access to operating systems is controlled by a secure login process. The login procedure must also be protected by:
- Not displaying any previous login information e.g. username.
- Limiting the number of unsuccessful attempts and locking the account if exceeded.
- Hiding password characters using symbols.
- Displaying a general warning notice that only authorised users are allowed.
All access to operating systems is via a unique login ID that will be audited and can be traced back to each individual user. The login ID must not give any indication of the level of access that it provides to the system (e.g. administration rights).
System administrators must have personal administrator accounts that will be logged and audited. The administrator account must not be used by individuals for normal day to day activities.
Application and Information access
Access within software applications must be restricted using the security features built into the individual product. The IT team is responsible for granting access to the information within the system. The access must:
- Be separated into clearly defined roles.
- Give the appropriate level of access required for the role of the user.
- Not be overridable (admin settings removed or hidden from the user).
- Be free from alteration by rights inherited from the operating system that could allow unauthorised higher levels of access.
- Be logged and auditable.
Privileged user access – Management policy and process
Access to our data or database uses a special user hierarchy that depends on data type (confidential/not confidential) and type of privilege (dba/non-dba)
This means that Lifelike’s employees can work as efficiently as possible on data that concerns their own projects alone (e.g. a user might be able to change database structure but will not be able to see any confidential data in the database tables)
User permission rules include:
- All high-privilege access must be approved at management level
- The log of all users with high-privilege access is kept up to date at all times
- A set of processes and tools allows temporary high-privilege access to address immediate and critical operational requirements
- All actions by users with extraordinary and temporary high-privilege access are recorded.
- Privileged access is allowed to trustworthy persons alone.
- Duties are segregated for all privileged access rights (e.g. log vs. operations, database vs. backup, developer vs. acceptance tester).
- All privileged access rights are revoked immediately they are no longer required.
End user device protection – Policy and procedures
All LifeLike client and server devices are safe:
- All computers have antivirus software with:
- Host intrusion detection / prevention
- PERSONAL firewalls are disabled because we use a network firewall
- Network access is monitored
- Removable devices (USB, DVDs etc.) are not encrypted
- Host intrusion detection / prevention
- Hard drives are not encrypted.
The IT team constantly monitors the status of all devices and keeps antivirus and security software updated.
Checks are made via a network console with update override where necessary. This cannot be stopped by the end user.
Employees with portable, laptop, notebook, handheld, tablet and other transportable computers containing confidential information must not leave these computers unattended at any time unless the information is stored in encrypted form.
Whenever confidential information is written to a disk or other storage media, the storage media must be marked as confidential. When not in use, the media should then be kept under lock and key (e.g. a safe) or in a similarly secure location.
Every multi-user computer or communications system must have enough automated tools to allow the system administrator to verify the security status of the system. These tools must include methods for the recording, detecting, and correcting commonly-encountered security problems.
Where systems software permits, computer and communications systems handling sensitive, valuable, or critical Lifelike information must securely log all significant security events. Examples of security events include users switching user ID during an online session, attempts to guess passwords, attempts to use privileges that have not been authorized, modifications to production application software, modifications to system software, changes to user privileges, and changes to logging system configurations.
Certain information must be captured whenever it is suspected that computer or network related crime or abuse has taken place. The information that must be immediately collected includes system logs, application audit trails, other indications of current system states, and copies of all potentially involved files.
Although system administrators are not required to load the most recent version of operating systems promptly, they are required promptly to apply all security patches to the operating system that have been released by knowledgeable and trusted user groups, well-known systems security authorities, or the operating system vendor. Only system security tools supplied by these sources or by commercial software organizations may be used on Lifelike computers and networks. Additionally, only vendor-supported versions of operating systems and applications must be used on production systems. This will generally require regular upgrades to the current release or the most recent prior version (current -1)
All computers permanently or intermittently connected to Lifelike local area networks must have password access controls. If the computers contain confidential or protected information, an extended user authentication system approved by the IT Department must be used. Multi-user systems (servers) should employ user IDs and passwords unique to each user, and user privilege restriction mechanisms with privileges based on an individual’s need to know. Network-connected, single-user systems must employ hardware or software controls approved by the IT Department that prevent unauthorized access.
Whenever system security has been compromised or if there is a reason to believe that it has been compromised, the system administrator involved must take steps to restore the system to secure operation. This may involve reloading a trusted version of the operating system and all security-related software from trusted storage media or original source-code disks/sites. The system involved must then be rebooted. All changes to user privileges since suspected system compromise must be reviewed by the system administrator for unauthorized modifications.
Logon and logoff process
All users must be positively identified before they can use any Lifelike multi-user computer or communications system resources. Positive identification for internal Lifelike networks involves a user ID and password, both of which are unique to an individual user, or an extended user authentication system.
Positive identification for all Internet and remote lines involves the use of an approved extended user authentication technique. The combination of a user ID and fixed password does not provide sufficient security for Internet or remote connections to Lifelike systems or networks. Modems, wireless access points, routers, switches and other devices attached to network-connected workstations located in Lifelike offices are forbidden unless they meet all technical requirements and have a user authentication system approved by the IT Department.
The logon process for network-connected Lifelike computer systems must simply ask the user to log on, providing prompts as needed. Specific information about the organization managing the computer, the computer operating system, the network configuration, or other internal matters may not be provided until a user has successfully provided both a valid user ID and a valid password.
If there has been no activity on a computer terminal, workstation, or personal computer for a certain time period, the system must automatically blank the screen and suspend the session. The session must not be resumed until the user has provided a valid password. The recommended time period is 30 minutes. An exception to this policy will be made if the immediate area surrounding a system is physically secured by locked doors, secured-room badge readers, or similar technologies or if the suspended session interferes with the ability of an instructor to complete his/her classroom instruction.
Users are prohibited from logging into any Lifelike system or network anonymously. If users employ systems facilities that permit them to change the active user ID to gain certain privileges, they must have initially logged on using a user ID that clearly indicates their identity or affiliation.
Limiting system access
The computer and communications system privileges of all users, systems, and independently operating programs such as agents, must be based on the need to know. This means that privileges must not be granted without a legitimate business need for them.
Default user file permissions must not automatically permit anyone on the system to read, write, execute or delete a system file. Although users may reset permissions on a file-by-file basis, such permissive default file permissions are prohibited. Default file permissions may be granted to small groups of people who have a genuine need to know.
Users with personally-owned computers must install a screen saver that secures to their machine’s hard disk drive, and must set passwords for all applications and systems software that allow connection to Lifelike resources.
Lifelike computer and communications systems must restrict access to the computers that users can reach over Lifelike networks. These restrictions can be implemented through routers, gateways, firewalls, wireless access points, and other network components. These restrictions must be used to, for example, control the ability of a user to log on to one computer then move from that computer to another computer.