These Terms and Conditions for Grundfos BuildingConnect is a part of the agreement (the “Agreement”) between the company in the Grundfos group of companies selling the Grundfos BuildingConnect (“Grundfos”) and the customer (the “Customer”) for Grundfos’ sale and delivery of Grundfos BuildingConnect (“GBC”) to the Customer. GBC is one of the digital services (“Digital Service(s)”) offered by Grundfos.
These Terms and Conditions for Grundfos BuildingConnect consist of the follow sections:
A. Specific Service Terms for Grundfos BuildingConnect
B. General Terms and Conditions for Grundfos’ Sale of Digital Services
C. Data Processing Agreement
In the event of discrepancies, the Sections take precedence in the order in which they are listed above.
A. Specific Service Terms for Grundfos BuildingConnect
1. Scope of Digital Service
1.1 The purpose of GBC is to provide monitoring, control and insightful alarms for HVAC and Commercial Water Distribution applications. The features of GBC, which the Customer has access to, are described in the Agreement.
1.2 The Customer will have access to the package, which the Customer has subscribed to, as per the Agreement. The Customer may not change any part of the scope of GBC without Grundfos’ approval.
2.1 To collect data from the Customer’s system to GBC, the Customer must arrange for Grundfos to deliver and install the necessary equipment.
4.1 Grundfos’ processing of personal data on behalf of the Customer is subject to this Clause 4 and Section C below.
4.2 When Grundfos processes personal data on behalf of the Customer, the processing includes the following data:
Personal data regarding users of the system (this data is used for creation of personal user accounts):
· E-mail address
· Area of interest
· Job role
· The Customer that granted access to the user (e.g. employer)
· User log, incl. users’ usage of the Digital Services, alarms for users, various other services
(Grundfos will not process any special categories of data/sensitive data)
4.3 Users transfer their personal data directly into the platform hosted by Microsoft Azure on behalf of Grundfos Holding A/S, both acting as sub-processors, as per Clause 4.4 below. The Customer, Grundfos and Grundfos’ sub-processors have access to the personal data on the platform.
4.4 The following sub-processors are in use at the time of entering into the Agreement and shall be deemed comprised by the Customer’s authorisation:
· Grundfos Holding A/S, Poul Due Jensens Vej 7, 8850 Bjerringbro, Denmark
· The Grundfos sales and service company/companies operating in the country where the Digital Services are being used by the Customer
· Microsoft Ireland Operations Ltd., 70 Sir John Rogerson’s Quay, Dublin 2, Ireland
· Telenor Connexion AB, Katarinavägen 15, Stockholm County 11688, Sweden
B. General Terms and Conditions for Grundfos’ Sale of Digital Services
1.1 The parties have entered into the Agreement on delivery of Digital Services on the earliest of; (i) the Customer clicks a box indicating acceptance (ii) execution by both parties; (iii) Grundfos has confirmed the Customer’s order of Digital Service(s) in writing; or (iv) Grundfos has begun to provide the Digital Service(s) to the Customer.
1.2 Any person accepting an Agreement on behalf of the Customer represents and warrants to (i) have full legal authority to bind the Customer to the Agreement; (ii) have read and understand all parts of the Agreement; and (iii) agree, on behalf of the Customer, to the Agreement, including these General Terms and Conditions and the Specific Service Terms.
4.2 When using the Digital Service(s) with the Customer Facilities (as defined below), the Customer shall comply with all of Grundfos’ instructions as applicable from time to time.
4.3 The term “end-user” or “user” when used in relation to Digital Service(s) means any physical person (i.e. employee, representative, third party etc.) in any tier, including of sub-licensees (if any), who has access to the Digital Service as a result of the Agreement. The Customer is responsible for use of the Digital Service(s) by end-users having access to the Digital Service as a result of the Agreement.
4.4 The Customer shall ensure that no end-user will: (i) use the Digital Service(s) (a) for the collection, registration, storage, processing or manipulation of the Customer’s data in breach of the Agreement; (b) to obtain unauthorised access to systems or to unauthorised use the Digital Service(s) or content; (c) to store or transmit malicious code such as files, scripts, agents and programs intended to do harm, like time bombs, viruses, worms and/or Trojan horses and (d) in breach of applicable law in force from time to time and any rules and regulations issued in pursuance thereof (e.g. by interfering with or violating the integrity or security of a network or system; evading administrative or security restrictions; sending unsolicited, abusive or deceptive messages, viruses or harmful code; taking actions as described in Clause 4.4(i)(a) in breach of applicable law; or in breach of third party rights); (ii) copy, modify, frame, create a derivative work of, reverse engineer, decipher, decompile, translate, disassemble, or otherwise attempt to extract any or all of the source code(s) or algorithm(s), hardware or other technology contained within the Digital Service(s) (except to the extent permitted according to the conditions for performance of the specific Digital Service(s) or to the extent this restriction is expressly prohibited by applicable law) and (iii) create multiple applications or accounts to simulate or act as a single application or account (respectively) or otherwise access the Digital Service(s) in a manner intended to avoid incurring fees.
4.5 The Customer must notify Grundfos immediately in case the Customer becomes aware of any actual, threatening or suspected abuse of the Digital Service(s), including but not limited to any use in conflict with Clauses 4.1-4.4 or in case the Customer by fault or otherwise gains access to third party data (e.g. digital services or data of Grundfos’ other customers).
4.6 The Customer is responsible for obtaining and maintaining all necessary authorisations, permissions, licences and consents to use, provide, store and process the content of the Digital Service(s), which must also grant the right to Grundfos to do the same on the Customer’s behalf if necessary, for Grundfos’ delivery of the Digital Service(s). For the avoidance of doubt, Grundfos shall obtain and maintain such permits, authorisations, licences, approvals and consents, which are strictly necessary or required by applicable law for Grundfos’ delivery of the Digital Service(s) as such and the remedying of defects (if any).
4.7 The Customer shall possess (access to) and is responsible for any premises, equipment, software, networks (the Customer’s or third party’s), third party licenses, documentation etc. which are not included in the Digital Service(s) but are necessary for the Customer’s use and Grundfos’ delivery of the Digital Service(s) (the “Customer Facilities”). The Customer must ensure that the Customer Facilities comply with applicable law in force from time to time and any rules and regulations issued in pursuance thereof (such as climate requirements and requirements for electrical connection).
4.8 The Customer shall, without charge, upon Grundfos’ request give Grundfos access to the Customer Facilities to the extent necessary for Grundfos’ provision of the Digital Service(s) and shall also otherwise to the best of its ability assist Grundfos in the provision of the Digital Service(s).
4.9 If Grundfos gives the Customer notice that a certain information or a non-Grundfos application shall be removed, modified or disabled to avoid breach of the applicable law, third party rights and/ or to comply with Grundfos’ policies, the Customer shall immediately act accordantly. In case the Customer does not take required action, Grundfos may suspend the Digital Service(s) according to Clause 7 or disable the relevant affected content or non-Grundfos application.
4.10 The Customer will retain ownership to any data, which the Customer has provided to the Digital Service(s). The Customer grants to Grundfos: (i) during the term of the Agreement a non-exclusive, transferrable, worldwide, perpetual, irrevocable, royalty-free license to use the Customer’s data to provide service(s) to the Customer and applicable end-users; and (ii) a non-exclusive, transferable, worldwide, perpetual, irrevocable, unlimited, royalty-free license to use anonymized data.
5. SIM Card and Data Connection
5.2 The Customer may use the data connection only to receive the Digital Service(s) described in the Agreement. The Customer shall not use the data connection contrary to customary use or in a manner that causes damage or other inconvenience to Grundfos or others. Examples of prohibited use are: (i) attempt to gain unauthorised access to connected networks or computer resources in the network and IT infrastructure; (ii) destroying, distorting or making unauthorised use of the information in any networks or any it systems provided by the data supplier; (iii) using the data connection to send spam mails; (iv) undertaking network attaches or computing system attacks; (v) spreading computer viruses or harming internet information security; (vi) using the Services in such a manner so as to impair the quality of the Services or interfere with the supplier’s ability to provide the data connection or the use of the data connection by other Customers.
5.3 The Customer shall not remove the SIM card from the equipment in which it was delivered by Grundfos. This does not prevent the Customer from replacing the entire PCB board with a substitute PCB board from Grundfos. The Customer shall destroy or return to Grundfos the PCB board (incl. SIM card), which has been replaced.
5.4 The Customer shall inform Grundfos, without undue delay, if the Customer believes or has reason to believe that unauthorised third party has or have been using the Customer’s data connection.
6. Security Measures
6.1 To protect the confidentiality, integrity, and availability of Grundfos’ systems, networks, and the data stored, processed, and/or transmitted, Grundfos has adopted a layered strategy. The layered strategy has multiple layers of protection to prevent unauthorized access to, tampering and misuse of the Customer’s information and to protect against evolving threats. The technology layers include, among other things, firewalls, intrusion protection, access control, threat prevention, vulnerability and malware protection, audit logs, cognitive & deep learning-based security monitoring and handling of alerts.
6.2 Grundfos utilizes built-in security features provided by Grundfos’ sub-suppliers, including standard Microsoft Azure infrastructure - Trusted Computing concept or other similar concepts.
6.3 Further, the relevant of Grundfos’ sub-suppliers’ services have passed Grundfos’ internal security clearance process, which adheres to the newest international security standards.
6.4 The Customer shall take adequate security measures to prevent unauthorized physical or analogue access to the Digital Service(s) using measures which is not less rigorous than best practices in the industry.
7.2 In order to determine the extent to which the negative impact set out in Clause 7.1(i) is not attributable to the Customer’s/end-user’s, the Customer must, at Grundfos’ request, provide information on the Customer's/end-user’s usage pattern. On the basis of the information provided, Grundfos will be entitled to demand that usage is reduced. If the Customer fails to comply with such request, Grundfos shall be entitled without incurring any liability to suspend the Customer's/end-user’s access to the Digital Service(s).
7.3 The Customer undertakes immediately upon Grundfos’ request to disconnect the Customer Facilities that are causing disruption in Grundfos’ network, Grundfos’ systems or in the Digital Service(s), or give rise to alleged or potential infringement in accordance with Clause 14, and thereafter keep such Customer Facilities disconnected according to Grundfos’ instructions.
7.4 Grundfos will use commercially reasonable efforts under the circumstances to provide the Customer a notice and – in case a suspension is caused by the Customer’s breach or threat thereof – an opportunity to remedy such breach or threat.
7.5 The scope and length of any suspension or request for disconnection will be to a minimum. At the Customer’s request, Grundfos will provide the Customer with the reason for the suspension or request as soon as is reasonably possible.
7.6 In cases where the data connection is provided by Grundfos or a supplier of Grundfos, Grundfos reserves the right to require the Customer to pay an additional fee where the Customer’s data usage exceeds the agreed usage, or where the Customer abuses the Digital Service(s) or the data connection.
8.1 To access and use the Digital Service(s) the Customer must pay the agreed subscription fee at agreed charges and billing frequencies.
8.2 The subscription fee is payable in advance, unless otherwise agreed.
8.3 The Customer’s obligation to pay the subscription fee begins; (i) at the time agreed by the parties; (ii) on the agreed delivery date; or (iii) if delivery is delayed by reasons solely attributable to Grundfos, the date upon which Grundfos provides the Digital Service in accordance with the Agreement.
8.4 The Customer shall pay using the agreed means of payment. If the parties have agreed that the Customer pays by electronic money transfer, e.g. by credit card, the Customer shall provide Grundfos with valid payment information and keep such information updated.
8.5 Grundfos may adjust subscription fees with 3 months’ notice.
8.6 Any amount payable by the Customer is exclusive of amounts in respect of value added tax, sales tax or other excise duties chargeable. The Customer shall pay any of the aforementioned at the same time as payment is due for related products or services.
8.7 Following applicable law, The Customer shall (i) pay withholding taxes directly to the appropriate government entity as required by applicable law; (ii) upon request, provide a tax certificate to Grundfos evidencing that customer has paid withholding taxes; (iii) pay Grundfos only the net proceeds after customer has paid withholding taxes; and (iv) fully cooperate with Grundfos in seeking a waiver or reduction of withholding taxes and promptly complete and file all relevant documents.
8.8 If the Customer does not pay a subscription fee on the due date, Grundfos may, with no effect on any other right or remedy that Grundfos may have under applicable law, claim payment for reminders, collection charges and interest. Interest is fixed at 2 % per month (or the interest rate under applicable law, if higher). Interest will accrue daily from the due date until actual payment of the overdue amount. Grundfos may also (i) suspend all deliveries, incl. the Customer’s access to the Digital Services, until the Customer has paid or provided a guarantee for the payment as required by Grundfos; and/or (ii) suspend the provision of further deliveries until the Customer has paid the overdue amounts in full.
8.9 All sums payable to Grundfos becomes due immediately on termination of the agreement, despite any other provision. This Clause 8 is without prejudice to any right to claim for interest under applicable law.
9.1 Grundfos warrants that it performs the Digital Service(s) in a professional and skilful manner as agreed.
9.2 A Digital Service is defective only if it is not delivered as agreed due to faulty design or workmanship and subject to Clauses 9.3 - 9.9.
9.3 Except for breach of any agreed service level(s) in the conditions for performance of the specific Digital Service(s) (if any), all warranties, conditions and other terms implied by statute, common law or otherwise including but not limited to the accuracy, reliability, completeness, or timeliness of the access, use or content or about the results to be obtained from using the Digital Service(s) and the content are, to the fullest extent permitted by law, excluded from this Agreement.
9.4 Grundfos does not warrant; that the Digital Service(s) or servers are free of computer viruses or other harmful features; or that Grundfos will remedy all defects, which does not have a direct effect on compliance with the agreed service level(s), or prevent third party disruptions or authorized third party actions (in excess of what is stated in these General Terms and Conditions). To the extent it does not have a direct effect on compliance with the agreed service level(s), Grundfos does not warrant that there will be no deletion of or failure to store any Customer data and other communications maintained or transmitted through use of the Digital Service(s). Grundfos is only obligated to do backup and other restore functions if explicitly agreed as a service level for the specific Digital Service(s).
9.5 Information provided through the Digital Service(s) to the Customer is intended only to support the Customer. Thus, Grundfos has no direct or indirect liability for the Customer’s use, actions taken or inaction occurring in the reliance upon the information provided through the Digital Services.
9.6 Grundfos’ warranties or agreed service level (if any) do not apply in case of; the Customer’s breach of Clause 4.3; use of the Digital Service(s) for which they are not intended; modifications and alterations undertaken by the Customer or a third party (not acting on Grundfos’ behalf); failure to follow Grundfos’ instructions (whether oral or in writing) (see Clause 4.1) and/or good industry practice; accidental or wilful damage or misuse of the Digital Service(s) by the Customer or third party (not acting on Grundfos’ behalf); the Customer’s non-compliance with applicable law and regulation; suspension according to Clause 7; or if otherwise stated in the conditions for performance of the specific Digital Service(s).
9.7 Grundfos does not warrant merchantability, fitness for any particular purpose and non-infringement of proprietary or third-party rights.
9.9 The Customer must give notice of any defect or any other non-compliance with the Agreement immediately and no later than 30 (thirty) days after the Customer became or should have become aware of such non-compliance. If the Customer fails to comply with these requirements, the Customer shall forfeit its right to claim any non-compliance with the Agreement.
10. Maintenance and Changes
10.1 Grundfos will continuously develop the Digital Service(s), including the equipment necessary for the Customer to access the Digital Service(s) (if any). This may from time to time affect the functionality of the Digital Service(s) and/or changes to the Agreement, including the General Terms and Conditions and the Specific Service Terms.
10.2 Grundfos is entitled to amend or modify the Digital Service(s), any equipment necessary for the Customer to access the Digital Service(s) and the agreed terms, including movement of data from one data processor to another or from one location to another, provided that the Digital Service(s)’ performance or functionality does not deteriorate in more than negligible extent as a consequence of such amendment. Grundfos shall conduct such amendment or modification in a way that limits any disruptions. Substantial changes (such as downgrade from one Digital Service to another of lower value or reduction of agreed service level(s)) may only be implemented by Grundfos upon 2 (two) months’ written notice to the Customer. In case of Grundfos’ substantial changes of Digital Service(s) or the agreed terms, the Customer may – despite any agreed period of non-terminability (if any) – terminate the Agreement for convenience by giving notice no later than 30 (thirty) days before such substantial amendments to Digital Service(s) or the agreed terms are scheduled to be implemented. Under no circumstances is Grundfos under an obligation to maintain legacy systems.
10.3 Amendments or modifications to the Digital Service(s) or any equipment necessary for the Customer to access the Digital Service(s) may result in a need for the Customer's own equipment to be adjusted. The Customer shall bear the risk for any costs of adaption of its own equipment.
10.4 Notwithstanding anything in the above to the contrary, Grundfos may make any changes to the Digital Service(s) and any equipment necessary for the Customer to access the Digital Service(s) if use of the Digital Service(s) may result in damage or risk of damage (such as in case of security updates; the Customer's use in violation of Clause 4.1 or 4.3; or if Grundfos is so required in order to adhere to applicable law or statutes or court or governmental decisions). In such case, the Customer will be informed as soon as possible.
11.1 Grundfos is liable for personal injury (including death or injury), damage to real and personal property, caused by defective Digital Service(s) to the extent set out in applicable mandatory law on product liability. Grundfos’ liability for damage to real and personal property (not being consumer property) caused by defective Digital Services is subject to the limitations in Clause 12, however, so that Grundfos’ total liability as described Clause 12.2 for damage to real and personal property is limited to a maximum amount of the higher of EUR 3 million (per claim and in the annual aggregate) and the amount set out in Clause 12.2. Customer assumes all product liability, which is not allocated to Grundfos in this Clause 11.1.
11.2 If a party is held liable for damages allocated to the other party in Clause 11.1, then the other party shall indemnify the first party for any amount paid inconsistently with the allocation in Clause 11.1.
12.1 To the extent permitted by applicable law, neither party is liable (in contract, tort (including negligence), breach of statutory duty or otherwise) for loss of production, loss of turnover, loss of profit, loss of business opportunity, loss of data, loss of savings, loss of goodwill, loss relating to unauthorised access to data or systems, loss as a result of business interruption, or any other indirect or consequential losses of any kind whatsoever arising under or in connection with this Agreement or a breach hereof.
12.2 Subject to Clause 3.4, to the extent permitted by applicable law, Grundfos’ total liability (including in regard to payment of financial credits (if any) and third party claims) towards the Customer in respect of any and all losses arising under or in connection with this agreement and the cooperation hereunder, whether in contract, tort (including negligence), breach of statutory duty or otherwise, shall under no circumstances exceed an amount equal to 30 % of the annual fee (excl. VAT) paid and/or payable for the specific Digital Service on which the claim is based.
12.3 The annual fee referred to in Clause 12.2 is calculated as the actual fees paid and/or payable for the 12 months preceding the date of damage occurring, or, if the Digital Service(s) at the date of damage has been provided for a period of less than 12 months, then at 12 times the average monthly fee for the period under which the Digital Service was provided.
12.4 If the parties have agreed that non-compliance with an agreed service level is subject to Grundfos’ payment of financial credit, such financial credit is the sole and exclusive remedy for any non-performance of the agreed service level, however without prejudice to the right to terminate according to Clause 18.1. Any financial credit shall under no circumstances exceed the amount agreed in the conditions for performance of the specific Digital Service nor the amount paid by the Customer for the specific Digital Service in question in the month where the Grundfos incurs a financial credit as a result of the non-compliance of the agreed service level.
12.5 The limitations set out in this Clause 12 will not apply to the extent an act or failure to act of a party causes personal injury; a party intentionally causes the other party or non-party to suffer damage; or a party as a result of its reckless disregard of the consequences of an act or failure to act causes the other party or non-party to suffer damage.
12.6 If a claim is based on losses, which derives from more than one Digital Service and/or one or more Digital Service(s) in combination with a Grundfos company’s delivery of products and/or other services, then Grundfos’ total liability (if any) shall be allocated to the different deliveries based on each such delivery’s contribution to the claimed losses. Each allocated part of the total liability shall be determined according to the legal basis applicable between the parties for the said part of the total losses, including the agreed limitation of liability (if any).
13.1 The Customer agrees to defend, indemnify, and hold harmless Grundfos, its officers, directors, employees and agents, from and against any claims, actions or demands, including without limitation reasonable legal and accounting fees, alleging or resulting from the Customer’ breach of the Agreement, including but not limited to breach of Clause 5 and unlawful or infringing activities, including infringement of third party intellectual property rights, caused by the Customer’s actions, lack of action, content, material, designs or specifications.
14.1 Subject to Clause 4.10, Grundfos owns all rights in or arising out of the Digital Service(s) (including intellectual property rights), and if any such rights are owned by Customer, then Customer will automatically assign them to Grundfos.
14.2 Customer does not transfer to Grundfos any equipment or software acquired from third party. Grundfos is not responsible for the use of such equipment and software, regardless that such software might be stored on servers provided by Grundfos.
14.3 A party does not have the right to use the other party’s trade names, trademarks, logos or other signs or identification symbols, unless the prior written consent of the other party has been obtained.
15. Third Party Rights
15.1 If (i) the Digital Service(s) infringes third party rights, including intellectual property rights, or if (ii) Grundfos reasonably believes (based on reasonable documentation) that the Digital Service(s) or parts thereof might infringe third party rights, then Grundfos may at its expense and discretion (a) substitute an allegedly infringing Digital Service with a non-infringing Digital Service(s) having at least equivalent functionality; (b) modify the allegedly infringing Digital Service(s) so that it no longer infringes third party rights but remains having at least equivalent functionality; (c) obtain license from the third party allowing the Customer and other third parties (to the extent relevant to comply with the Agreement) to continue using and/or sub-license (as applicable) such allegedly infringing Digital Service(s) or parts thereof of; or (d) terminate the agreement on the delivery of the specific Digital Service(s) in question with immediate notice and repay to the Customer any payments paid in advance. In such case, the Customer will be informed as soon as possible.
16.1 Licenses provided to the Customer by Grundfos to the Digital Service(s) are defined in the Specific Service Terms.
16.2 Any license acquired by Grundfos from a third party as part of the delivery of the Digital Service(s) will remain Grundfos’ or the sub-contractor's property. If the Digital Service(s) is installed on the Customer Facilities, the Customer shall uninstall the Digital Service(s) after termination of the agreement, the Service Specific Terms or the expiry of Grundfos licenses, whichever is the earlier.
16.3 If, as part of the Digital Service(s) and at the Customer's request, Grundfos installs third party software for the Customer's use, the Customer guarantees that it has the necessary rights in such software.
17.1 A party (receiving party) shall keep in strict confidence all technical or commercial know-how, specifications, prices, inventions, processes, initiatives and other information concerning the disclosing party’s business, its products, services and Digital Services, which are of a confidential nature (confidential information) and has been disclosed to the receiving party by the other party (disclosing party), its employees, agents or subcontractors (representatives). The receiving party shall not use confidential information of the disclosing party for purposes other than the performance of its obligations under the agreement, including (except as permitted by applicable law) not to reverse engineer the Digital Service(s) or any products delivered in connection with the Digital Service(s). The receiving party may only disclose confidential information to those of its representatives who need to know to discharge the receiving party's obligations and rights under the agreement and shall ensure that such representatives comply with the obligations set out in this Clause 17 as though they were a party to these terms.
17.3 The obligations under this Clause 17 apply from the execution of the Agreement and – subject to applicable law – for a period of 5 years after the Agreement expires or is terminated by one of the parties.
18. Force Majeure
18.1 Neither party will be in breach of the Agreement nor liable for delay in performing, or failure to perform, any of its obligations under the Agreement if such delay or failure results from a hindrance beyond its reasonable control (“Force Majeure”). In the event of a Force Majeure, the parties agree to suspend the affected party's obligations until the Force Majeure situation ceases to exist.
18.2 Either party may terminate the Agreement with immediate effect upon notice to the other party if the period of Force Majeure continues for a period of 3 consecutive months. In case of termination due to such circumstances neither party shall be liable to the other for such termination. However, such termination will not affect any pre-existing liabilities or claims or any other provisions of the Agreement.
19.1 Either party may, without prejudice to its other rights and remedies, terminate the Agreement in whole or part for cause with immediate effect by written notice to the other party in case of (i) material breach of the Agreement or material breach of one or more conditions for performance of the specific Digital Service(s), provided either such breach is incapable of remedy or the defaulting party to the Agreement and/or conditions for performance of the specific Digital Service(s) has failed to remedy within 14 (fourteen) days after receiving notice from the other party requiring it to do so. Material breach includes among others use of the Digital Service(s) in breach of with Clause4; delayed payment; the Customer’s use of intellectual property rights in breach of Clause 14.
19.2 As from the last day of the notice period, Grundfos may – but is not obligated to – retain and use the Customer’s and end-user’s data for a reasonable period of time to facilitate onboarding and quality of usability of the Digital Service(s), should the Customer choose to re-subscribe to the Digital Service(s). Grundfos may decide at any time after the termination/expiry of the Agreement to delete the Customer’s and end-user’s data and will do so if obligated by applicable law. Upon termination, the Customer may ask Grundfos to provide the Customer a copy of data collected through the Customer’s use of the Digital Service(s). Grundfos shall strive to provide such copy but is not obligated to do so. If Grundfos provides the Customer with such copy, Grundfos may make such provision conditional upon e.g. further confidentiality obligations, payment of man-hours spent on gathering the data in question, etc.
19.3 Termination of the Agreement (regardless of the cause) will not affect those provisions of the Agreement which, by nature or necessity, operate after any expiration.
20. Use of Sub-Contractors
20.1 Grundfos may use sub-contracts for the performance of the Digital Service(s) under the Agreement. Grundfos shall ensure that all persons involved in the Digital Service(s) are informed of and comply with the Agreement.
21.1 The Agreement may not be transferred or assigned in whole or in part by operation of law or otherwise by the Customer, without the prior written consent from Grundfos. Without prior notice, Grundfos may assign rights and obligations under the Agreement, including the General Terms and Conditions and the Specific Conditions applicable for the specific Digital Service(s), to any company within the Grundfos group.
21.2 Capitalised words and phrases not otherwise defined in these General Terms and Conditions have the same meaning in all parts of the Agreement, unless the context dictates otherwise.
22. Export Control and Sanctioned Parties
22.1 Any delivery covered by the Agreement may be subject to export control and trade sanction rules, including such rules of among others the European Union, United Nations and the United States of America.
22.2 It is a condition for Grundfos’ delivery of Digital Service(s) to the Customer that the Customer complies with all applicable export control and trade sanction rules and has relevant compliance procedures and controls. The Customer shall ensure that the Digital Service (s) are used only in accordance with the export control and trade sanctions rules, and that neither the Customer nor any end-user accessing the Digital Service(s) is sanctioned.
22.3 If, due to export control and trade sanction rules, Grundfos considers that it is or will be prohibited, hindered, restricted or significantly adversely affected in complying with its obligations under the Agreement, Grundfos may cancel or postpone the delivery of the Digital Service(s). In such cases, Grundfos will not be liable for any direct or indirect claim or loss.
22.4 To enable authorities or Grundfos to conduct checks on the Customer’s compliance with the export control and trade sanction rules, or in support of Grundfos' applications to the appropriate authorities in connection with the export and/or sale of the Supplies under the Agreement, the Customer shall – upon reasonable request – promptly provide to Grundfos all information on end-users, the parties involved in the delivery, the destination(-s) and the intended use of the Digital Service(s).
23. Law and Venue
23.1 The Agreement, and any dispute or claim arising out of or in connection with it or its formation (including non-contractual disputes or claims) is governed by and constructed in accordance with the laws applicable at the place where Grundfos has its registered place of business at the time the parties entered into the Agreement, without reference to the conflict of laws or principles thereof, which may cause the application of the laws of another country. The United Nations Convention on Contracts for the International Sale of Goods (CISG) shall not apply.
23.2 The ordinary courts at Grundfos’ home jurisdiction has exclusive jurisdiction to settle any dispute or claim (including non-contractual) that arises out of, or in connection with, the Agreement or its subject matter or formation (including non-contractual disputes or claims).
C. Data Processing Agreement
1.1 Under the Agreement, Grundfos processes personal data (as data processor) on behalf of the Customer (acting as data controller) as further described in this Section C. The terms in this Section C do not apply to any data which is not personal data.
1.2 With this Section C, the parties intend to ensure their compliance with the General Data Protection Regulation, Regulation (EU) 2016/679 (the “GDPR”), including Article 28(3), which sets out the specific requirements for the content of data processing agreements. Any terms used in this Section C which are defined or used under the GDPR should be interpreted in accordance with the GDPR.
1.3 The personal data provided by the data subjects set out in Clause 2.1 may be used by Grundfos and its sub-processors for the purposes of improving and developing the offerings of Grundfos and for the purposes of technical maintenance and improvements, e.g. bug fixing. Grundfos or its sub-processors (as applicable) will be acting as data controllers for these purposes and, accordingly, such processing activities are outside the scope of this Section C. To the extent possible, any personal data used will be anonymised or aggregated.
2. The Processed Personal Data
2.1 When Grundfos processes personal data on behalf of the Customer, the processing includes the data described in Section A above.
3. The Processing Operations
3.1 The processing operations carried out when Grundfos and its sub-processors process personal data on behalf of the Customer is described in Section A above.
4. General Obligations of Grundfos and the Customer
4.1 Grundfos shall process personal data on behalf of the Customer in accordance with applicable data protection law and only on the direct documented instructions from the Customer for the purpose of providing the agreed services, including with regard to transfers of personal data to a third country or an international organisation, cf. also Clause 6. The parties intend for the content of this Section C to constitute documented instructions from the Customer. If, in the opinion of Grundfos, an instruction infringes the GDPR or other European Union or EU/EEA member state data protection provisions, Grundfos shall immediately inform the Customer thereof. Without prejudice to the statutory obligations of Grundfos under the GDPR, the assistance provided by Grundfos to the Customer to follow such instructions shall not exceed the commercially reasonable.
4.2 Other than as set out in Clause 1.3, Grundfos may not process the Customer’s personal data for any other purpose or without instructions from the Customer, unless Grundfos is required to do so by European Union or EU/EEA member state law to which Grundfos is subject. In such a case, Grundfos shall inform the Customer of that legal requirement before processing the personal data, unless that law prohibits such information on important grounds of public interest. For the avoidance of doubt, Grundfos and its sub-processors may access the personal data as needed to provide the agreed services, including to carry out support services for the Customer.
4.3 Grundfos shall take all measures required of Grundfos pursuant to Article 32 of the GDPR, notify the Customer without undue delay of a personal data breach and assist the Customer in ensuring compliance with the obligations pursuant to Articles 32 to 36 of GDPR considering the nature of processing and the information available to Grundfos. Without prejudice to the statutory obligations of Grundfos under the GDPR, the assistance provided by Grundfos to the Customer shall not exceed the commercially reasonable.
4.4 Grundfos shall, taking into account the nature of the processing, assist the Customer by appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Customer’s obligation to respond to requests for exercising the data subject’s rights laid down in Chapter III of the GDPR. Without prejudice to the statutory obligations of Grundfos under the GDPR, the assistance provided by Grundfos to the Customer shall not exceed the commercially reasonable.
4.5 Grundfos shall make available to the Customer all information necessary to demonstrate compliance with the obligations laid down in this Section C and in Article 28 of the GDPR and allow for and contribute to audits, including inspections, conducted by the Customer or another auditor mandated by the Customer.
4.6 To satisfy the audit requirement set out in Clause 4.5, Grundfos may at its discretion choose to provide the Customer with audit reports or certificates prepared by an independent auditor. Such audit reports or certificates may be general in nature or specific to the Customer and shall be no older than 12 months when provided to the Customer.
4.7 If Grundfos does not provide the Customer with the documentation set out in Clause 4.6, or if Grundfos or its sub-processors have experienced a data breach, the Customer may initiate an audit. Such audits shall (i) be limited to no more than one (1) audit per calendar year; (ii) have the scope agreed upon in advance by the Parties acting reasonably, including the auditor if such auditor is not the Customer; (iii) be carried out within ordinary business hours at a date and time agreed upon in advance, and without undue interruption of the day-to-day business of Grundfos and its sub-processors; and (iv) be at the expense of the Customer (save that internal costs of Grundfos shall not be borne by the Customer). If the auditor is not the Customer, such third-party auditor shall be bound by confidentiality provisions acceptable to Grundfos (acting reasonably).
4.8 The Customer warrants that the personal data has been lawfully obtained and that the data subjects have been sufficiently informed of how their personal data is being processed.
5.1 The Customer grants Grundfos a general written authorisation to engage other processors (sub-processors) for any of its processing operations performed on behalf of the Customer under the Section C. Prior to engaging a new sub-processor, Grundfos shall notify the Customer in writing of the intended change. Within 10 days of receipt of the notice, the Customer may, acting reasonably, object to the use of the sub-processor, in which case the parties shall discuss possible solutions in good faith. If the Parties fail to agree on a solution, and the Customer maintains its objection, Grundfos may terminate the Agreement in writing with notice of 30 days. If the Customer does not object within the prescribed deadline, the sub-processor shall be deemed to have been approved.
5.2 The sub-processors in use at the time of entering into the Agreement are listed in Section A above.
5.3 Any sub-processors engaged shall always meet the requirements and obligations specified in Article 28(2) and 28(4) of the GDPR.
6. Transfer of Personal Data to a Third Country or an International Organisation
6.1 The personal data may be transferred outside the EU/EEA to countries, which have been the subject of an adequacy decision by the European Commission or similar adequacy frameworks. Further, the personal data may be transferred by Grundfos and its sub-processors to any other territory outside the EU/EEA, provided that Grundfos and its sub-processors have ensured that there is a legal basis for the transfer of said data. If data is transferred by Grundfos and its sub-processors to any other territory outside the EU/EEA, this will be further described in Section A above.
7. Deletion and Return of Personal Data
7.1 At termination or expiry of the Agreement, Grundfos shall, at the choice of the Customer, delete or return all the personal data to the Customer and delete existing copies unless European Union or EU/EEA member state law requires storage of the personal data. Any back-ups will be deleted in accordance with the ordinary procedures of Grundfos and its sub-processors.
7.2 After termination or expiry of the Agreement, Grundfos may keep personal data related to user settings, preferences, and other personalised features for a period of three years (unless a shorter or longer period is described in Section A). The purpose of this retention is to make it easy for the Customer and its employees to pick up where they left off if the Customer wishes to recommence the services at a later point in time, thereby saving time and resources for the Customer. The Customer and the relevant data subjects may request Grundfos to delete such personal data at any time.
8.1 Grundfos shall keep personal data confidential and ensure that persons authorised to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation to confidentiality.
8.2 The Customer shall keep confidential any audit reports, certifications, inspection notes, or other documents (whether drafted or provided by the Customer itself, an external auditor, or provided by Grundfos and its sub-processors) comprised by Clauses 4.6 and 4.7. Such documents shall exclusively be used by the Customer itself and only for the purposes of the audit obligation under the GDPR.
9. Term and Surviving Clauses
9.1 The data processing agreement in this Section C contained herein expires or is terminated (only) together with the rest of the Agreement. Clauses 7 and 8 shall survive expiry or termination of the Agreement.
Version: 21. Marts 2022