terms-conditions

Aproove Work Management

Legal Agreements & FAQ's

AWM Cloud Services Agreement

Read or download

AWM Maintenance & Technical Support Services

Read or download

AWM Data Processing Agreement

Read or download

AWM Privacy Policy

Read or download

AWM Cookie List

Read or download

Aproove Cloud Services Agreement

pdf-usa   pdf-eu

For the most up-to-date legal T&Cs, kindly download the PDF using the link above.
Please Note;
Certain policies have a Europe-specific version; if no European download symbol is displayed, the US terms apply to both North America and Europe.

The Cloud Services Agreement displayed below is the North America version.

 

APROOVE WORK MANAGEMENT
CLOUD SERVICES AGREEMENT



This Aproove Work Management Cloud Services Agreement is between APROOVE TECHNOLOGIES, INC., an Illinois corporation, with offices located at 132 N. York Street, Suite 1A, Elmhurst, IL 60120 (“Aproove”) and the individual or entity that has executed the Agreement (“You” and/or ‘Client”). This Agreement sets forth the terms and conditions that govern orders placed by You for Services under the Agreement.

1. AGREEMENT DEFINITIONS

1.1. “Agreement” means the agreement between Approve and You, which comprises the contractual documents listed in the Order Form.

1.2. “Ancillary Program” means any software agent or tool owned or licensed by Aproove that Aproove makes available to You for download as part of the Cloud Services for purposes of facilitating Your access to, operation of, and/or use with, the Services Environment. The term “Ancillary Program” does not include Separately Licensed Third Party Technology.

1.3. “Aproove Programs” refers to the software products owned or licensed by Aproove to which Aproove grants You access as part of the Cloud Services, including Program Documentation, and any program updates provided as part of the Cloud Services. The term “Aproove Programs” does not include Separately Licensed Third Party Technology.

1.4. “Auto Renew” or “Auto Renewal” is the process by which the Services Period of certain Cloud Services under an Order Form is automatically extended for an additional Services Period unless such Services are otherwise terminated in accordance with the terms of the Order Form or the Agreement. The Service Specifications incorporated into the Order Form define which Cloud Services are eligible for Auto Renewal as well as any terms applicable to any such renewal.

1.5. “Cloud Services” means, collectively, the Aproove cloud services (e.g., Aproove software as a service offerings and related Aproove Programs) listed in the Order Form and defined in the Service Specifications. The term “Cloud Services” does not include Professional Services.

1.6. “Data Center Region” refers to the geographic region in which the Services Environment is physically located. The Data Center Region applicable to the Cloud Services is set forth in the Order Form.

1.7. “Device” means a device, usually electronic, that processes data according to a set of instructions, which may include, without limitation, workstations, personal computers, laptops, netbooks, PDAs, tablets and smartphones.

1.8. “Order Form”, the order form executed by You in order to enter into the Agreement with Aproove.

1.9. “Professional Services” means, collectively, the consulting and other professional services which You have ordered. Professional Services include any deliverables described in the Order Form and delivered by Aproove to You under the Order Form. The term “Professional Services” does not include Cloud Services.

1.10. “Program Documentation” refers to the user manuals referenced within the Service Specifications for Cloud Services, as well as any help windows and readme files for the Aproove Programs that are accessible from within the Services. The Program Documentation describes technical and functional aspects of the Aproove Programs. You may access the documentation online at https://aproove.com/en-us/aproove-work-management-resources or such other address specified by Aproove.

1.11. “Separate Terms” refers to separate license terms between You and a third party licensor that are specified in the Program Documentation, Service Specifications, readme or notice files and that apply to Separately Licensed Third Party Technology.

1.12. “Separately Licensed Third Party Technology” refers to third party technology that is licensed under Separate Terms and not under the terms of the Agreement.

1.13. “Services” means, collectively, both the Cloud Services and Professional Services that You have ordered.

1.14. “Services Environment” refers to the combination of hardware and software components owned, licensed or managed by Aproove to which Aproove grants You and Your Users access as part of the Cloud Services which You have ordered. As applicable and subject to the terms of the Agreement, Aproove Programs, Your Content may be hosted in the Services Environment.

1.15. “Service Specifications” means the descriptions accessible online at https://www.aproove.com, or such other address specified by Aproove, that are applicable to the Services under the Agreement, including any Program Documentation, hosting, support and security policies (for example, Aproove Cloud Hosting and Delivery Policies), and other descriptions referenced or incorporated in such descriptions or in the Order Form.

1.16. “Services Period” refers to the period of time for which You ordered Cloud Services as specified in the Order Form.

1.17. “Users” means those employees, contractors and end users, as applicable, authorized by You or on Your behalf to use the Cloud Services in accordance with the Agreement. For Cloud Services that are specifically designed to allow Your customers, suppliers or other third parties to access the Cloud Services to interact with You, such third parties will be considered “Users” subject to the terms of the Agreement.

1.18. “You” and “Your” refers to the individual or entity that has executed the Agreement.

1.19. “Your Content” means all text, files, images, graphics, illustrations, information, audio, video, photographs, data (including Personal Data as that term is defined in the Data Processing Agreement for Aproove Work Cloud Services described in ‘Data Protection’ Section below) and other content and material in any format, provided by You or Your Users that reside in, or run on or through, the Services Environment.

2. TERM OF AGREEMENT

This Agreement is valid for the Order Form which the Agreement accompanies. This Agreement may also be referenced for any purchase that increases the quantity of the original Services ordered (e.g., additional Users), for any Cloud Services options offered by Aproove for the original Services ordered, and for any renewal or Auto Renewal of the Services Period of the original order.

3. RIGHTS GRANTED

3.1. For the duration of the Services Period and subject to Your payment obligations, and except as otherwise set forth in the Agreement, You have the worldwide, non-exclusive, non-assignable, and non-transferable limited right to access and use the Services that You ordered, including anything developed by Aproove and delivered to You as part of the Services, solely for Your internal business operations and subject to the terms of the Agreement, including the Service Specifications. You may allow Your Users to use the Services for this purpose and You are responsible for Your Users’ compliance with the Agreement.

3.2. You do not acquire under the Agreement any right or license to use the Services, including the Aproove Programs and Services Environment, in excess of the scope and/or duration of the Services stated in Form Order. Upon the end of the Services ordered, Your right to access and use the Services will terminate.

3.3. To enable Aproove to provide You and Your Users with the Services, You grant Aproove the right to use, process and transmit, in accordance with the Agreement, Your Content for the duration of the Services Period plus any additional post-termination period during which Aproove provides You with access to retrieve an export file of Your Content.

3.4. Except as otherwise expressly set forth in the Order Form for certain Cloud Services offerings (e.g., a private cloud hosted at Your facility), You acknowledge that Aproove has no delivery obligation for Aproove Programs and will not ship copies of such programs to You as part of the Services.

3.5. The Services may contain or require the use of Separately Licensed Third Party Technology. You are responsible for complying with the Separate Terms specified by Aproove that govern Your use of Separately Licensed Third Party Technology. Aproove may provide certain notices to You in the Service Specifications, Program Documentation, readme or notice files in connection with such Separately Licensed Third Party Technology. The third party owner, author or provider of such Separately Licensed Third Party Technology retains all ownership and intellectual property rights in and to such Separately Licensed Third Party Technology.


4. OWNERSHIP AND RESTRICTIONS

4.1. You retain all ownership and intellectual property rights in and to Your Content. Aproove or its licensors retain all ownership and intellectual property rights to the Services, including Aproove Programs and Ancillary Programs, and derivative works thereof, and to anything developed or delivered by or on behalf of Aproove under the Agreement.

4.2. You may not, and may not cause or permit others to:

a) remove or modify any program markings or any notice of Aproove’s or its licensors’ proprietary rights;
b) make the programs or materials resulting from the Services (excluding Your Content ) available in any manner to any third party for use in the third party’s business operations (unless such access is expressly permitted for the specific Services You have acquired);
c) modify, make derivative works of, disassemble, decompile, reverse engineer, reproduce, distribute, republish or download any part of the Services (the foregoing prohibitions include but are not limited to review of data structures or similar materials produced by programs) unless required to be permitted by law for interoperability, or access or use the Services in order to build or support, and/or assist a third party in building or supporting, products or Services competitive to Aproove;
d) perform or disclose any benchmark or performance tests of the Services, including the Aproove Programs;
e) perform or disclose any of the following security testing of the Services Environment or associated infrastructure: network discovery, port and service identification, vulnerability scanning, password cracking, remote access testing, or penetration testing; and
f) license, sell, rent, lease, transfer, assign, distribute, host, outsource, permit timesharing or service bureau use, or otherwise commercially exploit or make available the Services, Aproove Programs, Ancillary Programs, Services Environments or Aproove materials to any third party, other than as expressly permitted under the terms of the applicable order.

4.3. The rights granted to You under this Agreement are also conditioned on the following:

a) except as expressly provided herein or in the Order Form, no part of the Services may be copied, reproduced, distributed, republished, downloaded, displayed, posted or transmitted in any form or by any means, including but not limited to electronic, mechanical, photocopying, recording, or other means; and
b) You make every reasonable effort to prevent unauthorized third parties from accessing the Services.


5. SERVICE SPECIFICATIONS

5.1. The Services are subject to and governed by Service Specifications applicable to Your order. Service Specifications may define provisioning and management processes applicable to the Services (such as capacity planning), types and quantities of system resources (such as storage allotments), functional and technical aspects of the Aproove Programs, as well as any Services deliverables. You acknowledge that use of the Services in a manner not consistent with the Service Specifications may adversely affect Services performance and/or may result in additional fees. If the Services permit You to exceed the ordered quantity (e.g., soft limits on counts for Users, sessions, storage, etc.), then You are responsible for promptly purchasing additional quantity to account for Your excess usage. For any month that You do not promptly purchase such additional quantity, Aproove may require You to pay, in addition to the fees for the additional quantity, an excess usage fee for those Services equivalent to 10% of the fees for the additional quantity in the month in which such excess usage occurred.

5.2. Aproove may make changes or updates to the Services (such as infrastructure, security, technical configurations, application features, etc.) during the Services Period, including to reflect changes in technology, industry practices, patterns of system use. The Service Specifications are subject to change at Aproove’s discretion; however, Aproove changes to the Service Specifications will not result in a material reduction in the level of performance or availability of the applicable Services provided to You for the duration of the Services Period as defined in the Order Form.

5.3. The Order Form will specify the Data Center Region in which Your Services Environment will reside. As described in the Service Specifications and to the extent applicable to the Cloud Services that You have ordered, Aproove will provide backup environments in the Data Center Region stated in the Order Form. Aproove and its affiliates may perform certain aspects of Cloud Services, such as service administration and support, as well as other Services (including Professional Services and disaster recovery), from locations and/or through use of subcontractors, worldwide.

6. USE OF THE SERVICES

6.1. You are responsible for identifying and authenticating all Users, for approving access by such Users to the Services, for controlling against unauthorized access by Users, and for maintaining the confidentiality of usernames, passwords and account information. By federating or otherwise associating Your and Your Users’ usernames, passwords and accounts with Aproove, You accept responsibility for the confidentiality and timely and proper termination of user records in Your local (intranet) identity infrastructure or on Your local Device. Aproove is not responsible for any harm caused by Your Users, including individuals who were not authorized to have access to the Services but who were able to gain access because usernames, passwords or accounts were not terminated on a timely basis in Your local identity management infrastructure or Your local Device. You are responsible for all activities that occur under Your and Your Users’ usernames, passwords or accounts or as a result of Your or Your Users’ access to the Services, and agree to notify Aproove immediately of any unauthorized use. You agree to make every reasonable effort to prevent unauthorized third parties from accessing the Services.

6.2. You agree not to use or permit use of the Services, including by uploading, emailing, posting, publishing or otherwise transmitting any material, including Your Content, for any purpose that may (a) menace or harass any person or cause damage or injury to any person or property, (b) involve the publication of any material that is false, defamatory, harassing or obscene, (c) violate privacy rights or promote bigotry, racism, hatred or harm, (d) constitute unsolicited bulk e-mail, “junk mail”, “spam” or chain letters; (e) constitute an infringement of intellectual property or other proprietary rights, or (f) otherwise violate applicable laws, ordinances or regulations. In addition to any other rights afforded to Aproove under the Agreement, Aproove reserves the right, but has no obligation, to take remedial action if any material violates the restrictions in the foregoing sentence, including the removal or disablement of access to such material. Aproove shall have no liability to You in the event that Aproove takes such action. You shall have sole responsibility for the accuracy, quality, integrity, legality, reliability, appropriateness and ownership of all of Your Content . You agree to defend and indemnify Aproove against any claim arising out of a violation of Your obligations under this Section.

6.3. You are required to accept all patches, bug fixes, updates, maintenance and service packs (collectively, “Patches”) necessary for the proper function and security of the Services, including for the Aproove Programs, as such Patches are generally released by Aproove as described in the Service Specifications. Aproove is not responsible for performance or security issues encountered with the Cloud Services that result from Your failure to accept the application of Patches that are necessary for the proper function and security of the Services. Except for emergency or security related maintenance activities, Aproove will coordinate with You the scheduling of application of Patches, where possible, based on Aproove’s next available standard maintenance window, according to Aproove Work Maintenance and Technical Support Services.

7. FEES AND TAXES

7.1. Unless otherwise specifically agreed to in the Order Form, all fees payable to Aproove are due within 30 calendar days from the invoice date or immediately if payment by credit card. Once placed, Your order is non-cancelable and the sums paid nonrefundable, except as provided in the Agreement or in the Order Form. You will pay any sales, value-added or other similar taxes imposed by applicable law that Aproove must pay based on the Services You ordered, except for taxes based on Aproove’s income. Also, You will reimburse Aproove for reasonable expenses related to providing any Professional Services. Fees for Services listed in an order are exclusive of taxes and expenses.

7.2. You agree and acknowledge that You have not relied on the future availability of any Services, programs or updates in entering into the payment obligations in Your order; however, the preceding does not relieve Aproove of its obligation during the Services Period to deliver Services that You have ordered per the terms of the Agreement.

8. SERVICES PERIOD; SUSPENSION AND END OF SERVICES

8.1. Services provided under the Agreement shall be provided for the Services Period defined in the Order Form, unless earlier suspended or terminated in accordance with the Agreement or the Order Form. If stated in the Service Specifications or the Order Form, certain Cloud Services that are ordered will Auto Renew for additional Services Periods unless (i) You provide Aproove with written notice no later than sixty (60) calendar days prior to the end of the applicable Services Period of Your intention not to renew such Cloud Services, or (ii) Aproove provides You with written notice no later than ninety (90) calendar days prior to the end of the applicable Services Period of its intention not to renew such Cloud Services.

8.2. Upon the end of the Services, You no longer have rights to access or use the Services, including the associated Aproove Programs and Services Environments; however, at Your request, and for a period of up to 10 calendar days after the end of the applicable Services Period, Aproove will make available Your Content then in the Services Environment for the purpose of retrieval by You. At the end of such 10 calendar day period, and except as may be required by law, Aproove will delete or otherwise render inaccessible any of Your Content that remain in the Services Environment.

8.3. Upon Your request sent before the end of the Services, Aproove may provide reversibility services as Professional Services in order to migrate Your Content. The reversibility services will be invoiced on a man-hour basis according to Aproove’s pricing in force at the time of Your request, with a minimum of EUR 1,000. Aproove may request advanced payment for its services and full payment of its outstanding invoices before starting the migration procedure. You shall actively collaborate with Aproove to facilitate the migration of Your Content. When migration is complete, Aproove shall notify You by email. You shall have 5 calendar days from the date of that notification to express any comments concerning the correct execution of the migration of Your Content. In the absence of comments after this period, migration shall be deemed as performed properly. In order to be taken into consideration, the comments must clearly identify the discrepancies. After the migration of Your Content, Aproove will delete or otherwise render inaccessible any of Your Content that remain in the Services Environment.

8.4. Aproove may temporarily suspend Your password, account, and access to or use of the Services if You or Your Users violate any provision within the ‘Rights Granted’, ‘Ownership and Restrictions’, ‘Fees and Taxes’, ‘Use of the Services’, or ‘Export’ Sections of the Agreement, or if in Aproove’s reasonable judgment, the Services or any component thereof are about to suffer a significant threat to security or functionality. Aproove will provide advance notice to You of any such suspension in Aproove’s reasonable discretion based on the nature of the circumstances giving rise to the suspension. Aproove will use reasonable efforts to re-establish the affected Services promptly after Aproove determines, in its reasonable discretion, that the situation giving rise to the suspension has been cured; however, during any suspension period, Aproove will make available to You Your Content as existing in the Services Environment on the date of suspension. Aproove may terminate the Services under an order if any of the foregoing causes of suspension is not cured within 30 calendar days after Aproove’s initial notice thereof. Any suspension or termination by Aproove under this paragraph shall not excuse You from Your obligation to make payment(s) under the Agreement.

8.5. If either of us breaches a material term of the Agreement (including but not limited to nonpayment of fees) and fails to correct the breach within 30 calendar days of written specification of the breach, then the breaching party is in default and the non-breaching party may terminate the order under which the breach occurred. If Aproove terminates the order as specified in the preceding sentence, You must pay within 30 calendar days all amounts that have accrued prior to such termination, as well as all sums remaining unpaid for the Services under such order plus related taxes and expenses. Except for nonpayment of fees, the nonbreaching party may agree in its sole discretion to extend the 30 calendar day period for so long as the breaching party continues reasonable efforts to cure the breach. You agree that if You are in default under the Agreement, You may not use those Services ordered.

8.6. Provisions that survive termination or expiration of the Agreement are those relating to limitation of liability, indemnification, confidentiality, payment and others which by their nature are intended to survive.

9. CONFIDENTIALITY

9.1. By virtue of the Agreement, the parties may have access to information that is confidential to one another (“Confidential Information”). We each agree to disclose only information that is required for the performance of obligations under the Agreement. Confidential information shall be limited to the terms and pricing under the Agreement, Your Content residing in the Services Environment, and all information clearly identified as confidential at the time of disclosure.

9.2. A party’s Confidential Information shall not include information that: (a) is or becomes a part of the public domain through no act or omission of the other party; (b) was in the other party’s lawful possession prior to the disclosure and had not been obtained by the other party either directly or indirectly from the disclosing party; (c) is lawfully disclosed to the other party by a third party without restriction on the disclosure; or (d) is independently developed by the other party.

9.3. We each agree not to disclose each other’s Confidential Information to any third party other than as set forth in the following sentence for a period of five (5) years from the date of the disclosing party’s disclosure of the Confidential Information to the receiving party; however, Aproove will hold Your Confidential Information that resides within the Services Environment in confidence for as long as such information resides in the Services Environment. We each may disclose Confidential Information only to those employees, agents or subcontractors who are required to protect it against unauthorized disclosure in a manner no less protective than required under the Agreement. Aproove will protect the confidentiality of Your Content residing in the Services Environment in accordance with the Aproove security practices defined in the Order Form. In addition, Your Personal Data will be treated in accordance with the terms of the ‘Data Protection’ Section. Nothing shall prevent either party from disclosing the terms or pricing under the Agreement or orders placed under the Agreement in any legal proceeding arising from or in connection with the Agreement or from disclosing the Confidential Information to a governmental entity as required by law.

10. DATA PROTECTION

10.1. In performing the Services, Aproove will comply with the Aproove Privacy Policy, which is available at https://www.aproove.com/legals and incorporated herein by reference. The Aproove Privacy Policy is subject to change at Aproove’s discretion; however, Aproove policy changes will not result in a material reduction in the level of protection provided for Your Personal Data provided as part of Your Content during the Services Period.

10.2. Aproove’s Data Processing Agreement for Aproove Work Cloud Services (the “Data Processing Agreement”), which is available at https://www.aproove.com/legals and incorporated herein by reference, describes the parties’ respective roles for the processing and control of Personal Data that You provide to Aproove as part of the Cloud Services. Aproove will act as a data processor, and will act on Your instruction concerning the treatment of Your Personal Data residing in the Services Environment, as specified in the Agreement, the Data Processing Agreement and the applicable order. You agree to provide any notices and obtain any consents related to Your use of the Services and Aproove’s provision of the Services, including those related to the collection, use, processing, transfer and disclosure of Personal Data.

10.3. The Service Specifications applicable in the Order Form define the administrative, physical, technical and other safeguards applied to Your Content residing in the Services Environment, and describe other aspects of system management applicable to the Services. You are responsible for any security vulnerabilities, and the consequences of such vulnerabilities, arising from Your Content , including any viruses, Trojan horses, worms or other programming routines contained in Your Content that could limit or harm the functionality of a computer or that could damage, intercept or expropriate data.

10.4. You may not provide Aproove access to health, political opinions, racial or ethnic, religious or philosophical beliefs, financials or similarly sensitive personal information that imposes specific data security obligations for the processing of such data unless specified in the Order Payment and Data Processing Agreement.

11. WARRANTIES, DISCLAIMERS AND EXCLUSIVE REMEDIES

11.1. Aproove warrants that it will perform (i) Cloud Services in all material respects as described in the Service Specifications and/or in the Order Form, and (ii) Professional Services in a professional manner in accordance with the Service Specifications and/or the Order Form,. If the Services provided to You were not performed as warranted, You must promptly provide written notice to Aproove that describes the deficiency in the Services (including, as applicable, the service request number notifying Aproove of the deficiency in the Services).

11.2. APROOVE DOES NOT GUARANTEE THAT (A) THE SERVICES WILL BE PERFORMED ERROR-FREE OR UNINTERRUPTED, OR THAT APROOVE WILL CORRECT ALL SERVICES ERRORS, (B) THE SERVICES WILL OPERATE IN COMBINATION WITH YOUR CONTENT OR YOUR APPLICATIONS, OR WITH ANY OTHER HARDWARE, SOFTWARE, SYSTEMS, SERVICES OR DATA NOT PROVIDED BY APROOVE, AND (C) THE SERVICES WILL MEET YOUR REQUIREMENTS, SPECIFICATIONS OR EXPECTATIONS. YOU ACKNOWLEDGE THAT APROOVE DOES NOT CONTROL THE TRANSFER OF DATA OVER COMMUNICATIONS FACILITIES, INCLUDING THE INTERNET, AND THAT THE SERVICES MAY BE SUBJECT TO LIMITATIONS, DELAYS, AND OTHER PROBLEMS INHERENT IN THE USE OF SUCH COMMUNICATIONS FACILITIES. APROOVE IS NOT RESPONSIBLE FOR ANY DELAYS, DELIVERY FAILURES, OR OTHER DAMAGE RESULTING FROM SUCH PROBLEMS. APROOVE IS NOT RESPONSIBLE FOR ANY ISSUES RELATED TO THE PERFORMANCE, OPERATION OR SECURITY OF THE SERVICES THAT ARISE FROM YOUR CONTENT, YOUR APPLICATIONS OR THIRD PARTY CONTENT. APROOVE DOES NOT MAKE ANY REPRESENTATION OR WARRANTY REGARDING THE RELIABILITY, ACCURACY, COMPLETENESS, CORRECTNESS, OR USEFULNESS OF THIRD PARTY CONTENT OR SERVICES, AND DISCLAIMS ALL LIABILITIES ARISING FROM OR RELATED TO THIRD PARTY CONTENT OR SERVICES.

11.3. FOR ANY BREACH OF THE SERVICES WARRANTY, YOUR EXCLUSIVE REMEDY AND APROOVE’S ENTIRE LIABILITY SHALL BE THE CORRECTION OF THE DEFICIENT SERVICES THAT CAUSED THE BREACH OF WARRANTY, OR, IF APROOVE CANNOT SUBSTANTIALLY CORRECT THE DEFICIENCY IN A COMMERCIALLY REASONABLE MANNER, YOU MAY END THE DEFICIENT SERVICES AND APROOVE WILL REFUND TO YOU THE FEES FOR THE TERMINATED SERVICES THAT YOU PRE-PAID TO APROOVE FOR THE PERIOD FOLLOWING THE EFFECTIVE DATE OF TERMINATION.

11.4. TO THE EXTENT NOT PROHIBITED BY LAW, THESE WARRANTIES ARE EXCLUSIVE AND ALL OTHER WARRANTIES OR CONDITIONS, WHETHER EXPRESS OR IMPLIED, ARE EXPRESSLY EXCLUDED, INCLUDING FOR SOFTWARE, HARDWARE, SYSTEMS, NETWORKS OR ENVIRONMENTS OR FOR MERCHANTABILITY, SATISFACTORY QUALITY AND FITNESS FOR A PARTICULAR PURPOSE.

12. LIMITATION OF LIABILITY

NOTHING IN THIS AGREEMENT SHALL LIMIT APROOVE’S LIABILITY FOR PERSONAL INJURY OR DEATH CAUSED BY THE NEGLIGENCE OF APROOVE, OR APROOVE’S LIABILITY IN THE TORT OF DECEIT. NEITHER PARTY SHALL BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES, OR ANY LOSS OF REVENUE OR PROFITS (EXCLUDING FEES UNDER THIS AGREEMENT), DATA, OR DATA USE. APROOVE’S AGGREGATE LIABILITY FOR ALL DAMAGES ARISING OUT OF OR RELATED TO THIS AGREEMENT OR YOUR ORDER, WHETHER IN CONTRACT OR TORT, OR OTHERWISE, SHALL BE LIMITED TO THE TOTAL AMOUNTS ACTUALLY PAID TO APROOVE FOR THE SERVICES UNDER THE ORDER GIVING RISE TO THE LIABILITY IN THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO SUCH LIABILITY LESS ANY REFUNDS OR CREDITS RECEIVED BY YOU FROM APROOVE UNDER SUCH ORDER.

13. INDEMNIFICATION

13.1. Subject to the terms of this ‘Indemnification’ Section , if a third party makes a claim against either You or Aproove (“Recipient” which may refer to You or Aproove depending upon which party received the Material), that any information, design, specification, instruction, software, service, data, hardware, or material (collectively, “Material”) furnished by either You or Aproove (“Provider” which may refer to You or Aproove depending on which party provided the Material) and used by the Recipient infringes the third party’s intellectual property rights, the Provider, at the Provider’s sole cost and expense, will defend the Recipient against the claim and indemnify the Recipient from the damages, liabilities, costs and expenses awarded by the court to the third party claiming infringement or the settlement agreed to by the Provider, if the Recipient does the following:

a. notifies the Provider promptly in writing, not later than 30 calendar days after the Recipient receives notice of the claim (or sooner if required by applicable law);
b. gives the Provider sole control of the defense and any settlement negotiations; and
c. gives the Provider the information, authority and assistance the Provider needs to defend against or settle the claim.

13.2. If the Provider believes or it is determined that any of the Material may have violated a third party’s intellectual property rights, the Provider may choose to either modify the Material to be non-infringing (while substantially preserving its utility or functionality) or obtain a license to allow for continued use, or if these alternatives are not commercially reasonable, the Provider may end the license for, and require return of, the applicable Material and refund any unused, prepaid fees the Recipient may have paid to the other party for such Material. If such return materially affects Aproove’s ability to meet its obligations under the relevant order, then Aproove may, at its option and upon 30 calendar days prior written notice, terminate the order.

13.3. The Provider will not indemnify the Recipient if the Recipient (a) alters the Material or uses it outside the scope of use identified in the Provider’s user or program documentation or Service Specifications, (b) uses a version of the Material which has been superseded, if the infringement claim could have been avoided by using an unaltered current version of the Material which was made available to the Recipient, or (c) continues to use the applicable Material after the end of the license to use that Material. The Provider will not indemnify the Recipient to the extent that an infringement claim is based upon any information, design, specification, instruction, software, service, data, hardware or material not furnished by the Provider. Aproove will not indemnify You for any portion of an infringement claim that is based upon the combination of any Material with any products or Services not provided by Aproove. Aproove will not indemnify You to the extent that an infringement claim is based on any Material from a third party portal or other external source that is accessible to You within or from the Services (e.g., a social media post from a third party blog or forum, a third party Web page accessed via a hyperlink, etc.). Aproove will not indemnify You for infringement caused by Your actions against any third party if the Services as delivered to You and used in accordance with the terms of the Agreement would not otherwise infringe any third party intellectual property rights. Aproove will not indemnify You for any intellectual property infringement claim(s) known to You at the time Services rights are obtained.

13.4. The term “Material” defined above does not include Separately Licensed Third Party Technology. Solely with respect to Separately Licensed Third Party Technology that is part of or is required to use the Cloud Services and that is used: (a) in unmodified form; (b) as part of or as required to use the Cloud Services; and (c) in accordance with the usage grant for the relevant Cloud Services and all other terms and conditions of the Agreement, Aproove will indemnify You for infringement claims for Separately Licensed Third Party Technology to the same extent as Aproove is required to provide infringement indemnification for Materials under the terms of the Agreement.

13.5. This ‘Indemnification’ Section provides the parties’ exclusive remedy for any infringement claims or damages.

14. THIRD PARTY WEB SITES, CONTENT, PRODUCTS AND SERVICES

The Services may enable You to link to, transmit Your Content to, or otherwise access, other Web sites, content, products, services, and information of third parties. Aproove does not control and is not responsible for such Web sites or any such content , products, services and information accessible from or provided through the Services, and You bear all risks associated with access to and use of such Web sites and third party content, products, services and information.



15. SERVICES TOOLS AND ANCILLARY PROGRAMS

15.1. Aproove may use tools, scripts, software, and utilities (collectively, the “Tools”) to monitor and administer the Services and to help resolve Your Aproove service requests. The Tools will not collect or store any of Your Content residing in the Services Environment, except as necessary to provide the Services or troubleshoot service requests or other problems in the Services. Information collected by the Tools (excluding Your Content ) may also be used to assist in managing Aproove’s product and service portfolio, to help Aproove address deficiencies in its product and service offerings, and for license and Services management.

15.2. As part of the Cloud Services, Aproove may provide You with on-line access to download certain Ancillary Programs for use with the Services. If Aproove does not specify separate terms for such Ancillary Programs, then, subject to Your payment obligations, You have the non-exclusive, non-assignable, royalty free, worldwide limited right to use such Ancillary Programs solely to facilitate Your access to, operation of, and/or use of the Services Environment, subject to the terms of the Agreement, including the Services Specifications. Your right to use such Ancillary Programs will terminate upon the earlier of Aproove’s notice, the end of the Cloud Services associated with the Ancillary Programs, or the date on which the license to use the Ancillary Programs ends under the Separate Terms specified for such programs.

16. SERVICE ANALYSES

Aproove may (i) compile statistical and other information related to the performance, operation and use of the Services, and (ii) use data from the Services Environment in aggregated form for security and operations management, to create statistical analyses, and for research and development purposes (clauses i and ii are collectively referred to as “Service Analyses”). Aproove may make Service Analyses publicly available; however, Service Analyses will not incorporate Your Content or Confidential Information in a form that could serve to identify You or any individual, and Service Analyses do not constitute Personal Data. Aproove retains all intellectual property rights in Service Analyses.

17. EXPORT

17.1. Local Export laws and regulations may apply to the Services. You agree that such export laws may govern Your use of the Services (including technical data) and any Services deliverables provided under the Agreement, and You agree to comply with all such export laws and regulations (including “deemed export” and “deemed re-export” regulations). You agree that no data, information, software programs and/or materials resulting from Services (or direct product thereof) will be exported, directly or indirectly, in violation of these laws, or will be used for any purpose prohibited by these laws including, without limitation, nuclear, chemical, or biological weapons proliferation, or development of missile technology.

17.2. You acknowledge that the Cloud Services are designed with capabilities for You and Your Users to access the Services Environment without regard to geographic location and to transfer or otherwise move Your Content between the Services Environment and other locations such as User workstations. You are solely responsible for the authorization and management of User accounts, as well as export control and geographic transfer of Your Content .

18. FORCE MAJEURE

Neither of us shall be responsible for failure or delay of performance if caused by: an act of war, hostility, or sabotage; act of God; pandemic; electrical, internet, or telecommunication outage that is not caused by the obligated party; government restrictions (including the denial or cancelation of any export, import or other license); or other event outside the reasonable control of the obligated party. We both will use reasonable efforts to mitigate the effect of a force majeure event. If such event continues for more than 30 calendar days, either of us may cancel unperformed Services and affected orders upon written notice. This Section does not excuse either party’s obligation to take reasonable steps to follow its normal disaster recovery procedures or Your obligation to pay for the Services.

19. NOTICE

19.1. Any notice required under the Agreement shall be provided to the other party in writing. If You have a dispute with Aproove or if You wish to provide a notice under the ‘Indemnification’ Section of the Agreement, or if You become subject to insolvency or other similar legal proceedings, You will promptly send written postal notice to Aproove 1 Boulevard Initalis, 7000 Mons, Belgium marked for the attention of the Managing Director with a copy by e-mail at legal@aproove.com.

19.2. To request a termination of Services in accordance with the Agreement, You must submit a service request to Aproove at the address specified in the Order Form.

19.3. Aproove may give notices applicable to Aproove’s Cloud Services customer base by means of a general notice on the Aproove portal for the Cloud Services, and notices specific to You by electronic mail to Your e-mail address on record in Aproove’s account information or by written communication sent by first class mail or pre-paid post to Your address on record in Aproove’s account information.

20. ASSIGNMENT

You may not assign the Agreement or give or transfer the Services (including the Aproove Programs) or an interest in them to another individual or entity. If You grant a security interest in any portion of the Services, the secured party has no right to use or transfer the Services or any deliverables. The foregoing shall not be construed to limit the rights You may otherwise have with respect to Separately Licensed Third Party Technology licensed under open source or similar license terms.

21. OTHER

21.1. Aproove is an independent contractor and we agree that no partnership, joint venture, or agency relationship exists between us. We each will be responsible for paying our own employees, including employment related taxes and insurance. You shall defend and indemnify Aproove against liability arising under any applicable laws, ordinances or regulations related to Your termination or modification of the employment of any of Your employees in connection with any Services under the Agreement. You understand that Aproove’s business partners and other third parties, including any third party firms retained by You to provide consulting or implementation services or applications that interact with the Cloud Services, are independent of Aproove and are not Aproove’s agents. Aproove is not liable for, bound by, or responsible for any problems with the Services arising due to, any acts of any such business partner or third party, unless the business partner or third party is providing Services as an Aproove subcontractor on an engagement ordered under the Agreement and, if so, then only to the same extent as Aproove would be responsible for Aproove resources under the Agreement.

21.2. If any term of the Agreement is found to be invalid or unenforceable, the remaining provisions will remain effective and such term shall be replaced with another term consistent with the purpose and intent of the Agreement.

21.3. Except for actions for nonpayment or breach of Aproove’s proprietary rights, no action, regardless of form, arising out of or relating to the Agreement may be brought by either party more than two years after the cause of action has accrued.

21.4. You shall obtain at Your sole expense any rights and consents from third parties necessary for Your Content, as well as other vendor’s products provided by You that You use with the Services, including such rights and consents as necessary for Aproove to perform the Services under the Agreement.

21.5. You agree to provide Aproove with all information, access and full good faith cooperation reasonably necessary to enable Aproove to provide the Services and You will perform the actions identified in the Order Form as Your responsibilities.

21.6. You remain solely responsible for Your regulatory compliance in connection with Your use of the Services. You are responsible for making Aproove aware of any technical requirements that result from Your regulatory obligations prior to entering into an order governed by the Agreement. Aproove will cooperate with Your efforts to determine whether use of the standard Aproove Services offering is consistent with those requirements. Additional fees may apply to any additional work performed by Aproove or changes to the Services.

21.7. Aproove may audit Your use of the Services (e.g., through use of software tools) to assess whether Your use of the Services is in accordance with the Order Form and the terms of the Agreement. You agree to cooperate with Aproove’s audit and provide reasonable assistance and access to information. Any such audit shall not unreasonably interfere with Your normal business operations. You agree to pay within 30 calendar days of written notification any fees applicable to Your use of the Services in excess of Your rights. If You do not pay, Aproove can end Your Services and/or the Agreement. You agree that Aproove shall not be responsible for any of Your costs incurred in cooperating with the audit.

21.8. The purchase of Cloud Services, Professional Services, or other service offerings, programs or products are all separate offers and separate from any other order. You understand that You may purchase Cloud Services, Professional Services, or other service offerings, programs or products independently of any other order. Your obligation to pay under any order is not contingent on performance of any other service offerings or delivery of programs or products.

21.9. A failure by either Party at any time to require the performance of any obligation hereunder or enforce any provision hereof shall neither be construed as a waiver of any right or remedy hereunder nor in any way affect the validity of this Agreement or any part hereof. No waiver shall be effective unless given in writing, and no waiver of a breach of this Agreement shall constitute a waiver of any preceding or subsequent breach.

21.10. The Agreement may be executed in counterparts each of which shall be deemed an original Agreement for all purposes, including the judicial proof of any of the terms hereof; provided, however that all such counterparts shall constitute one and the same Agreement. The Agreement may be transmitted by facsimile, email or other electronic means and it is the intent of You and Aproove for the facsimile, scan, electronic or photocopy thereof of any signature to be an original signature and for the facsimile, scan, electronic or a photocopy thereof and any complete facsimile, scan, electronic photocopy of the Agreement to be deemed an original agreement for all legal purposes.

21.11. Electronic Signatures. Each party agrees that the electronic signatures, whether digital or encrypted, of the parties included in this Agreement are intended to authenticate this writing and to have the same force and effect as manual signatures. Delivery of a copy of this Agreement or any other document contemplated hereby bearing an original or electronic signature by facsimile transmission (whether directly from one facsimile device to another by means of a dial-up connection or whether mediated by the worldwide web), by electronic mail in “portable document format” (“.pdf”) form, or by any other electronic means intended to preserve the original graphic and pictorial appearance of a document, will have the same effect as physical delivery of the paper document bearing an original or electronic signature.

21.12. Either Party shall not hire or solicit for employment any employee or personnel of the other Party during the Duration hereof and for one (1) year thereafter.


22. ENTIRE AGREEMENT

22.1. You agree that the Agreement and the information which is incorporated into the Agreement by written reference (including reference to information contained in a URL or referenced policy), together with the applicable Order Form, is the complete agreement for the Services ordered by You and supersedes all prior or contemporaneous agreements or representations, written or oral, regarding such Services. Nothing in the Agreement excludes or limits Aproove’s liability for deceit or fraudulent misrepresentation.

22.2. It is expressly agreed that the terms of the Agreement and any Aproove order shall supersede the terms in any purchase order, procurement internet portal, or other similar non-Aproove document and no terms included in any such purchase order, portal, or other non-Aproove document shall apply to the Services ordered. In the event of any inconsistencies between the terms of an Order Form and this Approve Work Management Cloud Services Agreement, the Order Form shall take precedence; however, unless expressly stated otherwise in an order, the terms of the Data Processing Agreement shall take precedence over any inconsistent terms in the Order Form. Except as otherwise permitted in ‘Service Specifications’, ‘Data Protection’ and ‘Third Party Web Sites’ Sections with respect to the Services, the Agreement and orders hereunder may not be modified and the rights and restrictions may not be altered or waived except in a writing signed by authorized representatives of You and of Aproove. No third party beneficiary relationships are created by the Agreement.


23. GOVERNING LAW AND JURISDICTION

23.1. The Agreement (including matters of construction, enforcement, and performance) and any claim, controversy or dispute arising under, related to or in connection with this Agreement, the relationship of the parties to this Agreement, and/or the interpretation and enforcement of the rights, duties and obligations of the parties to this Agreement shall be governed by and construed in accordance with the laws of the State of New York (without regards to its choice of laws principles that would require the application of the laws of another jurisdiction).

23.2. You and Aproove agree to the exclusive jurisdiction of the Federal and State courts located in New York, New York and agree to submit to the exercise of personal jurisdiction of such courts for the purposes of any applicable claim or action.

***

Aproove Maintenance & Technical Support Services

pdf-usa   

For the most up-to-date legal T&Cs, kindly download the PDF using the link above.
Please Note;
Certain policies have a Europe-specific version; if no European download symbol is displayed, the US terms apply to both North America and Europe.


BY ACCEPTING THIS AGREEMENT THROUGH AN ORDERING DOCUMENT THAT INCORPORATES THIS AGREEMENT, YOU AGREE TO FOLLOW AND BE BOUND BY THE TERMS AND CONDITIONS OF THIS AGREEMENT. IF YOU ARE ENTERING INTO THIS AGREEMENT ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO BIND SUCH ENTITY TO THE TERMS AND CONDITIONS OF THIS AGREEMENT AND, IN SUCH EVENT, “YOU” AND “YOUR” AS USED IN THIS AGREEMENT SHALL REFER TO SUCH ENTITY. IF YOU DO NOT HAVE SUCH AUTHORITY, OR IF YOU OR SUCH ENTITY DO NOT AGREE TO THE TERMS AND CONDITIONS OF THIS AGREEMENT, YOU MAY NOT USE THE SERVICES.




APROOVE WORK MANAGEMENT
MAINTENANCE AND TECHNICAL SUPPORT SERVICES AGREEMENT


This Aproove Work Management Maintenance and Technical Support Services Agreement is between Aproove SA, 1 Boulevard Initalis, 7000 Mons, Belgium, Crossroads bank for Enterprise number 0867.065.974 (“Aproove”) and the individual or entity that has executed the Agreement (“You” and/or ‘Client”). This Agreement sets forth the terms and conditions that govern orders placed by You for Services under the Agreement.

1. AGREEMENT DEFINITIONS


1.1. "Agreement” means the agreement between Approve and You, which comprises the contractual documents listed in the Order Form including but not limited to this Maintenance and Technical Support Services Agreement.

1.2. “Aproove Programs” refers to the software products owned or licensed by Aproove to which Aproove grants You access as part of the Agreement, and any program updates provided as part of the Agreement.

1.3. “Error” means a reproducible defect in the Aproove Programs when operated in accordance with the Documentation, which causes the Aproove Programs not to operate substantially in accordance with the Documentation.

1.4. “Fix” means a solution and/or additional or replacement lines of code in the Aproove Programs provided by Aproove to remedy an Error in the Aproove Programs that caused the Aproove Programs not to operate substantially in accordance with the Documentation.

1.5. “Maintenance Release” has the meaning set forth in Section 4.1.1 herein.

1.6. “Maintenance Services” has the meaning set forth in Section 4 herein.

1.7. “Major Release” has the meaning set forth in Section 4.1.3 herein.

1.8. “Minor Release” has the meaning set forth in Section 4.1.2 herein.

1.9. “Order Form”, the order form executed by You in order to enter into the Agreement with Aproove.

1.10. “Program Documentation” refers to the user manuals referenced within the Agreement, as well as any help windows and readme files for the Aproove Programs. The Program Documentation describes technical and functional aspects of the Aproove Programs. You may access the documentation online at https://www.aproove.com/legals or such other address specified by Aproove.


1.11. “Standard Support Hours” has the meaning set forth in Section 3.1.1 herein.

1.12. “Support Services” has the meaning set forth in Section 3 herein.

1.13. “Users” means those employees, contractors and end users, as applicable, authorized by You or on Your behalf to use the Aproove Programs in accordance with the Agreement.

1.14. “Workaround” means a temporary solution to an Error.

1.15. “Work Product” has the meaning set forth in Section 4.2 herein.

1.16. “You” and “Your” refers to the individual or entity that has executed the Agreement.



1.17. “Separate Terms” refers to separate license terms between You and a third party licensor that are specified in the Program Documentation, Service Specifications, readme or notice files and that apply to Separately Licensed Third Party Technology.

1.18. “Separately Licensed Third Party Technology” refers to third party technology that is licensed under Separate Terms and not under the terms of the Agreement.

1.19. “Services” means, collectively, both the Cloud Services and Professional Services that You have ordered.

1.20. “Services Environment” refers to the combination of hardware and software components owned, licensed or managed by Aproove to which Aproove grants You and Your Users access as part of the Cloud Services which You have ordered. As applicable and subject to the terms of the Agreement, Aproove Programs, Your Content may be hosted in the Services Environment.

1.21. “Service Specifications” means the descriptions accessible online at https://www.aproove.com, or such other address specified by Aproove, that are applicable to the Services under the Agreement, including any Program Documentation, hosting, support and security policies (for example, Aproove Cloud Hosting and Delivery Policies), and other descriptions referenced or incorporated in such descriptions or in the Order Form.

1.22. “Services Period” refers to the period of time for which You ordered Cloud Services as specified in the Order Form.

1.23. “Your Content” means all text, files, images, graphics, illustrations, information, audio, video, photographs, data (including Personal Data as that term is defined in the Data Processing Agreement for Aproove Work Cloud Services described in ‘Data Protection’ Section below) and other content and material in any format, provided by You or Your Users that reside in, or run on or through, the Services Environment.

2. TERM OF AGREEMENT

This Agreement is valid for the Order Form which the Agreement accompanies.


3. SUPPORT SERVICES

3.1. Subject to the terms and conditions of the Agreement, Aproove shall provide You with Support Services as described in this Section 3.

3.1.1. Standard Support Hours. Aproove shall maintain standard service hours from Monday to Friday, between 8:30 AM and 5:30 PM in the customers timezone unless otherwise specified in the Order Form, excluding all Federal and State public holidays and Aproove company holidays.

3.1.2. Telephone Support. Aproove will provide telephone support for all Errors during the Standard Support Hours. Telephone technical support includes assistance relating to any Fixes or Workarounds. The support line is not toll free. Phone number : +1 847-857-7558

3.1.3. E-mail Support. Aproove shall provide e-mail support during Standard Support Hours. Address: support@aproove.com.

3.1.4. Support requests outside Standard Support Hours. All voicemails and emails will receive a response during the next normal Business Day. Voicemail requests marked “urgent” and that are actually urgent will receive a live response within one hour of the start of the next normal Business Day.

3.1.5. Remote Support. Initial support will be provided in part by directing you to use certain diagnostic tools available in the Aproove Programs or on Aproove’s website. If this proves insufficient to resolve the support request, and only if (a) You have granted explicit permission, and (b) You establish and maintain the appropriate network configuration, then Aproove personnel may access the Aproove Programs remotely for support purposes. If any or part of your Aproove sofware is hosted outside of Aproove’s managed Microsoft Azure environment, Aproove must have the ability to connect via VPN or any other mutually agreed method, if Aproove are unable to connect to servers hosted by the client (either for technical or security reasons) then the SLA commitments are void.

3.1.6. Direct contact with Aproove engineers. This Agreement offers access to the Aproove Partner Portal system used by Aproove engineering and technical support staff and the customer Jira helpdesk system. Customers are not permitted to email or telephone our support engineers directly. Support tickets must be logged via email support@aproove.com or via telephone +1 847-857-7558. Contacting Aproove engineers directly and outside of the helpdesk voids the SLA.

3.1.7. Travel and Other Expenses. Support Services provided hereunder shall be provided from Aproove’s principal place of business. Should You request that Aproove send personnel to any Your facility to resolve any Error in the Aproove Programs, You shall pay Aproove’s reasonable travel, meals and lodging expenses. Under such circumstances, You shall also pay actual costs for supplies and other expenses reasonably incurred by Aproove and necessary for the Support Services, as well as the hourly rate for all Aproove personnel for such travel and Support Services. The timing for onsite requirement is dependent on Aproove’s scheduling and availability.

New clause
4. MAINTENANCE SERVICES

4.1. Subject to the terms and conditions of the Agreement, Aproove may, but is not obligated to, provide periodic software releases, product updates, feature enhancements, patches, and software bug-fixes as described in this Section 3 (“ Maintenance Services “):

4.1.1. Maintenance Releases. Aproove may provide periodic Maintenance Releases. “Maintenance Releases” are generally available release of the Aproove Programs that provide Fixes only. Such a release shall be denoted by a change in the digit to the right of the second decimal point - for example, 3.0.0 to 3.0.1.

4.1.2. Minor Releases. Aproove may provide periodic Minor Releases. A “Minor Release” is a generally available release of the Aproove Programs that provides enhancements designated minor by Aproove, as well as Fixes. Such a release shall be denoted by a change in the digit to the right of the first decimal point - for example, 3.0 to 3.1.

4.1.3. Major Releases. Aproove may provide periodic Major Releases. “Major Releases” are generally available releases of the Aproove Programs that provides enhancements designated as major by Aproove, as well as minor new enhancements and Fixes. Such a release is denoted by a change in the digit to the left of the first decimal point - for example, 3.0 to 4.0.

4.2. Intellectual Property. All Fixes, enhancements, new releases (including, without limitation, Maintenance Releases, Minor Releases, and Major Releases), updates, or Workarounds and any other work product created by Aproove and/or on Aproove’s behalf in connection with the Support and Maintenance Services provided under this Aproove Work Management Maintenance and Technical Support Services Agreement (“Work Product”) are and shall remain the exclusive property of Aproove, regardless of whether You, Your employees, or agents may have contributed to the conception, joined in its development, or paid Aproove for the development or use of the Work Product. Such Work Product shall be considered as the Aproove Programs, and subject to the terms and conditions contained herein and in the Agreement. If for some reason You obtains any rights whatsoever in any Work Product, You shall hereby expressly and irrevocably assign to Aproove and its successors and assigns, all right, title and interest to any such Work Product, and the intellectual property rights thereto. You shall give Aproove and its attorneys all reasonable assistance in connection with the preparation and prosecution of any patent applications and shall cause to be executed all such assignments or other instruments or documents as Aproove may consider necessary or appropriate to carry out the foregoing.

4.3. Planned Maintenance. For planned maintenance likely to impact the accessibility of the Aproove Programs, Aproove shall inform You in advance in order to minimize the impact on Users. Wherever possible, Aproove shall notify You at least 48 hours before the scheduled date for the execution of the planned maintenance operation and inform to what extent the Aproove Programs will be affected. Aproove will endeavor to schedule the action at a time that least impacts the Users (preferably outside office hours).


5. LIMITATIONS ON SCOPE OF SUPPORT AND MAINTENANCE SERVICES

5.1. Aproove shall have no obligation to provide Support Services or Maintenance Services for the Aproove Programs except as set forth in this Aproove Work Management Maintenance and Technical Support Services Agreement. Aproove shall not have any responsibility to develop subsequent components for Aproove Programs or additional processes for You, except as explicitly set forth herein and/or in the Order Form.

5.2. Aproove shall use reasonable effort to provide modifications or additions to correct Errors in Aproove Programs reported by You. Nevertheless, Aproove shall have no obligation to fix Errors in the Aproove Programs within specific time duration due to the nature of software operating in a multivendor environment.

5.3. Your rights and obligations concerning the use of any Fixes, Maintenance Releases, Minor Releases, Major Releases, Workarounds and Work Product (or any other programming provided by Aproove relating to the Aproove Programs) shall be as provided under the Agreement. Aproove shall have sole and exclusive ownership of all right, title, and interest in and to such works (including ownership of all Intellectual Property Rights and other proprietary rights pertaining thereto), subject only to the limited license expressly granted to You in the Agreement if any.

5.4. The Support and Maintenance Services do not include or cover: (a) Development of custom computer programs or applications; (b) Repairs or service relating to any third party software or hardware ; (c) Hardware modifications or changes to existing hardware configurations, outside the scope of warranty support ; (d) Support of the Aproove Programs which has been modified or repaired other than by Aproove ; (e) Making specification changes or performing services connected with the relocation of the Aproove Programs; (f) Modification or replacement of the Aproove Programs, repair of damage, or increase in service time caused by failure to continually provide a suitable operational environment with all facilities prescribed by the applicable documentation; including, but not limited to, the failure to provide or the failure of adequate electrical power, temperature or humidity control, or computing environment; (g) Modification or replacement of the Aproove Programs, repair of damage, or increase in service time caused by the use of the Aproove Programs for other than the purposes for which it is authorized or not in accordance with the Documentation; (h) Modification or replacement of the Aproove Programs, repair of damage, or increase in service time caused by: accident, natural or man-made disaster which shall include but not be limited to fire, water, wind, and lightning, transportation, neglect or misuse ; (i) Modification or replacement of the Aproove Programs, or increase in service time caused by the use of the Aproove Programs in combination with other products or materials not furnished by Aproove or in combination with other products or materials furnished by, but not combined by Aproove; (j) Backing up or restoring programs and/or data, including any Your data; (k) Keying, importing, converting or manipulation of data, including any Your data; (l) On-site or formal classroom training on the operation and use of the Aproove Programs; (m) Creation of any new non-standard, defined reports; or (n) Installation of the Aproove Programs and installation of releases, updates, feature enhancements, patches, and software bug-fixes. At Your request and in APROOVE's sole discretion, Aproove may perform any of the foregoing services on a billable special service basis or as part of a separate professional services agreement. You agrees that any services rendered pursuant to a You request for service which is determined by Aproove to have been caused by a problem set forth above will be considered a special service.

5.5. You are responsible for ensuring that all appropriate personnel are knowledgeable in the operation and use of the Aproove Programs (pursuant to the Program Documentation) and associated equipment.

5.6. The level of support that Aproove is able to provide is dependent upon Your cooperation and the quantity of information that You provide. If Aproove cannot reproduce a problem or if You cannot successfully gather adequate troubleshooting information, Aproove may need temporary login access to Your system to identify and address the problem, and may not be able to resolve a problem if such cooperation, information, and/or access is not adequately provided.

6. WARANTIES, LIMITATIONS AND REMEDIES

6.1. Aproove warrants that it will use reasonable efforts to perform the Support Services in compliance with generally accepted industry standards for providing services similar to the Support Services, provided that: (a) the Aproove Programs has not been modified, changed, or altered by anyone other than Aproove; (b) the operating environment, including both hardware and systems software, meets or exceeds Aproove’s recommended specifications; (c) the computer hardware is in good operational order and is installed in a suitable operating environment; (d) You promptly notifies Aproove of its need for service; (e) You provides adequate troubleshooting information and access so that Aproove can identify and address problems; and (f) all Fees due to Aproove have been paid.

6.2. EXCEPT AS SET FORTH IN SECTION 6.1 HEREIN, THERE ARE NO OTHER WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, WITH RESPECT TO THIS APROOVE WORK MANAGEMENT MAINTENANCE AND TECHNICAL SUPPORT SERVICES AGREEMENT, AND THE SUPPORT SERVICES AND MAINTENANCE SERVICES TO BE PROVIDED BY APROOVE UNDER IT INCLUDING, BUT NOT LIMITED TO, ANY AND ALL IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF: (i) MERCHANTABILITY; (ii) FITNESS FOR PARTICULAR PURPOSE; (iii) EFFORT TO ACHIEVE PURPOSE; (iv) QUALITY; (v) ACCURACY; (vi) NON-INFRINGEMENT; (vii) TITLE; (viii) MARKETABILITY; (ix) PROFITABILITY; (x) SUITABILITY; AND/OR (xi) ANY TYPE ARISING FROM COURSE OF PERFORMANCE, COURSE OF DEALING OR USAGE OF TRADE.

6.3. Your sole and exclusive remedy and Aproove’s only obligation under the warranty set forth in Section 6.1 herein, is to redo the Support Services until the Aproove Programs conforms to the most recent Documentation. In the event that such Support Services cannot be provided within a reasonable time after written notification, Your sole and exclusive remedy is to terminate this Agreement upon written notice to Aproove and to receive a refund of any Maintenance Fees paid for the period beginning on the date the Error requiring correction was reported to APROOVE.

***


Aproove Data Processing Agreement
pdf-usa

For the most up-to-date legal T&Cs, kindly download the PDF using the link above.
Please Note;
Certain policies have a Europe-specific version; if no European download symbol is displayed, the US terms apply to both North America and Europe.



Data Processing Agreement for Aproove Services

(“Data Processing Agreement ”)


1. SCOPE AND APPLICABILITY

1.1. This Data Processing Agreement applies to Aproove’s processing of Personal Data on Your behalf as a Processor for the provision of the Services specified in Your Services Agreement. Unless otherwise expressly stated in Your Services Agreement, this version of the Data Processing Agreement shall be effective and remain in force for the term of Your Services Agreement.

1.2. The scope and duration, as well as the extent and nature of the collection, processing and use of Client Personal Data under this Data Processing Agreement shall be as defined in the Services Agreement. The term of this Data Processing Agreement corresponds to the duration of the Services Agreement.

1.3. The parties acknowledge that GDPR will apply to the processing of Client Personal Data if, for example, the processing is carried out in the context of the activities of an establishment of Clients in the territory of the EU. The parties further agree that U.S. Data Protection Laws, including the CCPA, may also apply to the processing of Client Personal Data. Unless expressly stated in this Data Processing Agreement, this Data Processing Agreement will apply irrespective of whether GDPR or U.S. Data Protection Law applies to the processing of Client Personal Data.


2. DEFINITIONS

The terms below shall have the following meanings:

“Aproove” means the Aproove Affiliate that has executed the Services Agreement.

“Aproove Affiliate(s)” means the affiliated company(ies) of the Aproove group as listed in Annex 3.

“CCPA” means the California Consumer Privacy Act, as may be amended from time to time, and any rules or regulations implementing the foregoing.

“Client”, “you”, “your” means the individual or entity that has executed the Services Agreement.

"Client Personal Data" means the personal data processed by Aproove on your behalf in the course of providing the Services to you.

“Controller” means the entity which determines the purposes and means of the processing of Personal Data as defined in the Data Protection Law, including as applicable any "business' as defined under the CCPA.

"data processor", "data subject", "personal data", "processing" "subprocessor" and "appropriate technical and organisational measures” as used in this Data Processing Agreement shall have the meanings given in the GDPR irrespective of whether GDPR or U.S. Data Protection Law applies.

"Data Protection Law" means the GDPR, the applicable U.S. Data Protection Law, the Swiss Federal Act of 19 June 1992 on Data Protection, as amended and the UK Data Protection Act 2018, that are applicable to the processing of Client Personal Data under this Data Processing Agreement.

“End Users” means an individual you permit or invite to use the Services. For the avoidance of doubt: (a) individuals invited by your End Users, (b) individuals under managed accounts, and (c) individuals interacting with a Service as your customers, suppliers or other third parties are also considered End Users.

“Europe” means for the purposes of this Data Processing Agreement (i) the European Economic Area, consisting of the EU Member States, Iceland, Lichtenstein and Norway; (ii) Switzerland and (iii) the UK after it withdraws from the EU.

“GDPR” means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation),as supplemented by applicable EU Member State law and as incorporated into the EEA Agreement;.

“Personal Data Breach” means a breach of security leading to the misappropriation or accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise Processed on Aproove systems or the Services environment that compromises the security, confidentiality or integrity of such Personal Data.

“Processor” means the entity which Processes Client Personal Data on behalf of the Controller means, collectively, both the Cloud Services and Professional Services, including as applicable any “service provider” as defined by the CCPA.

“Services” means our means, collectively, both the Cloud Services and Professional Services provided to you under the Services Agreement.

“Services Agreement” means (i) the applicable order for the Services you have purchased from Aproove;
(ii) the applicable cloud services agreement referenced in the applicable Order Form, and (iii) the Service Specifications.

“U.S. Data Protection Law” means data protection or privacy laws applicable to Client Personal Data in force within the United States, including the CCPA.

Other capitalized terms have the definitions provided for them in the Services Agreement.


3. PROCESSING OF PERSONAL DATA

3.1. The provisions of this Section 3 shall apply where Data Protection Law applies to your processing of Client Personal Data and where we process that Client Personal Data as a data processor in the course of providing you the Services. If U.S. Data Protection Law applies to either party’s processing of Client Personal Data, the relevant party will comply with any obligations applicable to it under that law with respect to the processing of that Client Personal Data.

3.2. The subject-matter of the data processing is providing the Services and the processing will be carried out until we cease to provide any Services to you. Annex 1 of this Data Processing Agreement sets out the nature and purpose of the processing, the types of Client Personal Data we process and the data subjects whose Client Personal Data is processed.

3.3. You are responsible for ensuring that the processing of personal data takes place in compliance with Data Protection Law and this Data Processing Agreement. You have the right and obligation to make decisions about the purposes and means of the processing of personal data. You shall be responsible, among other, for ensuring that the processing of personal data, which we are instructed to perform, has a legal basis.

Aproove provides a HIPAA-, SOC 2, and ISO 27001:2022-compliant environment designed to support our clients in meeting their own regulatory compliance requirements. Aproove processes personal data solely in accordance with documented instructions from you. However, Aproove is not responsible for the content, quality, or legality of the data you or your End Users input, upload, or process within our service. Responsibility for managing and safeguarding the data inputted by you remains solely with you.

While our compliance with HIPAA, SOC 2, and ISO 27001:2022 covers the technical and procedural measures within our platform to ensure a secure and compliant data processing environment, it does not extend to your data handling practices outside our platform. You are solely responsible for the accuracy, legality, and appropriateness of data shared or processed within our platform and must ensure their use of our services aligns with any regulatory obligations applicable to your business.

To maintain data security and compliance within Aproove’s services, you should take appropriate steps to ensure that all data you input complies with applicable laws, regulations, and best practices. You must also manage access controls, restrict data sharing, and regularly review data practices to ensure compliance within your scope of responsibility. Aproove remains committed to supporting these efforts through ongoing updates to our security controls and compliance measures as per industry standards.

Aproove will process any Personally Identifiable Information (PII) or Data Disclosure requests related to our own Marketing, HR, Finance, and Aproove Software operations. However, any data uploaded, stored, or processed on the Aproove platform by you remains out of scope for Aproove's responsibility. Such data is fully owned and managed by the Client who uploaded it, and Aproove serves as the data processor only in a technical capacity.

Clients retain full responsibility and ownership over all data they upload and are accountable for managing and responding to any regulatory requirements related to this data. This includes meeting any legal or compliance obligations, implementing necessary access controls, and addressing data requests pertaining to the information they store within the Aproove platform.

3.4. When we process Client Personal Data in the course of providing Services to you, we will:

3.4.1. process the Client Personal Data only in accordance with documented instructions from you (as set forth in this Data Processing Agreement or the Services Agreement or as directed by you through the Services). If applicable law requires us to process the Client Personal Data for any other purpose, we will inform you of this requirement first, unless such law(s) prohibit this on important grounds of public interest;

3.4.2. notify you promptly if, in our opinion, an instruction for the processing of Client Personal Data given by you infringes applicable Data Protection Law;

3.4.3. assist you, taking into account the nature of the processing:

a) by appropriate technical and organizational measures and where possible, in fulfilling your obligations to respond to requests from data subjects exercising their rights;

b) in ensuring compliance with the obligations pursuant to Articles 32 to 36 of the GDPR, taking into account the information available to us; and

c) by making available to you all information reasonably requested by you for the purpose of demonstrating that your obligations relating to the appointment of processors as set out in Article 28 of the GDPR have been met.

3.4.4. We will not provide access to or transfer any Client Personal Data to any third party for their independent use (e.g., purposes unrelated to the provision of the Services) without your prior written consent. By agreeing to this Data Processing Agreement, you consent to our use of Aproove affiliates and the third-party sub-processors listed in Annex 5 – “List of Approved Sub-processors” for the purposes described herein.

We reserve the right to update the list of approved sub-processors. In such cases, you will have 45 days to object by terminating the Services Agreement for convenience. To stay informed about updates, please refer to https://www.aproove.com/legals#tab3, where the most recent and active version of this Data Processing Agreement is maintained, including Annex 5.

When engaging sub-processors to process Client Personal Data, we remain responsible for their performance. Our agreements with these sub-processors will include terms that are at least as protective of your rights as those contained in this Agreement and as required by applicable Data Protection Law.


3.4.5. ensure that our personnel required to access the Client Personal Data are subject to a binding duty of confidentiality with regard to such Client Personal Data;

3.4.6. except as set forth in Section 3.3.5 above or in accordance with documented instructions from you (as set forth in this Data Processing Agreement or the Services Agreement or as directed by you through the Services), ensure that none of our personnel publish, disclose or divulge any Client Personal Data to any third party;

3.4.7. upon your written request following the expiration or earlier termination of the Services Agreement securely return to you such Client Personal Data, and unless prohibited under applicable law delete such Client Data in our possession in compliance with procedures and retention periods outlined in our Services Agreement;

3.4.8. on the condition that you have entered into an applicable non-disclosure agreement with us:

a) allow you and your authorized representatives to access and review up-to- date attestations, certifications, reports or extracts thereof from independent bodies (e.g., external auditors, internal audit, data protection auditors) or other suitable certifications to ensure compliance with the terms of this Data Processing Agreement; or

b) where required by Data Protection Law or the Standard Contractual Clauses (where the GDPR is applicable) contained in Annex 4 (and in accordance with this Section 3.4.8), allow you and authorized representatives to conduct audits (including inspections) during the term of the Services Agreement to ensure compliance with the terms of this Data Processing Agreement. Notwithstanding the foregoing, any audit must be conducted during our regular business hours, with reasonable advance notice to us and subject to reasonable confidentiality procedures. The scope of any audit shall not require us to disclose to you or your authorized representatives, or to allow you or your authorized representatives to access:

  • any data or information of any other Aproove Client;

  • any Aproove internal accounting or financial information;

  • any Aproove trade secret;

  • any information that, in our reasonable opinion could: 1) compromise the security of our systems or premises; or 2) cause us to breach our obligations under Data Protection Law or our security, confidentiality and or privacy obligations to any other Aproove Client or any third party; or
  • any information that you or your authorized representatives seek to access for any reason other than the good faith fulfilment of your obligations under the Data Protection Law and our compliance with the terms of this Data Processing Agreement.

    c) In addition, audits shall be limited to once per year, unless 1) we have experienced a Personal Data Breach within the prior twelve (12) months which has impacted your Client Personal Data; or 2) an audit reveals a material noncompliance. If we decline or are unable to follow your instructions regarding audits permitted under this Section 3.4.8 (or the Standard Contractual Clauses, where applicable), you are entitled to terminate this Data Processing Agreement and the Services Agreement for convenience.

    4. PROCESSING OF CLIENT PERSONAL DATA SUBJECT TO U.S. DATA PROTECTION LAW

    The parties agree that this section 4 shall apply only to Client Personal Data that is protected by U.S. Data Protection Law. In addition to the processing requirements set out in Section 3 above, where we process Client Data Under U.S. Data Protection Law, we shall not retain, use, sell or otherwise disclose Client Personal Data other than as required by law or as needed to provide the Services to you. For purposes of this section 4, the term “sell” shall have the meanings given in the CCPA irrespective of whether CCPA or GDPR applies.

    5. SECURITY AND NOTIFICATION OF PERSONAL DATA BREACH

    5.1. We shall implement and maintain appropriate technical and organizational measures to protect the Client Personal Data against unauthorized or unlawful processing and against accidental loss, destruction, damage, theft, alteration or disclosure in accordance with Annex 2. These measures shall be appropriate to the harm which might result from any unauthorized or unlawful processing, accidental loss, destruction, damage or theft of Client Personal Data and appropriate to the nature of the Client Personal Data which is to be protected. We may amend the technical and organizational measures, provided that the new measures do not fall short of the level of security provided by the specified measures

    5.2. If we become aware of and confirm any Personal Data Breach we will notify you without undue delay. We shall assist You in notifying the personal data breach to the competent supervisory authority.

    6. DATA TRANSFERS

    The parties agree that this section 6 shall apply only to Client Personal Data that is protected by GDPR and such Client Personal Data is transferred outside the European Economic Area (EEA) to Aproove, either directly or via onward transfer.

    6.1. EU-U.S. and Swiss-U.S. Privacy Shield Frameworks
    Aproove Affiliates comply with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks ("Privacy Shield"). Where the transfer of Client Personal Data is made to a Privacy Shield-certified entity, we agree to process Client Personal Data covered by Privacy Shield in accordance with the Privacy Shield Principles. We agree to comply with Privacy Shield throughout the term of the Services Agreement.

    6.2. European Commission Standard Contractual Clauses (2010/87/EU)
    The terms of the Standard Contractual Clauses outlined in Annex 4 will apply where the applicable transfer of Client Personal Data is (a) not subject to the laws of a jurisdiction recognized by the European Commission as providing an adequate level of protection for personal data (as described in the GDPR); or (b) not covered by a suitable framework or other legally adequate transfer mechanism recognized by the relevant authorities or courts as providing an adequate level of protection for personal data, including but not limited to EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. In the event of any conflict or inconsistency between the provisions of this Data Processing Agreement and the Standard Contractual Clauses outlined in Annex 4, the provisions of the Standard Contractual Clauses shall prevail. In the event that any provision of the Standard Contractual Clauses is held illegal or unenforceable in a judicial proceeding, such provision shall be severed and shall be inoperative, and the remainder of the Standard Contractual Clauses and the terms of this Data Processing Agreement shall remain operative and binding on the parties.

    7. MISCELLANEOUS.

    7.1. Client acknowledges and agrees that as part of providing the Services and services, Aproove has the right to use data relating to or obtained in connection with the operation, support or use of the Services for its legitimate internal business purposes, such as to support billing processes, to administer the Services, to improve, benchmark, and develop our products and services, to comply with applicable laws (including law enforcement requests), to ensure the security of our Services and to prevent fraud or mitigate risk. To the extent any such data is personal data, Aproove warrants and agrees that: (i) it will process such personal data in compliance with Data Protection Law and only for the purposes that are compatible with those described in this Section 7.1; (ii) it will not use Client Personal Data for any other purpose or disclose it externally unless it has first aggregated and anonymised the data so that it does not identify the Client or any other person or entity. Aproove further agrees that it shall be a Controller and solely responsible and liable for any of its processing of personal data pursuant to this Section 7.1.

    7.2. Through use of the Services, as further described in the Services Agreement, you or your End Users, as applicable, may elect to grant third parties visibility to your data or content (which may include Client Personal Data). You also understand that user profile information for the Services may be publicly visible. Nothing in this Data Processing Agreement prohibits (and, for the avoidance of doubt, Sections 3.3.5 and 3.3.7 above do not apply to) Aproove making visible your data or content (which may include Client Personal Data) to third parties consistent with this paragraph, as directed by you or your End Users through the Services.

    7.3. In the event of any conflict or inconsistency between the provisions of the Services Agreement and this Data Processing Agreement, the provisions of this Data Processing Agreement shall prevail. This Data Processing Agreement is subject to the governing law and venue terms in the Services Agreement, except as otherwise provided in Annex 4 to the extent Annex 4 applies. For avoidance of doubt and to the extent allowed by applicable law, any and all liability under this Data Processing Agreement (including its Annexes) will be governed by the limitations of liability and other relevant provisions of the Services Agreement. Without limiting the foregoing, any liability arising under this Data Processing Agreement shall be subject to the limitations of liability under the Services Agreement as if such liability arose under the Services Agreement or the applicable order, and any liability of a party, its affiliates, their signatories or their suppliers arising under this Data Processing Agreement will be aggregated with any other applicable liability arising under the Services Agreement for purposes of applying any applicable liability caps. Save as specifically modified and amended in this Data Processing Agreement, all of the terms, provisions and requirements contained in the Services Agreement shall remain in full force and effect and govern this Data Processing Agreement. Except as otherwise expressly provided herein, no supplement, modification, or amendment of this Data Processing Agreement will be binding, unless executed in writing by a duly authorized representative of each party to this Data Processing Agreement. If any provision of the Data Processing Agreement is held illegal or unenforceable in a judicial proceeding, such provision shall be severed and shall be inoperative, and the remainder of this Data Processing Agreement shall remain operative and binding on the parties.


    ***



    Annex 1
    Data


    A.1. Data subjects

    The personal data concern End Users of the Services, in addition to individuals whose personal data is supplied by End Users of the Services.

    A.2. Categories of data

    The personal data transferred concern the following categories of data:

    • Direct identifying information (e.g., name, email address, telephone).

    • Indirect identifying information (e.g., job title, gender, date of birth).

    • Device identification data and traffic data (e.g., IP addresses, MAC addresses, web logs).

    • Any personal data supplied by users of the Services.

    A.3. Special categories of data

    Aproove does not knowingly collect (and Client or End Users shall not submit or upload) any special categories of data (as defined under the Data Protection Legislation).

    A.4. Purposes of processing

    The personal data is processed for the purposes of providing the Services in accordance with the Services Agreement.


    Annex 2
    Security Measures


    1. Access control to premises and facilities

    Measures must be taken to prevent unauthorized physical access to premises and facilities holding personal data. Measures shall include:

    • Access control system

    • ID reader, magnetic card, chip card

    • (Issue of) keys

    • Door locking (electric door openers etc.)

    • Surveillance facilities

    • Alarm system, video/CCTV monitor

    • Logging of facility exits/entries

    2. Access control to systems

    Measures must be taken to prevent unauthorized access to IT systems. These must include the following technical and organizational measures for user identification and authentication:

    • Password procedures (incl. special characters, minimum length, forced change of password)

    • No access for guest users or anonymous accounts

    • Central management of system access

    • Access to IT systems subject to approval from HR management and IT system administrators

    3. Access control to data

    Measures must be taken to prevent authorized users from accessing data beyond their authorized access rights and prevent the unauthorized input, reading, copying, removal modification or disclosure of data. These measures shall include:

    • Differentiated access rights

    • Access rights defined according to duties

    • Automated log of user access via IT systems

    • Measures to prevent the use of automated data-processing systems by unauthorized persons using data communication equipment


    4. Disclosure control

    Measures must be taken to prevent the unauthorized access, alteration or removal of data during transfer, and to ensure that all transfers are secure and are logged. These measures shall include:

    • Compulsory use of a wholly-owned private network for all data transfers

    • Encryption using a VPN for remote access, transport and communication of data.

    • Creating an audit trail of all data transfers

    5. Input control

    Measures must be put in place to ensure all data management and maintenance is logged, and an audit trail of whether data have been entered, changed or removed (deleted) and by whom must be maintained.

    Measures should include:

    • Logging user activities on IT systems

    • That it is possible to verify and establish to which bodies personal data have been or may be transmitted or made available using data communication equipment

    • That it is possible to verify and establish which personal data have been input into automated data-processing systems and when and by whom the data have been input;

    6. Job control

    Measures should be put in place to ensure that data is processed strictly in compliance
    with the data importer’s instructions. These measures must include:

    • Unambiguous wording of contractual instructions

    • Monitoring of contract performance

    7. Availability control

    Measures should be put in place designed to ensure that data are protected against accidental destruction or loss.

    These measures must include:

    • Installed systems may, in the case of interruption, be restored

    • Systems are functioning, and that faults are reported

    • Stored personal data cannot be corrupted by means of a malfunctioning of the system

    • Uninterruptible power supply (UPS)

    • Business Continuity procedures

    • Remote storage

    • Anti-virus/firewall systems

    8. Segregation control

    Measures should be put in place to allow data collected for different purposes to be processed separately.

    These measures should include:

    • Restriction of access to data stored for different purposes according to staff duties.

    • Segregation of business IT systems

    • Segregation of IT testing and production environments




    Annex 3
    Aproove Affiliates


    • Aproove SA, a company incorporated under the laws of Belgium with registered office at 1, Boulevard Initalis, 7000 Mons, Belgium and registered with Crossroads bank for Enterprise under number 0867.065.974.

    • Aproove Technologies, Inc., an Illinois corporation, with offices located at 132 N. York Street, Suite 1A, Elmhurst, IL 60120


    Annex 4 – Standard Contractual Clauses

    Standard contractual clauses for the transfer of personal data from the Community to third countries (controller to processor transfers)

    Data Transfer Services Agreement


    For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection

    Aproove (hereinafter the "data importer") and
    Client (hereinafter the "data exporter")

    each a “party”; together “the parties”,
    HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Annex 1.

    Clause 1

    Definitions

    For the purposes of the Clauses:
    (a) 'personal data', 'special categories of data', 'process/processing', 'controller', 'processor', 'data subject' and 'supervisory authority' shall have the same meaning as in Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data;
    (b) 'the data exporter' means the controller who transfers the personal data;
    (c) 'the data importer' means the processor who agrees to receive from the data exporter personal data intended for processing on his behalf after the transfer in accordance with his instructions and the terms of the Clauses and who is not subject to a third country's system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC;
    (d) 'the subprocessor' means any processor engaged by the data importer or by any other subprocessor of the data importer who agrees to receive from the data importer or from any other subprocessor of the data importer personal data exclusively intended for processing activities to be carried out on behalf of the data exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract;
    (e) 'the applicable data protection law' means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data applicable to a data controller in the Member State in which the data exporter is established;
    (f) 'technical and organisational security measures' means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.

    Clause 2

    Details of the transfer

    The details of the transfer and in particular the special categories of personal data where applicable are specified in Annex 1 which forms an integral part of the Clauses.

    Clause 3

    Third-party beneficiary clause

    1. The data subject can enforce against the data exporter this Clause, Clause 4(b) to (i), Clause 5(a) to (e), and (g) to (j), Clause 6(1) and (2), Clause 7, Clause 8(2), and Clauses 9 to 12 as third-party beneficiary.
    2. The data subject can enforce against the data importer this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where the data exporter has factually disappeared or has ceased to exist in law unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law, as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity.
    3. The data subject can enforce against the subprocessor this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.
    4. The parties do not object to a data subject being represented by an association or other body if the data subject so expressly wishes and if permitted by national law.

    Clause 4

    Obligations of the data exporter

    The data exporter agrees and warrants:
    (a) that the processing, including the transfer itself, of the personal data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter is established) and does not violate the relevant provisions of that State;
    (b) that it has instructed and throughout the duration of the personal data processing services will instruct the data importer to process the personal data transferred only on the data exporter's behalf and in accordance with the applicable data protection law and the Clauses;
    (c) that the data importer will provide sufficient guarantees in respect of the technical and organisational security measures specified in Annex 2 to this contract;
    (d) that after assessment of the requirements of the applicable data protection law, the security measures are appropriate to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their

    implementation;
    (e) that it will ensure compliance with the security measures;
    (f) that, if the transfer involves special categories of data, the data subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC;
    (g) to forward any notification received from the data importer or any subprocessor pursuant to Clause 5(b) and Clause 8(3) to the data protection supervisory authority if the data exporter decides to continue the transfer or to lift the suspension;
    (h) to make available to the data subjects upon request a copy of the Clauses, with the exception of Annex 2, and a summary description of the security measures, as well as a copy of any contract for subprocessing services which has to be made in accordance with the Clauses, unless the Clauses or the contract contain commercial information, in which case it may remove such commercial information;
    (i) that, in the event of subprocessing, the processing activity is carried out in accordance with Clause 11 by a subprocessor providing at least the same level of protection for the personal data and the rights of data subject as the data importer under the Clauses; and
    (j) that it will ensure compliance with Clause 4(a) to (i).

    Clause 5

    Obligations of the data importer

    The data importer agrees and warrants:
    (a) to process the personal data only on behalf of the data exporter and in compliance with its instructions and the Clauses; if it cannot provide such compliance for whatever reasons, it agrees to inform promptly the data exporter of its inability to comply, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;
    (b) that it has no reason to believe that the legislation applicable to it prevents it from fulfilling the instructions received from the data exporter and its obligations under the contract and that in the event of a change in this legislation which is likely to have a substantial adverse effect on the warranties and obligations provided by the Clauses, it will promptly notify the change to the data exporter as soon as it is aware, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;
    (c) that it has implemented the technical and organisational security measures specified in Annex 2 before processing the personal data transferred;
    (d) that it will promptly notify the data exporter about:
    (i) any legally binding request for disclosure of the personal data by a law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation,
    (ii) any accidental or unauthorised access, and
    (iii) any request received directly from the data subjects without responding to that request, unless it has been otherwise authorised to do so;
    (e) to deal promptly and properly with all inquiries from the data exporter relating to its processing of the personal data subject to the transfer and to abide by the advice of the supervisory authority with regard to the processing of the data transferred;
    (f) at the request of the data exporter to submit its data processing facilities for audit of the processing activities covered by the Clauses which shall be carried out by the data exporter or an inspection body composed of independent members and in possession of the required professional

    qualifications bound by a duty of confidentiality, selected by the data exporter, where applicable, in agreement with the supervisory authority;
    (g) to make available to the data subject upon request a copy of the Clauses, or any existing contract for subprocessing, unless the Clauses or contract contain commercial information, in which case it may remove such commercial information, with the exception of Annex 2 which shall be replaced by a summary description of the security measures in those cases where the data subject is unable to obtain a copy from the data exporter;
    (h) that, in the event of subprocessing, it has previously informed the data exporter and obtained its prior written consent;
    (i) that the processing services by the subprocessor will be carried out in accordance with Clause 11; and
    (j) to send promptly a copy of any subprocessor agreement it concludes under the Clauses to the data exporter.

    Clause 6

    Liability

    1. The parties agree that any data subject, who has suffered damage as a result of any breach of the obligations referred to in Clause 3 or in Clause 11 by any party or subprocessor is entitled to receive compensation from the data exporter for the damage suffered.
    2. If a data subject is not able to bring a claim for compensation in accordance with paragraph 1 against the data exporter, arising out of a breach by the data importer or his subprocessor of any of their obligations referred to in Clause 3 or in Clause 11, because the data exporter has factually disappeared or ceased to exist in law or has become insolvent, the data importer agrees that the data subject may issue a claim against the data importer as if it were the data exporter, unless any successor entity has assumed the entire legal obligations of the data exporter by contract of by operation of law, in which case the data subject can enforce its rights against such entity.
    The data importer may not rely on a breach by a subprocessor of its obligations in order to avoid its own liabilities.

    3. If a data subject is not able to bring a claim against the data exporter or the data importer referred to in paragraphs 1 and 2, arising out of a breach by the subprocessor of any of their obligations referred to in Clause 3 or in Clause 11 because both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, the subprocessor agrees that the data subject may issue a claim against the data subprocessor with regard to its own processing operations under the Clauses as if it were the data exporter or the data importer, unless any successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law, in which case the data subject can enforce its rights against such entity. The liability of the subprocessor shall be limited to its own processing operations under the Clauses.

    Clause 7

    Mediation and jurisdiction

    1. The data importer agrees that if the data subject invokes against it third-party beneficiary rights and/or claims compensation for damages under the Clauses, the data importer will accept the decision of the data subject:
    (a) to refer the dispute to mediation, by an independent person or, where applicable, by the supervisory authority;

    (b) to refer the dispute to the courts in the Member State in which the data exporter is established.
    2. The parties agree that the choice made by the data subject will not prejudice its substantive or procedural rights to seek remedies in accordance with other provisions of national or international law.

    Clause 8

    Cooperation with supervisory authorities

    1. The data exporter agrees to deposit a copy of this contract with the supervisory authority if it so requests or if such deposit is required under the applicable data protection law.
    2. The parties agree that the supervisory authority has the right to conduct an audit of the data importer, and of any subprocessor, which has the same scope and is subject to the same conditions as would apply to an audit of the data exporter under the applicable data protection law.
    3. The data importer shall promptly inform the data exporter about the existence of legislation applicable to it or any subprocessor preventing the conduct of an audit of the data importer, or any subprocessor, pursuant to paragraph 2. In such a case the data exporter shall be entitled to take the measures foreseen in Clause 5 (b).

    Clause 9

    Governing Law

    The Clauses shall be governed by the law of the Member State in which the data exporter is established.

    Clause 10

    Variation of the contract

    The parties undertake not to vary or modify the Clauses. This does not preclude the parties from adding clauses on business related issues where required as long as they do not contradict the Clause.

    Clause 11

    Subprocessing

    1. The data importer shall not subcontract any of its processing operations performed on behalf of the data exporter under the Clauses without the prior written consent of the data exporter. Where the data importer subcontracts its obligations under the Clauses, with the consent of the data exporter, it shall do so only by way of a written agreement with the subprocessor which imposes the same obligations on the subprocessor as are imposed on the data importer under the Clauses. Where the subprocessor fails to fulfil its data protection obligations under such written agreement the data importer shall remain fully liable to the data exporter for the performance of the subprocessor's obligations under such agreement.
    2. The prior written contract between the data importer and the subprocessor shall also provide for a third-party beneficiary clause as laid down in Clause 3 for cases where the data subject is not able to bring the claim for compensation referred to in paragraph 1 of Clause 6 against the data exporter or the data importer because they have factually disappeared or have ceased to exist in law or have become insolvent and no successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law. Such third-party liability of the

    subprocessor shall be limited to its own processing operations under the Clauses.
    3. The provisions relating to data protection aspects for subprocessing of the contract referred to in paragraph 1 shall be governed by the law of the Member State in which the data exporter is established.
    4. The data exporter shall keep a list of subprocessing agreements concluded under the Clauses and notified by the data importer pursuant to Clause 5 (j), which shall be updated at least once a year. The list shall be available to the data exporter's data protection supervisory authority.

    Clause 12

    Obligation after the termination of personal data processing services

    1. The parties agree that on the termination of the provision of data processing services, the data importer and the subprocessor shall, at the choice of the data exporter, return all the personal data transferred and the copies thereof to the data exporter or shall destroy all the personal data and certify to the data exporter that it has done so, unless legislation imposed upon the data importer prevents it from returning or destroying all or part of the personal data transferred. In that case, the data importer warrants that it will guarantee the confidentiality of the personal data transferred and will not actively process the personal data transferred anymore.
    2. The data importer and the subprocessor warrant that upon request of the data exporter and/or of the supervisory authority, it will submit its data processing facilities for an audit of the measures referred to in paragraph 1.

    Annex 5 – List of Approved Sub-processors


    This Data Processing Annex outlines the approved sub-processors engaged by Aproove in connection with the processing of Client Personal Data under this Agreement.

    1. Sub-processor Details

    Name: Microsoft Azure
    Role: Infrastructure Environment Provider
    Scope of Processing: Microsoft Azure provides the cloud infrastructure services used by Aproove to deliver its platform and process Client Personal Data.
    Jurisdiction: Global (Data residency and processing in compliance with applicable Data Protection Laws).

    2. Terms and Obligations

    As a sub-processor, Microsoft Azure operates under its Microsoft Online Services Data Protection Addendum ("Microsoft DPA"), which governs its processing of personal data. The Microsoft DPA can be reviewed at the following link: Microsoft Online Services Data Protection Addendum.

    Aproove, as a processor, mirrors to the Client (the controller) the same rights and obligations received from Microsoft Azure under the Microsoft DPA. These include, but are not limited to:

    •    Data Security: Ensuring robust safeguards to protect personal data, including encryption, access controls, and security monitoring.
    •    Data Transfers: Complying with international transfer mechanisms as required by applicable Data Protection Law.
    •    Data Subject Rights: Facilitating the exercise of data subject rights as described in the Microsoft DPA.
    •    Audit Rights: Supporting audits and certifications, as outlined by Microsoft Azure.

    3. Aproove as Processor

    Aproove utilizes Microsoft Azure exclusively as its infrastructure provider. 
    Aproove is responsible for:

    1.    Ensuring compliance with obligations under applicable Data Protection Laws when using Microsoft Azure services.

    2.    Including terms in this Agreement that provide protections for the Client equivalent to those Microsoft Azure provides under the Microsoft DPA.

    3.    Providing transparency regarding Microsoft Azure's role as a sub-processor.


    4. Updates to Sub-processors

    If Aproove engages additional sub-processors or updates this list, we will notify the Client. The Client may object to such changes within forty-five (45) days of notice by terminating the Services Agreement for convenience.

    For ongoing updates to this list, refer to: https://www.aproove.com/legals#tab3.

    This annex is incorporated into and forms part of the Data Processing Agreement. All sub-processors engaged by Aproove, including Microsoft Azure, will adhere to terms no less protective than those stated herein.


    Appendix 1 to the Standard Contractual Clauses

    Data exporter
    Client Data
    importer
    Aproove

    Data subjects

    The personal data concern End Users of the Services, in addition to individuals whose personal data is supplied by End Users of the Services.

    Categories of data

    The personal data transferred concern the following categories of data:

    • Direct identifying information (e.g., name, email address, telephone).

    • Indirect identifying information (e.g., job title, gender, date of birth).

    • Device identification data and traffic data (e.g., IP addresses, MAC addresses, web logs).

    • Any personal data supplied by users of the Cloud Product.

    Special categories of data

    Aproove does not knowingly collect (and Client or End Users shall not submit or upload) any special categories of data (as defined under the Data Protection Legislation).

    Purposes of processing

    The personal data is processed for the purposes of providing the Services in accordance with this Services Agreement.

    Appendix 2 to the Standard Contractual Clauses

    Description of the technical and organizational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c):

    The technical and organizational security measures implemented by the data importer are as described in Annex 2 of the Data Processing Data Processing Agreement.

Aproove Privacy Policy

pdf-usa   

For the most up-to-date legal T&Cs, kindly download the PDF using the link above.
Please Note;
Certain policies have a Europe-specific version; if no European download symbol is displayed, the US terms apply to both North America and Europe.


Effective starting: May 23, 2020



WHAT THIS POLICY COVERS

Your privacy is important to us, and so is being transparent about how we collect, use, and share information about you. This policy is intended to help you understand:

  1. What information we collect about you
  2. How we use information we collect
  3. How we share information we collect
  4. How we store and secure information we collect
  5. How to access and control your information
  6. How we transfer information we collect internationally
  7. Why and how are cookies used
  8. Other important privacy information


This Privacy Policy covers the information we collect about you when you use our products or services, or otherwise interact with us (for example, by attending our premises or events or by communicating with us), unless a different policy is displayed.

Aproove, we and us refers to Aproove SA, Aproove Technologies Inc. and any of our corporate affiliates. We refer to all our products, services and websites as "Services" in this policy.

This policy also explains your choices surrounding how we use information about you, which include how you can object to certain uses of information about you and how you can access and update certain information about you. If you do not agree with this policy, do not access or use our Services or interact with any other aspect of our business.

Where we provide the Services under contract with an organization (for example, your employer) that organization controls the information processed by the Services. For more information, please see Notice to End Users below. This policy does not apply to the extent we process personal information in the role of a processor on behalf of such organizations.


1. WHAT INFORMATION WE COLLECT ABOUT YOU

We collect information about you when you provide it to us, when you use our Services, and when other sources provide it to us, as further described below.

Information you provide to us
We collect, process and store information about you when you input it into the Services or otherwise provide it directly to us, such as :

  • Contact information: your name and your email address or the email address of the recipient(s).
  • Information about yourself: location, phone number, city etc.
  • Preferences: for example language settings or interests.
  • Content and metadata: you may choose to upload or create Content which contains all sorts of personal information about you and others. Such Content also contains a filename, size and filetype.

Personal messages: the ones you send to people along with sharing your files.


Account and Profile Information: We collect information about you when you register for an account, create or modify your profile, set preferences, sign-up for or make purchases through the Services. For example, you provide your contact information and, in some cases, billing information, when you register for the Services. You also have the option of adding a display name, profile photo, job title, and other details to your profile information to be displayed in our Services. We keep track of your preferences when you select settings within the Services.

Content you provide through our Services: When you use our Services we collect and store content that you post, send, receive and share. This content includes any information about you that you may choose to include. Content also includes the files and links you upload to the Services. If you use a server or data center version of the Services, we do not host, store, transmit, receive or collect information about you (including your Content), except in limited cases, where permitted by your administrator: we collect feedback you provide directly to us through the Services and; we collect content using analytics techniques that hash, filter or otherwise scrub the information to exclude information that might identify you or your organization; and we collect clickstream data about how you interact with and use features in the Services. Server and data center administrators can disable our collection of this information from the Services via the administrator settings or prevent this information from being shared with us by blocking transmission at the local network level.

Content you provide through our websites: The Services also include our websites owned or operated by us. We collect other content that you submit to these websites, which include social media or social networking websites operated by us. For example, you provide content to us when you provide feedback or when you participate in any interactive features, surveys, contests, promotions, sweepstakes, activities or events.

Information you provide through our support channels: The Services also include our customer support, where you may choose to submit information regarding a problem you are experiencing with a Service. Whether you designate yourself as a technical contact, open a support ticket, speak to one of our representatives directly or otherwise engage with our support team, you will be asked to provide contact information, a summary of the problem you are experiencing, and any other documentation, screenshots or information that would be helpful in resolving the issue.

Payment Information: We collect payment and billing information when you register for certain paid Services. For example, we ask you to designate a billing representative, including name and contact information, upon registration. You might also provide payment information, such as payment card details, which we collect via secure payment processing services (Stripe).

Information we collect automatically when you use the Services: We collect information about you when you use our Services, including browsing our websites and taking certain actions within the Services, such as

Your use of the Services: We keep track of certain information about you when you visit and interact with any of our Services. This information includes the features you use; the links you click on; the type, size and filenames of attachments you upload to the Services; frequently used search terms; how you interact with others on the Services. We also collect information about the teams and people you work with and how you work with them, like who you collaborate with and communicate with most frequently. If you use a server or data center version of the Services, the information we collect about your use of the Services is limited to clickstream data about how you interact with and use features in the Services, in addition to content-related information described in "Content you provide through our products," above. Server and data center administrators can disable our collection of this information from the Services via the administrator settings or prevent this information from being shared with us by blocking transmission at the local network level.

Device and Connection Information: We collect information about your computer, phone, tablet, or other devices you use to access the Services. This device information includes your connection type and settings when you install, access, update, or use our Services. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. We use your IP address and/or country preference in order to approximate your location to provide you with a better Service experience. How much of this information we collect depends on the type and settings of the device you use to access the Services. Server and data center Service administrators can disable collection of this information via the administrator settings or prevent this information from being shared with us by blocking transmission at the local network level.

Cookies and Other Tracking Technologies: Aproove and our third-party partners, such as our advertising and analytics partners, use cookies and other tracking technologies (e.g., web beacons, device identifiers and pixels) to provide functionality and to recognize you across different Services and devices.

Information we receive from other sources: We receive information about you from other Service users, from third-party services, from our related companies, social media platforms, public databases, and from our business and channel partners. We may combine this information with information we collect through other means described above. This helps us to update and improve our records, identify new customers, create more personalized advertising and suggest services that may be of interest to you.

Other users of the Services: Other users of our Services may provide information about you when they submit content through the Services. We also receive your email address from other Service users when they provide it in order to invite you to the Services. Similarly, an administrator may provide your contact information when they designate you as the billing or technical contact on your company's account or when they designate you as an administrator.

Other services you link to your account: We receive information about you when you or your administrator integrate third-party apps or link a third-party service with our Services. For example, if you create an account or log into the Services using your Google credentials, we receive your name and email address as permitted by your Google profile settings in order to authenticate you. You or your administrator may also integrate our Services with other services you use, such as to allow you to access, store, share and edit certain content from a third-party through our Services. For example, you may authorize our Services to access, display and store files from a third-party document-sharing service within the Services interface. Or you may authorize our Services to connect with a third-party calendaring service or to sync a contact list or address book so that your meetings and connections are available to you through the Services, so you can invite others to collaborate with you on our Services or so your organization can limit access to certain users. Your administrator may also authorize our Services to connect with a third party reporting service so your organization can review how the Services are being used. The information we receive when you link or integrate our Services with a third-party service depends on the settings, permissions and privacy policy controlled by that third-party service. You should always check the privacy settings and notices in these third-party services to understand what data may be disclosed to us or shared with our Services.

Aproove companies: We receive information about you from Approve affiliated companies.

Aproove Partners: We work with a global network of partners who provide consulting, implementation, training and other services around our products. Some of these partners also help us to market and promote our Services, generate leads for us, and resell our Services. We receive information from these partners, such as billing information, billing and technical contact information, company name, what Services you have purchased or may be interested in, evaluation information you have provided, what events you have attended, and what country you are in.

Other Partners: We receive information about you and your activities on and off the Services from third-party partners, such as advertising and market research partners who provide us with information about your interest in and engagement with, our Services and online advertisements.

Third Party Providers: We may receive information about you from third party providers of business information and publicly available sources (like social media platforms), including physical mail addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), IP addresses and social media profiles, for the purposes of targeted advertising of products that may interest you, delivering personalized communications, event promotion, and profiling.


2. HOW WE USE INFORMATION WE COLLECT

How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us. Below are the specific purposes for which we use the information we collect about you.

1) To provide the Services and personalize your experience: We use information about you to provide the Services to you, including to process transactions with you, authenticate you when you log in, provide customer support, and operate, maintain, and improve the Services. Our Services also include tailored features that personalize your experience, enhance your productivity, and improve your ability to collaborate effectively with others by automatically analyzing the activities of your team to provide search results, activity feeds, notifications, connections and recommendations that are most relevant for you and your team. To opt out of this personalization, please contact privacy@aproove.com.

2) Customer support: We use your information to resolve technical issues you encounter, to respond to your requests for assistance, to analyze crash information, and to repair and improve the Services. Where you give us express permission to do so, we share information with a third party expert for the purpose of responding to support-related requests.

3) Account & billing: creating and upholding your personal account for example to facilitate your address book and to enable you to access your Content across different devices, facilitating payment of your subscription fee and perform accounting, auditing & billing activities.

4) For safety and security: We use information about you and your Service use to verify accounts and activity, to detect, prevent, and respond to potential or actual security incidents and to monitor and protect against other malicious, deceptive, fraudulent or illegal activity, including violations of Terms of Service.

5) For research and development: We are always looking for ways to make our Services smarter, faster, secure, integrated, and useful. We use information and collective learnings (including feedback) about how people use our Services to troubleshoot, to identify trends, usage, activity patterns, and areas for integration and to improve our Services and to develop new products, features and technologies that benefit our users and the public.

6) To market, promote and drive engagement with the Services: We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you, including by email and by displaying Aproove ads on other companies' websites and applications. These communications may be informed by audits of interactions (like counting ad impressions), and are aimed at driving engagement and maximizing what you get out of the Services, including information about new features, survey requests, newsletters, and events we think may be of interest to you. We also communicate with you about new Services, product offers, promotions, and contests. You can control whether you receive these communications as described below under "Opt-out of communications."

7) To protect our legitimate business interests and legal rights: Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.


8) To communicate with you about the Services: We use your contact information to send transactional communications via email and within the Services, including confirming your purchases, reminding you of subscription expirations, responding to your comments, questions and requests, providing customer support, and sending you technical notices, updates, security alerts, and administrative messages. We send you email notifications when you or others interact with you on the Services. We also provide tailored communications based on your activity and interactions with us. We also send you communications as you onboard to a particular Service to help you become more proficient in using that Service. These communications are part of the Services and in most cases you cannot opt out of them. If an opt out is available, you will find that option within the communication itself or in your account settings.

9) With your consent: We use information about you where you have given us consent to do so for a specific purpose not listed above. For example, we may publish testimonials or featured customer stories to promote the Services, with your permission.



Legal bases for processing (for EEA users):
If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal ground for doing so under applicable EU laws. Each processing activity has a valid legal ground, which is described below.

  • Contractual obligations with you: regarding the activities and purposes mentioned under 1, 2, 3, 8 and 9. We need to process personal information to offer our Services through our websites and mobile apps, to provide (technical) support and to bill your subscription fee.

  • Legal obligations: regarding the activities and purposes under 3, 4 and 7. We are legally obliged to process your personal information for accounting purposes, to respond to legal requests and NTD or DMCA requests.

  • Consent: (partially) regarding activities and purposes mentioned under 2 (e.g. accessing your Content for support), 6 (except when we communicate direct marketing in relation to our own and similar Services to you as a paid user) and 8.

  • Legitimate interests: (partially) regarding activities and purposes under 1, 3 and 7 (e.g. to provide cross device access). For the purposes mentioned under 4 in order to provide safe Services, to prevent fraud and react against illegal use of our Services. For our innovative interests as mentioned under 5. And finally for our (direct) marketing, brand interests under 6 and legal & compliance interests as stated under 7. When we use your personal information based on our or a third party’s legitimate interest, we will make sure to balance your rights and freedoms against said legitimate interest. If, to the extent applicable, you wish to object to the activities based on our legitimate interest and there’s no opt-out available in your account settings or received communication, please contact privacy@aproove.com.



If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.


3. HOW WE SHARE INFORMATION WE COLLECT
We make collaboration tools, and we want them to work well for you. This means sharing information through the Services and with certain third parties. We share information we collect about you in the ways discussed below, including in connection with possible business transfers. We are not in the business of selling information about you to advertisers or other third parties.

1) Service Providers: We work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for us, which may require them to access or use information about you. If a service provider needs to access information about you to perform services on our behalf, they do so under close instruction from us, including appropriate security and confidentiality procedures designed to protect your information.

2) Sharing with third parties: We share information with third parties that help us operate, provide, improve, integrate, customize, support and market our Services.

3) Sharing with other Service users: When you use the Services, we share certain information about you with other Service users.

4) For collaboration: You can create content, which may contain information about you, and grant permission to others to see, share, edit, copy and download that content based on settings you or your administrator (if applicable) select. Some of the collaboration features of the Services display some or all of your profile information to other Service users when you share or interact with specific content.

5) Managed accounts and administrators: If you register or access the Services using an email address with a domain that is owned by your employer or organization or associate that email address with your existing account, and such organization wishes to establish an account or site, certain information about you including your name, profile picture, contact info, content and past use of your account may become accessible to that organization’s administrator and other Service users sharing the same domain. If you are an administrator for a particular site or group of users within the Services, we may share your contact information with current or past Service users, for the purpose of facilitating Service-related requests.

6) Aproove Partners: We work with third parties who provide consulting, sales, support, and technical services to deliver and implement customer solutions around the Services. We may share your information with these third parties in connection with their services, such as to assist with billing and collections, to provide localized support, and to provide customizations. We may also share information with these third parties where you have agreed to that sharing.

7) Third Party Apps: You, your administrator or other Service users may choose to add new functionality or change the behavior of the Services by installing third party apps within the Services. Doing so may give third-party apps access to your account and information about you like your name and email address, and any content you choose to use in connection with those apps. If you are an administrator, or a technical or billing contact listed on an account, we share your details with the third-party app provider upon installation. Third-party app policies and procedures are not controlled by us, and this privacy policy does not cover how third-party apps use your information. We encourage you to review the privacy policies of third parties before connecting to or using their applications or services to learn more about their privacy and information handling practices. If you object to information about you being shared with these third parties, please uninstall the app.

8) Links to Third Party Sites: The Services may include links that direct you to other websites or services whose privacy practices may differ from ours. If you submit information to any of those third party sites, your information is governed by their privacy policies, not this one. We encourage you to carefully read the privacy policy of any website you visit.

9) Social Media Widgets: The Services may include links that direct you to other websites or services whose privacy practices may differ from ours. Your use of and any information you submit to any of those third-party sites is governed by their privacy policies, not this one.

10) Third-Party Widgets: Some of our Services contain widgets and social media features. These widgets and features collect your IP address, which page you are visiting on the Services, and may set a cookie to enable the feature to function properly. Widgets and social media features are either hosted by a third party or hosted directly on our Services. Your interactions with these features are governed by the privacy policy of the company providing it.

11) With your consent: We share information about you with third parties when you give us consent to do so. For example, we often display personal testimonials of satisfied customers on our public websites. With your consent, we may post your name alongside the testimonial.

12) Compliance with Enforcement Requests and Applicable Laws; Enforcement of Our Rights: In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to (a) comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements, (b) enforce our agreements, policies and terms of service, (c) protect the security or integrity of our products and services, (d) protect Aproove, our customers or the public from harm or illegal activities, or (e) respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.

13) Sharing with affiliated companies: We share information we collect with affiliated companies and, in some cases, with prospective affiliates. Affiliated companies are companies owned or operated by us. The protections of this privacy policy apply to the information we share in these circumstances.

14) Business Transfers: We may share or transfer information we collect under this privacy policy in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. You will be notified via email and/or a prominent notice on the Services if a transaction takes place, as well as any choices you may have regarding your information.


4. HOW WE STORE AND SECURE INFORMATION WE COLLECT

Information storage and security
We use industry standard technical and organizational measures to secure the information we store.

We make sure that personal information is only accessible by those who need access to do their job and that they are properly authorised. That means we keep logs of who has access to personal information, we limit the amount of people that have access and we make sure that personal information can only be read, copied, modified or removed by properly authorised staff. We monitor internal activity to ensure the safety and accuracy of personal information.

Aproove staff is required to conduct themselves in a manner consistent with the company’s guidelines regarding confidentiality, ethics, and appropriate usage of personal information. Staff is required to sign a confidentiality agreement.

During an upload, while it is stored on our servers and during a download, Content is encrypted and only sent over a secure connection (https). The servers we use to store your Content for you are GDPR compliant and secure.

While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others.

If you use our server or data center Services, responsibility for securing storage and access to the information you put into the Services rests with you and not Aproove. We strongly recommend that server or data center users configure SSL to prevent interception of information transmitted over networks and to restrict access to the databases and other storage points used.

How long we keep information
How long we keep information we collect about you depends on the type of information, as described in further detail below. Aproove retains your personal information as long as its necessary to provide our Services to you (e.g. upholding your user account), to conduct our business activities and fulfill our legitimate interests, such as providing safe and secure services, to fix bugs and to reach out to you, to comply with applicable laws (e.g. retaining financial information for 7 years for tax purposes) and legal requests and to resolve (legal) disputes. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

  • Account information: We retain your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our Services. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics about you.

  • Your Content: The Content you create, use, store or share on our Services is, in principle, retained until you stop interacting with our Service(s), when you delete your Content from the Service(s), when you delete the Service(s) from your device(s) or when you delete your account. Always check out the website(s) or app(s) of the Service(s) you use for specific information. When using WeAproove your Content will be deleted 7 days after initial download, unless you have a WeAproove+ account in which case your Content is stored for the duration of your account and 30 days after the expiration of the account . After this period, a file is automatically deleted from our servers. The personal information that accompanies your Content upload is kept for a maximum of 12 months. Such personal information is only accessible to very few people within Aproove, those that need it to perform their job, for example to provide you with support. When data is older than 12 months, we scrub it from the database, pseudonymise or anonymise it for analysis. Pseudonomising your personal information means that we do not use your email address or IP address for analytical purposes, but create a random pseudonym for both and use that pseudonym instead. That way we don’t have to handle directly identifiable personal information, which is privacy-friendly.

  • Managed accounts: If the Services are made available to you through an organization (e.g., your employer), we retain your information as long as required by the administrator of your account. For more information, see "Managed accounts and administrators" above.

  • Marketing information: If you have elected to receive marketing emails from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our Services, such as when you last opened an email from us or ceased using your Aproove account. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.


5. HOW TO ACCESS AND CONTROL YOUR INFORMATION
You have certain choices available to you when it comes to your information. Below is a summary of those choices, how to exercise them and any limitations.

Your Choices:
You have the right to request a copy of your information, to object to our use of your information (including for marketing purposes), to request the deletion or restriction of your information, or to request your information in a structured, electronic format. Below, we describe the tools and processes for making these requests. You can exercise some of the choices by logging into the Services and using settings available within the Services or your account. Where the Services are administered for you by an administrator (see "Notice to End Users" below), you may need to contact your administrator to assist with your requests first. For all other requests, you may contact us as provided in the Contact Us section below to request assistance.

Your request and choices may be limited in certain cases: for example, if fulfilling your request would reveal information about another person, or if you ask to delete information which we or your administrator are permitted by law or have compelling legitimate interests to keep. Where you have asked us to share data with third parties, for example, by installing third-party apps, you will need to contact those third-party service providers directly to have your information deleted or otherwise restricted. If you have unresolved concerns, you may have the right to complain to a data protection authority in the country where you live, where you work or where you feel your rights were infringed.

Access and update your information: Our Services and related documentation give you the ability to access and update certain information about you from within the Service. For example, you can access your profile information from your account and search for content containing information about you using key word searches in the Service. You can update your profile information within your profile settings and modify content that contains information about you using the editing tools associated with that content.

Deactivate your account: If you no longer wish to use our Services, you or your administrator may be able to deactivate your Services account. If you can deactivate your own account, that setting is available to you in your account settings. Otherwise, please contact your administrator. If you are an administrator and are unable to deactivate an account through your administrator settings, please contact the appropriate support team.

Delete your information: Our Services and related documentation give you the ability to delete certain information about you from within the Service. For example, you can remove content that contains information about you using the key word search and editing tools associated with that content, and you can remove certain profile information within your profile settings. Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.

Request that we stop using your information: In some cases, you may ask us to stop accessing, storing, using and otherwise processing your information where you believe we don't have the appropriate rights to do so. For example, if you believe a Services account was created for you without your permission or you are no longer an active user, you can request that we delete your account as provided in this policy. Where you gave us consent to use your information for a limited purpose, you can contact us to withdraw that consent, but this will not affect any processing that has already taken place at the time. You can also opt-out of our use of your information for marketing purposes by contacting us, as provided below. When you make such requests, we may need time to investigate and facilitate your request. If there is delay or dispute as to whether we have the right to continue using your information, we will restrict any further use of your information until the request is honored or the dispute is resolved, provided your administrator does not object (where applicable). If you object to information about you being shared with a third-party app, please disable the app or contact your administrator to do so.

Opt out of communications: You may opt out of receiving promotional communications from us by using the unsubscribe link within each email, updating your email preferences within your Service account settings menu, or by contacting us as provided below to have your contact information removed from our promotional email list or registration database. Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding our Services. You can opt out of some notification messages in your account settings. Please note, you will continue to receive generic ads.

Turn off Cookie Controls: Relevant browser-based cookie controls are described in our section below.

Send "Do Not Track" Signals: Some browsers have incorporated "Do Not Track" (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not yet a common understanding of how to interpret the DNT signal, our Services do not currently respond to browser DNT signals. You can use the range of other tools we provide to control data collection and use, including the ability to opt out of receiving marketing from us as described above.

Data portability: Data portability is the ability to obtain some of your information in a format you can move from one service provider to another (for instance, when you transfer your mobile phone number to another carrier). Depending on the context, this applies to some of your information, but not to all of your information. Should you request it, we will provide you with an electronic file of your basic account information and the information you create on the spaces under your sole control.

If you think we have infringed your privacy rights, you can lodge a complaint with the relevant supervisory authority. You can lodge your complaint in particular in the country where you live, your place of work or place where you believe we infringed your right(s). For EU click here (https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm )


6. HOW WE TRANSFER INFORMATION WE COLLECT INTERNATIONALLY

We are a global business, which means we might share or store personal information in countries outside of the European Economic Area (“EEA”). Those countries have different data protection laws in place. However, when we transfer and host data globally, we will make sure that appropriate safeguards are in place in order to ensure your personal information enjoys a similar level of protection as it would within the EEA. For example, we will verify that the receiving partner is certified under EU-US Privacy Shield or we will sign EU Standard Contractual Clauses.

EU-US Privacy Shield
Our subsidiary in the United States, Aproove Inc., complies with the EU-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the use and retention of personal information transferred from the European Economic Area and the United Kingdom to the United States.
Aproove Inc. adheres to the EU-US Privacy Shield principles and is subject to oversight by the U.S. Federal Trade Commission. If you have any complaints regarding the transfer of your personal information to the US, please first file them directly at us via privacy@Aproove.com. The panel of EU Data Protection Authorities (DPA Panel) acts as the independent recourse mechanism for complaints regarding EU-US Privacy Shield complaints. The examination of such complaints is free of charge to you. You can find the contact information of your local DPA here. In case your concern still isn’t addressed by the DPA Panel, you may be entitled to invoke binding arbitration under the EU-US Privacy Shield Principles.

As explained under section ‘What parties do we share personal information with’, we sometimes provide personal information with third parties to perform services on our behalf. If we transfer personal information received under the Privacy Shield to a third party, the third party’s use of the personal data must also comply with our Privacy Shield obligations. In such a case we will remain liable under Privacy Shield for any failure to comply by the third party, unless we prove we’re not responsible for the event giving rise to the damage.
To learn more about EU-US Privacy Click Here: 


7. WHY AND HOW ARE COOKIES USED?

We place cookies with the intention of making Aproove even better. Feel free to block cookies, but this may affect how well our Services work.

We place several cookies (or similar technologies, like pixels or web beacons) on your device for the purpose of facilitating your use of the Service, controlling your use of the Seervices and to find out how the Service may be improved. We or our advertising partners also place cookies on our website(s). Being a global service, these partners can vary per country. When our advertising partners place cookies, these cookies can process personal information to measure the effectiveness of the campaign.

Cookies are small text files that are stored on your computer by your browser when you visit a website. Examples of cookie purposes are: your language preferences, logging into an account, remembering login details, controlling when you last accessed our Services and acceptance of the Terms of Service and Privacy Policy. Our website can place these cookies for the following purposes:

1. Functional cookies are used to provide functionalities when using our Service, such as the possibility to set preferences or to remember your previous settings.

2. Analytical cookies are used to optimise our Service. We also use analytical cookies to stop bots and malicious behaviour like spam. When we use analytical cookies, this could include third party cookies, as found in the cookie list. These third party analytical cookies process personal information, which is detailed in the cookie list too.

3. Advertisement cookies are used for commercial, editorial and promotional purposes. With these cookies your internet- and surf behaviour can be followed over various domains and websites. Aproove only checks the (one) website you visited prior to your visit to one of our websites. We do not track the website you visit after you leave our website. Advertisement cookies are often also placed by third parties to measure the effectiveness of their advertising campaigns and to follow your internet- and surf behaviour over other domains and websites where they have placed a cookie. Aproove does not have access to or control over personal information collected via these cookies or other features that advertisers and third parties may use. Our Privacy Policy is therefore not applicable to these third party cookies and we refer you to third parties’ Privacy Statements to read how they handle personal information.

4. Pixel tags or web beacons are a piece of code embedded on the website that collects personal information about users' engagement on that web page. The use of a pixel allows us to record, for example, that a user has visited a particular web page or clicked on a particular advertisement. The pixel also allows us to see from which previous website or channel a user arrived at our website.

We have an extensive cookie list available by clicking on the "Cookies" tab on this webpage. Due to the changing nature of our Service, this may result in the cookie list not being fully up to date at times. If you would want to remove certain cookies, or block them from being stored in your browser, it is possible to arrange this through your browser settings for cookies. You can find these settings under the Privacy tab in the Preferences section of most browsers. Here you can specify your cookie preferences or remove cookies. Please note that if you remove or refuse Aproove cookies, the Service might not function in optimal form.


8. OTHER IMPORTANT PRIVACY INFORMATION

Notice to End Users
Many of our Services are intended for use by organizations. Where the Services are made available to you through an organization (e.g. your employer), that organization is the administrator of the Services and is responsible for the accounts and/or Service sites over which it has control. If this is the case, please direct your data privacy questions to your administrator, as your use of the Services is subject to that organization's policies. We are not responsible for the privacy or security practices of an administrator's organization, which may be different than this policy.
Administrators are able to:

  • require you to reset your account password;
  • restrict, suspend or terminate your access to the Services;
  • access information in and about your account;
  • access or retain information stored as part of your account;
  • install or uninstall third-party apps or other integrations

    In some cases, administrators can also:
  • restrict, suspend or terminate your account access;
  • change the email address associated with your account;
  • change your information, including profile information;
  • restrict your ability to edit, restrict, modify or delete information

California Requirements

Exercising your rights: If you are a California resident, there are some additional rights that may be available to you under the California Consumer Protection Act (“CCPA”). This policy explains the tools that we have made available to you to exercise your data rights under the CCPA, such as the right to deletion and the right to request access to the categories of information we have collected about you. For more information on how to exercise your rights please visit the “How to access and control your information” section of this policy. We encourage you to manage your information, and to make use of the privacy controls we have included in our Services. You will not be discriminated against for exercising any of your privacy rights under the CCPA. In order to protect your information from unauthorized access or deletion, we may require you to provide additional information for verification. If we cannot verify your identity, we will not provide or delete your information.
Sharing your personal information: We do not sell your personal information. We do share your information with others as described in the “How we share information we collect” section of this policy. We also show ads that we think are relevant. We've provided more information about how you can manage your advertising, and do-not-track preferences, within this policy.
Processing your information: This policy describes the categories of personal information we may collect, the sources of that information, and our deletion and retention policies. We’ve also included information about how we may process your information, which includes for "business purposes" under the CCPA - such as to protect against illegal activities, and for the development of new products, features, and technologies. If you have questions about the categories of information we may collect about you, please be sure to visit the section of this policy called, “What information we collect about you.” For more details about our processing activities, please be sure to visit the section called, “How we use information we collect.”
If you have any questions or would like to exercise your rights under the CCPA, you can reach out to us at privacy@aproove.com.

Our policy towards children
The Services are not directed to individuals under 16. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact the appropriate support team.

Changes to our Privacy Policy
We may change this privacy policy from time to time. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice by adding a notice on the Services homepages, login screens, or by sending you an email notification. We will also keep prior versions of this Privacy Policy in an archive for your review. We encourage you to review our privacy policy whenever you use the Services to stay informed about our information practices and the ways you can help protect your privacy.
If you disagree with any changes to this privacy policy, you will need to stop using the Services and deactivate your account(s), as outlined above.

CONTACT US
Your information is controlled by Aproove SA, a company incorporated under the laws of Belgium with registered office at 1, Boulevard Initalis, 7000 Mons, Belgium and registered with Crossroads bank for Enterprise under number 0867.065.974.

If you have questions or concerns about how your information is handled, please direct your inquiry to Aproove SA.

Gary Fisher – Privacy Officer
E-Mail: privacy@aproove.com

John Cortez – Security Officer
E-Mail: security@aproove.com

Aproove Cookie List

pdf-usa   

For the most up-to-date legal T&Cs, kindly download the PDF using the link above.
Please Note;
Certain policies have a Europe-specific version; if no European download symbol is displayed, the US terms apply to both North America and Europe.


AprooveWM Dedicated Servers

Functional cookies

Cookie: ApColorInterface
• Description: functional cookie
• Website on which the cookie is dropped: depends on client (https://yourAprooveServer.com)
• Purpose: Color preference
• Retention period: 1 year

Cookie: ApDescriptionResetPassword
• Description: functional cookie
• Website on which the cookie is dropped: depends on client (https://yourAprooveServer.com)
• Purpose: local cache for default localized label on reset password
• Retention period: 1 year

Cookie: ApLocLblBtnLogin
• Description: functional cookie
• Website on which the cookie is dropped: depends on client (https://yourAprooveServer.com)
• Purpose: local cache for default localized label on login button
• Retention period: 1 year

Cookie: ApLocLblBtnLogin
• Description: functional cookie
• Website on which the cookie is dropped: depends on client (https://yourAprooveServer.com)
• Purpose: local cache for default localized label on login button
• Retention period: 1 year


Cookie: ApLocLblLogin
• Description: functional cookie
• Website on which the cookie is dropped: depends on client (https://yourAprooveServer.com)
• Purpose: local cache for default localized label on login label
• Retention period: 1 year

Cookie: ApLocLblPass
• Description: functional cookie
• Website on which the cookie is dropped: depends on client (https://yourAprooveServer.com)
• Purpose: local cache for default localized label on password label
• Retention period: 1 year

Cookie: ApLocWelcomeMsg
• Description: functional cookie
• Website on which the cookie is dropped: depends on client (https://yourAprooveServer.com)
• Purpose: local cache for default localized label on welcome message
• Retention period: 1 year

Cookie: ApPasswordConfResetPassword
• Description: functional cookie
• Website on which the cookie is dropped: depends on client (https://yourAprooveServer.com)
• Purpose: local cache for default localized label on password reset
• Retention period: 1 year

Cookie: ApPasswordErrorResetPassword
• Description: functional cookie
• Website on which the cookie is dropped: depends on client (https://yourAprooveServer.com)
• Purpose: local cache for default localized label on password reset error message
• Retention period: 1 year

Cookie: ApPasswordResetPassword
• Description: functional cookie
• Website on which the cookie is dropped: depends on client (https://yourAprooveServer.com)
• Purpose: local cache for default localized label on password word
• Retention period: 1 year

Cookie: ApSaveResetPassword
• Description: functional cookie
• Website on which the cookie is dropped: depends on client (https://yourAprooveServer.com)
• Purpose: local cache for default localized label on save password button
• Retention period: 1 year

Cookie: ApSubDescriptionResetPassword
• Description: functional cookie
• Website on which the cookie is dropped: depends on client (https://yourAprooveServer.com)
• Purpose: local cache for default localized label on change password message description
• Retention period: 1 year

Cookie: ApSaveResetPassword
• Description: functional cookie
• Website on which the cookie is dropped: depends on client (https://yourAprooveServer.com)
• Purpose: local cache for default localized label on save password button
• Retention period: 1 year

Cookie: ApTextColorInterface
• Description: functional cookie
• Website on which the cookie is dropped: depends on client (https://yourAprooveServer.com)
• Purpose: foreground text color
• Retention period: 1 year

Cookie: ApTitleResetPassword
• Description: functional cookie
• Website on which the cookie is dropped: depends on client (https://yourAprooveServer.com)
• Purpose: local cache for default localized label on reset password button
• Retention period: 1 year

Cookie: PHPSESSID
• Description: functional cookie
• Website on which the cookie is dropped: depends on client (https://yourAprooveServer.com)
• Purpose: local cache for php session ID
• Retention period: when session ends

 

Aproove Classic multi-tenant systems

Functional cookies, 1 year retention for all

tipsCreateProjectTour

Flags to know if the tips has already been viewed

tipsAfterCreateFirstProject 

tipsProjectDetailsHelpTour 

tipsAddUserToTeam 

tipsFirstProjectWindow 

tipsFirstProjectCreateProjectChanged 

tipsFirstClickAddUserToTeam 

 

ut

Auto login engine (tokens)

us

btai 

 


ApMyProjectGridSortingColumn 

Column selected for sorting the grid of projects

ApMyProjectGridSortingDirection 

Direction (ASC – DESC)

ApCboFilterTasTodoList 

Filter used in the Task todo List

ApTabPanelSelectedInformationProjectDetails 

Preference of the tab selection in the project informations

ApPreferenceDisplayChartStatInvitationProofProjectDetails 

Preference of the chart display in the proof view of a project details

ApLeftMenuWidth 

Preference of the left menu width

ApGifCropInvitationDontDisplayAgain 

Show or hide the animation of the cropped invitation

ApPreferenceDisplayTaskReceivedTodoList 

Preference display (show or hide the task received chart)

ApTodoListGridSortingColumn 

Preference of the todo list grid sorting

ApTodoListGridSortingDirection 

Preference of the todo list grid sorting direction (DESC – ASC)

ApDontDisplayWelcomeMsgPreference 

Show or hide the welcome popup in Trial mode

 


ApTextColorInterface

Preference color of the interface (text and background

ApColorInterface

ApDescriptionResetPassword

Translations stored of some labels












ApLeftMenuWidth

ApLocLblBtnLogin

ApLocLblLogin

ApLocLblPass

ApLocWelcomeMsg

ApPasswordConfResetPassword

ApPasswordErrorResetPassword

ApPasswordResetPassword

ApProjectDetailsHomePreference

ApSaveResetPassword

ApSubDescriptionResetPassword

ApTitleResetPassword

 

Third party tracking cookies

Cookie: Google Analytics UTM code
Privacy policy here