These Rules (hereinafter referred to as the Rules) determine the conditions and procedures for access and use of our online Finomarkt listing App (hereinafter the App), the ways that you can access and use the Personal Data available in the App (as defined below) and the Rules are mandatory for anyone using the App for managing their listings.
These Rules are based on the provisions of the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27-04-2016 (hereinafter referred to as the General Data Protection Regulation).
By using the App to manage your event bookings, you automatically and unconditionally agree to, and commit to comply with, these Rules.
If the provisions of these Rules are totally or partially unacceptable, incomprehensible or unclear, you are not entitled to use the App to manage your event bookings. If you are in doubt as to the provisions of these Rules, you must consult a lawyer or a personal data protection specialist before using the App.
The terms given in this clause below have the following meaning:
The terms “data subject”, “data processing”, “data processor” and “personal data security breach” used in these Rules are to be understood and interpreted as defined in the General Data Protection Regulation.
Where the context requires, the terms used in these Rules in singular shall have the same meaning in plural and vice versa.
When the Consumer books you through the App (upon booking the time for the provision of your services), you will automatically be provided with the Consumer's Personal Data that you can use only to provide your services to the Consumer within his booked time.
You may not use Personal Data for a longer period than the provision of the booked service to the Consumer.
By using Personal Data, you become a data processor within the meaning of the General Data Protection Regulation and you must:
The use of a particular Consumer's Personal Data based on the consent directly from the Consumer is not considered a violation of the above-mentioned guarantees.
By using the App, you undertake at your own expense to ensure the confidentiality of Personal Data and guarantee that access to Personal Data will be granted only to your employees or authorized persons who need such access for the performance of their functions, and that only the authorized actions will be performed with the Personal Data.
By using the App, you also undertake to ensure that the persons authorized by you to process Personal Data will be properly informed about its confidentiality, will be properly trained to perform their duties and comply with the requirements for processing Personal Data (including those provided in these Rules and/or our separate instructions, as well as the applicable legislation), and will be committed to maintaining its confidentiality without limitation to the duration of their legal relations with you.
By using the App, you confirm that you are clearly aware that the obligations regarding the confidentiality of Personal Data shall remain valid even after termination of legal relations with us.
By using the App, you undertake at your own expense to ensure the protection of Personal Data being processed by implementing the appropriate technical and organizational measures to protect the Personal Data from accidental or unlawful destruction, damage, alteration, loss, disclosure, and any other unlawful processing. Your measures must provide a level of protection consistent with the nature of the Personal Data, the risks associated with its processing, and the current technical possibilities.
By using the App, you undertake to provide all necessary information, documents, and assistance for us to comply with the requirements of the General Data Protection Regulation, at no additional cost, upon our request and within the reasonable time indicated by us, in accordance with other applicable laws. By providing this assistance, you must be able to:
In the event that the authorized public authorities or any other person (including the data subject) requests you to submit Personal Data, you must forward such a request to us without any undue delay (and in any case within the reasonable time before the expiration of such request).
You must not disclose Personal Data or any other information related to its processing without our prior written consent, unless you are required to do so by law. In such cases, you must notify us immediately, unless such notice is prohibited by law.
In the event of, or if there is any suspicion that, a Personal Data security breach has occurred—or if any supervisory authority initiates proceedings against you regarding the processing of Personal Data—you must notify us free of charge without undue delay, and in any case no later than 24 hours after becoming aware of it. In your notification, you must provide all information required by the applicable law to enable us to notify the relevant supervisory authority and the affected data subjects, and to take measures to eliminate or reduce the consequences of the breach.
You are encouraged, in agreement with us, to promptly resolve the issue and prevent further damage, as well as mitigate the consequences of such an incident.
The General Data Protection Regulation empowers us, as a data controller, to perform inspections and/or audits during your normal business hours, without interrupting your activities and at no cost to you, by providing notice in advance. Such audits or inspections may be carried out by our employees or by other persons bound by confidentiality obligations. We shall assume the cost of such audits or inspections; however, if we find that you fail to comply with statutory obligations or our requirements, we will be entitled to claim reimbursement for these costs.
You have no right to disclose Personal Data to any third party or use sub-processors to process Personal Data without our express prior written permission. If permission is granted, your disclosure of Personal Data must comply with the General Data Protection Regulation, other applicable laws, and these Rules, and the sub-processor must be bound in writing to the same obligations. At our request, you must provide proof of compliance without undue delay.
Regardless of any permission issued, you remain liable for the lawfulness of disclosing Personal Data to third parties and/or using sub-processors, as well as for their obligations, whether arising from contracts or applicable law.
We reserve the right, at any time and without providing reasons, to cancel any permission you have to disclose Personal Data to third parties or to use a sub-processor.
We confirm that the processing of Personal Data entrusted to you under these Rules is legal and complies with the provisions of the General Data Protection Regulation and other applicable laws.
We undertake to provide you, upon receipt of your request and without undue delay, with the necessary information required for the processing of Personal Data.
Unless otherwise expressly provided by applicable law, upon the expiration of the processing period, you must either return the Personal Data to us or delete (destroy) it.
You shall bear any costs and losses incurred by us and/or data subjects due to your non-performance or improper performance of your obligations under these Rules or applicable law.
The lack, shortage of clarity, or incompleteness of any provision in these Rules and/or our instructions does not relieve you from fulfilling your obligations under the General Data Protection Regulation and other applicable laws.
These Rules are drawn up on the basis of the laws of the United Kingdom. The legal relations arising from these Rules are governed by the laws of the United Kingdom.
Any legal disputes related to the application of these Rules will be settled in the court of the United Kingdom according to the address of the Service Provider, unless the applicable law provides otherwise.