This Terms of Service Data Protection Addendum (“Addendum”) is entered into by and between Intlock Ltd., by and on behalf of itself and its subsidiaries (“Intlock”) and Client. This Addendum sets out terms that will apply to Intlock’s Processing of Client Data subject to the European Union General Data Protection Regulation (“GDPR”) on and after this Addendum has been properly executed in accordance with the terms set forth herein. This Addendum, together with the existing Terms of Subscription Service, as may have been amended (“Agreement”) reflects the parties’ agreement related to Processing of Client Data, including Personal Data, in accordance with the GDPR.
If you are entering into this Agreement on behalf of a company or other legal entity, you represent that you have the authority to bind such entity to this Agreement in which case the term “Client” shall refer to such entity. If you do not have such authority, or if you do not agree to the terms of this Agreement, do not accept this Agreement or use the Solutions. If you receive free access or a trial or evaluation subscription to the Solutions, you are deemed a “Client” under this Agreement and are subject to its terms, including the restrictions and limitations under Trial Subscriptions below. You may not use or access the Solutions if you are (a) a direct competitor of Intlock, (b) accessing or using the Solutions for the benefit of a direct competitor of Intlock and (c) a competitor of Intlock may work for, or on behalf of you on these Solutions.
1. DEFINITIONS AND INTERPRETATIONS
1.1. Definitions – Capitalized terms not defined in this Addendum shall have the meaning as defined in the Agreement
a) “Adequate Country” means a country which is deemed adequate by the European Commission under Article 25(6) of Directive 95/46/EC or Article 45 of GDPR.
b) “Agreement” means the terms of subscription service incorporated in a Quote, or the master subscription agreement between Intlock and Client.
c) “Data Controller” means the party that determines the purposes and means of the Processing of Personal Data.
d) “Data Processor” means the party that Processes Personal Data on behalf of, or under the instruction of, the Data Controller.
e) “Data Protection Authority” means the competent body in the relevant jurisdiction charged with enforcement of applicable Law.
f) “Data Subject” means the identified or identifiable person who is the subject of Personal Data.
g) “EEA” means the European Economic Area and shall be deemed to include Switzerland.
h) “GDPR” means European Union Regulation (EU) 2016/679.
i) References to “instructions” or “written instructions” and related terms mean Data Controller’s written instructions for Processing of Client Data, which consist of (1) the terms of the Agreement and this Addendum, and (2) Processing enabled by Data Controller through the Solutions.
j) “Law(s)” means, with respect to a party, all privacy, data protection, data transfer, information securityrelated and other laws and regulations applicable to such party, including without limitation the GDPR.
k) “Model Clauses” means the Standard Contractual Clauses for Controller-to-Processor transfers, applicable to Personal Data from the EEA and Switzerland, as approved by the European Commission under Decision (EU) 2021/914, and the UK International Data Transfer Addendum, in the form agreed and executed by the parties.
l) “Processing” means any operation or set of operations which is performed upon Client Data by the Solutions, as further described in Annex A.
m) “Personal Data” means any information included in the Client Data relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as identification number location data, an online identifier or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity. Client acknowledges and agrees that in no event will Client allow Personal Data include Prohibited Data.
n) “Prohibited Data” means any Personal Data that could be legally considered sensitive in any applicable jurisdiction, including government issued identification (i.e., SSNs, driver’s license), individual medical or health information (including PHI), financial data (i.e., account numbers, credit or debit card numbers) and authentication factors or an unencrypted identifier in combination with a password or other access code that would permit access to a Data Subject account (including security codes, passwords, biometric information, and answers to security questions), as well as sensitive data, such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership; genetic data; data concerning a natural person’s sex life or sexual orientation; and nonpublic personal information governed by the Gramm Leach Bliley Act; and precise geolocation, and other special categories of Personal Data as defined in Article 9 of the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
o) “Security Incident” means any unauthorized or unlawful breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to Personal Data in Data Processor’s control.
p) “Solutions” means the specific online software-as-a-service products ordered by Client as identified on the applicable Quote. The term “Solutions” includes the related Tagging Methods and Documentation (but excludes Professional Services).
q) “Subprocessor” means any third party processor engaged by Data Processor or its affiliates to assist in fulfilling its processing obligations with respect to providing the Solutions pursuant to the Agreement or this Addendum. Third Party Platforms shall not be deemed Subprocessors.
r) “Third Party” shall mean any natural or legal person, public authority, agency or any other body other than the Data Subject, Data Controller, Data Processor, or Subprocessors or other persons who, under the direct authority of the Data Controller or Data Processor, are authorized to Process the Client Data.
1.2. Interpretation – In this Agreement, the words “including” and “in particular” and any similar words or expressions are by way of illustration and emphasis only and do not operate to limit the generality or extent of any other words or expressions. Further, headings in this Agreement are for convenience only and do not affect its interpretation.
2.1. Client will act as the Data Controller and Intlock will act as the Data Processor in connection with the Solutions. Both the Data Controller and Data Processor shall be subject to applicable Law in the carrying out of their respective responsibilities as set forth in this Addendum.
2.2. Data Controller retains all ownership rights in the Client Data, as set forth in the Agreement. Except as expressly authorized by Data Controller or as instructed by the Data Controller in writing, Data Processor shall have no right directly or indirectly to sell, rent, lease, combine, display, perform, modify, transfer or disclose the Client Data or any derivative work. Notwithstanding the foregoing, Data Controller acknowledges that Data Processor shall have a right to use Client Data for the purpose of providing the Solutions to Client and as otherwise set forth in the Agreement.
2.3. Data Processor shall act only in accordance with Data Controller’s instructions regarding the Processing of the Client Data which are more fully set forth in the Agreement. In the event that Data Processor reasonably believes it cannot follow an instruction issued by Data Controller due to applicable Law, Data Processor will promptly inform Data Controller and the parties will cooperate in good faith to resolve the conflict. Data Processor shall be excused from performance of the Solutions to the extent of the conflict and until the conflict can be resolved.
2.4. Additional instructions require prior written agreement of the parties, including agreement on any additional fees payable by Data Controller.
2.5. Data Processor shall not disclose the Client Data to any Third Party than in compliance with the Agreement, in compliance with Data Controller’s instructions, or in compliance with an independent legal obligation requiring disclosure. Data Processor shall inform Data Controller in writing prior to making any such legally required disclosure, to the extent permitted by Law.
2.6. For clarity, nothing in this Addendum prevents Data Processor from transmitting Client Data (including without limitation Personal Data) as instructed by Data Controller through the Solutions, including without limitation to Third Party Platforms. The parties agree that such Third Party Platforms are not considered Subprocessors of Data Processor and Data Processor shall have no responsibility or liability associated with Data Controller’s election to use such Third Party Platforms.
3.1. Data Processor’s obligations under this Addendum shall apply to Data Processor’s employees, agents, and Subprocessors who may have access to the Personal Data.
3.2. Data Controller agrees that Data Processor is authorized to use Subprocessors (including without limitation cloud infrastructure providers) to Process the Personal Data, provided that Data Processor (i) ensures that any Subprocessor is bound by data protection obligations substantially similar to this Addendum and (ii) remains liable for their compliance with this Addendum as if they were Data Processor. The Subprocessors currently engaged by Data Processor are listed in Annex C.
3.3. Data Processor shall (i) provide an up-to-date list of the Subprocessors that it has appointed upon written request from Data Controller; and (ii) notify Data Controller (email sufficient) if it adds or removes Subprocessors at least ten (10) days prior to any such changes. Data Controller may object in writing to Data Processor’s appointment of a new Subprocessor within five (5) calendar days of such notice, Terms of Service and Data Protection Addendum Page. 3 provided that such objection is based on reasonable grounds relating to data protection. In such event, the parties will discuss such concerns in good faith with a view to achieving resolution. Any such notice shall be provided in writing via email@example.com, or other reasonable means
4. SOLUTION DATA
4.1 Collection of Client Data – The Tagging Methods are provided with a default set of data points for collection of Client Data. Further, the default set of data points varies based on the particular Solution.
4.2 Rights in Solutions Data; Right to Use Solutions Data – As between the parties, Client shall retain all right, title, and interest (including any and all intellectual property rights) in the Client Data, Client Applications and Client Content, and Intlock claims no right, title or interest in the Client Data or Third Party Data. Subject to the terms of this Agreement, Client hereby grants to Intlock a non-exclusive, worldwide, royalty-free right to use, copy, store, transmit, modify, create derivative works of, and perform and display in Client’s Account the Solutions Data solely to the extent necessary to provide the Solutions to Client. Further, Intlock may periodically access Client’s Account and Solutions Data to improve, support, and operate the Solutions (e.g., for quality assurance, benchmarking, technical support, or billing purposes).
4.3 Data Retention Policy – Intlock retains Client Data in accordance with the Data Retention Policy attached as Exhibit B. Intlock expressly disclaims all other obligations with respect to data storage or delivery, including storage or delivery of any raw data included in Client Data.
4.4 Client Obligations
(a) Generally. Client is solely responsible for the accuracy, content, and legality of all Solutions Data and for its Client Applications. Client shall ensure that Client’s use of the Solutions and all Solutions Data is at all times compliant with Client’s and any applicable Third Party Platform’s privacy policies and all Laws, including (if applicable) the California Online Privacy Protection Act or similar laws governing data tracking across sites. Subject to Intlock’s obligations in Section 3.5(b) regarding Third Party Terms, Client shall obtain all third party licenses, rights, clearances, consents and approvals that may be required for Client (and Intlock on behalf of Client) to collect and use Solutions Data and represents and warrants that such collection and use will not violate any Laws or any intellectual property, publicity, privacy, or other rights of any third party.
(b) Prohibited Data. The Solutions are not designed for processing of Prohibited Data and the default configurations of the Tagging Methods (as provided by Intlock) do not collect Prohibited Data. Notwithstanding any other provision included herein, Client will not configure the Tagging Methods or use the Solutions to collect, upload, retrieve, transmit, store, analyze, create, or deliver Prohibited Data and will not otherwise provide Prohibited Data to Intlock. Client acknowledges that Intlock is not a Business Associate or subcontractor (as those terms are defined in HIPAA). Notwithstanding anything to the contrary herein, Intlock shall have no liability under this Agreement for Prohibited Data.
(c) Configuration of Regional Option. Intlock offers three options with respect to the geographical locations of the data centers that will collect Client Data: EU only, and U.S. only. When selecting a restricted geographical option (i.e., EU only, U.S. only or Australia only), Client acknowledges that it will forego the data collection and content delivery performance advantages offered by Intlock’s data centers located in countries outside the selected geographical option. Intlock shall use commercially reasonable efforts to ensure that Client Data will not transit through or be stored in locations not allowed based on the selected regional option.
4.5 Third Party Platforms – Unless otherwise specified on the applicable Quote, Intlock supports merely Microsoft Power BI as the only Solutions’ output tool/service and Microsoft 365 as the only input tool/service, in accordance with the terms of this Agreement. If Client uses the Solutions (i) to retrieve input from Third Party Data from a Third Party Platform (such as Facebook, Twitter, or other), which were not defined in the SOW or (ii) to share output Solutions Data with a Third Party Platform (such as ExactTarget, Tableau, or Teradata), this Section 4.5 applies.
(a) Use of Third Party Platforms. Client is solely responsible for determining whether to use the Solutions with Third Party Platforms, including whether to retrieve Third Party Data from Third Party Platforms or whether to share Solutions Data with Third Party Platforms, whether directly or via the Solutions. Intlock shall have no responsibility for any Third Party Platforms, including for their availability, security, functionality, operation, or integrity, or for any use of Solutions Data by Third Party Platforms. Client acknowledges that Third Party Platforms may impose quotas or other usage restrictions. From time to time, Intlock may change which Third Party Platforms may be used with the Solutions or discontinue integration with any Third Party Platforms.
(b) Authorization. Intlock may make available functionality that enables Client to access its own accounts on Third Party Platforms through the Solutions. If Client enables use of Third Party Platforms, Client authorizes Intlock to access such Third Party Platforms, retrieve and use Third Party Data, or share Solutions Data, as permitted in this Agreement. Each of Client and Intlock is responsible for its own compliance with the applicable terms between such party and a Third Party Platform (e.g., account terms for Client and API integration terms for Intlock) (“Third Party Terms”).
5.1. Data Processor shall implement and maintain appropriate technical and organizational security measures to protect Personal Data from Security Incidents and to preserve the security and confidentiality of the Personal Data, in accordance with Data Processor’s security standards described in Annex B (“Solutions Security“).
5.2. Data Controller is responsible for reviewing the information made available by Data Processor relating to data security and making an independent determination as to whether the Solutions Security meets Data Controller’s requirements and legal obligations under applicable Laws. Data Controller acknowledges that the measures used for Solutions Security are subject to technical progress and that Data Processor may update or modify these measures from time to time provided that such updates and modifications do not result in the degradation of the overall security of the Solutions.
5.3. Data Processor shall ensure that any person who is authorized by Data Controller to process Personal Data (including its employees, agents, and Subprocessors) shall be under an appropriate contractual or statutory obligation of confidentiality.
5.4. Upon becoming aware of a Security Incident, Data Processor shall notify Data Controller without undue delay and will provide timely information relating to the Security Incident as it becomes known or as is reasonably requested by Data Controller. Data Processor shall promptly take reasonable steps to mitigate and, where possible, to remedy the effects of, any Security Incident
6. ONWARD TRANSFER
6.1. U.S.-EU Privacy Shield Self-Certification. Intlock ensures that: (i) its hosting provider – Microsoft Azure, complies with the U.S.-EU Privacy Shield principles and meets the requirements of the U.S.-EU Privacy Shield framework; and (ii) all Client Data transferred from the EU to the U.S. will be processed in accordance with those requirements.
6.2. U.S.-Swiss Privacy Shield Self-Certification. Intlock ensures that: (i) its hosting provider – Microsoft Azure, complies with the U.S.-Swiss Privacy Shield principles and meets the requirements of the U.S.-Swiss Privacy Shield framework; and (ii) all Client Data transferred from Switzerland to the U.S. will be processed in accordance with those requirements.
7. REGULATORY COMPLIANCE
7.1. At Data Controller’s request and expense, Data Processor shall reasonably assist Data Controller as necessary to meet its obligations to regulatory authorities, including Data Protection Authorities.
7.2. At Data Controller’s request and expense, Data Processor shall reasonably assist Data Controller to respond to requests from individuals in relation to their rights of data access, rectification, erasure, restriction, portability and objection. In the event that any such request is made directly to Data Processor, Data Processor shall not respond to such communication directly without Data Controller’s prior authorization, other than to acknowledge receipt of the request, unless required by applicable Laws.
7.3. To the extent Data Processor is required under Laws, at Data Controller’s request and expense, Data Processor shall provide reasonably requested information regarding the Solutions to enable Data Controller to carry out data protection impact assessments or prior consultations with Data Protection Authorities.
8. REVIEWS OF DATA PROCESSING
This Section is only applicable if Client does not have a right to a security audit under the terms of the Agreement or, if entered into by the parties, the Model Clauses.
8.1. At Data Controller’s request, Data Processor shall provide Data Controller with reasonable information regarding Data Processor’s facilities, systems, and security procedures relevant to the Processing of Personal Data under this Addendum, solely for Data Controller’s review of Data Processor’s compliance with this Addendum.
8.2. Data Processor will provide such information within fifteen (15) business days of Data Controller’s written request, unless shorter notice is required by Data Controller’s regulatory authorities.
8.3. If Data Controller wishes that Data Processor provide Third Parties with access or information regarding Client Data management, such a request will be made to Data Processor in writing and will waive Data Processor’s confidentiality obligations under the Agreement with respect to such information. Where appropriate, any such Third Party may be required to enter into an agreement to maintain the confidentiality of the information shared by Data Processor.
8.4. At Data Controller’s request, Data Processor agrees to allow Data Controller to perform an onsite audit of Data Processor as follows: During Data Processor’s regular business hours, but not any more frequently than once a year, Data Controller may, at its sole expense, perform a confidential audit to confirm Data Processor’s compliance with this Addendum. Any onsite audit shall be conducted on a mutually agreed upon date, which shall not be sooner than thirty (30) calendar days after Data Processor’s receipt of Data Controller’s written request for such audit. Such audits shall be limited to the security systems as they pertain to the Solutions. The onsite portion of the audit shall not exceed a cumulative four (4) hours at Data Processor’s facilities. If the audit shall exceed such four (4) hour period, Data Controller shall be responsible for payment of professional services fees to Data Processor at the current hourly rate for professional services. If the audit is to be performed by a third party on Data Controller’s behalf, such third party shall (i) not be a direct or indirect competitor of Data Processor, and (ii) execute a confidentiality and nondisclosure agreement as presented by and for the benefit of Data Processor. Upon completion of the audit, Data Controller shall promptly provide Data Processor a summary of the findings from each report prepared in connection with any such audit and discuss results, including any remediation plans. Data Processor agrees to work with Data Controller to identify reasonable remediation actions and to promptly take action to correct those matters or items upon which Data Processor and Data Controller mutually agree are identified in any such audit that require correction.
8.5. Any information provided by Data Processor under this Section constitutes Data Processor’s Confidential Information under the Agreement.
9. TRIAL SUBSCRIPTIONS
If Client receives free access or a trial or evaluation subscription to the Solutions (a “Trial Subscription”), then Client may use the Solutions in accordance with the terms and conditions of this Agreement and the applicable Quote for the period designated in such Quote or otherwise by Intlock (and if not designated, then for fourteen (14) days) (“Trial Period”). Trial Subscriptions are permitted solely for Client’s use to determine whether to purchase a full subscription to the Solutions. Client may not use a Trial Subscription for any other purpose, including for competitive analysis. At the end of the Trial Period, the Trial Subscription will expire and Client will have the option to purchase a full subscription to the Solutions. If Client purchases a full subscription, all of the terms and conditions in this Agreement will apply to such purchase and the use of the Solutions unless otherwise specified in the Quote for the Trial Subscription. Intlock has the right to terminate a Trial Subscription at any time for any reason. The Solutions may have a mechanism that limits access to such Solutions during the Trial Period and Intlock may otherwise restrict certain product functionality during the Trial Period (including limiting Purchased Units or other usage as may be specified by Intlock). Client shall not attempt to circumvent any such mechanism or restriction. Notwithstanding Exhibit B (Data Retention Policy), Intlock has no obligation to retain Solutions Data collected or retrieved with a Trial Subscription during or after the Trial Period. NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS AGREEMENT, TO THE EXTENT PERMITTED BY APPLICABLE LAW, DURING THE TRIAL PERIOD THE SOLUTIONS ARE PROVIDED “AS IS” AND INTLOCK WILL HAVE NO WARRANTY OR OTHER OBLIGATIONS WITH RESPECT TO TRIAL SUBSCRIPTIONS UNLESS OTHERWISE SPECIFIED IN THE QUOTE.
10. GENERAL; TERMINATION
10.1. This Addendum forms part of the Agreement and all activities under this Addendum (including without limitation Processing of Personal Data) remain subject to the applicable limitations of liability set forth in the Agreement.
10.2. Data Controller agrees that any regulatory fines or penalties incurred by Data Processor in relation to the Client Data that arise as a result of, or in connection with, Data Controller’s failure to comply with its obligations under this Addendum or any applicable Laws shall count toward and reduce Data Processor’s liability under the Agreement as if it were liability to Data Controller under the Agreement.
10.3. If and to the extent language in this Addendum conflicts with the Agreement, this Addendum shall control.
10.4. This Addendum will be governed by and construed in accordance with governing law and jurisdiction provisions in the Agreement, unless required otherwise by applicable Laws.
10.5. This Addendum (and Model Clauses, if executed by the parties) will automatically terminate upon expiration or termination of the Agreement.
10.6. Data Processor shall, within ninety (90) days after request by Data Controller at the termination or expiration of the Agreement, Erase the Personal Data from Data Processor’s systems. Within a reasonable period following deletion, at Data Controller’s request, Data Processor will provide written confirmation that Data Processor’s obligations with regard to Erasure have been fulfilled.
10.7. Notwithstanding the foregoing, Data Controller understands that Data Processor may retain Client Data as required by Laws, which Client Data will remain subject to the requirements of this Addendum. Accepted and agreed to as of the date of Client’s signature below by the authorized representative of each party:
Annex A – Details of Processing
A. Data exporter – The data exporter is: Client, which uses the Solutions to track visitors to Client Applications for analysis, reporting, testing and targeting.
B. Data importer – The data importer is: Intlock produces and operates the Solutions and the software-as-aservice infrastructure, and provides technical support to Client and its users of the Solution pursuant to the applicable Quote and Agreement as the designated processor. Intlock is the distributor of the Solutions and provider of services over Microsoft Azure, related to the Solutions in the Client’s territory and the contracting party to the Quote and the Agreement.
C. Data subjects – The personal data transferred concern the following categories of data subjects: Data subjects include visitors to the Client Applications, and Client’s employees who use the Solutions or support contract governance.
D. Categories of data – The personal data transferred concern the following categories of data: ■ Personal data collected from Client Applications are: IP address, cookie visitor ID and, if Client purchases CardioLog Analytics, CardioLog Engage or Gamify for SharePoint, Microsoft Office 365 or Viva Engage (Yammer), the SharePoint ID. ■ Client determines any additional categories of data collected by the Solution subject to the restrictions set forth in the Quote and the Agreement between the parties. Client’s data fields can be configured as part of the implementation or in ongoing Tagging Method updates on Client Applications. ■ Name, email address, business phone number of data exporter employees who use the Solutions or support contract governance.
E. Special categories of data (if appropriate) – The personal data transferred concern the following special categories of data: N/A.
F. Processing operations – The personal data transferred will be subject to the following basic processing activities: ■ Use of personal data to provide the Solutions and to provide assistance and technical support; ■ Storage of personal data in dedicated Solution data centers in a multi-tenant architecture; ■ Back-up of personal data and storage of back-up in a secure location; ■ Computer processing of personal data, including data transmission, data retrieval, data access; and ■ Processing for governance of the Agreement
Annex B – Security Measures
Measures Adopted by Intlock
Admittance control (Physical access control to Data Center) Physical access control means to prevent unauthorized persons from gaining access to data processing systems for p
Data Centers Access to data centers is controlled by formal procedures by Microsoft Azure and must identify themselves. Access is restricted to persons authorized only. Each data center follows industry best practices with regards to security measures and access procedures, such as using electronic access control systems, alarm systems, indoor- and outdoor-cameras and security personnel. Visitor records are kept.
System access control Access control is the prevention of data processing systems from being used without authorization.
Authentication processes are implemented to control access to the Solutions production systems. Access restrictions are managed via Microsoft Azure authentication system.
Access to internal support-tools is restricted to authorized persons by means of Access Control Lists (ACL).
Remote access to Solutions production environment requires prior login through an authenticated connection.
All authentication information is encrypted during transmission over public network.
Intlock follows a formal process to authorize or deny access to Solutions production resources.
Accesses to Solutions production environment are revoked immediately in case of termination.
Unique user-ID, strong passwords and periodic review of access logs ensure appropriate use of user accounts. All accesses to Solutions production environment are subject to regular verifications.
Intlock maintains and follows formal change management processes. All changes to the Solutions production environment (network, systems, platform, application, configuration, etc.) are implemented by a dedicated team. All key business owners such as Support, Engineering, DevOps, Security, SaaS Operations are being represented at the change management meeting.
Intlock employs properly configured stateful firewalls with access controls between all network s
Data access control Access control is to ensure that persons authorized to use a data processing system have access only to those data they are authorized to access, and that personal data cannot be read, copied, altered or removed without authorization during processing, use and after recording.
Access rights are granted based on job-responsibilities or need-to-know-basis and must be authorized by Security Committee & DevOps Manager.
Intlock clients (data controllers) can adjust their security options via administration settings only accessible to admin users.
Intlock clients (data controllers) control all roles and rights associated with users granted access to their accounts.
Disclosure control Disclosure control means that personal data cannot be read, copied, altered or removed without authorization during electronic transfer or transport or while being recorded onto data storage media, and that it is possible to ascertain and check which bodies are to be transferred personal data using data transmission facilities
All accesses to the Solutions UIs are performed over secure protocols (such as HTTPS).
All accesses to the Solutions and key security events are logged and this information is accessible to Solutions administrators for review.
Input control Input control is to ensure that it is possible after the fact to check and ascertain whether personal data have been entered into, altered or removed from data processing systems and if so, by whom.
Transmission of personal data is controlled through data configuration mechanisms by Intlock clients (data controllers). All collected data (including personal data) are identified by a unique tenant ID associated with a specific client.
Access to collected personal data is controlled by access control mechanisms (authentication, authorization). Collected data cannot be modified or deleted by clients. Any access, change, or deletion of data (including personal data) within Solutions production environment is logged.
Job control Job control is to ensure that personal data processed on behalf of others are processed strictly in compliance with the controller’s instructions.
Intlock clients control what data is collected by providing the necessary Instructions and/or limitations.
Intlock further provides clients with administration functions within the Solutions’ UI to control which reports (processed data) are created.
Intlock Solutions provides clients (data controllers) with user management functionality within the Solutions’ UI, allowing them to control who may access their accounts and what roles and rights users have.
Availability control Availability control is to ensure that personal data are protected against accidental destruction or loss.
Intlock adopts the following measures to ensure that personal data are protected against accidental destruction or loss:
Intlock uses a redundant data collection infrastructure to protect client data against loss during the data collection process.
Intlock further uses industry security best practices to secure its infrastructure against data destruction and loss, and implements data backup mechanisms to protect and recover client data.
Separation control (Checking the intended use) Separation control is to ensure that data collected for different purposes can be processed separately.
All collected data (including personal data) are identified by a unique tenant ID associated with a specific client.
Processing of all client data (including personal data) is performed in Solutions production environment, physically and logically separated from Intlock corporate network.
All data processing is performed solely on behalf and under the Instructions of the data controller
Annex C – List of Data Processor Subprocessors
Data Processor uses a range of Subprocessors to assist it in providing the Solutions:
“Usage Events” is a unit of measurement for usage of the CardioLog Analytics Solution or CardioLog Engage Solution, as applicable. A Usage Event is incurred when a request is sent to the data collection servers for the applicable Solution, when such request is sent by the Tagging Methods. “Usage Events Entitlement” means the monthly number of Usage Events purchased in the Quote during the Subscription Term. If in any given month within the Subscription Term, Client’s actual usage exceeds the Usage Events Entitlement, Client shall purchase additional Usage Events at the rate set forth in the Quote. Upon the expiration or earlier termination of the Subscription Term, the Usage Events Entitlement shall expire. All additional Usage Events purchased in the middle of any Subscription Term will be coterminous with the then current Subscription Term. Intlock shall have no obligation to return, and Client shall have no right to receive, any portion of the fees in the event that the actual usage by Client of Usage Events is below the monthly Usage Events Entitlement.
“Volume” is a unit of measurement for number of usages and licenses of CardioLog Analytics or CardioLog Engage. “Volume Entitlement” means the total volume of extracted usages and/or licenses, as measured, set forth in the applicable Quote. If the volume of extracted usages and/or licenses exceeds the Volume Entitlement in any given month within the Subscription Term, Client shall purchase additional Volume at the rate set forth in the Quote. Upon the expiration or earlier termination of the Subscription Term, the Volume Entitlement shall expire. All additional Volumes purchased in the middle of any Subscription Term will be coterminous with the then current Subscription Term. Intlock shall have no obligation to return, and Client shall have no right to receive, any portion of the fees in the event that the actual usage by Client of Volume is below the monthly Volume Entitlement.
“Users” refers to Tracked Users, which is a unit of measurement for usage for number of users within CardioLog Analytics or CardioLog Engage. “Users Entitlement” means the total number of Users based on total licensed users in the entire tracked platforms (i.e., SharePoint Online tenet, SharePoint Farm, Viva Engage (Yammer), etc.). Users Entitlement is extracted from Client Data, set forth in the applicable Quote. If the Users of the extracted Client Data exceeds the Users Entitlement in any given month within the Subscription Term, Client shall purchase additional Users at the rate set forth in the Quote. Upon the expiration or earlier termination of the Subscription Term, the Users Entitlement shall expire. All additional Users purchased in the middle of any Subscription Term will be coterminous with the then current Subscription Term. Intlock shall have no obligation to return, and Client shall have no right to receive, any portion of the fees in the event that the actual usage by Client of Users is below the monthly Users Entitlement.
4. Campaign Events
If a subscription to CardioLog Engage was used or purchased and unless otherwise set forth in the applicable Quote, Client’s right to access and use the CardioLog Engage Solution is limited to one of the following “Base Campaign Packages”. Whether Client is provided or purchasing the CardioLog Engage Solution under Base Campaign Packages of Starter, Pro, Plus or Enterprise, or the managed track option will be specified in the Quote.
(a) If Client has been provided or purchased an “Extended Campaign Package” then Client’s use of the Solution is limited to the testing, segmenting and targeting up to the number of total Campaign Events, which equals to the number of (i) Base Campaign Package events, plus (ii) Extended Campaign Package events, as set forth in the Quote (“Campaign Events Entitlement”).
(b) If the Quote does not indicate that Client has purchased an Extended Campaign Package, then Client is entitled to the number of Base Campaign Package events as specified in the quote.
A “Campaign Event” is incurred for each call to the CardioLog Engage Solution that modifies or tracks the Client Application visitor’s environment in response to a testing and/or targeting scenario. Conversion events are counted. Intlock shall have no obligation to return, and Client shall have no right to receive, any portion of the fees in the event that the actual usage by Client of Campaign Events is below the monthly Campaign Events Entitlement. If in any given month within the Subscription Term, Client’s actual usage of the CardioLog Engage Solution exceeds the Campaign Events Entitlement, Client shall purchase additional Campaign Events at the rate set forth in the Quote. Upon the expiration or earlier termination of the Subscription Term, the Campaign Events Entitlement shall expire. All additional Campaign Events provided or purchased in the middle of any Subscription Term will be coterminous with the then current Subscription Term.
“Add-On” means any Solution, Adaptors, Modules and/or other related Components purchased as an add-on in a mutually executed Quote, purchase order, or invoice. Intlock shall have no obligation to return, and Client shall have no right to receive, any portion of the fees that relate to the remainder of any Add-Ons purchased in the middle of any Subscription Term. Upon the expiration or earlier termination of the Subscription Term, any Add-On subscription and/or Entitlement shall expire. All additional Add-Ons purchased in the middle of any Subscription Term will be coterminous with the then current Subscription Term.
5. Volume and Licensing Disclaimers and Clarifications:
5.1. Number of users: total number of users is based on total licensed users in the entire tracked platforms (i.e., SharePoint Online tenant, SharePoint Farm, Viva Engage (Yammer), etc.)
5.2. Usage: the system usage is based on up to 250 usage events per user per month
5.3. Content Items: ■ Storage of data is limited to up to a total of 50 items per user for all environments and solution services ■ Power BI Pro license may support up to 50 content items per user ■ More than 50 content items per user may require Power BI Premium license at a scale that will be determined according to the Power BI required resources
5.4. Content Metadata Fields: the number of metadata fields is limited to a total of 50 metadata fields per content item
5.5. History Data: service subscription holds up to one (1) year of history data
5.6. Adaptor: service subscription offering includes one (1) free non-changeable adaptor of SharePoint Online or SharePoint 2019 or SharePoint 2016 or SharePoint 2013
5.7. Farm: the number of Farms included in SharePoint 2019 SharePoint 2016 or 2013 adaptors is equal to one
5.8. WFE: the number of WFE included in each SharePoint 2019 or SharePoint 2016 or 2013 Farm is equal to two
5.9. Teams Usage: the Teams usage is based on up to 500 messages per user per month
5.10. One Drive: total of 250 items per user (similar behavior to Tree Items => accumulated)
5.11. Exchange: total of 500 emails per user per month (similar behavior to Usage Events => recurring)
5.12. Viva Engage (Yammer) Usage: the Viva Engage (Yammer) usage is based on up to 500 messages per user per month
5.13. Overall number of system users – five (5)
5.14. Power BI: The Solution requires Client to obtain a Power BI Pro or Premium license from Microsoft. The Solution is based on Power BI limitations, extended requirements will entail an additional cost, which will be priced separately. ■ The Solution supports only one Power BI dataset refresh per day and only one dataset is allowed. In case multiple datasets and/or multiple refreshes per day are required, it will entail additional costs and will be priced separately. ■ The Power BI dataset size is limited based on Client’s Power BI license. In case the limit is reached, Client is required to upgrade its Power BI license plan with Microsoft. ■ The Power BI data processing resources are limited based on Client Power BI license. In case resources are exceeded, Client is required to upgrade its Power BI license plan with Microsoft. ■ Support for custom made Power BI reports and measures, as well as integrations with additional data sources will require professional services, which will entail additional costs and priced separately.
5.15. Geo-locations: Monitoring Microsoft 365 Multi-Geo requires an additional Solutions’ license. Client Data is stored in a single geo-location (either EU, US or Australia), selected by the Client. Additional geo-locations will require further licensing and professional services, which will entail an additional cost and will be priced separately.
Exhibit B: Data Retention Policy
Intlock shall retain Client Data in accordance with the following Data Retention Policy.
1. Data Retention for CardioLog Analytics and CardioLog Engage after Subscription Period Term is Terminated
1.1 Standard Data Retention.
CardioLog Analytics and CardioLog Engage data is retained only during the subscription period term, after which time the CardioLog Analytics and CardioLog Engage data may be Erased by Intlock and no longer available to Client. Upon request from Client, Intlock shall provide a written assurance to Client that it has fully complied with this Exhibit.
1.2 Extended Data Retention.
Extended Data Retention is available with Client’s subscription to CardioLog Analytics and CardioLog Engage for an additional fee. With Extended Data Retention, CardioLog Analytics and CardioLog Engage data can be further extended and retained for an additional term, after which time the CardioLog Analytics and CardioLog Engage data may be Erased by Intlock and no longer be available to Client.
2. Data Retention for CardioLog Analytics and CardioLog Engage Report Data during Subscription Period Term
2.1 Standard Data Retention.
Standard Data Retention is included with the base package of CardioLog Analytics and CardioLog Engage, and includes 12 months historical information. Existing accounts may have different retention per their quotes or contracts. With Standard Data Retention, Client has the ability to review report data as far back as 12 months, in various in-depth granularity as specified in the quote.
2.2 Extended Data Retention.
Extended Data Retention provides Client with the capability to look back in time at analyzed data for historical information. For an additional annual fee, as specified in the quote, Extended Data Retention provides the Client with further historical information.
3. Log File Retention for CardioLog Analytics SaaS and CardioLog Engage
CardioLog Analytics and CardioLog Engage log files are retained for internal purposes for 90 days, thereafter it shall be deleted in accordance with Section 1.1 of Exhibit B.
Exhibit C: Solutions Information Security
Capitalized terms not included in this Exhibit C (Solutions Information Security) are defined in the Agreement.
(a) “Information Technology Resources” – means all Intlock facilities, equipment, and systems used for delivering the Solutions.
(b) “Personnel” – means employees, temporary employees, subcontractors, and consultants of Intlock, in each case with access to Client Data and/or Information Technology Resources.
2. Information Security Management
Intlock maintains an internal general Information Security Policy, updated annually, that explicitly addresses the confidentiality, integrity, and availability of Client Data and Information Technology Resources, and details employee’s responsibilities and managements’ role.
Comprehensive technical policies govern various aspects of Intlock SaaS operations and general corporate IT, which policies define security measures appropriate to the sensitivity of the data processed. These include specialized policies and procedures governing practices such as incident response process, change management, and backups.
Policies are approved by senior management, communicated to all Personnel to whom the policies apply, and clearly state the consequences of non-compliance. All employees must review and sign Intlock’s Information Security Policy during onboarding.
Intlock has adopted a decentralized approach to Information Security. Intlock Security Manager coordinates all security and privacy activities within Intlock. Responsibilities of this position include:
■ Driving security initiatives ■ Policy creation and review ■ Security planning and program management ■ Reviewing effectiveness of the security program ■ Coordinating Intlock’s security incident response plan ■ Performing annual security and privacy assessment and reviews
Implementation of security controls rests with the management of each relevant function. Intlock separates its SaaS Solutions production environment from general corporate IT. Intlock SaaS operations is responsible for the policies and security implementation within the SaaS environment.
In support of teleworking, Intlock deploys remote access with strong encryption and authentication mechanisms across the Internet (using a commercial VPN product).
3. Human Resources
Intlock has background checks performed on all employees at the time of hire (to the extent permitted by the applicable Law), and requires that non-disclosure and/or confidentiality agreements are signed by all Personnel. Intlock’s policy prohibits employees from using Confidential Information (including Client Data) other than for legitimate business purposes, such as providing technical support, and this obligation continues after their employment ends.
Upon hire and annually thereafter, Intlock provides employees with security and privacy training, which addresses handling of sensitive or confidential information and Client Data, employees’ responsibility for such data, risk of information sharing with unidentified callers, phishing attacks, and use of security tools such as anti-malware solutions.
Intlock maintains a formal termination or change of employment process that, promptly upon termination or change of employment, requires return of any and all Intlock and Client assets, disables or adjusts access rights, and reminds ex-employees of their remaining employment restrictions and contractual obligations.
4. Asset Management
Intlock logically separates Client Data from each individual Client. All Client Data is classified as highly confidential. Intlock information classification affords Client Data the same or higher level of security as it does Intlock’s own highly confidential information.
Intlock’s decommissioning procedures are designed to prevent access to Client Data by unauthorized persons. All printed Confidential Information, including Client Data, is disposed of in secured containers for shredding.
5. Access Control
Intlock provides security-enabled identification, authentication, and authorization mechanisms for Client access to its Solutions and employee access to the backend infrastructure, and all passwords are securely hashed.
All Information Technology Resources used for the Solutions are managed under the policies of the Intlock SaaS operations team, which is separate from corporate network resources. All access is limited to the least privilege needed and requires authentication. Access logs are reviewed at least quarterly.
All authenticated accesses to Intlock SaaS Solutions are over secure protocols such as HTTPS (HTTP over TLS) or SFTP (FTP over SSH). In addition, CardioLog Analytics SaaS Add-in uses authentication based on OAuth token.
7. Physical and Environmental Controls
CardioLog Analytics SaaS Solutions infrastructure is physically separated from Intlock’s corporate facilities and managed by SaaS operations team. Intlock SaaS Solutions infrastructure uses Microsoft Azure’s data centers and PaaS (and IaaS when applicable). Intlock maintains appropriate physical and environmental controls, such as electronic code access and video monitoring at Intlock facility.
8. Operations Security
Intlock maintains documented procedures that include at a minimum:
(a) security control measures for all Information Technology Resources in the environment;
(b) hardening – disabling of all non-essential processes and ports, removing all default users;
(c) patches deployed promptly on all applicable Information Technology Resources per manufacturer recommendation, within 30 days for critical security patches;
(d) change management procedures; and
(e) incident detection and management.
Intlock maintains Client Data within the Solutions production environment on a redundant or locally replicated storage systems on Microsoft Azure Data Center. In addition, for additional fee Intlock may provide additional Data Redundancy, such Geo-replication for database and storage.
Intlock maintains audit information and logs for service applications and services network accesses, monitors these logs for abnormal patterns and unauthorized access attempts, and maintains defined processes for security alerting, escalation and remediation. Logs are centralized in a limited-access system that prevents deletion and changes.
Intlock deploys anti-malware software with automatic scanning and updates on all workstations; installs anti-malware software on all Windows external-facing web servers with weekly scans; and scans all deployed code for malware.
Internal audits of the environment are performed at least quarterly and include, at a minimum, intrusion detection and firewall configuration, access rights, and audit logs.
9. Communications Security
Intlock employs industry standard practices and relies on over a decade of experience in operating highly secure Solutions for security controls for service solutions, such as firewalls, intrusion detection, change management and security policies.
Intlock employs network security control measures for service solutions used to create, transmit, or process Client Data, including technology controls, at a minimum, firewalls, monitoring and alerting systems.
10. System Acquisition, Development and Maintenance
The CardioLog Analytics SaaS and CardioLog Engage Solutions production environment (including facilities, network and staff) is logically and physically separated from the Intlock corporate and development environment.
Intlock follows secure development industry standard practices, including the use of Secure Coding Guidelines, and performs code reviews and security testing for key functionality.
11. Third Party Relationships
Intlock uses third party service providers in its provision of the Solutions. Intlock requires material service providers (such as data centers, cloud infrastructure and content delivery networks) to provide annual SOC 2 reports or ISO certifications, which Intlock reviews for consistency with industry standards and Intlock’s security practices.
12. Security Incident Management
Intlock maintains a documented security incident response process for reporting, responding to, and managing any unauthorized access to, disclosure of, misuse of, and/or loss of Client Data. Notice to affected customers shall be made without unreasonable delay, where feasible within 72 hours, and in no case later than 60 calendar days after the discovery of the breach. If Intlock determines that notification requires urgency because of possible imminent misuse of unsecured Protected Customer Information, notification may be provided by telephone or other means, as appropriate, in addition to the methods noted above. Client agrees that Intlock is not required to report unsuccessful security events, such as pings on Intlock’s firewall, port scans, and failed log-on attempts.
13. Business Continuity and Disaster Recovery
Intlock maintains a business continuity plan (BCP) and disaster recovery (DR) plan that prioritizes critical functions (such as data collection) supporting the delivery of its Solutions to its clients subsequent to the Microsoft Azure Data Center Service Level Agreement. Client may choose to increase redundancy and/or DR archives of Client Data for additional fee. The Intlock SaaS operations team performs a comprehensive annual risk assessment.
Intlock does not allow clients to perform their own audits; however, at Client sole costs and expenses, in accordance with Intlock’s Professional Services rates, it will reasonably collaborate with Client for applicable audits required by regulators of Client and shall provide information that relates directly to Client’s account. Any such audits are subject to reasonable confidentiality and security procedures and the results of such audits constitute Confidential Information of Intlock. Such an Audit will not reveal and/or jeopardize any other clients’ data, information and/or privacy. In addition, Intlock shall not be obligated to share any internal information, including but not limited to any personal details of Intlock’s employees.
15. Liability and responsibility
(a) Microsoft Azure – Intlock will ensure commercial reasonable agreements with Microsoft Azure; however, in no event, Intlock shall not be responsible, accountable and/or liable, nor compensate Client in any way for any action, failure, violation and/or breach arising from the Microsoft Azure procedures, practices, processes and/or actions.
(b) Microsoft Power BI – Client acknowledges that Intlock is not aware of and therefore shall not be liable under any circumstances for any security, privacy, hosting and processing location and/or transferring of any Client Data to any Microsoft Power BI worldwide locations, and that Microsoft Power BI is not licensed as part of the Solution(s). Power BI support, incidence, security, privacy, hosting and processing location and/or transferring locations of any Microsoft Power BI services and/or servers and/or Access Points will be under the sole responsibility of Client, and Client shall be solely responsible for any applicable contractual agreement in this regard.
(c) Third Party – Intlock shall have no responsibility and/or liability for any third party, platform, affiliate and/or Data Processor with whom Client has or should have a direct contractual agreement with and with whom Intlock does not contract directly with in respect to providing the Solutions to Client, pursuant to the Agreement, including but not limited to (i) Microsoft Power BI, (ii) Microsoft 365 and (iii) Microsoft SharePoint.
If and to the extent language in Section 15 (Liability and Responsibility) within Exhibit C (Solutions Information Security), conflicts with the Agreement and/or any other exhibit, annex and/or addendum, this section (Liability and Responsibility) shall control and prevail.
Just fill out this form:
We will never sell your email address to any 3rd party or send you nasty spam. Promise.