Terms of Service

These terms of service shall apply to the delivery of software services by Plan Brothers Ltd. (the “supplier”), a Finnish private limited company with Business ID 2900763-6, having its registered address at Annankatu 27 A, FI-00100 Helsinki, Finland via data network. By using the service, the customer accepts these terms as binding.

In these terms of service:

  • service(s)” mean(s) all cloud-based infrastructure and software services provided by the supplier to the customer;
  • customer” means the user of the service, and/or the person or entity with whom the supplier has made a separate contract regarding the use of the services;
  • the “agreement” means and is comprised of these terms, service descriptions, possible written contract and other annexes attached to or referred to therein. These terms of service shall apply between the customer and the supplier with regard to services unless otherwise expressly agreed in writing.;
  • contract period“ means the term of the agreement for paid service(s);
  • customer data” means all data stored to the service by the customer or someone on behalf of the customer;
  • GDPR” means the EU Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and any amendments thereof;
  • the terms “data subject”, “processing”, “supervisory authority” and “third country” have the meanings given in the GDPR;
  • controller” has the meaning given in the GDPR and, for the purposes of these terms of service, means the customer;
  • processor” has the meaning given in the GDPR;
  • personal data”, has the meaning given in the GDPR and, for the purposes of these terms of service, means such personal data contained within the customer data;
  • “sensitive data” means special categories of data as used in the GDPR and other data that may be deemed sensitive data under EU Member State law.

1. The services

1.1 Service descriptions. The services and their individual functionality and features are described on the service description of each product.

1.2 Use of service. The supplier provides the technical platform, agreed features and maintenance of the services. The customer responsible for the use of the service and expenses incurred therefrom.

1.3 Personnel training. The service shall include tasks related to the training of the customer’s personnel and deployment of the service only to the extent agreed in writing.

1.4 Free services. The supplier may provide a service or a part thereof free of charge, for example, as a free trial, for test use or other such purpose. In addition to these terms of service, such free use may be subject to additional terms and instructions as provided by the supplier. The supplier may discontinue any free service or remove any free feature at any time, without reason or prior notice and the supplier shall not be liable for any damages or expenses incurred by the customer thereof.

2. Term and termination of the agreement

2.1 Term of the agreement. These terms shall apply always, when the customer uses the service.

2.2 Contract period for free services. The customer may always terminate the agreement with regard to free services, by removing its user IDs and all customer data from the service. The supplier may terminate the agreement and stop providing free services subject to a 30 day notice period.

2.3 Contract period for paid services. The duration of the contract period for paid services is declared in the agreement. Unless otherwise specified, the contract period will be one calendar year.

2.4 Commencement of the contract period. If not otherwise agreed, the contract period shall commence on the day when a particular paid service is available for the customer.

2.5 Renewal contract period. A paid service may be terminated by giving a written notice to the other party at least 30 days prior to the end of the contract period. If a paid service is not terminated 30 days prior to the end of the contract period, the agreement shall be automatically extended for each subsequent contract period of the same duration.

3. Customer’s hardware and equipment

3.1 The customer shall be responsible for acquiring and maintaining the functional status of the hardware, connections and software that the customer needs to use the service. The customer shall be responsible for the protection of customer’s data system and telecommunication and other comparable costs related to use of the service. The customer shall be responsible for preparing the hardware, connections, software and data systems to meet the operating environment specifications delivered by the supplier, and for ensuring that the service fulfils the customer's intended purpose.

4. Service level

4.1 The parties shall agree in writing the content and service level of the service and possible consequences of any deviation from the service level. If the content and service level of the service have not been agreed, section 8 of these terms of service shall apply.

5. Changes to the service and the terms of service

5.1 Further development. The supplier aims to maintain only one version of any particular service at a time. The supplier shall be entitled to develop its services at its sole discretion. Therefore, the supplier may implement changes to the content, appearance, features and production environment.

5.2 Changes requested by customer. Implementation of any changes to services requested by the customer will be always agreed in writing. If not otherwise agreed, the Supplier has the right to invoice the Customer for this work according to their current pricing model.

5.3 Changes to these terms. The supplier shall have the right to modify these terms of service, service descriptions and any service-specific terms provided that such changes are announced on the supplier’s website well before the changes come into effect. By continuing to use the service, the customer accepts such changes.

6. Rights and customer’s data

6.1 Rights to service. The title, copyright and all other intellectual property rights to the service, it’s appearance, trademarks, logos and symbols and amendments thereto shall belong to the supplier or a third party or a licensor. The supplier grants the customer a non-exclusive non-transferable license to use the service solely in executable form and only to the extent necessary for use of the service and for no other purpose.

6.2 Customer data. The intellectual property rights and the title to all data transferred to the service by the customer shall belong to the customer or a third party. The supplier has the right to use such data only for the purposes of the agreement. The customer agrees not to save to or send material through the service that may be deemed illegal or inappropriate.

6.3 Storage of customer data. The supplier’s responsibility to store the customer’s data terminates 180 days from termination of the agreement, after which the supplier shall destroy the customer data unless the customer has requested return of the customer data. The supplier shall have the right to charge for the collection, processing and delivery of the information in accordance to its then current pricing principles. However, the supplier shall be entitled to destroy or retain the customer data to the extent required by law or regulation by authority.

6.4 Copyright Infringements. The customer agrees not to save material protected under copyright laws to the service unless the customer has the rights to use such material in the service. The supplier has the right to prevent displaying of such material on the service and the right to remove such material from the service. The customer shall at its own expense indemnify the supplier against claims presented against the supplier, and compensate all damages to the supplier arising from such claims.

7. Use of the service and the suspension of service

7.1 User IDs. The customer shall be responsible for ensuring that its users maintain user names and passwords diligently and do not disclose them to third parties. The customer will be responsible for activities that occur under the customer’s service account, including actions taken by the customer’s employees and other representatives as well as their compliance with this agreement.

7.2 Unauthorized use. The customer must promptly notify the supplier if the customer suspects that an unauthorized third party is using, or may have access to, the service or the customer’s service account. The notice can be made by e-mail to support@falcony.io.

7.3 Denial of access due to breach of these terms. The supplier shall have the right to deny the customer access to the service, if the supplier reasonably suspects that the customer is in breach of these terms of service or the agreement, or if the customer has not paid due charges.

7.4 Denial of access due to harmful use. The supplier shall have the right to deny the customer access to the service without first hearing the customer, if the supplier reasonably suspects that the customer burdens or uses the service in such a manner as to jeopardise the delivery of the service to other users. The supplier shall without undue delay inform the customer of the reasons for such denial.

7.5 Suspension on unpaid invoices. The supplier will have the right to suspend the use of the services if the invoices have not been paid on the due date of the invoice.

8. Service level and interruptions in the service

8.1 The supplier will seek to keep the service available for the use of the customer without interruptions. However, the supplier does not guarantee that the service is error-free or available to the customer without interruptions. Unless expressly agreed in writing, the supplier shall have the right to suspend delivery of the service for a reasonable duration if this is necessary in order to perform installation, change or maintenance work in respect of the service and such installation, change or maintenance work cannot be performed at a reasonable cost without suspension of the service. The supplier will seek to inform the customer of the interruptions in good time beforehand.

9. Prices, payments and invoicing

9.1 Currency. The currency to be used for prices and invoicing is the Euro, unless otherwise agreed upon in writing.

9.2 Default prices. If a price for a service has not been agreed in the agreement or otherwise, the price in the supplier’s current price list shall apply to the service in question. The default prices will be available on request.

9.3 Public charges. Value added tax shall be added to the prices in accordance with the then current regulations. If the amount of public charges determined by the authorities or their collection basis change due to changes in the regulations or taxation practice, the prices shall be revised correspondingly.

9.4 Payment term. The supplier will invoice for recurring charges and other periodically invoiced charges in advance. The payment term is 14 days net from the date of invoice. Interest on delayed payments accrues in accordance with the Finnish Interest Act.

9.5 Surcharge. If the total amount of an invoice payable by the customer is less than one hundred (100) euros not including VAT, or if the chosen invoicing method is a paper invoice or email invoice, the supplier has the right to add an invoicing surcharge of ten (10) euros per invoice. This also applies to invoice reminders.

10. Changes in prices

10.1 Price adjustments. The supplier shall be entitled to adjust the charge of a service by notifying the customer of the change at least 60 days before the effective date of the change. If the agreement is made for a contract period with automatic renewal, the supplier may change the prices by notifying of the change 60 days prior to the start of the new term.

10.2 Actual Use of the Service. If the Customer's use of the Service has been or is actually more extensive than agreed in the contract between the Parties, the Supplier shall be entitled to charge the Customer for the price difference between the service charge agreed in the contract and for the actual use of the service.

11. Confidentiality

11.1 Confidentiality obligation. Each party shall keep in confidence all material and information received from the other party and marked as confidential or which should be understood to be confidential, and may not use such material or information for any purposes other than those set out in the agreement.

11.2 Confidentiality and termination. This confidentiality obligation shall survive the termination of the agreement.

11.3 Confidentiality disclosure. Each Party may disclose the other Party's confidential information to its employees, officers, representatives, contractors, subcontractors or advisers (herein referred to as “Authorised Representatives”) who need to know such information for the purposes of exercising the party's rights or carrying out its obligations under or in connection with this agreement. Each party shall ensure that its Authorised Representatives to whom it discloses the other party's confidential information comply with this clause 11.

12. Privacy and personal data

12.1 Processing of personal data. The supplier will comply with applicable Finnish and EU privacy and personal data legislation. This section 12 will apply only to the extent that Supplier processes personal data. More information on personal data and other information stored in the service is provided in the privacy statement.

12.2 Roles. In providing the service, Supplier will engage, on behalf of the customer, in processing of personal data submitted to and stored within the service by the customer or third parties with whom the customer transacts while using the service. To the extent that Supplier processes personal data in the course of providing the service, it will do so only as a processor acting on behalf of the customer, who is the controller, and in accordance with the requirements of the agreement and the GDPR.

12.3. Confidentiality of personal data. Personal data will be considered confidential information subject to section 11 of these terms of service.

12.4. Duration of the processing

12.4.1 Duration of processing. The processing will be carried out for the duration of the agreement.

12.4.2 Removal of personal data. Upon expiration or termination of the agreement, personal data will be passively stored for up to 180 days as stipulated in section 6.3 of these terms of service, after which all personal data will be permanently destroyed.

12.4.3 Returning of personal data. Upon the customer’s written request, Supplier will destroy or return to the customer, such personal data, and destroy existing copies unless applicable EU or EU Member State law requires storage of the personal data.

12.4.4 Deletion of personal data from subcontractors’ systems Upon expiration or termination of the agreement, some personal data may still be passively stored on a subcontractor’s systems for the duration of possible grace period.

12.4.5 Storing logs. Supplier has the right to store certain log information for security purposes as described in Supplier's privacy statement and security guidelines (See section 12.7.2).

12.5. Type of personal data and categories of data subjects

12.5.1. Categories of data subjects and types of personal data that may be processed are described at Supplier's privacy statement: https://www.falcony.io/privacy-statement/.

12.6. Rights and obligations of the customer

12.6.1 Rights of the customer. The customer shall at all times retain the control and authority to personal data; at all times retain title and all intellectual property rights and other rights, however arising, to personal data.

12.6.2 Obligations of the customer. The customer shall be responsible for ensuring that:

a) it has complied, and will continue to comply, with all applicable laws relating to privacy and data protection, including the GDPR and best practices; and

b) it has, and will continue to have, the right to transfer, or provide access to, the personal data to Supplier for processing in accordance with the terms of the agreement;

c) any documented instructions it may give to Supplier comply with the GDPR; and

d) that it does not transfer or store any sensitive data to the service. This clause does not apply for Falcony | Whistleblowing customers.

12.7. Documented instructions

12.7.1 Documented instructions. In the course of providing the service Supplier will process personal data only in accordance with documented instructions from the customer, including the agreement. If applicable EU or EU member state law requires Supplier to process personal data for any other purpose, Supplier will inform the customer of this requirement before processing, unless such law(s) prohibit this on important grounds of public interest.

12.7.2 Processing obligation. Supplier shall process personal data only in accordance with applicable law:

a) to provide the service and related technical support;

b) as further specified via customer’s use of the service (including the web console and other functionality of the service);

c) as documented in the agreement; and

d) as further documented in any other written instructions given by the customer and acknowledged by Supplier as constituting such instructions.

12.8 Engagement of subcontractors for processing personal data

12.8.1 Subcontractors. The customer agrees that Supplier may process personal data in any country in which any of Supplier's subcontractors maintain facilities, provided that (a) such processing fulfills all legal requirements set forth in the GDPR, and that (b) the provisions of these terms of service are observed. Supplier shall not engage new processors without prior authorization of the customer. Upon entering the agreement, the customer authorizes the engagement of any subcontractor listed at https://www.falcony.io/subprocessors/ at the time of such engagement.

12.8.2 Requirements for subcontractor engagement. When engaging any subcontractor for purposes of processing personal data, Supplier will

a) ensure via a written contract that:

i. the subcontractor only accesses and uses personal data to the extent required to perform the obligations subcontracted to it, and does so in accordance with the agreement and any written instructions from the customer;

ii. the data protection obligations set out in Article 28 of the GDPR, as described in this section 12, are imposed on the subcontractor; and that it will

b) remain fully liable for all obligations subcontracted to the subcontractor.

12.9 Opportunity to object to subcontractor changes

12.9.1 Notification. When any new subcontractor is engaged, Supplier will, at least 30 days before the new subcontractor processes any personal data, inform the customer of the engagement (including the name and location of the relevant subcontractor and the activities it will perform) either by sending a notice to the contact person subject to section 18.3 of these terms of service or via the service web console.

12.9.2 Right to object. The customer may object to engagement of any new subcontractor by terminating the agreement immediately upon written notice to Supplier, on condition that the customer provides such notice within 30 days of being informed of the engagement of the subcontractor and, provided that, Supplier will not refrain from engaging such subcontractor with regard to services rendered to the customer. This termination right is the customer’s sole and exclusive remedy if the customer objects to any new processor.

12.10 Rights and obligations of Supplier

12.10.1 Personnel confidentiality. Supplier ensures that persons authorised to process personal data have committed themselves to confidentiality.

12.10.2 Security. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the customer and Supplier shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks involved with processing the data. Security measures taken by Supplier are described in Supplier’s service security guidelines, available to the customer per request.

12.10.3 Responding to data subject’s requests. Supplier shall, taking into account the nature of the processing assist the customer by appropriate technical and organisational measures, insofar as this is possible, for the fulfillment of the customer’s obligation to respond to requests for exercising the data subject’s rights laid down in the GDPR Chapter III. To the extent legally permitted, the customer shall be responsible for any costs arising from Supplier's provision of such assistance.

12.10.4 Assisting customers with ensuring compliance with the GDPR. Taking into account the nature of processing and the information available to Supplier, Supplier undertakes to assist the customer in ensuring the customer’s compliance with the GDPR:

by working together to fulfil the data processing security requirements subject to article 32 of the GDPR; by notifying the customer without undue delay after becoming aware of a personal data breach subject to article 33 of the GDPR; by communication of a personal data breach to the data subject article 34 of the GDPR; by participating in data protection impact assessment subject to article 35 of the GDPR; and by participating in prior consultation subject to article 36 of the GDPR.

12.10.5 Audit. Supplier makes available to the customer all information necessary to demonstrate compliance with the obligations laid down in Article 28 of the GDPR and allow for and contribute to audits, including inspections, conducted by the customer or another auditor mandated by the customer, provided that such auditor is not a competitor of Supplier.

12.10.6 Informing of known infringements. Supplier shall immediately inform the customer if, in its opinion, an instruction from the customer infringes the GDPR or other EU or EU Member State data protection provisions that Supplier is aware of.

13. Limitation of liability and damages

13.1 No warranty. The services are provided on “as-is” and “as-available” basis, and the supplier will not give the customer any warranty or guarantee, express or implied, for the services, including but without limitation to warranties of merchantability, fitness for any particular purpose, performance, or non-infringement. The parties expressly note that the services are not designed to be error-free or uninterrupted and therefore they are neither intended nor fit for purposes that require fail-safe performance.

13.2 Information available in the service. The supplier is not liable for any direct or indirect damages to the customer or to a third party due to erroneous, inadequate or ambiguous information stored in the service. Unless stated otherwise, the information contained on this site (i) is for general guidance on matters of interest only and shall not be a substitute for professional advice, including but not limited to financial, legal and medical advice, and (ii) does not constitute an offer of or solicitation for the purchase of products or services.

13.3 Unpaid charges. The supplier is not liable for damages or losses to the customer or to a third party caused by termination of or interruption in the service due to an unpaid service charge.

13.4 Maximum liability. The maximum liability of the supplier for damages shall not, excluding possible liquidated damages payable due to delay, service credits or other similar contractual penalties or credits, exceed in aggregate the calculatory monthly price for service at the point of breach of contract, excluding value added tax, multiplied by 12.

13.5 Indirect damages. Neither party shall be liable for any indirect or consequential damage. Indirect or consequential damage shall mean, inter alia, loss of profits or damage caused due to decrease or interruption in turnover or production.

13.6 Limitation of liability and confidentiality. The limitations of liability shall not apply to liability caused by breach of section 11 (confidentiality) or wilful conduct or gross negligence.

14. Force majeure

14.1 Force majeure. Neither party shall be liable for delay and damage caused by an impediment beyond the party’s control and which the party could not have reasonably taken into account at the time of conclusion of the agreement and whose consequences the party could not reasonably have avoided or overcome. Such force majeure events shall include, if not proven otherwise, inter alia, war or insurrection, pandemia, earthquake, flood or other similar natural catastrophe, interruptions in general traffic, data communication or supply of electricity, import or export embargo, strike, lockout, boycott or other similar industrial action. A strike, lockout, boycott and other similar industrial action shall also be considered, if not proven otherwise, a force majeure event when the party concerned is the target or a party to such an action.

14.2 Sub-contractors. A force majeure event suffered by a subcontractor of a party shall also be considered a force majeure event in relation to the party if the work to be performed under subcontracting cannot be done or acquired from another source without incurring unreasonable costs or significant loss of time.

14.3 Notice of force majeure. Each party shall without delay inform the other party in writing of a force majeure event and the termination of the force majeure event.

15. Cancellation of the agreement

15.1 The supplier shall be entitled to cancel the agreement wholly or in part if the customer has not paid a due and correct payment within 30 days of a written overdue payment reminder.

16. Applicable law and settlement of disputes

16.1 Applicable law. The agreement shall be governed by the laws of Finland without regard to its choice of law rules, including the UN CISG and any choice of law principles that could lead to application of a law of a country other than Finland.

16.2 Disputes. Any dispute, controversy or claim arising out of the agreement shall be resolved in the district court of Helsinki.

17. Discrepancies

17.1 In case of any discrepancies between the documents of the agreement, the lower enumeration shall take precedence before a higher enumeration in the following order: 1) the written contract; 2) these terms of service; 3) service descriptions; 4) the order approved by the supplier and; 5) other annexes.

18. Miscellaneous terms

18.1 Reference. The supplier may use the customer’s name and logo as a reference in marketing and other corporate communications.

18.2 Assignment. The supplier shall have the right to subcontract its obligations under the agreement. The supplier may assign the service, it’s maintenance or other responsibilities and duties and this agreement to a third party. The customer shall not have the right to transfer this agreement or its right to use the service to a third party without a prior written consent of the supplier.

18.3 Notices. Notices regarding the agreement shall be made to the contact person specified in the agreement, contract or order confirmation. Each party shall inform the other party without delay of any change in the contact person or contact details.