Terms & policies

Privacy Policy

Last Updated: 15th July 2019

KOTAK NETWORK PTE LTD PRIVACY POLICY – JUMPER.AI

Kotak Network Pte Ltd (KNPL, we, us, our) complies with the Singapore Personal Data Protection Act 2012 (Act) and the General Data Protection Regulation of the European Union (GDPR).  We care about how your personal data is used and shared, and we take your privacy seriously. 

This privacy policy applies to personal data we collect from visitors to our website, our customers, our partners and other persons with whom we deal directly.  In addition, users of our SaaS service may collect personal data from individuals (e.g. their customers) and upload, store or process that information to or in that service (User Data).

We require our customers to obtain the necessary consents from individuals to provide User Data to us and permit us to use it as set out in this privacy policy.  If you have any concern about our collection and use of personal data about you contained in User Data, please contact us at hey@jumper.ai.

For the purposes of the GDPR, our customers are the data controller when storing or otherwise processing User Data that we hold solely for the purpose of providing our SaaS service and we are the data processor.  We are the data controller when storing or otherwise processing User Data that we use for our own purposes.

We only process User Data as authorised by our customers in our Jumper.ai Terms and Conditions (available at https://jumper.ai/terms) and/or other agreements with our customers that govern the processing of User Data (as applicable).  Unless required otherwise under applicable law, if we receive any request or enquiry relating to User Data that we hold solely for the purpose of providing our SaaS service, we will forward this request to our relevant customer.  If we receive any requests or enquiries relating to User Data that we use for our own purposes, we will deal with these requests or enquiries as set out in this privacy policy.

 

Personal data is information about an identifiable individual (a natural person), and includes personal data, personally identifiable information and equivalent information under applicable privacy and data protection laws. 

This policy does not limit or exclude any of your rights under the Act or the GDPR.  For further information on the Act, see https://www.pdpc.gov.sg/Legislation-and-Guidelines/Personal-Data-Protection-Act-Overview. or further information on the GDPR, see https://ec.europa.eu/info/law/law-topic/data-protection_en.

This policy was drafted with brevity and clarity in mind.  It does not provide exhaustive detail of all aspects of our collection and use of personal data.  We are happy to provide any additional information or explanation needed.  Any request for further information should be sent to hey@jumper.ai.

  1. What personal data is collected

1.1 When you use our Website, any services we provide or in your interaction with us, the personal data we may collect includes:

(a) Data collected directly from you. This may be done through this Website, over the phone, by email, or in person.   Some of the personal data that we collect directly from you may be mandatory and some may be optional.  We will let you know which of these applies at the time we collect the relevant personal data.  While you do not have to provide us with some of the information that we may request, this might mean that our products and services may not perform as well as they should, or that we may not be able to provide some parts of the website or all of our products or services to you.  If you require further information about the consequences of not providing us with any information, please contact us at hey@jumper.ai.

  • If you register for, or login to, an account on our website or related services, we collect your name, email address, user name, password, phone number, demographic information, date of birth, address, location and any other information we require or ask for to set you up with an account. We may collect some of this information using third party authentication services (as described further in the from third party sources section below).

 

  • When you fill in a contact or enquiry form on our website, use our live chat service, call us, meet us in person or otherwise contact us, we collect your name, email address, and phone number and any other information you choose to provide to us.

 

  • When you purchase products or services from us, we collect your name, email address, phone number, address, business information and any other information you submit to us for billing and for the purposes of providing you our service.

 

  • When you purchase products or services from our Merchants/Customers that they need to physically deliver to you, we collect your delivery instructions and any other information you submit to us for delivery purposes.

 

We use third-party service providers to process credit card, bank transfer and wallet transactions.  We do not have access to your credit card information.  The name of this third-party provider will generally be displayed when you are requested to enter your credit card or wallet information.  You can see further information about how they process your data in their privacy policy.

(b) Data collected by automated means. Various technologies may be used on our Website and our mobile and web-based applications in order to make them more user-friendly, effective and secure. Such technologies may lead to data being collected automatically by us or by third parties on behalf of us, such as information about your device and usage of our website, products and services, including your IP address, operating system, browser type, time spent on certain pages of the website, pages visited, links clicked and language preferences.  Some of this data is collected through third party tools and/or the use of cookies, web beacons and similar storage technologies.  Please refer to our cookie policy below for further information, including information on how you can disable these technologies.

(b) Data collected from third party sources. Where possible, we collect personal data from you directly.  However, sometimes we may collect:

  • personal data that is publicly available
  • personal data from third parties where you have authorised this. This may include accessing certain personal data from third party social media or other authentication services (e.g. Facebook, Instagram, Apple, Google or LinkedIn) if you login to your account with us using these services or otherwise provide us access to information from these sources.  The third-party provider that we use will be displayed and you can visit its privacy policy for further details on how it deals with personal data
  • personal data about you from our trusted advertising partners which may include demographic information, browsing history, location and online behavioural or profile information
  • personal data included in User Data.

We may combine the personal data about you that we receive from third parties with the personal data we collect from you directly or with device and usage data we collect automatically when you visit our website.

  1. How is the personal data used

2.1.  We may use your personal data to:

  • verify your identity
  • provide our website, products and services to you
  • market our products and services to you, including contacting you electronically (e.g. by text or email for this purpose)
  • improve our website, products and services
  • internal research, product and services development, including automating aspects of our products and services
  • publish things on our website
  • run promotions (e.g. referral and loyalty programs, surveys and contests)
  • bill you and collect money that you owe us, including authorizing and processing credit card transactions
  • respond to communications from you, including enquiries, disputes and complaints
  • conduct research and statistical analysis (on an anonymized basis)
  • tailor content or advertisements on our website to you
  • protect and/or enforce our legal rights and interests, including defending any claim
  • respond to lawful requests by public authorities, including to comply with law enforcement requirements, or
  • for any other purpose anonymized by you or applicable law.

2.3. Your personal data may also be anonymized for use by KNPL for other purposes.

2.4.  We may transfer your information in the case of a sale, merger, consolidation, liquidation, re-organization or acquisition.

2.5.  You can stop receiving our marketing emails by following the unsubscribe instructions included in those emails.

 

  1. Disclosure of information

3.1. We will not sell your personal data to third parties.

3.2. We will only disclose your personal data to third parties where you have provided us consent, and in the situations expressly set out in in this Policy. If you have consented to receiving marketing information from us, our strategic partners and business associates, we will be disclosing your personal data to them.

3.3. Your personal data may be disclosed and shared within KNPL to allow us to provide the products and services which you have requested.

3.4. We may disclose or share your personal data with third parties who provide necessary services to us, such as:

  1. service providers and data processors working on our behalf and providing services such as hosting and maintenance services, analysis services, e-mail messaging services, delivery services, handling of payment transactions, solvency check and address check, etc.; and
  2. our consultants and professional advisers including our accountants, lawyers and auditors.

3.5. We will also disclose your personal data to third parties in order to comply with legal obligations or industry requirements. This includes disclosures to legal, regulatory, governmental, tax and law enforcement authorities.

3.6. Our website may have the functionalities to allow you to share your personal data with other third parties such as other users of our website. You are responsible for your choice(s) and are deemed to have provided consent for any sharing of your personal data in the manner provided by the website.

  1. International Transfers of Personal Data

4.1 A business that supports our website, products and services may be located outside of Singapore (the country where we are incorporated) and also outside of the country where you are located.  This means that the personal data we collect may be transferred to, and stored in, a country outside of Singapore and the country where you are located.

If you are located in the European Economic Area (EEA), your personal data may be transferred outside of the EEA.   Under the GDPR, the transfer of personal data to a country outside the EEA may take place where the European Commission has decided that the country ensures an adequate level of protection.  In the absence of an adequacy decision, we may transfer personal data if other appropriate safeguards are in place.

Where we transfer personal data outside the EEA, it will only be transferred to countries that have been identified as providing adequate protection for EEA data, or to a third party where approved transfer mechanisms are in place to protect your personal data (e.g. to organisations in the United States under the EU-U.S. Privacy Shield framework or by entering into the European Commission’s Standard Contractual Clauses.  For further information, please contact at hey@jumper.ai.

4.2. You fully understand and consent that we may transfer your personal data to any location outside of Singapore for the purposes set out in this paragraph 3. When transferring your personal data outside of Singapore we will protect your personal data to a standard comparable to the protection accorded to your personal data under the Singapore Personal Data Protection Act 2012 by ensuring that the recipient is either in a jurisdiction which has comparable data protection laws, or is contractually bound to protect your personal data.

  1. Protecting your personal data

5.1 As required by applicable law, we will take steps to keep your personal data safe from loss, unauthorised activity, or other misuse.  We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks inherent in processing personal data.

5.2 You play an important role in keeping your personal data secure by maintaining the confidentiality of any password and accounts used in relation to our products and services.  You should not share your account access and/or disclose your password to third parties.  Please notify us immediately if there is any unauthorised use of your account or any other breach of security.

  1. Accessing or correcting your personal data

Subject to certain grounds for refusal under applicable law, you have the right to access your personal data that we hold and to request a correction to your personal data.  Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal data relates.

Where you request a correction, if we think the correction is reasonable and we are reasonably able to change your personal data, we will make the correction.  In all other cases, we will take reasonable steps to make a note of the personal data that was the subject of your correction request.

If you want to exercise either of the above rights, email us at hey@jumper.ai.  Your email should provide evidence of who you are and set out the details of your request (e.g. the personal data to be corrected and the correction that you are requesting).

Subject to applicable law, we may charge you our reasonable costs of providing to you copies of your personal data or correcting that information. 

  1. Other rights

7.1 In addition to the rights to access and correct your personal data, if you are based in the European Union, you have the additional rights set out in the GDPR Additional Terms section of this privacy policy below.

  1. Internet Use

8.1 While we take reasonable steps to maintain secure internet connections, if you provide us with personal data over the internet, the provision of that information is at your own risk.

8.2 Our websites may contain links to other websites which are not owned or maintained by us. When visiting these third-party websites or disclosing your personal data to third parties (including buyers or sellers on our website), you should read their privacy policies, or ask relevant questions before you disclose your personal data. We are not responsible for the collection, use or disclosure of your personal data by such third parties.

  1. Children

5.1. We do not intend to collect personal data from or about children aged under 16.  If you have reason to believe that we have collected personal data from or about a child under the age of 16, please contact us at hey@jumper.ai.

  1. Social Networks

6.1. Our website and mobile or web-based applications may provide you with social plug-ins from various social networks (such as Facebook and Twitter). If you choose to interact with a social network, your activity on our website or via our mobile or web-based applications will also be made available to social networks such as Facebook and Twitter.

6.2. If you are logged in on one of the social networks during the visit of one of our websites or mobile or web-based applications, the social network might add this information to your profile. If you are interacting with one of the social plug-ins, this information will be transferred to the social network. In case you do not wish such a data transfer, please log off on your social network before you enter one of our websites or mobile or web-based applications.

6.3. We cannot influence this data collection and data transfer via the social plug-ins. Please read the privacy policies of those social networks for detailed information about the collection and transfer of personal data, what rights you have and how you can achieve satisfactory privacy settings.

  1. Geo-location Services

7.1. Our website and mobile or web-based applications may offer location-enabled services, such as Google Maps or APIs by third-party providers and social services. If you use those mobile or web-based applications, they may receive information about your actual location (such as GPS signals sent by a mobile device) or information that can be used to approximate a location. You are always asked if the geo-location service can be activated and you can also object to this geo-location service within the respective mobile or web-based application.

  1. Security

8.1. We endeavor to take precautions to ensure that the information you have provided is protected against unauthorized or unintended use, access or disclosure. However, we cannot be held responsible for unauthorized or unintended use, access or disclosure that is beyond our control.

  1. Disclaimer

9.1. To the maximum extent permitted by law, we shall not be liable in any event for any special, exemplary, punitive, indirect, incidental or consequential damages of any kind or for any loss of reputation or goodwill, whether based in contract, tort (including negligence), equity, strict liability, statute or otherwise, suffered as a result of unauthorized or unintended use, access or disclosure of your personal data.

  1. Changes to this Policy

10.1 We may change this Policy from time to time. The amended Policy will be available on our Website. The change will apply from the date that we upload the revised policy. 

This policy was last updated on 15 July 2019.

  1. Your Rights

11.1 If you have any questions about the processing of your personal data or about our Policy, if you do not accept the amended Policy, if you wish to withdraw any consent you have given us at any time, or if you wish to update or have access to your personal data, you are welcome to contact our Data Protection Officer. The contact details are:

Attention to:

Kotak Network Pte Ltd - Data Protection Officer

Email:

hey@jumper.ai

Mail:

80 Changi Road, Centropod #05-13, Singapore 419715

11.2. Subject to certain grounds for refusal under applicable law, you have the right to access your personal data that we hold and to request a correction to your personal data.  Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal data relates. All requests for correction or for access to your personal data must be in writing. We will endeavor to respond to your request within 30 days, and if that is not possible, we will inform you of the time by which we will respond to you.

.3. Subject to applicable law, we may charge you a fee for responding to your request for access to the personal data which we hold about you, or for information about the ways in which we have (or may have) used your personal data. If a fee is to be charged, we will inform you of the amount beforehand and respond to your request after payment is received.

  1. Complaints

12.1. You may send complaints regarding our handling of personal data in the following ways:

in writing or by email. Such complaints must:
- be addressed to KNPL Data Protection Officer at:

Email: hey@jumper.ai
Address: 80 Changi Road, Centropod #05-13, Singapore 419715

- provide the name, contact number and address of the person submitting the feedback
- provide the relevant details required such as the relevant time period, our employees or who involved, or copies of relevant documents.

12.2. All complaints will be evaluated by us in a timely manner. After KNPL has completed its evaluation, the Data Protection Officer (or a duly appointed representative) will respond to the person who submitted the complaint or feedback, with the results of the evaluation.

  1. Governing Law

13.1. This Policy is governed by the laws of Singapore. You agree to submit to the exclusive jurisdiction of the Courts of Singapore in any dispute relating to this Policy.

 

 

GDPR ADDITIONAL TERMS

lAWFUL basis for PROCESSING PERSONAL data

Our lawful basis for processing (as that term is defined in the GDPR) personal data that we collect, use and disclose depends on the personal data collected and the context in which we collect it. 

Generally, we collect personal data from you where we have your consent, where processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract, or where processing is necessary for the purposes of our legitimate interests (except where such interests are overridden by your interests or fundamental rights and freedoms). 

Where we process personal data based on your consent, you may withdraw your consent at any time.  Despite this, we may process your personal data where such processing is necessary for compliance with applicable laws.

If you have any question about the legal basis on which we process personal data or need further information, please contact us at hey@jumper.ai.

 

Your rights under the gdpr

If you are located in the European Union, your rights in relation to your personal data include:

  • right of access - if you ask us, we will confirm whether we are processing your personal data and provide you with a copy of that personal data
  • right to rectification - if the personal data we hold about you is inaccurate or incomplete, you have the right to have it rectified or completed. We will take reasonable steps to ensure inaccurate personal data is rectified.  If we have shared your personal data with any third party, we will tell them about the rectification where possible
  • right to erasure – when your personal data is no longer needed for the purposes for which you provided it, we will delete it. You may request that we delete your personal data and we will do so if deletion does not contravene any applicable law.  If we have shared your personal data with any third party, we will take reasonable steps to inform those third parties that they must delete your personal data
  • right to withdraw consent - if the basis of our processing of your personal data is consent, you can withdraw that consent at any time
  • right to restrict processing - you may request that we restrict or block the processing of your personal data in certain circumstances. If we have shared your personal data with any third party, we will tell them about this request where possible
  • right to object to processing - you may request that we stop processing your personal data at any time and we will do so to the extent required by the GDPR
  • rights related to automated decision-making, including profiling - you have the right to not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except where such automated decision-making is necessary for entering into, or the performance of, a contract with you, is authorised by applicable laws or is based on your explicit consent. We do not undertake automated individual decision-making.
  • right to data portability - you may obtain your personal data from us that you have consented to give us or that is necessary to perform a contract with you. We will provide this personal data in a commonly used, machine-readable and interoperable format to enable data portability to another data controller.  Where technically feasible, and at your request, we will transmit your personal data directly to another data controller
  • the right to complain to a supervisory authority - you can report any concern you have about our privacy practices to your local data protection authority.

Where personal data is processed for the purposes of direct marketing, you have the right to object to such processing, including profiling related to direct marketing.

 

If you would like to exercise any of your above rights, please contact us at hey@jumper.ai.  If you are not satisfied by the way we deal with your query, you may refer your query to your local data protection authority.

 

 

Cookie policy

INTRODUCTIOn

We use cookies on our website and as part of our related services, and receive information collected through cookies.  This cookie policy explains how we use cookies and how you can opt out of cookies. 

By continuing to use our website and related services, you indicate your agreement for us to use the cookies described below.

We use the term cookies in this cookie policy to mean cookies or similar technologies such as web beacons, clear GIFs, and pixel tags.

 

WHAT ARE COOKIES

Cookies are text files containing small amounts of information which are downloaded to your browsing device, e.g. a computer or smartphone, when you visit a website.  Cookies can be recognised by the website that downloaded them, or by other websites that use the same cookies.  This helps a website know if the browsing device has visited that or other websites before. 

Cookies can be used to collect information relating to your use of a website or your device, let you navigate between pages effectively, help to remember your preferences and generally improve your browsing experience.  Cookies can also help ensure advertising you see online is more relevant to you and your interests.

Cookies can be session or persistent cookies.  Session cookies are temporary and only stay on your browser until you stop browsing.  Persistent cookies stay on your device until they expire or are deleted.

The cookies used on our website may be first party cookies (i.e. set by us) or third-party cookies (i.e. cookies set on our website by a person other than us).  The third-party companies that place cookies on our website will have their own privacy policies.

 

WHAT Types of cookies DO we use

The types of cookies used by us, and most websites, can generally be categorised as follows.

Strictly necessary cookies

These cookies are essential for the full functionality of our website and related services.  They enable you to navigate around our website and services and use their features e.g. accessing secure areas and enabling services that you have asked to receive.  If you opt out of these cookies, you may not be able to access all the functions of our website and some services that you have asked to receive. 

These cookies do not track where else you have been on the internet and do not remember your preferences beyond your current visit.  These cookies are generally first party session cookies which will expire when you close your browsing session.  These cookies do not collect information that could be used for marketing purposes.

Functionality cookies

These cookies allow a website to remember choices you make and provide enhanced, more personal features.  e.g. these cookies allow us to remember the settings you have applied to the website (such as font size, preferences or colours), identify whether you are a returning website visitor and present you with a personalised version of the website, or eliminate the need for you to re-enter your login details.  The information these cookies collect is generally anonymous and they do not track your browsing activity on other websites.  These cookies may be first or third party, session or persistent cookies.

Performance cookies

These cookies collect information about how you use a website, e.g. which pages are the most visited and if you receive any error message from any page.  This information helps us improve the way our website and related services work and helps us manage the performance and design of the website and services.  These cookies do not gather information that identifies you.  All of the information these cookies collect is aggregated and anonymous.  These cookies may be first or third party, session or persistent cookies.

Targeting cookies

Targeting cookies are used to present advertising that is relevant to you and your interests.  These cookies collect information about your browsing habits e.g. the pages you have visited and the links you have followed across the internet.  They may also be used to limit the number of times you see an advertisement and help measure the effectiveness of advertising campaigns.  These cookies will usually be persistent but time-limited and may be placed on our website by third party service providers or advertising partners with our permission. 

We use targeting cookies to present interest-based advertising on our website and for retargeting.  This is a form of interest-based advertising that enables our advertising partners to build a profile of your interests and show you advertising based on your browsing activity across the internet, including to allow us to advertise to people who previously visited our website.

GOOGLE COOKIES

We use Google Analytics to collect information about visitors to our website.  Google Analytics collects information related to your device, browser, IP address, network location, and website activities to measure and report statistics about your interactions on our website.  We use this information to help us manage the performance and design of our website and to improve our website.

We use Google Analytics Advertising Features, including Remarketing with Analytics, Demographic and Interests reporting in Analytics and Google Ads.

For further information on how Google uses your personal data when you use our website and how to opt out of Google’s use of cookies, see here.  In addition to the process described in this link, you can opt out using the process described below.

Other COOKIES

We also use LinkedIn Insight Tag and Facebook Pixels for retargeting ads, and FullStory, Head Analytics, LuckyOrange and Heap Analytics to collect information about visitors to our website. Also, we use Crisp cookies for customer support and lead generation.

How to control or OPT OUT OF cookies AND TARGETED ADVERTISING

You can control and/or delete cookies as you wish.  You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed.  However, if you do this, you may have to manually adjust some preferences every time you visit our website and attempt use our services, you may not be able to access certain parts of our website or services, and some functionalities may not work. 

You can find out more information about how to change your browser cookie settings at www.aboutcookies.org.uk

To learn more about how to control cookie settings through your browser:

  • click here to learn more about the Private Browsing setting and managing cookie settings in Firefox
  • click hereto learn more about Incognito and managing cookie settings in Chrome
  • click here to learn more about InPrivate and managing cookie settings in Internet Explorer
  • click here to learn more about Private Browsing and managing cookie settings in Safari.

You may opt out of targeted advertising at http://www.youronlinechoices.eu/.  You can learn more about interest-based advertising and opt out of interest-based advertising from participating online advertising companies at the following links.

Please note that opting out of interest-based advertising does not mean you will no longer be served advertising.  You will continue to receive generic ads.

 

Third party website cookies

If you follow a link on our website to another website, the owner of that website will have its own cookies.  We suggest you review that website’s cookie policy before you visit that website.

Terms and Conditions

TERMS AND CONDITIONS OF USE FOR SOFTWARE PLATFORM KNOWN AS “JUMPER.AI”

The following terms and conditions (Terms) govern the contractual agreement between you (You, the End User(s)) and Kotak Network Pte. Ltd. (KNPL, we, our, us) arising from and in relation to the access, browsing, rights and obligations in connection with the use of KNPL’s software platform known as “JUMPER.AI” that is owned and operated by KNPL (the Platform) and services provided (Services).

In consideration of KNPL providing you with access to the Platform and Services, you agree to the following Terms at all times. If you do not agree to all the Terms, you are not authorised to use the Services and the Platform. If you continue to use the Platform, you are deemed to agree to the said Terms.

  1. Definitions

"Buyer" means an End User that purchases an Item using the Platform.

"Confidential Information" any information or material proprietary and/or confidential to KNPL, a Buyer or Merchant disclosed or obtained in connection with use of the Platform or pursuant to these Terms, including without limitation:

(i)  Any information in connection with a Transaction, Item, Buyer or Merchant;

(ii)  Item prices;

(iii)  KNPL Software including all updates, upgrades and versions;

(iv) KNPL business, technical, marketing, training and process documentation, including API access keys and tokens; or

(v)  Any non-public information contained in or acquired by use of the Platform

Confidential Information does not include information that:

(a)  is publicly known or which becomes publicly known through no breach by You;

(b) lawfully received by You from a third party without any confidentiality restriction;

(c) or is already known by You without any confidentiality restriction.

"Fee Schedule" means the schedule attached to the Registration Form accompanying these Terms.

Data Processing Addendum means the data processing addendum published at https://jumper.ai/gdpr/terms as amended from time to time.

“GDPR” means the General Data Protection Regulation of the European Union.

"Item" or “Items” means any good(s) or service(s) advertised for sale, trade, exchange or offer by a Buyer or Merchant through any Sales Channel integrated into the Platform.

“Merchant” means a company or individual who has registered to use the Platform or Services subject to the terms of the Merchant SaaS Agreement to:

  1. to offer Items for sale to End Users;
  2. communicate with, advertise to or run promotions or loyalty programs for End users
  3. otherwise interact with End Users.

“Merchant” includes a Merchant’s Permitted Users, agents, partners, personnel and affiliates.

“Permitted Users” means those personnel, agents or affiliates of the Merchant who are authorised to access and use the Services on the Merchant’s behalf.

"Signup Form" means the form accompanying these Terms which must be completed by all Users.

“Sales Channel” means any social media, messaging or web platform operated by the Merchant, offered by or integrated into the Platform to access the Services.

“Services” means any services provided by KNPL, and includes:

  1. the software technology platform known as “jumper.ai” where the Merchants and/or Users can channel and sell their products through the social media platforms or websites, and introduce the payment gateway to complete the transaction with buyers immediately;
  2. online commerce store, including features such as addition or sync of product, orders, inventory, taxes and shipping;
  3. in-chat carts and payments;
  4. message broadcasts, customer retargeting, order updates, promotional notifications, reminders, influencer commerce and other additional marketing features; or
  5. artificial intelligence and machine learning to provide the Services in a seamless way; or
  6. Chat and communication services to enable interactions between Merchant and End User(s).

"Service Provider" means any third party service provider who provides any Service or Transaction in connection with the Platform or to any User through the Platform.

"Software" means the computer software (proprietary to or otherwise licensed by KNPL) as provided by KNPL or accessible by third party internet or web browser software when connecting to the Platform. 

 

"Transaction" means:

  1. a purchase or sale of an Item between Buyers and completed using the Services or facilitated by the use of the Platform:
  2. promotion or advertisement offered to Buyers through use of the Platform; or
  3. any other communication between Merchants and Buyers through use of the Platform.

"Trade Rules" means the rules for the conduct of offers and trade of Items by You on the Platform as permissible by your local and federal laws, as well as the social media channels You connect with the Platform.

"User" or “Users” means any party who accesses the Platform or uses the Services through third party social networking sites, or otherwise facilitates such use by others including any Buyer, Merchant, and Service Provider.

“Platform” means the Software created and owned by KNPL known as “JUMPER.AI” or such other website, mobile applications or domain name or such other technology assigned by KNPL.

"You" or "Your" means any Buyer, Merchant, Service Provider or other User (as the case may be) who accesses and/or uses the Platform.

Your Data means all data, content, and information (including personal data) owned, held, used or created by you that is stored using, or inputted into, the Service or Platform either by you, or from third parties in accordance with our Privacy Policy.

Words denoting the singular shall include the plural and vice versa.

The headings in these Terms are for convenience only and shall not affect its interpretation.

  1. The Platform and Services

2.1. KNPL provides the Services and the Platform to enable Merchants to advertise and offer Items for sale to and communicate with Buyers through different Sales Channels and enter into Transactions.  As a facilitator of the Transactions, KNPL is not involved in, or a party to the actual Transaction between Buyers and Merchants, and has no liability to the Buyer or Merchant for the Transactions. 

2.2. As a User, You understand and agree that KNPL does not act as agent, partner, fiduciary or trustee for any Buyer or Merchant and that KNPL does not exercise any control over 

(i) the quantity, availability, quality, safety or legality of any Items; 

(ii) the accuracy or usefulness of the description or classification of any Items;

(iii) the ability of either a Buyer or Merchant to fulfil its obligations to complete a Transaction;

(iv)  the legal capacity of any Buyer, Merchant to lawfully enter into a Transaction; or

(v)  any representations made in respect of the Items or any representations made by any Buyer, Merchant. You further understand and agree that KNPL does not endorse, sponsor, certify or guarantee any Items. 

  1. 3.Acceptance of Terms and Conditions

3.1. These Terms may be modified, amended or revised from time to time and such modification, amendment or revision will be effective upon KNPL posting notification of amended Terms on the Platform.

3.2. You are responsible for ensuring you are familiar with the latest Terms. Your subsequent use and/or access of the Platform "https://jumper.ai" and/or the Services shall be deemed to be Your agreement to be conclusively bound by any such future modification, amendment or revision.

3.3      These Terms were last updated on 15 July 2019.

  1. 4.The Platform and / or Its Services

KNPL reserves the right at its sole discretion to:

(i) suspend, deny access to or use of the Platform for the purposes of system maintenance, upgrading, security or such other purpose as KNPL may deem appropriate;

(ii) discontinue all or part of the Services on the Platform without notice to You; or

(iii) add and/or modify all or part of the Services on the Platform at its discretion. 

  1. Use Of The Platform

5.1. You agree at all times to comply with the Trade Rules that apply to each Service, where applicable.

5.2. You will be responsible, at Your own cost, for providing the telecommunications connectivity, computer hardware, internet access and other technology necessary for You to access or use the Platform.

5.3. You agree not to use any software, hardware, device or electronic means to interfere, alter, deny or otherwise disrupt the normal operation of the Platform or any content within the Platform. 

5.4. You will not be permitted to participate in the Services conducted through the Platform without registering as a User.

5.5. If Your registration application is approved by KNPL, Your User ID and password authentication will be activated. 

5.6. You are to use only the User ID and password authentication given to You on behalf of the business that you represent, as indicated on the applicable registration application. Multiple use of the User ID and password may render the User ID and password to be deactivated and for the KNPL to stop its Services to You.

5.7. You will be responsible for the confidentiality and use of Your User ID and password, and You will be held solely responsible for all communications made through the Platform using Your User ID and password whether or not authorized by You.

5.8. You will further ensure that your employees and/or agents (as the case may be) maintain confidentiality of Your User ID and password and ensure compliance by your employees and/or agents of all instructions or notices given by KNPL from time to time regarding the use of the Platform. 

5.9. You will notify KNPL immediately upon becoming aware of any unauthorized access to or use of the Platform and agree that KNPL shall not be responsible to You and You shall not make any claim, demand or request for compensation from KNPL in respect of any loss or damage suffered by You as a result of any unauthorized access to and/or use of Your User ID and password.

  1. Fees and Charges

6.1. Unless otherwise agreed by separate written agreement(s) with KNPL and only where applicable, all fees and charges in connection with the use of the Platform and/or the Services or any related Transaction (as set out in the Fee Schedule) will be payable by You to KNPL.

6.2. You agree that KNPL will not be responsible for any fees, costs or taxes associated with any Transaction between a Buyer and Merchant.

6.3. You shall be responsible for determining whether taxes are payable in respect of the Transactions under any applicable law and acknowledge that We are not liable and shall not be held responsible for paying, collecting, reporting or remitting any taxes arising from any Transactions.

  1. Compliance with Laws

You agree to and will comply with all applicable laws, statutes, regulations and ordinances in connection with any use by You of the Services on the Platform.

Compliance includes but will not be limited to ensuring that You have all valid legal permits, approvals, licenses and authorizations as may be necessary for the trade, advertise promote or otherwise deal with the Items; complying with all applicable laws regarding the handling, export or transmission of Items or other related technical information and data; and complying with the regulations of all relevant taxing or other regulatory authorities in connection with any Transaction.

  1. 8.Warranties

You warrant at all times that:

(i) You are of sufficient legal capacity to enter into binding contracts;

(ii) All information provided by you to KNPL is true and correct;

(iii) You are not prohibited by any applicable government authority or agency;

(iv) Any information, representation or material submitted by You will not infringe any third party's copyright, patent, trademark or other intellectual property rights;

(v) any material, data or information you provide or submit to KNNPL or the Platform will not contain any electronic virus or other electronic code designed to delete, corrupt, expropriate data or otherwise disrupt system operability; and

(vi) You will not act in a way, engage in any activity or introduce anything (including any virus, worm, Trojan horse, timebomb, keystroke logger, spyware or other similar feature) that in any way compromises, or may compromise, the Platform or Services, or otherwise attempt to damage or interfere with the Platform or Services, or cause or is intend to cause undue system overload or material degradation of the Platform’s computer system resources, underlying systems.

(vii) maintain the security and confidentiality of password issued by KNPL to You upon registration and to use the same only for the purposes contemplated by these Terms.

(viii) You indemnify us against all loss we suffer or incur as a direct or indirect result of your failure to comply with these Terms, including any failure of a person who accesses and uses our Platform by using your User ID.

  1. Disclaimer

9.1. The information on the Platform may be sourced from third parties and is provided on an "AS IS" basis for general information purposes only. While KNPL will use reasonable commercial efforts to ensure that the Platform is at all material times available for use (except as provided under these Terms), You understand and agree that use of the Services and the Platform is provided on an "AS AVAILABLE" basis without any guarantee or assurance that such use or access thereto will be uninterrupted, continuous or error-free. KNPL does not warrant or represent that (i) the information on the Platform; or (ii) the Software; or (iii) the Platform and Software’s integrations offered with third party integration services is free from errors or omissions, and further makes no representations, conditions or warranties whether express or implied, including any implied warranties of satisfactory quality, completeness, accuracy or fitness for a particular purpose.

9.2. The Platform may contain links to and integrations with non-KNPL controlled web sites or other software. KNPL is not responsible for and does not endorse or accept any responsibility for the contents or use of these third party web sites or software. Browsing or downloading information from the internet may involve risk. You are advised that Your use or selection of links to third parties is at Your own risk and You should take precautions to ensure against electronic viruses or other similar electronic items of destructive nature. 

10.Limitation and Exclusion of Liability

10.1. KNPL disclaims any and all liability for all use of the Platform or the Services, including losses, damages, claims or expenses any person may incur as a result of:

(i)  transmission of any information to or from the Platform;

(ii)  failure or limitation in any security prevention or detection to or from the Platform;

(iii)  reliance on any information contained in the Platform;

(iv)  hyperlink from or API integration to the Platform;

(v)  any error, mistake or omission in the information on the Platform; and

(vi)  any disruption or failure in any third party computer network, cloud system, or social media, messaging, web or any partner platform or services linked to the Platform; even if advised of the possibility of such loss or damage.

10.2. With the exception of death or personal injury by the proven fault of KNPL, You expressly understand and agree that neither KNPL, its subsidiaries or affiliates, officers, directors, employees or licensors will not in any circumstances be liable for any indirect, consequential or incidental damages, including damages for loss of business, business interruption, loss of business information, loss of data, procurement of substitute goods or services or any other losses whatsoever, arising out of (i) the use or inability to use the Platform, the Services or reliance on the Platform’s contents ; (ii) unauthorised access to or alteration of your data or data transmissions; or (iii) any other matter in connection with access or use of the Platform (even if KNPL has been advised of the possibilities of such damage).

10.3. With the exclusion of death or bodily injury directly caused by the proven fault or negligence of KNPL, KNPL's aggregate liability to any User for claims under and in connection with use of the Platform, whether for liability in contract, tort or otherwise irrespective of the form of action will be limited to Singapore Dollars Two Hundred And Fifty Only (S$250.00) in respect of any one event or series of connected events and provided always that KNPL's aggregate liability under or in connection with these Terms (whether for liability in contract, tort or otherwise) will be limited to the lesser of (i) Singapore dollars Two Hundred And Fifty Only (S$ 250.00); or (ii) the fees and charges actually paid by You to KNPL in the three (3) calendar months immediately preceding the cause of action.

The limitations and exclusions of liability and warranties in these Terms are subject to any restrictions on such limitations and exclusions under the applicable law.

11.Indemnification

You agree to indemnify, defend and hold harmless KNPL, its directors, officers, employees, assigns and affiliates from and against any and all claims, actions, liabilities, losses, expenses, damages and costs, including, but not limited to, reasonable legal fees (collectively "Liabilities"), that may at any time be incurred by reason of any third party claim:

(i)  arising out of or relating to Your breach or alleged breach of these Terms,

(ii)  based upon any claim in connection with an Item which You purchase, supply or offer to purchase or supply (including without limitation changes in contracted prices, alleged errors, omissions or misrepresentation therein);

(iii)  arising out of any software virus or other software code of a destructive nature transmitted by You;

(iv)  arising from any act or omission in connection with a Transaction You enter or propose to enter into (including without limitation any dispute, non-payment or other contractual failure by You to complete such Transaction); or

(v)  arising from any tax, duties, excise or licence fee liability in connection with a Transaction You enter or propose to enter into (with the exclusion of taxes payable by KNPL's on its net income); provided that such Liabilities do not arise from KNPL's wilful default or gross negligence.

12.Termination 

12.1. KNPL, in its reasonable discretion, may terminate Your access to and use of the Platform, in the event of:

(i)  any breach of the above warranties, the Trade Rules or these Terms, or applicable laws by You;

(ii)  any failure to pay any amounts due by You;

(iii)  any information furnished by You is false or misleading;

(iv)  any bankruptcy or insolvency proceedings against You; or

(v)  liquidation of or appointment of a receiver, administrator, judicial manager or other official over Your assets. 

12.2. In the event of termination:

(i)  You agree that any and all outstanding charges or fees payable by You in connection with Your use of or Transactions conducted on the Platform shall become immediately due and You will pay all such charges and fees upon demand (and we may use any funds held by us to set off debts owed by you);

(ii)  KNPL may delete or otherwise remove any of Your data stored within the Platform; and

(iii)  KNPL may terminate, suspend or disallow Your access to the Platform "https://jumper.ai" and stop all Services to You and accounts associated with Your account, in its sole discretion.

13.Intellectual Property Rights

13.1 All copyright, trademarks, and other intellectual property rights in the Platform (including but not limited to any images, photographs, animations, video, audio, music, text and "applets"), are owned or otherwise licensed by KNPL. No title or any intellectual property right is transferred hereunder. No part of this Platform may be reproduced, distributed or modified in whole or in part in any manner whatsoever by any medium without the written consent of KNPL.

13.2 Title to, and all intellectual property rights in, Your Data (as between the parties) remains your property.  Subject to the Data Processing Addendum you grant us a worldwide, non-exclusive, fully paid up, transferable, irrevocable licence to use, store, copy, modify, make available and communicate Your Data for any purpose in connection with the exercise of our rights and performance of our obligations in accordance with these Terms.

14.Trademarks

14.1. The Platform domain name(s) (where applicable) "https://jumper.ai", the KNPL logo, KNPL., jumper.ai logo and/or other KNPL products and services referenced within the Platform or associated materials are trademarks or copyright of KNPL, and may be registered in certain jurisdictions. All other product names, company names, marks and logos referenced may be trademarks of their respective owners. 

14.2. Nothing within these Terms should be construed as granting any right any license or right to any trademarks or the Platform content without the written permission of KNPL, or the respective third party owners.

15.Confidentiality

15.1. You agree to preserve the confidentiality of any Confidential Information and not to permit the disclosure of Confidential Information to any unauthorised parties. You will undertake to ensure that any of Your employees, financial or legal representatives to whom all or any of the Confidential Information is disclosed, strictly on a "need to know" basis in furtherance of Your obligations under these Terms, shall enter into written confidentiality undertakings to protect unauthorised disclosure of the Confidential Information upon terms equivalent to this provision. 

15.2. You further agree and acknowledge that any breach or threatened breach by You of the confidentiality provisions in these Terms may cause irreparable injury to KNPL for which monetary damages would be an inadequate remedy and that, in addition to any other remedies that may be available, in law, in equity or otherwise, KNPL shall be entitled to obtain injunctive, prohibitory or other urgent relief against the threatened breach of these Terms or the continuation of any such breach by You, without the necessity of proving actual damages.

16.Your Data

16.1 You acknowledge that we may require access to Your Data to exercise our rights and perform our obligations under these Terms.

16.2 Subject to any other express agreement between You and KNPL, You grant KNPL a non-exclusive, royalty-free, worldwide right to reproduce, transmit, use, derive or otherwise display Your Data (including without limitation your company name, trade name, logo or other trademarks), for the purposes of the operation of the Platform and/or any and all of the Platform’s related advertising, marketing or promotional material or communications. KNPL will take reasonable efforts to adhere to any trademark guidelines as provided by you to KNPL. 

16.3 You acknowledge and agree that we may use Your Data and information about your use of the Services to generate anonymised and aggregated statistical and analytical data (Analytical Data). We may use Analytical Data for our internal research and product development purposes and to conduct statistical analysis and identify trends and insights, in perpetuity.  Title to, and all intellectual property rights in, Analytical Data is and remains our property.

16.4 We will take standard industry measures to back up Your Data stored using the Service.

16.5 You indemnify us against any liability, claim, proceeding, cost, expense (including the actual legal fees charged by our solicitors) and loss of any kind arising from any actual or alleged claim by a third party that any of Your Data infringes the rights of that third party (including Intellectual Property Rights and privacy rights) or that Your Data is objectionable, incorrect or misleading.

 

17.Your Registration Information

17.1. Subject to the Privacy Policy of KNPL, KNPL will generally use Your registration information as specified on the Registration Form for general display access by Buyers, Merchants or other Platform Users, for internal administrative purposes and to contact You from time to time in connection with Your use of the Platform or to inform You of the latest features. KNPL may provide aggregated or generalised User information to third parties provided always that Your specific information is never disclosed (unless authorised by You or as may be required to comply with the lawful directions of any authority with competent jurisdiction).

17.2. Subject to the Privacy Policy of KNPL, the content of any communication feedback to this Platform including suggestions and comments will be treated as non-confidential and shall become the property of KNPL. KNPL shall be free to use such communication for any purpose unless otherwise You have withdrawn your consent or asked to be anonymous.

17.3 If the processing of Personal Data is governed by the GDPR, the additional terms in the Data Processing Addendum also form part of these Terms.

17.4 You acknowledge and agree that in collecting, holding and processing Personal Data through the Service or Platform, we are acting as your agent for the purposes of the Personal Data Protection Act 2012 (Singapore), and as the data processor for the purposes of the GDPR.  If the GDPR applies, the additional terms in the Data Processing Addendum also form part of these Terms.  You must obtain all necessary consents from the relevant individual to enable us to collect, use, hold and process Personal Data in accordance with these Terms and, if applicable, the Data Processing Addendum.

18.Delay or Force Majeure

KNPL will not be liable for any failure or delay arising from events beyond KNPL's control, including but not limited to, acts of God, insurrection or civil disorder, war or military operations, national or local emergency, acts or omissions of government, telecommunication or public utility disruption or failure, industrial disputes of any kind (whether or not involving employees), failure of equipment, bugs, viruses, accidents, material shortages, explosion, subsidence, inclement weather, acts or omissions of persons or bodies for whom the party is not responsible or any other causes outside it's control. 

19.Disputes 

KNPL will not involve itself in any private dispute between Users whether or not arising out of a Transaction. Any valid dispute raised by You directly in connection with the Platform will be first addressed by KNPL customer service representatives and/or later by KNPL management in good faith. Failing any resolution with KNPL management, then such dispute or difference shall be referred to and finally resolved by arbitration in Singapore in accordance with SIAC or Commercenet rules for the time being in force which rules are deemed to be incorporated by reference in this clause. The arbitration shall be conducted in English. This shall not preclude KNPL from being entitled to obtain immediate injunctive and other equitable relief from any convenient court without bond and without necessity of showing actual monetary damage upon a breach of Clause 13, 14 or 15 above.

20.Assignment

These Terms will be binding upon and inure to the benefit of You and KNPL's respective successors and permitted assigns. Your rights and obligations under these Terms may not be assigned or otherwise transferred in whole or in part, without the prior written consent of KNPL. KNPL may assign its right to receive any payment from You under these Terms to a majority owned subsidiary of KNPL or such other entity or third party approved by KNPL by written notice to You without the need for consent. 

21.Notices

Any notice, request, waiver, consent or approval shall be in writing in the English language and shall be deemed to have been duly given or made when it is delivered by hand, by registered mail, facsimile or by electronic mail (as the case may be) to Your respective registered notification address provided by You to KNPL. Except where otherwise provided under these Terms, notices shall be deemed duly served and given immediately if by hand; two (2) days after postage, if by registered mail; upon transmission, if by confirmed facsimile; and upon transmission with no returned receipt failure message, if by electronic mail. 

22.General

22.1. You and KNPL are independent contractors. No agency, partnership, franchise or formal business organisation of any kind is created by these Terms and neither party will have the right to bind the other.

22.2. No waiver of any breach of these Terms shall be deemed to be a waiver of any other or of any subsequent breach. The failure of KNPL to enforce at any time any of the Terms shall in no way be interpreted as a waiver of such provision.

22.3. If any provision of these Terms is held invalid, unenforceable or illegal for any reason, these Terms shall remain otherwise in full force apart from such provision which shall be deemed deleted.

22.4. These Terms will be governed by and interpreted according to the laws of the Republic of Singapore excluding the application of its conflicts of law rules. To the extent permitted by law, the application of the United Nations Convention on Contracts for the International Sale of Goods 1980 is expressly excluded.

22.5. Unless we otherwise agree in writing, these Terms (incorporating the Data Processing Addendum and Privacy Policy) constitute the entire agreement between You and KNPL with respect to the use of the Platform and Services. These Terms supersede all prior and contemporaneous representations or understandings. Unless expressly agreed by KNPL, these Terms shall always prevail over any inconsistent terms or conditions embodied within any purchase order, invoice or other documentation issued to KNPL by a Buyer, Merchant or other third party under or in connection with the use of the Platform.

 

~~~END~~~

 

Data Processing Addendum

 

  1. APPLICATION OF THIS ADDENDUM
    1. Subject to clause 1.3, this Data Processing Addendum (Addendum) applies if the Processing (as defined below) of Data (as defined in our Terms and Conditions at https://jumper.ai/terms (Terms)) is governed by the GDPR (as defined below).
    2. If this Addendum applies, this Addendum forms part of the Terms between us and you (as defined in the Terms) and sets out the parties’ agreement in relation to the processing of Data in accordance with the requirements of European Union data protection laws and regulations.
    3. This Addendum also includes Standard Contractual Clauses (as defined below), which are pre-signed by us and form part of this Addendum. If you would like to counter-sign the Standard Contractual Clauses, please complete the necessary details, countersign the Standard Contractual Clauses, and return a counter-signed copy to us at hey@jumper.ai.
    4. Except as varied in this Addendum (including the Standard Cntractual Clauses) all terms and conditions set out in the Terms continue to apply.

 

  1. INTERPRETATION
    1. Unless the context requires otherwise:
      1. capitalised terms used, but not defined, in this Addendum will have the meanings given to them in the GDPR (or, if not defined in the GDPR, the Terms);
      2. the rules of interpretation set out in the Terms apply to this Addendum; and
      3. references to clauses are references to the clauses in this Addendum.
    2. In this Addendum:

Applicable Data Protection Laws means EU Data Protection Laws and any applicable data protection or privacy laws of any other country

EEA means the European Economic Area

EU Data Protection Laws means all laws and regulations, including laws and regulations of the European Union, the EEA and their member states and (if the United Kingdom ceases to be a member state) the United Kingdom, that apply to the Processing of Data under the Terms, including (where applicable) the GDPR

GDPR means the European Union General Data Protection Regulation 2016/679

Instruction means the instructions set out in clause 3.3 or agreed under clause 3.4

Personal Data means all Data which is personal data, personally identifiable information or personal information under Applicable Data Protection Laws (as applicable under those laws)

Processing means any operation or set of operations which is performed upon Personal Data, whether or not by automated means, such as collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.  Process has a consistent meaning

Standard Contractual Clauses means the standard contractual clauses set out in Schedule 3, as may be amended under clause 12.1.

Sub-Processor means any person appointed by us or on our behalf to Process Personal Data on your behalf in connection with the Terms

  1. If there is any conflict between any of the following, they will have precedence in the descending order of priority set out below:
    1. the Standard Contractual Clauses;
    2. this Addendum; and
    3. the Terms.
  2. PROCESSING OF PERSONAL DATA
    1. With respect to the Processing of Personal Data under the Terms:
      1. you act as the Data Controller;
      2. we act as the Data Processor; and
      3. subject to clause 6, we may engage the Sub-Processors listed in Schedule 2.
    2. We will comply with all Applicable Data Protection Laws that apply to our Processing of Personal Data on your behalf, including all EU Data Protection Laws that apply to Data Processors.
    3. You must, when using the Service, comply with all Applicable Data Protection Laws that apply to your Processing of Personal Data, including all EU Data Protection Laws that apply to Data Controllers.
    4. You instruct us to Process Personal Data and in particular, subject to clause 6, transfer Personal Data to any country or territory:
      1. as reasonably necessary to provide the Service in accordance with the Terms;
      2. as initiated through the use of the Service by you, your Personnel and other end users you allow to use the Service; and
      3. to comply with any further instruction from you (including by email or through our support channels) that is consistent with the Terms and this Addendum.
    5. This Addendum and the Terms are your complete and final instructions for the Processing of Personal Data as at the time this Addendum takes effect. Any additional or alternate instructions must be agreed between us and you separately in writing.
    6. We will not Process Personal Data other than on your Instructions unless required by any law to which we are subject, in which case we will to the extent permitted by applicable law inform you of that legal requirement before we Process that Personal Data.
    7. As required by article 28(3) of the GDPR (and, if applicable, equivalent requirements of other Applicable Data Protection Laws), the nature and purpose of the Processing, the types of Personal Data and categories of Data Subjects Processed under this Addendum are set out in Schedule 1. We may amend Schedule 1 from time to time on written notice to you as we reasonably consider necessary to meet the requirements of the GDPR (and applicable equivalent requirements of other Applicable Data Protection Laws). 
    8. The duration of Processing is limited to the duration of the Terms. Our obligations in relation to Processing will continue until the Personal Data has been properly deleted or returned to you in accordance with clause 11 of this Addendum.
    9. You are solely responsible for ensuring that your Instructions comply with Applicable Data Protection Laws. It is also your responsibility to enter into data processing agreements with other relevant Data Controllers in order to allow us and our Sub-Processors to Process Personal Data in accordance with this Addendum.
    10. If, in our reasonable opinion, an Instruction infringes Applicable Data Protection Laws, we will notify you as soon as reasonably practicable.
  3. DATA SUBJECT REQUESTS
    1. To the extent permitted by law, we will notify you promptly if we receive a request from a Data Subject to exercise the Data Subject’s rights under Applicable Data Protection Laws relating to any Personal Data (Data Subject Request).
    2. Taking into account the nature of the Processing, we will assist you by implementing appropriate technical and organisational measures, to the extent possible, to fulfil your obligation to respond to a Data Subject Request under Applicable Data Protection Laws.
    3. To the extent you do not have the ability to address a Data Subject Request, we will, on your written request, provide reasonable assistance in accordance with Applicable Data Protection Laws to facilitate that Data Subject Request. You will reimburse us for the costs arising from this assistance. 
    4. We will not respond to a Data Subject Request except on your written request or if required by applicable law.
  4. OUR PERSONNEL
    1. We will:
      1. take reasonable steps to ensure the reliability of any of our Personnel engaged in the Processing of Personal Data;
      2. ensure that access to Personal Data is limited to our Personnel who require that access as strictly necessary for the purposes of exercising our rights and performing our obligations under the Terms;
      3. ensure that our Personnel engaged in Processing Personal Data are subject to confidentiality undertakings or professional or statutory obligations of confidentiality; and
      4. ensure that our Personnel engaged in Processing Personal Data are informed of the confidential nature of the Personal Data and receive appropriate training on their responsibilities.
    2. SUBPROCESSESORS
      1. You acknowledge and agree that we may engage third party Sub-Processors in connection with the provision of the Service.
      2. We have entered into (and will, for any new Sub-Processor, enter into) written agreements with each Sub-Processor containing data protection obligations which offer at least the same level of protection for Personal Data as set out in this Addendum and that meet the requirements of Article 28(3) of the GDPR, as applicable to the nature of the services provided by that Sub-Processor.
      3. You may request copies of our written agreements with Sub-Processors (which may be redacted to remove confidential information not relevant to this Addendum).
      4. A list of current Sub-Processors for the Services as at 16 July 2019 is set out in Schedule 2. We may update the list of Sub-Processors from time to time and, subject to clause 6.5, we will give at least 30 days’ written notice of any new Sub-Processor. 
      5. We may engage Sub-Processors as needed to serve as an Emergency Replacement to maintain and support the Services. Emergency Replacement means a sudden replacement of a Sub-Processor where a change is outside our reasonable control.  In this case, we will inform you of the replacement Sub-Processor as soon as reasonably practicable.
      6. If you object to any new Sub-Processor, you may, despite anything to the contrary in the Terms, terminate these Terms and your right to access and use the Service without penalty on written notice, provided (in the case of a new Sub-Processor notified under clause 6.4) your notice of termination is received by us before the effective date of our notice under clause 6.4 or (in the case of a new Sub-Processor notified under clause 6.5) your notice of termination is received by us within 30 days of our notice of the new Sub-Processor. If you do not terminate these Terms and your right to access and use the Service in accordance with this clause, you are deemed to have agreed to the new Sub-Processor. 
      7. We are liable for the acts and omissions of our Sub-Processors to the same extent we would be liable if performing the services of each Sub-Processor directly under the terms of this Addendum, except as otherwise set out in this Addendum.
    3. SECURITY

We will maintain technical and organisational measures to protect the confidentiality, integrity and security of Personal Data (including protection against unauthorised or unlawful Processing and against accidental or unlawful destruction, loss or alteration or damage, unauthorised disclosure of, or access to, Personal Data), and to manage data security incidents affecting Personal Data.

  1. SECURITY BREACH MANAGEMENT
    1. We will comply with all applicable laws requiring notification to you of any accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data Processed by us or our Sub-Processors of which we become aware (Breach Incident).
    2. We will make reasonable efforts to identify the cause of that Breach Incident, notify you within a timely manner to allow you to meet your obligations to report a Breach Incident, and take steps we consider necessary and reasonable to remediate the cause of the Breach Incident, to the extent remediation is within our reasonable control.
  2. AUDIT AND COMPLIANCE

Upon your written request, we will submit to your audits and inspections, and provide you all information necessary, to demonstrate that both you and we are complying with our respective obligations under Applicable Data Protection Laws (including our respective obligations under Article 28 of the GDPR).

  1. DATA PROTECTION IMPACT ASSESSMENT

Upon your written request, we will provide you with reasonable assistance needed to fulfil your obligation under the GDPR to carry out a data protection impact assessment relating to your use of the Service, to the extent you do not otherwise have access to the relevant information.

  1. RETURN AND DELETION OF PERSONAL DATA
    1. Subject to clauses 11.2 and 11.3, following termination of the Terms we will delete all Personal Data within a reasonable period from termination of the Terms.
    2. Subject to clause 11.3, you may submit a written request to us within 10 working days of the termination of the Terms requiring us, within 20 working days of your written request, to:
      1. return a complete copy of all Personal Data by secure file transfer in a common format; and
      2. delete all other copies of Personal Data Processed by us or any Sub-Processor.
    3. We, or each Sub-Processor, may retain Personal Data to the extent that it is required by applicable laws, provided that we ensure the confidentiality of all such Personal Data and ensure that such Data is only processed as necessary for the purposes required under applicable laws requiring its Processing and for no other purpose.
    4. If we cannot delete all Personal Data due to technical reasons, we will inform you as soon as reasonably practicable and will take reasonably necessary steps to:
      1. come as close as possible to a complete and permanent deletion of the Personal Data;
      2. fully and effectively anonymise the remaining data; and
      3. make the remaining Personal Data which is not deleted or effectively anonymised unavailable for future Processing.
    5. CHANGES IN DATA PROTECTION LAWS
      1. We may on at least 30 days' written notice to you from time to time, make any variations to this Addendum (including to the Standard Contractual Clauses), which we consider (acting reasonable) are required as a result of any change in, or decision of a competent authority under, Applicable Data Protection Law, to allow transfers and Processing of Personal Data to continue without breach of Applicable Data Protection Law.
      2. If you object to any variation under clause 12.1, you may, despite anything to the contrary in the Terms, terminate these Terms and your right to access and use the Service without penalty on written notice, provided your notice of termination is received by us before the effective date of our notice. If you do not terminate these Terms and your right to access and use the Service in accordance with this clause, you are deemed to have agreed to the variation. 
    6. LIMITATION OF LIABILITY

The liability of each party to the other party under or in connection with this Addendum is subject to the limitations and exclusions set out in the Terms, and any reference in the Terms to the liability of a party means the aggregate liability of that party under the Terms and this Addendum together.

  1. GENERAL

If any provision of this Addendum is, or becomes unenforceable, illegal or invalid for any reason, the relevant provision is deemed to be varied to the extent necessary to remedy the unenforceability, illegality or invalidity.  If variation is not possible, the provision must be treated as severed from this Addendum without affecting any other provisions of this Addendum.

SCHEDULE 1

DETAILS OF PROCESSING

 

Nature and Purpose of Processing

We will Process Personal Data as necessary to provide the Service in accordance with the Terms, as further specified in our online documentation relating to the Services, and as further instructed by you and your Personnel and other end users you allow to use the Service through the use of the Service.

Duration of Processing

Subject to clause 11 of this Addendum, we will Process Personal Data for the duration of the Terms, unless otherwise agreed upon in writing.

Categories of Data Subjects

You may submit Personal Data to the Service, the extent of which is determined and controlled by you in your sole discretion, and which may include, but is not limited to, Personal Data relating to the following categories of data subjects:

  1. Merchants and their personnel, who access and use our Services
  2. End Users who purchase items or interact with merchants through using our Services

Type of Data

You may submit Personal Data to the Service, the extent of which is determined and controlled by you in your sole discretion, and which may include, but is not limited to, the following categories of personal data:

  1. first and last name registration and contact information you provide to us
  2. payment and billing information, which may include credit card or account information
  3. conversation transcripts between merchant and end consumers
  4. your network connection, IP address and information about how and when you browsed our website
  5. social media account information
  6. any data additionally requested and/or added/uploaded to the platform by merchant.

 

SCHEDULE 2

LIST OF SUB-PROCESSORS AS AT [INSERT DATE]

  1. [insert list of sub-processors, including what you use them for and their location]

Sub-processor

Location

Purpose

CORE INFRASTRUCTURE

Google

USA

Cloud Infrastructure for our apps and services; site analytics

Amazon

USA

Cloud Infrastructure for our apps and services

Crisp

 

USA

Customer service and feedback

ActiveCampaign

 

USA

Customer interactions (e-mail, etc.)

PAYMENT GATEWAYS

Stripe

USA

Payment gateway to accept payments from your customers;

Manage your subscription and transaction service fees

PayPal

 

USA

Payment gateway to accept payments from your customers

PayU

 

India, LATAM

Payment gateway to accept payments from your customers

RazorPay

India

Payment gateway to accept payments from your customers

BillPlz

Malaysia

Payment gateway to accept payments from your customers

NETS

Singapore

Payment gateway to accept payments from your customers

Bangkok Bank

Thailand

Payment gateway to accept payments from your customers

PesoPay

Philippines

Payment gateway to accept payments from your customers

Paystack

Africa

Payment gateway to accept payments from your customers

MidTrans

Indonesia

Payment gateway to accept payments from your customers

Square

United States

Payment gateway to accept payments from your customers, as well as sync store details, orders and customer data

Wirecard

Global

Payment gateway to accept payments from your customers

Shopify

Global

Sync relevant store details, orders and customer data

WooCommerce

Global

Sync relevant store details, orders and customer data

BigCommerce

Global

Sync relevant store details, orders and customer data

Printful

Global

Sync relevant store details, orders and customer data

Easyship

US, UK, Hong Kong, Singapore, Australia

Sync orders and fulfillment data

Easy Parcel

Southeast Asia

Sync orders and fulfillment data

Zapier

Global

Interface for orders to your platform of choice

SimplyPost

Singapore

Sync orders and fulfillment data

aCommerce

Southeast Asia

Sync orders and fulfillment data

Amazon FBA

USA

Sync orders and fulfillment data

 

SCHEDULE 3

STANDARD CONTRACTUAL CLAUSES (PROCESSORS)

For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of Personal Data to Processors established in third countries which do not ensure an adequate level of data protection. 

[Customer to complete the details below]

Name of the data exporting organisation: ……………………………………………………………

Address: …………………………………………………………………………………………………

Tel.: …………………; fax: …………………; e-mail: …………………………………………………

Other information needed to identify the organisation

……………………………………………………………………………………………………………
(the data exporter)

And

Name of the data importing organisation: Kotak Network Pte Limited

Address: 80 Changi Road, #05-13, 419715, Singapore

E-mail: hey@jumper.ai

Other information needed to identify the organisation:

a Singapore company, company number 201707519G

(the data importer)

each a party, together the parties

have agreed the following Standard Contractual Clauses (Clauses) in order to provide adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the Data Exporter to the Data Importer of the personal data specified in Appendix 1 of this Schedule 3.

Clause 1:  Definitions

For the purposes of the Clauses:

a       personal data, special categories of data, process/processing, controller, processor, data subject and supervisory authority shall have the same meaning as in Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data;

b       the data exporter means the controller who transfers the personal data;

c        the data importer means the processor who agrees to receive from the data exporter personal data intended for processing on his behalf after the transfer in accordance with his instructions and the terms of the Clauses and who is not subject to a third country's system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC;

d       the subprocessor means any processor engaged by the data importer or by any other subprocessor of the data importer who agrees to receive from the data importer or from any other subprocessor of the data importer personal data exclusively intended for processing activities to be carried out on behalf of the data exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract;

e       the applicable data protection law means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data applicable to a data controller in the Member State in which the data exporter is established;

f        technical and organisational security measures means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.

Clause 2:  Details of the transfer

The details of the transfer and in particular the special categories of personal data where applicable are specified in Appendix 1 which forms an integral part of the Clauses.

Clause 3:  Third-party beneficiary clause

1       The data subject can enforce against the data exporter this Clause, Clause 4b to i, Clause 5a to e, and g to j, Clause 6(1) and (2), Clause 7, Clause 8(2), and Clauses 9 to 12 as third-party beneficiary.

2       The data subject can enforce against the data importer this Clause, Clause 5a to e and g, Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where the data exporter has factually disappeared or has ceased to exist in law unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law, as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity.

3       The data subject can enforce against the subprocessor this Clause, Clause 5a to e and g, Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.

4       The parties do not object to a data subject being represented by an association or other body if the data subject so expressly wishes and if permitted by national law.

Clause 4:  Obligations of the data exporter

The data exporter agrees and warrants:

a       that the processing, including the transfer itself, of the personal data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter is established) and does not violate the relevant provisions of that State;

b       that it has instructed and throughout the duration of the personal data processing services will instruct the data importer to process the personal data transferred only on the data exporter's behalf and in accordance with the applicable data protection law and the Clauses;

c        that the data importer will provide sufficient guarantees in respect of the technical and organisational security measures specified in Appendix 2 to this contract;

d       that after assessment of the requirements of the applicable data protection law, the security measures are appropriate to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;

e       that it will ensure compliance with the security measures;

f        that, if the transfer involves special categories of data, the data subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC;

g       to forward any notification received from the data importer or any subprocessor pursuant to Clause 5b and Clause 8(3) to the data protection supervisory authority if the data exporter decides to continue the transfer or to lift the suspension;

h       to make available to the data subjects upon request a copy of the Clauses, with the exception of Appendix 2, and a summary description of the security measures, as well as a copy of any contract for subprocessing services which has to be made in accordance with the Clauses, unless the Clauses or the contract contain commercial information, in which case it may remove such commercial information;

i         that, in the event of subprocessing, the processing activity is carried out in accordance with Clause 11 by a subprocessor providing at least the same level of protection for the personal data and the rights of data subject as the data importer under the Clauses; and

j         that it will ensure compliance with Clause 4a to i.

Clause 5:  Obligations of the data importer

The data importer agrees and warrants:

a       to process the personal data only on behalf of the data exporter and in compliance with its instructions and the Clauses; if it cannot provide such compliance for whatever reasons, it agrees to inform promptly the data exporter of its inability to comply, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;

b       that it has no reason to believe that the legislation applicable to it prevents it from fulfilling the instructions received from the data exporter and its obligations under the contract and that in the event of a change in this legislation which is likely to have a substantial adverse effect on the warranties and obligations provided by the Clauses, it will promptly notify the change to the data exporter as soon as it is aware, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;

c        that it has implemented the technical and organisational security measures specified in Appendix 2 before processing the personal data transferred;

d       that it will promptly notify the data exporter about:

i         any legally binding request for disclosure of the personal data by a law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation,

ii        any accidental or unauthorised access, and

iii       any request received directly from the data subjects without responding to that request, unless it has been otherwise authorised to do so;

e       to deal promptly and properly with all inquiries from the data exporter relating to its processing of the personal data subject to the transfer and to abide by the advice of the supervisory authority with regard to the processing of the data transferred;

f        at the request of the data exporter to submit its data processing facilities for audit of the processing activities covered by the Clauses which shall be carried out by the data exporter or an inspection body composed of independent members and in possession of the required professional qualifications bound by a duty of confidentiality, selected by the data exporter, where applicable, in agreement with the supervisory authority;

g       to make available to the data subject upon request a copy of the Clauses, or any existing contract for subprocessing, unless the Clauses or contract contain commercial information, in which case it may remove such commercial information, with the exception of Appendix 2 which shall be replaced by a summary description of the security measures in those cases where the data subject is unable to obtain a copy from the data exporter;

h       that, in the event of subprocessing, it has previously informed the data exporter and obtained its prior written consent;

i         that the processing services by the subprocessor will be carried out in accordance with Clause 11;

j         to send promptly a copy of any subprocessor agreement it concludes under the Clauses to the data exporter.

Clause 6:  Liability

1       The parties agree that any data subject, who has suffered damage as a result of any breach of the obligations referred to in Clause 3 or in Clause 11 by any party or subprocessor is entitled to receive compensation from the data exporter for the damage suffered.

2       If a data subject is not able to bring a claim for compensation in accordance with paragraph 1 against the data exporter, arising out of a breach by the data importer or his subprocessor of any of their obligations referred to in Clause 3 or in Clause 11, because the data exporter has factually disappeared or ceased to exist in law or has become insolvent, the data importer agrees that the data subject may issue a claim against the data importer as if it were the data exporter, unless any successor entity has assumed the entire legal obligations of the data exporter by contract of by operation of law, in which case the data subject can enforce its rights against such entity.

The data importer may not rely on a breach by a subprocessor of its obligations in order to avoid its own liabilities.

3       If a data subject is not able to bring a claim against the data exporter or the data importer referred to in paragraphs 1 and 2, arising out of a breach by the subprocessor of any of their obligations referred to in Clause 3 or in Clause 11 because both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, the subprocessor agrees that the data subject may issue a claim against the data subprocessor with regard to its own processing operations under the Clauses as if it were the data exporter or the data importer, unless any successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law, in which case the data subject can enforce its rights against such entity. The liability of the subprocessor shall be limited to its own processing operations under the Clauses.

Clause 7:  Mediation and jurisdiction

1       The data importer agrees that if the data subject invokes against it third-party beneficiary rights and/or claims compensation for damages under the Clauses, the data importer will accept the decision of the data subject:

a        to refer the dispute to mediation, by an independent person or, where applicable, by the supervisory authority;

b        to refer the dispute to the courts in the Member State in which the data exporter is established.

2       The parties agree that the choice made by the data subject will not prejudice its substantive or procedural rights to seek remedies in accordance with other provisions of national or international law.

Clause 8:  Cooperation with supervisory authorities

1       The data exporter agrees to deposit a copy of this contract with the supervisory authority if it so requests or if such deposit is required under the applicable data protection law.

2       The parties agree that the supervisory authority has the right to conduct an audit of the data importer, and of any subprocessor, which has the same scope and is subject to the same conditions as would apply to an audit of the data exporter under the applicable data protection law.

3       The data importer shall promptly inform the data exporter about the existence of legislation applicable to it or any subprocessor preventing the conduct of an audit of the data importer, or any subprocessor, pursuant to paragraph 2. In such a case the data exporter shall be entitled to take the measures foreseen in Clause 5b.

Clause 9:  Governing Law

The Clauses shall be governed by the law of the Member State in which the data exporter is established.

Clause 10:  Variation of the contract

The parties undertake not to vary or modify the Clauses. This does not preclude the parties from adding clauses on business related issues where required as long as they do not contradict the Clause.

Clause 11:  Subprocessing

1       The data importer shall not subcontract any of its processing operations performed on behalf of the data exporter under the Clauses without the prior written consent of the data exporter. Where the data importer subcontracts its obligations under the Clauses, with the consent of the data exporter, it shall do so only by way of a written agreement with the subprocessor which imposes the same obligations on the subprocessor as are imposed on the data importer under the Clauses. Where the subprocessor fails to fulfil its data protection obligations under such written agreement the data importer shall remain fully liable to the data exporter for the performance of the subprocessor's obligations under such agreement.

2       The prior written contract between the data importer and the subprocessor shall also provide for a third-party beneficiary clause as laid down in Clause 3 for cases where the data subject is not able to bring the claim for compensation referred to in paragraph 1 of Clause 6 against the data exporter or the data importer because they have factually disappeared or have ceased to exist in law or have become insolvent and no successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.

3       The provisions relating to data protection aspects for subprocessing of the contract referred to in paragraph 1 shall be governed by the law of the Member State in which the data exporter is established.

4       The data exporter shall keep a list of subprocessing agreements concluded under the Clauses and notified by the data importer pursuant to Clause 5j, which shall be updated at least once a year. The list shall be available to the data exporter's data protection supervisory authority.

Clause 12:  Obligation after the termination of personal data processing services

1       The parties agree that on the termination of the provision of data processing services, the data importer and the subprocessor shall, at the choice of the data exporter, return all the personal data transferred and the copies thereof to the data exporter or shall destroy all the personal data and certify to the data exporter that it has done so, unless legislation imposed upon the data importer prevents it from returning or destroying all or part of the personal data transferred. In that case, the data importer warrants that it will guarantee the confidentiality of the personal data transferred and will not actively process the personal data transferred anymore.

2       The data importer and the subprocessor warrant that upon request of the data exporter and/or of the supervisory authority, it will submit its data processing facilities for an audit of the measures referred to in paragraph 1.

 

On behalf of the data exporter:

[Customer to complete the details below]

Name (written out in full):           …………………………………………………………

Position:           …………………………………………………………

Address:           …………………………………………………………

Other information necessary in order for the contract to be binding (if any):          

……………………………………………………………………………………………………………………

Signature……………………………………….

On behalf of the data importer:

Name (written out in full):           Chirag Bipin Kotak

Position:                                   Director

Address:                                   80 Changi Road, Centropod #05-13. Singapore 419715

Signature:

 

APPENDIX 1 TO THE STANDARD CONTRACTUAL CLAUSES

This Appendix forms part of the Clauses and must be completed and signed by the parties

The Member States may complete or specify, according to their national procedures, any additional necessary information to be contained in this Appendix

Data exporter

The data exporter is:

[Customer to complete the details below]

Name: ……………………………………………………………

(please specify briefly your activities relevant to the transfer):

………………………………………………………………………………………………………………………

Data importer

The data importer is:

Kotak Network Pte Limited, a Singapore company, company number 201707519G

(please specify briefly your activities relevant to the transfer):

Jumper provides a cloud-based e-commerce solution (Service), that its clients can use to offer products for sale to their customers through social media.  The provision of the Service is governed by the terms set out at https://jumper.ai/terms including the Data Processing Addendum set out at https://jumper.ai/gdpr/terms.

Data subjects

The personal data transferred concern the following categories of data subjects:

As set out in Schedule 1 of the Data Processing Addendum to which these Clauses are attached.

Categories of data

As set out in Schedule 1 of the Data Processing Addendum to which these Clauses are attached.

Special categories of data (if appropriate)

Not applicable

Processing operations

The personal data transferred will be subject to the following basic processing activities:

 

The data importer will process personal data to exercise its rights and perform its obligations under the Agreement.

 

DATA EXPORTER

[Customer to complete the details below]

Name:              …………………………………………………………

Signature          ………………………………………………………….

DATA IMPORTER

Name:              Chirag Bipin Kotak

 

Signature         

 

APPENDIX 2 TO THE STANDARD CONTRACTUAL CLAUSES

This Appendix forms part of the Clauses and must be completed and signed by the parties.

 

Description of the technical and organisational security measures implemented by the data importer in accordance with Clauses 4d and 5c:

Kotak Network Pte. Ltd. confirms :

  1. it has strong data protection controls including encryption of data in transit and at rest;
  2. it processes data only for as long as it is required for providing services to its clients, and legal reasons;
  3. it’s employees and contractors who access the data have accepted confidentiality and data protection clauses in their respective contracts;
  4. it follows industry standard information security practices and tests its products to proactively remedy bugs and vulnerabilities;
  5. it has procedures in place for data backup, recovery and data integrity; and
  6. it’s key data sub-processors, e.g. Google Cloud Platform (GCP) and Amazon Web Services (AWS), maintain rigorous security standards and SOC2 reports are available on request.

 

DATA EXPORTER

[Customer to complete the details below]

Name:              …………………………………………………………

Signature          ………………………………………………………….


DATA IMPORTER

Name:              Chirag Bipin Kotak

Signature