“We”, “Us”, “Our” or “NurseBuddy” means NurseBuddy, a Finnish corporation (Business ID 2482476-8), the owner and operator of the Service.
What information do we collect?
Personal data refers to any information that you voluntarily submit to us and that identifies you personally, including contact information, such as your name, e-mail address, company name, address, phone number, and other information about yourself or your business. Personal information can also include information about any transactions, both free and paid, that you enter into on the Site, and information about you or your business that is available on the internet, such as from Facebook, LinkedIn, Twitter and Google, or publicly available information that we acquire from service providers.
You may provide your personal data through the Site, for example, by: (a) contacting or providing feedback; (b) applying for a job; (c) subscribing to newsletters or other material; (d) commenting on or discussing any content on the Site; or (e) downloading or uploading material. We also collect information observed and derived during the use of the Site. This includes information such as your IP address, geographical location, browser type, referral source, length of visit and pages viewed.
When you subscribe to the NurseBuddy Service we require you to provide us with personal contact information, such as name, company name, address, phone number, and email address. We may also require you to provide us with billing information, such as billing name and address, billing contact information and credit card number.
We use analytics softwares to allow us to better understand the functionality of our Service. In addition to information we collect this software may record information such as how often you use the Service, the events that occur within the Service, aggregated usage, and performance data.
We collect and maintain different types of personal information in respect of those individuals who seek to be, are, or were employed by us, including the personal information contained in: resumes and/or applications; references and interview notes; photographs and video; payroll information; wage and benefit information; forms relating to the application for, or in respect of changes to, employee health and welfare benefits; including, short and long term disability, medical care; and beneficiary and emergency contact information. In addition to the examples listed above, personal information also includes information such as name, home address, telephone, personal email address, date of birth and employee identification number, and any other information necessary to NurseBuddy’s business purposes, which is voluntarily disclosed in the course of an employee’s application for and employment with NurseBuddy. As a general rule, NurseBuddy collects personal information directly from you. In most circumstances where the personal information that we collect about you is held by a third party, we will obtain your permission before we seek out this information from such sources (such permission may be given directly by you, or implied from your actions). Where permitted or required by applicable law or regulatory requirements, we may collect information about you without your knowledge or consent.
Why do we process personal data?
NurseBuddy may process your personal data for one or more of the following reasons: (a) to provide the NurseBuddy Service (which may include the detection, prevention and resolution of security and technical issues); (b) for the purposes of customer administration; (c) to respond to customer support requests; (d) otherwise to fulfill the obligations under the Terms of Service; (e) to improve the Site and the NurseBuddy Service by analyzing activities and your behavior; (f) to send newsletters and other information and offers to you; (g) to communicate with you; and (h) to enable NurseBuddy to fulfil its obligations under applicable legislation. If you are a job applicant or employee, your personal data may be processed for recruitment and HR purposes. The personal data may also be processed for the purposes of direct marketing and advertisements via e-mail and other electronic communication channels.
Do we disclose personal data?
Your personal data can be disclosed with your express consent, for instance, in connection with a service provided by a third party.
Your personal data may also be disclosed according to the demands of competent authorities and relevant legal prerequisites.
NurseBuddy reserves the right to use anonymous data for any purpose and disclose anonymous data to third parties in its sole discretion.
How do we keep the data up to date?
We strive to keep the personal data in our possession accurate through reasonable measures by removing unnecessary information and updating outdated information.
What do we do to protect your personal data?
The security of your personal information is important to us and we will use appropriate physical, technical and administrative security measures to protect your personal data against misuse, loss or alteration. We limit access to personal information about you to employees who who have an essential work-related need and the right to process the personal data in question.
We implement privacy protection and data security, among other things, through the measures of preventive risk management, by taking privacy protection and data security into account in the design of our services and by regularly inspecting the compliance of our services. We respond to risks related to the misuse of data and other comparable risks, taking into account the probability of the risk and the nature of the data to be protected.
To collect credit card information and process payments we use third party PCI-compliant service providers. When you enter sensitive information (such as your password), we encrypt that information in transit using industry-standard Transport Layer Security (TLS) encryption technology. No method of transmission over the Internet, method of electronic storage or other security methods are one hundred percent secure. Therefore, while we strive to use reasonable efforts to protect your personal information, we cannot guarantee its absolute security.
How long do we store your data?
NurseBuddy will retain personal data as long as necessary to fulfill the purpose for which it was collected. After the basis for processing your personal data has ended, we will delete your personal data.
Access to Information
You are entitled, to inspect which data we have collected concerning you. You may access, review, correct, update, change or delete your information at any time. The requests should be sent to the following address: NurseBuddy, Rautatienkatu 21 B, 33100 Tampere, Finland or to email address email@example.com. If you are using the NurseBuddy Service, sign in to your account, go to your profile, and make the desired changes. We may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort (for instance, requests concerning information residing on backup tapes), jeopardize the privacy of others, would be extremely impractical, or for which access is not otherwise required. In any case where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort.
If you do not want your personal data to be processed for purposes relating to direct marketing, you may notify NurseBuddy at any time at the following postal address: NurseBuddy, Rautatienkatu 21 B, 33100 Tampere, Finland or to email address firstname.lastname@example.org. Information on how to deregister your personal data from being processed for marketing purposes will also be provided in all electronic marketing sent to you.
Cookies are small text files on your computer’s hard drive, allowing your computer to be recognized by the Site. NurseBuddy uses both so-called persistent cookies which save a file on your computer until you delete that file as well as so-called session cookies which disappear when you close your browser.
With the help of cookies, NurseBuddy may collect information about e.g. your computer, IP address, operating system and browser type. This information generally comprises data which does not allow individual identification of information related to a specific user.
NurseBuddy may use permanent cookies for statistical and analytical purposes such as maintaining statistics regarding the use of the Site, to conduct surveys in order to improve the Site and/or NurseBuddy’s other products and services, to determine which parts of the Site are most popular, to provide information to third parties so that appropriate advertising may be directed to you, and to optimize the use of the Site. Cookies are also used to recognize you when you return to the Site in order to, for example, provide you with information related to your own interests.
General Links to Other Sites
Use of the Service
Our online NurseBuddy Service allows any company to coordinate care service delivery by storing and editing data about their clients, client stakeholders and employees.
NurseBuddy collects information under the direction of its customers, and has no direct relationship with the individuals whose Personal Information it processes. If you are a customer of one of our customers and would no longer like to be contacted by one of our customer that use our NurseBuddy Service, please contact the customer that you interact with directly. We may transfer Personal Information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our customers.
NurseBuddy reserves the right to anonymise data stored in the Service and use it for any purpose and disclose it to third parties in its sole discretion.
Nursebuddy Terms of Service
Valid from January 27th 2021
THESE TERMS OF SERVICE (“AGREEMENT”) CONSTITUTE A BINDING AGREEMENT BETWEEN NURSEBUDDY, A FINNISH CORPORATION (FINNISH BUSINESS ID 2482476-8) AND THE CUSTOMER. THE AGREEMENT GOVERNS CUSTOMER’S USE OF NURSEBUDDY SERVICE AVAILABLE AT NURSEBUDDY SERVERS.
IF CUSTOMER REGISTERS FOR A FREE PLAN OF THE SERVICE CALLED LAUNCHPAD, THIS AGREEMENT WILL ALSO APPLY TO THAT FREE PLAN.
BY SIGNING UP OR OTHERWISE USING THE SERVICE, CUSTOMER ACCEPTS THE TERMS OF THIS AGREEMENT AND AGREE TO BE BOUND BY THE TERMS SET HEREIN.
IF YOU ARE ENTERING INTO THIS AGREEMENT ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO BIND SUCH ENTITY TO THIS AGREEMENT, IN WHICH CASE THE DEFINITIONS “CUSTOMER OR THEIR” SHALL REFER TO SUCH ENTITY.
IF YOU DO NOT AGREE WITH THE TERMS SET OUT HEREIN, PLEASE DO NOT ACCEPT THE AGREEMENT AND DO NOT USE THE SERVICE.
“Affiliate” means any entity which directly or indirectly controls, is controlled by, or is under common Control with the subject entity.
“Control” means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.
“Customer” or “Their” means you individually or the company or other legal entity for which you are accepting, and have the authority to accept, this Agreement.
“Customer Data” means all electronic data or information submitted by Customer or someone on Their behalf to the Service.
“Intellectual Property Rights” shall mean copyrights and related rights (including database and catalogue rights and photography rights), patents, utility models, design rights, trademarks, trade names, trade secrets, know-how and any other form of registered or unregistered intellectual property rights.
“Malicious Code” means viruses, worms, time bombs, Trojan horses and other harmful or malicious code, files, scripts, agents or programs.
“Service” means the online, Web-based NurseBuddy home care software service provided by Us, excluding Third Party Applications.
“Third Party Applications” means software such as add-ons that are provided by third parties, and that the Customer or the care workers and nurses may use to interoperate with the Service.
“Users” means individuals who are authorized by the Customer to use the Service on Customer’s behalf in Their organisation and who have a password to use the Service. Subject further to Section 5, Customer’s permitted Users consist of Their employees, and Their consultants, contractors and agents that Customer has engaged to assist in Their work (“Representatives”).
“We”, “Us”, “Our” or “NurseBuddy” means NurseBuddy, a Finnish corporation (Business ID 2482476-8), the owner and operator of the Service.
2. CUSTOMER’S RIGHT TO USE THE SERVICE DURING THEIR SUBSCRIPTION TERM
We shall make the Service available to Customer pursuant to this Agreement during the term of the Subscription and, if applicable, the free trial period.
As We continuously strive to improve the Service, We reserve the right at any time to modify, block, discontinue, update, develop, improve and enhance the Service as well as this Agreement during the Subscription term at our discretion. We aim at informing Customer of possible Service breaks and changes materially affecting Their use of the Service via the Service or by using other channels available to Us.
3. OUR RESPONSIBILITIES
We shall use commercially reasonable efforts to provide the Customer with technical support in the use of the Service. Support requests may be sent by email to email@example.com and by phone as informed in the Service.
3.2 Protection of Customer Data.
Processing of personal data by NurseBuddy on behalf of the Customer shall be subject to a separate data processing agreement (“DPA”) and incorporated to this Agreement by reference. In the event of discrepancy between this Agreement and the DPA the DPA shall prevail.
3.3 Customer Data at the Termination or Expiry of this Agreement.
Please note that Customer is responsible for Customer Data and making of appropriate backup copies of Customer Data. Upon termination or expiration of Their use of the Service the Customer may request a copy of Customer Data stored in Our database within 30 days from the termination or expiry date. We may charge the Customer for providing such copy in a format selected by Us and in accordance with Our price list in force at that time. Should the Customer wish for us to continue to retain Customer Data on Their behalf also after the termination or expiry or this Agreement, should Customer contact us as early as possible to inquire about Our possible data retention services. Unless the Customer has purchased such data retention services from Us, We will destroy Customer Data without undue delay after the said 30-day period.
4. PERMITTED USERS.
If Customer registered to use the Service in Their individual capacity, Customer individually is the only permitted User of the Service and may not permit any other individual or entity to use the Service under Their registration.
If Customer registers to use the Service on behalf of Their company, Their permitted Users are restricted to those employees or Representatives with an email address in the same domain name as with Their company and as set forth in the email address They used to register for the Service. Customer will be responsible for Their employees’ and other representatives’ compliance with the terms of this Agreement.
Customer shall ensure that Users use the Service in compliance with the Terms of this Agreement. Misuse of the Service by Customer or any User may lead to termination of the Agreement or suspension or denial of access to the Service.
5. CUSTOMER’S RESPONSIBILITIES
5.1 Use of Service
Customer shall be responsible (i) for obtaining and paying for the Internet/data connection as well as systems, applications and devices required to use the Service, (ii) Their Users’ and Representatives’ compliance with this Agreement, (iii) be solely responsible for Their care and nursing services and other services; and the accuracy, quality, integrity and legality of Customer data and of the means by which Customer acquires Customer data, (iv) use commercially reasonable efforts to prevent unauthorized access to or use of the Service, and notify Us promptly of any such unauthorized access or use, and (v) use the Service only in accordance with the User Guide and instructions given in the Service, if applicable, and applicable laws and government regulations.
Customer shall not (a) make the Service available to anyone other than Their permitted Users and Representatives; (b) use, sell, rent, transfer, license or otherwise provide anybody with the Service; (c) use the Service to store or transmit Malicious Code; (d) interfere with other Customers’ use and enjoyment of the Service; (e) circumvent or try to circumvent any usage control or anti-copy functionalities of the Service; (f) reverse engineer or decompile the Service or access the source code thereof, except as permitted by law; or (g) integrate the Service (by building interfaces or otherwise) with any other system or software, or attempt to gain unauthorized access to the Service or their related servers, systems or networks without the prior written consent from Us.
5.2 Third Party Applications and Customer Data.
If Customer installs or enables Third Party Applications for use with the Service, Customer acknowledges that providers of those Third Party Applications may have access to Customer Data as required for the interoperation of such Third Party Applications with the Service. We shall not be responsible for any Third Party Applications or disclosure, modification or deletion of Customer Data resulting from any such access by Third Party Application providers.
6. FEES AND PAYMENT FOR PURCHASED SERVICE
Customer shall pay all fees for purchased Subscription as specified upon such purchase or registration. Current standard pricing can be checked on the pricing page.
Any exceptions to the standard pricing must be in writing.
If Customer has been accepted to our Launchpad service, they can use it with no charge until they reach the limit specified. After reaching that limit once, the current standard pricing is applied.
Value added tax shall be added to the fees and be borne by Customer in accordance with applicable tax regulations.
Customer is invoiced according to their selected payment schedule. Subscription fee is charged upfront. Customer has the responsibility to select a volume plan that covers the monthly or annual volume they need, and update the volume plan when needed.
Monthly Subscription: By purchasing a Monthly Subscription, you agree to an initial and recurring Monthly Subscription fee at the then-current Monthly Subscription rate, and you accept responsibility for all recurring charges until you cancel your subscription. You may cancel your Monthly Subscription at any time, subject to the terms of our cancellation policy.
Annual Subscription: By purchasing an Annual Subscription, you agree to an initial pre-payment for one full year of service . After one year and annually thereafter, you will be billed a recurring Annual Subscription renewal fee at the then-current Annual Subscription rate. We will notify you before the renewal fee is billed.
For the sake of clarity, We may amend the applicable fees for the Subscription from time to time by giving Customer at least 30 days’ prior written notice in the Service or other applicable communication channels. If Customer does not accept such amended fees, Customer may terminate the Agreement to end in accordance with this Agreement or when the amended fees would take effect.
All payments made in accordance with this Agreement are non-refundable. For clarity, in the event of early termination during a subscription period, Customer shall not be entitled to a refund of any prepaid fees but will have continued access to the Service for the paid period.
6.1 Suspension of Service and Acceleration.
If any undisputed amount owing by Customer under this Agreement is seven (7) or more days past due, We may, without limiting Our other rights and remedies, suspend the Service to Customer, with a three (3) days’ prior notice, until such amounts are paid in full.
7. PROPRIETARY RIGHTS
7.1 Reservation of Rights; License.
We reserve all rights, title and interest in and to the Service and its Intellectual Property Rights, including all Intellectual Property Rights pertaining thereto. The Service is licensed, not sold, to Customer, and Company and its licensors retain ownership of all copies of the Service and the Content even after installation on Customer’s or Users’ computers, mobile device and/or other relevant devices.
We grant Customer a non-exclusive, non-transferable, non-sublicensable and limited right to access and use the Service during the validity of this Agreement. These rights are (a) non-perpetual and (b) conditional on Customer’s continued compliance with the terms of this Agreement, including payment for the Service. We reserve all rights not expressly granted to Customer in this Agreement, including any rights by implication or otherwise.
Customer shall not:
(i) create derivative works based on the Service, (ii) copy, frame or mirror any part or content of the Service, other than copying or framing on Their own intranets or otherwise for Their own internal business purposes, (iii) reverse engineer the Service, or (iv) access the Service in order to (a) build a competitive product or service, or (b) copy any features, functions or graphics of the Service.
7.3 Ownership of Customer Data.
Customer grants Us a non-exclusive, transferable, sub-licensable, royalty-free, perpetual, irrevocable, fully paid, worldwide licence to use, reproduce, translate, modify, create derivative works from any of Customer Data in connection with the Service, in order to provide the Service, through any medium, whether alone or in combination with other content or materials, in any manner and by any means, method or technology, whether now known or hereafter created.
Aside from the rights specifically granted herein, Customer retains ownership of all rights, including Intellectual Property Rights, in Customer Data.
We shall have a royalty-free, worldwide, transferable, sub licensable, irrevocable, perpetual license to use or incorporate into the Service any suggestions, enhancement requests, recommendations or other feedback provided by Customer relating to the operation of the Service.
8.1 Definition of Confidential Information.
As used herein, ”Confidential Information” means all confidential information disclosed by a party (” Disclosing Party“) to the other party (” Receiving Party“), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. All confidential information shall remain the property of the Disclosing Party and the Receiving Party shall keep confidential and refrain from using such confidential information otherwise than for the purposes of this Agreement, during the term of this Agreement and 5 years thereafter.
Customer’s Confidential Information shall include Customer Data; Our Confidential Information shall include the Service; and Confidential Information of each party shall include the business and marketing plans, technology and technical information, product plans and designs, and business processes disclosed by such party. However, Confidential Information shall not include any information that (i) is or becomes generally known to the public, (ii) is received from a third party without breach of any confidentiality obligation, (iii) was in the Receiving Party’s possession without any confidentiality obligation and before its disclosure by the Disclosing Party, or (iv) was independently developed by the Receiving Party without recourse to the Confidential Information.
8.2 Protection of Confidential Information.
Except as otherwise permitted in writing by the Disclosing Party, (i) the Receiving Party shall use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but in no event less than reasonable care) not to disclose or use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement, and (ii) the Receiving Party shall limit access to Confidential Information of the Disclosing Party to those of its employees and Representatives who need such access for purposes consistent with this Agreement and who have signed confidentiality agreements with the Receiving Party containing protections no less stringent than those herein.
8.3 Compelled Disclosure.
The secrecy obligations of the Receiving Party under this Agreement shall not apply to information which is disclosed by the Receiving Party pursuant to judicial order, a requirement of a governmental agency or by operation of law, provided that the Receiving Party gives the Disclosing Party a written notice of such requirement as soon as reasonably possible after learning of such requirement.
9. WARRANTIES AND DISCLAIMERS
EXCEPT AS EXPRESSLY PROVIDED HEREIN, WE MAKE NO WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, AND WE SPECIFICALLY DISCLAIM ALL IMPLIED WARRANTIES, INCLUDING ANY WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW. THE SERVICE IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS.
The services provided by NurseBuddy, are provided to the Customer on an ”as is” basis and all compliance with applicable laws, acts, country standards, case law and all similar provisions in the client’s country or jurisdiction, are the sole responsibility of Customer. NurseBuddy is in no way or manner responsible to comply by the aforementioned provisions in the Customer’s country. The client agrees to release NurseBuddy from all aforementioned responsibilities, and or liabilities, arising from the requirement to comply by such provisions.
Customer shall defend Us against any claim, demand, suit or proceeding made or brought against Us by a third party alleging that Customer Data or Their use of the Service, breaches the privacy, employment or other laws of any jurisdiction or rights of a third party (a “Claim Against Us”), and shall indemnify Us for any damages, reasonable attorney fees and other costs or for any amounts paid by Us under a court-approved settlement of a Claim Against Us; provided that We (a) promptly give Customer a written notice of the Claim Against Us; (b) give Customer sole control of the defense and settlement of the Claim Against Us (provided that Customer may not settle any Claim Against Us unless the settlement unconditionally releases Us of all liability); and (c) provide to Customer all reasonable assistance, at Their expense.
11. LIMITATION OF LIABILITY
11.1 Limitation of Liability.
NURSEBUDDY’S LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT (WHETHER IN CONTRACT OR TORT OR UNDER ANY OTHER THEORY OF LIABILITY) SHALL NOT EXCEED THE HIGHER OF 1000 EUROS OR EXCEED THE AGGREGATE 12 MONTHS’ SERVICE FEES PAID BY CUSTOMER IMMEDIATELY PRECEDING THE EVENT FOR WHICH DAMAGES ARE CLAIMED.
11.2 Exclusion of Consequential and Related Damages.
IN NO EVENT SHALL EITHER PARTY HAVE ANY LIABILITY TO THE OTHER PARTY FOR ANY LOST PROFITS OR REVENUES OR FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, COVER OR PUNITIVE DAMAGES HOWEVER CAUSED WHETHER IN CONTRACT, TORT OR UNDER ANY OTHER THEORY OF LIABILITY, OR LOSS, DESTRUCTION OR ALTERATION OF DATA AND WHETHER OR NOT THE PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
11.3 Liability not excluded.
THE LIMITATIONS OF LIABILITY DESCRIBED ABOVE SHALL NOT APPLY TO THE DAMAGES CAUSED BY GROSS NEGLIGENCE OR INTENTIONAL MISCONDUCT OR TO EXTENT PROHIBITED BY THE APPLICABLE LAW.
12. TERM AND TERMINATION
12.1 Term of Agreement.
If Customer elects to use the Service for the Trial and do not terminate the use of the Service before the end of that period, this Agreement will continue in force after the period until terminated pursuant to this Section.
After the Customer has subscribed to the Service and the Trial period has expired, the Agreement shall remain in force until further notice unless terminated by Customer upon one (1) month’s prior written notice. We may terminate the Agreement upon one (1) month’s prior written notice.
Monthly Subscription: After Termination Notice, the Agreement will remain in force for one full Subscription period.
Annual Subscription: To terminate the Agreement before the next 12 month Subscription period, Customer must send a notice one month before the new Subscription period starts.
All notifications of termination must be submitted through our Cancellation form available in the online Service.
12.2 Termination for Cause.
A party may terminate this Agreement for cause: (i) upon 30 days written notice to the other party of a material breach if such breach remains uncured at the expiration of such period, or (ii) if the other party becomes the subject of a petition in bankruptcy, insolvency, liquidation or any kind of arrangement which is likely to affect substantially the ability of the other party to carry out its obligations under this Agreement.
12.3 Payment upon Termination.
In no event shall any termination relieve Customer of the obligation to pay any fees payable to Us for the period prior to the effective date of termination. If We have terminated this Agreement for cause as set forth in Section 12.2, Customer also has the obligation to pay Us through the end of Their remaining term.
12.4 Amendments to the Agreement.
The Service is subject to continuous development and We reserve the right to update and make amendments to this Agreement at any time. If such amendment would have material impact on Customer, we shall provide Customer with at least 30 days’ prior written notice. Customer may terminate this Agreement in accordance with the terms set out herein or when the amendment would take effect.
12.5 Surviving Provisions.
Sections 7, 8 and other terms that by their nature survive the termination of this Agreement shall survive any termination or expiration of this Agreement.
13. GOVERNING LAW AND DISPUTES
13.1 Governing Law.
This Agreement shall be governed exclusively by, and construed exclusively in accordance with, the laws of Finland, without regard to the provisions of conflicts of law of any jurisdiction.
13.2 Dispute Resolution.
Both parties shall use their best efforts to settle by amicable negotiations any disputes which may occur between them arising out of or relating to this Agreement or the existence, validity, termination, interpretation of any term hereof or either party’s performance obligations hereunder. If the parties fail to reach an amicable settlement of their dispute within 30 days of its initiation, either party may refer such dispute to binding arbitration to the Finnish Chamber of Commerce in Helsinki, Finland in accordance with its rules. The arbitration shall be conducted in the English language by a single arbitrator who shall be a professional, legal or otherwise, but shall not be, or have previously been associated with any party to this Agreement. The arbitral award shall be final, binding and non-appealable. Notwithstanding the foregoing, in recognition of the irreparable harm that a violation by either party of its obligation of confidentiality owed to the other party or a breach by Customer of Our intellectual property rights would cause, the non-breaching Party may seek an injunction against such violation or breach in a court of competent jurisdiction. In any such arbitration or injunctive action, the loser shall pay the other party’s reasonable attorney fees.
14. GENERAL PROVISIONS
Notices to You shall be addressed to the email address You provided upon registration to the Service. Notices to Us shall be sent to firstname.lastname@example.org or the post address indicated on our website.
Except as otherwise specified in this Agreement, all notices, permissions and approvals hereunder shall be in writing and shall be deemed to have been given upon: (i) personal delivery or (ii) the third business day after mailing or after sending by email.
14.2 Relationship of the Parties.
The parties are independent contractors. This Agreement does not create a partnership, franchise, joint venture, agency, fiduciary, or employment relationship between the parties.
14.3 No Third Party Beneficiaries.
There are no third party beneficiaries to this Agreement.
14.4 Waiver and Cumulative Remedies.
No failure or delay by either party in exercising any right under this Agreement shall constitute a waiver of that right. Other than as expressly stated herein, the remedies provided herein are in addition to, and not exclusive of, any other remedies of a party at law or in equity.
If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the provision shall be modified by the court and interpreted so as best to accomplish the objectives of the original provision to the fullest extent permitted by law, and the remaining provisions of this Agreement shall remain in effect.
Neither party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the prior written consent of the other party (not to be unreasonably withheld). Notwithstanding the foregoing, either party may assign this Agreement in its entirety, without consent of the other party, to its Affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets not involving a direct competitor of the other party. Subject to the foregoing, this Agreement shall bind and inure to the benefit of the parties, their respective successors and permitted assigns.
14.7 Entire Agreement.
This Agreement, including all addenda (if any) thereto, constitute the entire agreement between the parties and supersede all prior and contemporaneous agreements, proposals or representations, written or oral, concerning its subject matter. No modification, amendment, or waiver of any provision of this Agreement shall be effective unless in writing and either signed or accepted electronically by the party against whom the modification, amendment or waiver is to be asserted.
Purpose of the Website
Loikka Design Ltd. (having the Finnish company registration number 2482476-8 and the address Rautatienkatu 21 B, 33100 Tampere, Finland) (hereinafter “NurseBuddy”) provides the Website to its customers and other interested parties.
Intellectual Property Rights
The entire content of this Website is subject to copyright, trademark rights and other intellectual property rights and licenses held by NurseBuddy or third parties that are protected by applicable Finnish and/or other national and/or international legislation. All rights not explicitly granted herein are reserved.
No content on this Website may be copied, published, distributed, transferred, modified, stored or processed without NurseBuddy’s prior written consent. Unauthorized use or distribution of any material on this Website may violate copyright, trademark and/or other laws and may be subject to civil and criminal sanctions.
NurseBuddy grants no express or implied rights to you under any patents, copyright, trademarks or confidential information.
Any material, information or other communications you submit to this Website will be considered non-confidential, non-exclusive, royalty-free, irrevocable, fully sub-licensable and free to use (hereinafter the “Communications”). To the maximum extent allowed by law, NurseBuddy will have no obligations in respect of the Communications.
NurseBuddy will be free to disclose, copy, distribute, incorporate and/or otherwise use Communications, together with all data, images, sounds, text, and other things embodied therein, for any and all commercial or non-commercial purposes.
NurseBuddy does not check or control the content of any Communications and accepts no liability for them. NurseBuddy may at its sole discretion at any time remove any Communications from this Website.
By submitting any Communication to this Website, you agree that: (i) the material will not contain any item that is unlawful or otherwise unfit for publication; (ii) you will use best efforts to scan and remove any viruses or other contaminating or destructive features before submitting any material; (iii) you own the material or have the unlimited right to provide it to NurseBuddy; (iv) the Communication is not defamatory, false or libelous, and does not contain any unlawful, harmful, threatening, harassing, discriminatory, abusive, profane, pornographic or obscene material, and does not violate the privacy, personality, intellectual property or other rights of any third party; (v) you will not impersonate any other person, for headers, or otherwise manipulate identifiers in order to disguise the origin of any Communication you provide; and (vi) you agree not to take action against NurseBuddy in relation to material that you submit and you agree to indemnify NurseBuddy if any third party takes action against NurseBuddy in relation to the material you submit.
NurseBuddy may include links to sites on the internet that are owned or operated by third parties. By linking to such third-party site, you shall review and agree to that site’s rules of use before using such site. You also agree that NurseBuddy has no control over the content of that site and cannot assume any responsibility and liability for material created or published by such third-party sites. In addition, a link to a site owned or operated by third parties does not imply that NurseBuddy endorses the site or the products or services referenced in such third-party site.
TO THE MAXIMUM EXTENT ALLOWED BY LAW, THE INFORMATION CONTAINED ON THE WEBSITE IS PROVIDED “AS IS” WITHOUT ANY EXPRESS OR IMPLIED WARRANTY OF ANY KIND, INCLUDING WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT OF INTELLECTUAL PROPERTY, OR FITNESS FOR ANY PARTICULAR PURPOSE. IN THE EVENT THE WEBSITE LINKS TO A PAGE OF A THIRD PARTY, SUCH LINK IS SOLELY FOR THE CONVENIENCE OF USERS, AND NURSEBUDDY SHALL HAVE NO LIABILITY FOR THE CONTENT OR ACCURACY OF ANY INFORMATION CONTAINED ON SUCH WEB PAGE.
TO THE MAXIMUM EXTENT ALLOWED BY LAW, NURSEBUDDY SHALL IN NO EVENT BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT LIMITATION, INDIRECT, CONSEQUENTIAL OR SPECIAL DAMAGES, SUCH AS FOR LOSS OF REVENUE, LOSS OF INCOME, OR LOSS OF PROFIT, BUSINESS INTERRUPTION, OR LOSS OF DATA OR LOSS OF INFORMATION, ARISING OUT OF THE USE OF OR INABILITY TO USE THE INFORMATION ON THE WEBSITE.
Further, NurseBuddy does not warrant the availability, accuracy or completeness of any information, including but not limited to any text, picture, graphic, link or other item that may be contained within this Website. NurseBuddy may make changes to the content of this Website or to any products described herein at any time without notice. NurseBuddy provides no undertaking to update the information or other materials on this Website.
Questions and Comments
This Data Processing Agreement (“DPA”) forms a part of the Terms of Service or another agreement such as master subscription agreement entered between NurseBuddy and its customer identified in such agreement or the applicable signup form (“Customer”), in which case, it forms a part of such agreement (in either case, the “Agreement”).
By accepting the Agreement or by separately signing this DPA, Customer enters into this DPA on behalf of itself and, to the extent required under applicable Data Protection Laws, in the name and on behalf of its Controller Affiliates (defined below). For the purposes of this DPA only, and except where indicated otherwise, the term “Customer” shall include Customer and Controller Affiliates. All capitalized terms not defined herein shall have the meaning set forth in the Agreement.
In the course of providing the Service under the Agreement, NurseBuddy may Process certain Personal Data (such terms defined below) on behalf of Customer. In such event NurseBuddy may be regarded as a Processor and the Customer as Controller under the applicable Data Protection Laws. Where NurseBuddy Processes such Personal Data as Processor on behalf of Customer the Parties agree to comply with the terms and conditions of this DPA in connection with such processing of Personal Data.
HOW THIS DPA APPLIES TO CUSTOMER AND ITS AFFILIATES
This DPA is part of the Agreement. By accepting the Agreement the Customer agrees to be bound to this DPA.
If the Customer entity signing this DPA has executed a signup form with NurseBuddy or its Affiliate pursuant to the Agreement, but is not itself a party to the Agreement, this DPA is an addendum to that signup form and applicable renewal signup forms, and the NurseBuddy entity that is party to such signup form is party to this DPA.
“Controller” means the entity which determines the purposes and means of the Processing of Personal Data.
“Data Protection Laws” means all laws and regulations, including laws and binding regulations of the European Union, the European Economic Area and their member states, Switzerland and the United Kingdom, applicable to the Processing of Personal Data under the Agreement including the GDPR.
“Data Subject” means the identified or identifiable person to whom Personal Data relates.
“GDPR” means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
“Personal Data” means any information that relates to an identified or identifiable natural person, to the extent that such information is protected as personal data under applicable Data Protection Laws and is submitted as Customer Data.
“Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Processor” means the entity which Processes Personal Data on behalf of the Controller.
“Security Practices Datasheet” means NurseBuddy’s Security Practices Datasheet, as updated from time to time (see Exhibit A).
“NurseBuddy” means the NurseBuddy entity which is a party to this DPA being Loikka Design Ltd. (having the Finnish company registration number 2482476-8 and the address Pinninkatu 47, 33100 Tampere, Finland)
“Sub-processor” means any entity engaged by NurseBuddy to Process Personal Data in connection with the Service.
“Supervisory Authority” means an independent public authority which is established by an EU Member State pursuant to the GDPR.
2. PROCESSING OF PERSONAL DATA
2.1 Roles of the Parties. The parties acknowledge and agree that with regard to the Processing of Personal Data, Customer is the Controller and NurseBuddy is the Processor. NurseBuddy may engage Sub-processors pursuant to the requirements set forth in Section 4 “Sub-processors” below.
2.2 Customer’s Processing of Personal Data. Customer shall, in its use of the Service and provision of instructions, Process Personal Data in accordance with the requirements of applicable Data Protection Laws. Customer shall have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which Customer acquired Personal Data.
2.3 NurseBuddy’s Processing of Personal Data. As Customer’s Processor, NurseBuddy shall only Process Personal Data for the following purposes: (i) Processing in accordance with the Agreement and other applicable agreements as necessary to provide NurseBuddy’s Service; (ii) Processing initiated by the Customer’s authorized users in their use of the Service; and (iii) Processing to comply with other reasonable instructions provided by Customer (e.g., via email or support tickets) that are consistent with the terms of the Agreement (individually and collectively, the “Purpose”). NurseBuddy acts on behalf of and on the instructions of Customer in carrying out the Purpose.
2.4 Details of the Processing. NurseBuddy will Process Customer’s Personal Data as long as this Agreement is valid and delete it according to Section 7. Personal Data includes all the information that Customer has recorded in NurseBuddy, concerning their employees, clients and contact persons for clients.
2.5 Transfer of personal data outside of the EEA. NurseBuddy Processes the Personal Data within the EEA. In the event NurseBuddy would transfer personal data outside of the EEA it shall notify the Customer of such transfer and the Customer may object such transfer by following the steps described in Section 4.3. Further, NurseBuddy take such measures as are necessary to ensure the transfer is in compliance with applicable Data Protection Laws. Such measures may include, for instance, transferring the Personal Data to a recipient in a country that the European Commission has decided provides adequate protection (e.g. the Privacy Shield framework of the U.S.) for personal data or to a recipient that has executed the SCC adopted or approved by the European Commission. NurseBuddy agrees to execute applicable SCC approved by the European Commission if required by the Customer.
2.6 Assistance. As may be required by applicable Data Protection Laws, NurseBuddy shall assist the Customer in complying with its statutory obligations under applicable Data Protection Laws such as performing data protection impact assessments and consulting Supervisory Authority and provide the Customer with such information that may be required for showing compliance with the DPA and the applicable Data Protection laws.
3. RIGHTS OF DATA SUBJECTS
3.1 Data Subject Requests. NurseBuddy shall, to the extent legally permitted, promptly notify Customer if NurseBuddy receives any requests from a Data Subject to exercise the following Data Subject rights: access, rectification, restriction of Processing, erasure (“right to be forgotten”), data portability, objection to the Processing, or to not be subject to an automated individual decision making (each, a “Data Subject Request”). Taking into account the nature of the Processing, NurseBuddy shall assist Customer by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of Customer’s obligation to respond to a Data Subject Request under applicable Data Protection Laws. In addition, to the extent Customer, in its use of the Service, does not have the ability to address a Data Subject Request, NurseBuddy shall, upon Customer’s request, provide commercially reasonable efforts to assist Customer in responding to such Data Subject Request, to the extent NurseBuddy is legally permitted to do so and the response to such Data Subject Request is required under applicable Data Protection Laws. Customer shall be responsible for any costs arising from NurseBuddy’s provision of such assistance in accordance with NurseBuddy’s applicable rates, including any fees associated with provision of additional functionality.
4.1 Appointment of Sub-processors. Customer acknowledges and agrees that NurseBuddy may engage third-party Sub-processors in connection with the provision of the Service. As a condition to permitting a third-party Sub-processor to Process Personal Data, NurseBuddy will enter into a written agreement with each Sub-processor containing data protection obligations that provide at least the same level of protection for Personal Data as those in this DPA, to the extent applicable to the nature of the Sub-processor Services provided by such Sub-processor.
4.2 List of Current Sub-processors and Notification of New Sub-processors. A current list of Sub-processors for the Service, including the identities of those Sub-processors and their country of location, is accessible in Exhibit B (“Sub-processor Lists”). Customer may receive notifications of new Sub-processors by sending an email request to email@example.com with the subject “Subscribe”, and if a Customer contact subscribes, NurseBuddy shall provide the subscriber with notification of new Sub-processor(s) before authorizing such new Sub-processor(s) to Process Personal Data in connection with the provision of the Service.
4.3 Objection Right for New Sub-processors. Customer may reasonably object to NurseBuddy’s use of a new Sub-processor (e.g., if making Personal Data available to the Sub-processor may violate applicable Data Protection Law or weaken the protections for such Personal Data) by notifying NurseBuddy promptly in writing within ten (10) business days after receipt of NurseBuddy’s notice in accordance with the mechanism set out in Section 4.2. Such notice shall explain the reasonable grounds for the objection. In the event Customer objects to a new Sub-processor, as permitted in the preceding sentence, NurseBuddy will use commercially reasonable efforts to make available to Customer a change in the Service or recommend a commercially reasonable change to Customer’s configuration or use of the Service to avoid Processing of Personal Data by the objected-to new Sub-processor without unreasonably burdening Customer. If NurseBuddy is unable to make available such change within a reasonable period of time, which shall not exceed thirty (30) days, either party may terminate without penalty the applicable Agreement by providing written notice to NurseBuddy.
4.4 Liability. NurseBuddy shall be liable for the acts and omissions of its Sub-processors to the same extent NurseBuddy would be liable if performing the Sub-processor Services, directly under the terms of this DPA.
5.1 Controls for the Protection of Customer Data. NurseBuddy shall maintain appropriate technical and organizational measures for protection of the security (including protection against unauthorized or unlawful Processing and against accidental or unlawful destruction, loss or alteration or damage, unauthorized disclosure of, or access to, Customer Data), confidentiality and integrity of Customer Data, as set forth in the Security Practices Datasheet. NurseBuddy regularly monitors compliance with these measures. NurseBuddy will not materially decrease the overall security of the Service during a subscription term.
5.2 Customer Audits. Customer may contact NurseBuddy in accordance with the “Notices” Section of the Agreement to request an on-site audit of NurseBuddy’s procedures relevant to the protection of Personal Data, but only to the extent required under applicable Data Protection Law. Customer shall reimburse NurseBuddy for any time expended for any such on-site audit at the NurseBuddy’s then-current rates, which shall be made available to Customer upon request. Before the commencement of any such on-site audit, Customer and NurseBuddy shall mutually agree upon the scope, timing, and duration of the audit, in addition to the reimbursement rate for which Customer shall be responsible. All reimbursement rates shall be reasonable, taking into account the resources expended by NurseBuddy. Customer shall promptly notify NurseBuddy with information regarding any non-compliance discovered during the course of an audit, and NurseBuddy shall use commercially reasonable efforts to address any confirmed non-compliance.
6. CUSTOMER DATA INCIDENT MANAGEMENT AND NOTIFICATION
NurseBuddy maintains security incident management policies and procedures specified in the Security Practices Datasheet. NurseBuddy shall notify Customer of any breach relating to Personal Data (within the meaning of applicable Data Protection Law) of which NurseBuddy becomes aware and which may require a notification to be made to a Supervisory Authority or Data Subject under applicable Data Protection Law or which NurseBuddy is required to notify to Customer under applicable Data Protection Law (a “Customer Data Incident”). NurseBuddy shall provide commercially reasonable cooperation and assistance in identifying the cause of such Customer Data Incident and take commercially reasonable steps to remediate the cause to the extent the remediation is within NurseBuddy’s control.
7. RETURN AND DELETION OF CUSTOMER DATA
Upon termination of the Service, NurseBuddy shall, upon Customer’s request, and subject to the limitations described in the Agreement and the Security Practices Datasheet, return all Customer Data and copies of such data to Customer or securely destroy them and demonstrate to the satisfaction of Customer that it has taken such measures, unless applicable law prevents it from returning or destroying all or part of Customer Data. For clarification, depending on the Service plan purchased by Customer, Customer Data export may incur additional charge(s) and/or require purchase of a Service upgrade. NurseBuddy agrees to preserve the confidentiality of any retained Customer Data and will only actively Process such Customer Data after such date in order to comply with the laws it is subject to.
8. LIMITATION OF LIABILITY
Each party’s and all of its Affiliates’ liability, taken together in the aggregate, arising out of or related to this DPA, and all DPAs between Controller Affiliates and NurseBuddy, whether in contract, tort or under any other theory of liability is limited to fifteen (15) percent of the sum paid by the Customer to NurseBuddy for the Service during the 12 months preceding the cause for the claim. Neither Party is liable for indirect damages, such as production loss, loss of profit, expected savings or cover purchases.
9. GOVERNING LAW
This DPA and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) shall be governed by, and construed in accordance with, the laws of Finland.