1. Scope of the Agreement
These Terms & Conditions including its appendices listed below and/or any other written agreements between Parties constitutes the entire agreement (“Agreement”) between OchamRazor (“OchamRazor”) and the customer entity (“Client”) regarding the use of our services (collectively referred to as the “Service”) specified in these Terms & Conditions.
By accessing or using the Service, you agree that you are authorized to accept this Agreement on behalf of the entity you represent and the Client agrees to be bound by this Agreement.
The Client may authorize their employees or other individual authorized users to use the Service. The Client agrees being fully responsible with respect to any use of the Service by an authorized user, including any breach by an authorized user of these Terms & Conditions.
Appendix 1: Data Processing Agreement
2. The Service
The Service is a tracking and analytics solution that enables the Client to collect, store, analyze, and report data from and between Client’s website and other systems as well as third-party systems used by the Client (“Client Data”). The Service is provided only electronically. OchamRazor uses public cloud providers to purchase compute, storage and network resources which OchamRazor uses to build the analytics infrastructure for the Client.
3. Fees and Payment
The Client will subscribe to the Service in OchamRazor website. OchamRazor will charge Fees either on a one-time or a subscription basis, depending on the Service the Client has subscribed to. The Fees applicable to the use of the Service are set out on the OchamRazor website and on the user interface of OchamRazor at the time of the purchase. The Client agrees to pay the fees as specified by OchamRazor for the use of the Service. All fees are exclusive of applicable taxes unless otherwise stated. OchamRazor may also provide access to selected features of the Service free of charge in certain cases.
If the Client has subscribed to the Service with automatically renewable subscription, OchamRazor reserves the right to increase the Fees annually, which shall apply at each renewal date of the subscription. The Client will be informed of such annual increases at least two weeks prior to the billing date with the new rate.
When the Client buys a subscription, the Client authorizes OchamRazor or its third party payment processor to save the credit card or bank account information and charge the provided credit card all applicable Fees, including all applicable taxes. OchamRazor reserves the right to charge the Fees by other means than credit card, such as sending an invoice, if credit card is not available or the credit card payment is failing. If OchamRazor doesn’t receive the payment, OchamRazor has the right to suspend the Client’s access to the Service until payment is received in full or terminate this Agreement.
All sales are final and OchamRazor will not issue refunds. If the Client wishes to cancel the subscription, it is on the Client’s responsibility, and cancellation shall be effective when the current subscription period ends. OchamRazor doesn’t provide refunds on renewed subscription periods that were not canceled in time.
4. Provision of Service
OchamRazor shall provide the Service to the Client in accordance with the provisions of this Agreement in a professional manner.
OchamRazor will make commercially reasonable efforts to ensure the availability and functionality of the Service, subject to scheduled maintenance and unforeseen circumstances. For the avoidance of doubt, OchamRazor does not guarantee the Service being always available uninterrupted and error-free.
OchamRazor shall provide the Service in a secure and confidential manner by applying industry-standard organizational and technical measures. OchamRazor reserves the right to use subcontractors and is liable for the subcontractors work as its own.
5. Client Responsibilities
The Client agrees to comply with all applicable laws and regulations while using the Service and shall be solely responsible for its Client Data, content, and use of the Service. The Client shall perform its obligations hereunder diligently and professionally. The Client is responsible for providing OchamRazor with all requested information necessary for the provision of the Service, and such information shall be accurate and complete.
The Client is solely responsible for the use of all usernames and passwords to the Service, storing them securely and preventing unauthorized access to the Service. The Client is responsible for all activity occurring under its user accounts when using the Service, and Client assures not to use the Service in a manner which violates any applicable laws or is considered as unethical. For any suspected unauthorized access to the Service under the Client’s user accounts, the Client is required to immediately notify OchamRazor, and OchamRazor is entitled to implement necessary measures to prevent further unauthorized access.
The Client may use the Services for normal business purposes and agrees not to copy, adapt, reverse engineer, decompile, disassemble or modify the Service in whole or in part. The Client agrees not to access the Service for the purpose of building a similar or competitive product or service or copy any ideas, features, functions, or graphics of the Service.
Upon Client’s violation or suspected violation of any of its obligations set forth in this Agreement, OchamRazor shall be entitled to suspend the Client’s access to the Service.
6. Data from Third-Party Services and Sources
The Client may have the ability to import or integrate data from third-party services or sources into the Service provided by OchamRazor. The Client acknowledges and agrees that they are solely responsible for the importation, integration, and use of such data.
OchamRazor does not assume any responsibility for the accuracy, completeness, legality, or validity of the data imported from third-party services or sources by the Client. The Client understands and agrees that OchamRazor does not verify or endorse the content, quality, or legality of such data.
The Client represents and warrants that they have obtained all necessary rights, consents, and permissions to use the data imported from third-party services or sources in connection with the Service. The Client further represents and warrants that the use of such data does not infringe upon any intellectual property rights, contractual obligations, or any other rights of any third party.
OchamRazor shall not be liable for any loss, damage, or legal implications arising from the importation, integration, or use of data from third-party services or sources by the Client. The Client agrees to indemnify, defend, and hold harmless OchamRazor from any claims, liabilities, damages, or expenses (including reasonable attorney fees) arising out of or related to the Client’s importation, integration, or use of such data.
OchamRazor reserves the right, in its sole discretion, to restrict or prohibit the importation, integration, or use of data from specific third-party services or sources if it believes that such data violates any applicable laws, regulations, or the rights of third parties.
7. Intellectual Property Rights
OchamRazor retains all ownership rights, title, and interest in and to the Service, including all intellectual property rights. The Client shall have the limited, non-exclusive right to use the Service for its business purposes during the term of this Agreement.
The ownership, title and intellectual property rights to the Client Data are retained exclusively to the Client.
The Client shall not reproduce, modify, distribute, or create derivative works based on the Service without the prior written consent of OchamRazor.
8. Processing of Personal Data
OchamRazor may process personal data on behalf of the Client in connection with the provision of the Service. The processing of personal data shall be governed by the separate Data Processing Agreement (“DPA”) between OchamRazor and the Client, Appendix 1 of this Agreement.
OchamRazor shall take appropriate technical and organizational measures to protect personal data in accordance with the requirements of the GDPR.
9. Confidentiality
A party shall keep confidential all information relating to this agreement. A party can only use the confidential information to fulfill the objective of this agreement.
Confidentiality shall not, however, include any information which (i) already in the possession of the receiving party at the time of disclosure by the disclosing party as shown by the receiving party files and records immediately prior to the time of disclosure; (ii) was publicly known and made generally available in the public domain prior to the time of disclosure by the disclosing party; (iii) is obtained by the receiving party from a third party without a breach of such third party obligations of confidentiality; (iv) ) is independently developed by the receiving party without use of or reference to the disclosing party Confidential Information.
Each party agrees that it shall take reasonable measures to protect the secrecy of and avoid disclosure and unauthorized use of the Confidential Information of the other party. Without limiting the foregoing, each party shall take at least those measures that it takes to protect its own confidential information and shall ensure that its employees who have access to Confidential Information of the other party have signed a non-disclosure agreement in content similar to the provisions hereof, prior to any disclosure of Confidential Information to such employees. The obligation of confidentiality is not limited in time.
10. Damages and Limitation of Liability
Neither party is liable for any indirect damages, punitive damages, data loss, and decrease of goodwill or for the loss of cover purchase price notwithstanding whether the damage is based on agreement or tort law or other reason. In any event, the liability of OchamRazor is limited to the total amount of paid Services six (6) months prior to the claim. For any possible support services, the liability is limited to the amount that has been paid for the support services during the corresponding month.
Limitation of liability shall not apply to damage that is caused due to gross negligence or intentional misconduct.
If a law applicable to this Agreement prevents limitation of liability, the liability of OchamRazor is limited to the amount that is allowed by the law applicable.
Customer is responsible for creating backup files for its own data and data files and verifying their functionality. A party shall not be liable for any destruction, loss or changes in the data files and for the damage and expenses caused by the incident, such as file recovery.
11. Term and Termination
This Agreement is valid until further notice. The Client can terminate this Agreement by canceling the subscription through the Client’s account. The termination will come to effect at the end of the ongoing billing period.
OchamRazor may terminate this Agreement with immediate effect in case the Client has failed to pay the Service fees in due time. OchamRazor is entitled to terminate this Agreement for convenience with 3 months’ prior written notice to the Client.
Without prejudice to any other rights or remedies either Party shall be entitled to terminate this Agreement if (i) a Party has committed a material breach of any of its obligations under this Agreement and has failed to remedy such breach within (30) days of a notice having been served on it by the first Party specifying the breach and requiring its rectification or, (ii) if a Party is declared bankrupt or is going under distraint measures. The Agreement can be terminated effective immediately, if a Party commits a fundamental breach which cannot be remedied.
Upon termination of this Agreement due to any reason, rights and obligations under sections 6 (Intellectual Property Rights), 8 (Confidentiality), 9 (Limitation of Liability) of this Agreement shall survive termination of this Agreement. Rights and obligations which by their nature should survive shall remain in effect after termination of this Agreement.
12. Right of Reference
OchamRazor has the right to use the name and logo of the Client as a customer reference.
13. Governing law and dispute resolution
This agreement shall be interpreted and construed in accordance with the laws of Finland.
Any dispute, controversy or claim arising out of or relating to this contract, or the breach, termination or validity thereof, shall be finally settled by arbitration in accordance with the Arbitration Rules of the Finland Chamber of Commerce. The number of arbitrators shall be one. The seat of arbitration shall be Helsinki, Finland. The language of the arbitration shall be English.
14. Force Majeure
OchamRazor shall not be liable for any failure of or delay in the performance of this Agreement for the period that such failure or delay is due to causes beyond its reasonable control, including but not limited to war, strikes or labor disputes, embargoes, government orders, problems in the parties or third party´s Internet connections or any other Force majeure event.
If OchamRazor is prevented from performing its obligations under the Agreement for more than one (1) month due to a Force Majeure, the Client is entitled to terminate the Agreement with immediate effect.
15. Claims
Any claims or disputes arising out of or relating to this Agreement must be submitted in writing within 30 days from the date the issue arises, failing which such claims or disputes shall be deemed waived.
16. Assignments
The Client may not assign or transfer any rights or obligations under this Agreement without the prior written consent of OchamRazor.
17. Miscellaneous
This Agreement constitutes the entire agreement between the Provider and the Client and supersedes all prior understandings or agreements, whether written or oral, relating to the subject matter herein.
No amendment or modification of this Agreement shall be valid unless it is in writing and approved by both parties.
If any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions shall remain in full force and effect.
By accessing or using the Service, the Client acknowledges that they have read, understood, and agree to be bound by these Terms and Conditions.
Appendix 1: Data Processing Agreement
This Data Processing Agreement (“DPA”) is an integral part of the Terms & Conditions (“Agreement”) entered into between OchamRazor (“Service Provider”) and the user (“Client”). This DPA shall apply to all processing of personal data under the Agreement. Where applicable and when this DPA does not explicitly state otherwise, the terms of the Agreement, such as governing law and dispute resolution, shall be applied to this DPA.
1. Definitions
1.1. “Agreement” refers to the Terms & Conditions (including its appendices and/or any other written agreements between Parties) entered into between the Service Provider and the Client.
1.2. “Client” refers to the user of the Service and the controller of personal data under the EU General Data Protection Regulation (GDPR).
1.3. “Service Provider” refers to OchamRazor, which processes personal data on behalf of the Client as a processor under the GDPR.
1.4. “GDPR” refers to EU Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
1.5. “Personal Data” refers to any information relating to an identified or identifiable natural person (“Data Subject”) processed by the Service Provider on behalf of the Client.
2. Scope and Purpose
2.1. Providing the Client with the Service may require the Service Provider processing certain Personal Data on behalf of the Client. This DPA governs the processing of Personal Data by the Service Provider on behalf of the Client during the term of the Agreement.
2.2. The Service Provider shall process Personal Data only as specified in the Agreement, unless required to do otherwise by applicable law. The Client shall ensure that it complies with applicable data protection laws.
3. Roles and Responsibilities
3.1. The Client, as the controller, shall be solely responsible for the lawful processing and collection of Personal Data. The Client shall ensure that it has a valid legal basis for the processing and collection of Personal Data and that it fulfills its obligations as a controller under the GDPR and other laws, regulations and directives pertaining to the processing or collection of personal data.
3.2. The Service Provider, as the processor, shall process Personal Data on behalf of the Client and shall act solely as described in the Agreement, except as required by applicable law. Also additional written, reasonable processing guidance provided by the Client can be applied in the processing operations of the Service Provider. The Service Provider shall take appropriate technical and organizational measures to protect the Personal Data.
3.3. The Service Provider will not observe the Client’s processing or collection of Personal Data in the Service, and the Client shall be solely responsible for having the required and necessary rights and permissions to use and disclose Personal Data for the purposes set out in the Agreement. The Client shall ensure that the Client is entitled to transfer the data to the Service Provider so that the Service Provider may lawfully process, use and transfer the data in accordance with the Agreement and this DPA.
4. Processing of Personal Data
4.1. The Service Provider shall process Personal Data only for the purposes of providing the Service to the Client as specified in the Agreement.
4.2. The Service Provider shall not transfer or disclose Personal Data to any third party without the prior written consent of the Client, unless required to do so by applicable law.
4.3. The Service Provider shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account the state of the art, the costs of implementation, and the nature, scope, context, and purposes of processing, as well as the risk to the rights and freedoms of Data Subjects.
4.4. The particular types of Personal Data may vary on a case-by-case basis depending on what Personal Data the Client decides to process as part of their use of the Service. Such Personal Data may include, but is not limited to, the following information:
First name
Last name
Phone number
Email address
Postal address
Language
Gender
Birthday
Marketing consents
Information on activities on Client’s website and/or webshop
Information on the behavior of Client’s digital advertising (advertising on platforms such as Google and Meta, email and SMS marketing)
IP address
Device type
Browser type
Timestamps (may include but not limited to visit timestamp, click timestamp, purchase timestamp)
Other Personal Data the Client decides to transfer to the Service Provider to be processed in connection with providing the Service
4.5. The Personal Data may be processed as long as the Agreement between the Client and Service Provider remains in force, unless otherwise instructed by the Client in accordance with this DPA. After the Agreement expires and customer relationship ends, the Service Provider will delete the Personal Data within reasonable time.
4.6. The Service Provider may transfer Personal Data to countries outside the EU or the EEA, provided that such transfers comply with applicable data protection laws and regulations. The Service Provider shall ensure that any international data transfers are conducted in accordance with appropriate safeguards as required under the General Data Protection Regulation (GDPR) or other relevant data protection laws.
5. Subprocessing
5.1. The Service Provider may engage sub-processors to process Personal Data on behalf of the Client.
5.2. Where the Service Provider engages a subprocessor, it shall ensure that the subprocessor is bound by contractual obligations that provide the same level of data protection and security as set forth in this DPA.
6. Rights of Data Subjects
6.1. The Service Provider shall assist the Client in fulfilling its obligations to respond to requests from Data Subjects to exercise their rights under the GDPR. The Service Provider shall promptly notify the Client if it receives a request directly from a Data Subject where resolving such a request may require the assistance of the Service Provider.
6.2. Taking into account the nature of the processing, the Service Provider shall provide reasonable assistance to the Client in fulfilling its obligations to respond to any request from a Data Subject to exercise their rights, including but not limited to the rights of access, rectification, erasure, restriction, objection, data portability, and automated decision-making.
7. Security Measures
7.1. The Service Provider shall implement appropriate technical and organizational measures to ensure the security of the Personal Data, taking into account the state of the art, the costs of implementation, and the nature, scope, context, and purposes of processing, as well as the risk to the rights and freedoms of Data Subjects.
7.2. The Service Provider shall promptly notify the Client in the event of a security breach that affects Personal Data and shall cooperate with the Client in investigating, mitigating, and remedying the security breach.
7.3. Each party of this DPA shall be solely responsible for the information security of the party’s own communications networks. Neither Party shall be responsible or liable for the information security of general communications networks, or for interferences or other disruptions, outside of the Parties influence, that may occur in general communications networks.
8. Data Retention and Deletion
8.1. The Service Provider shall process personal data as long as the Agreement with the Client remains in force, unless instructed otherwise by the Client in accordance with the DPA.
8.2. Upon termination or expiration of the Agreement, the Service Provider shall securely delete or destroy the Personal Data within a reasonable timeframe.
9. Audit and Compliance
9.1. The Service Provider shall make available to the Client all information necessary to demonstrate compliance with its obligations under this DPA and allow for and contribute to audits, including inspections, conducted by the Client or another auditor mandated by the Client.
10. Governing Law and Jurisdiction
10.1. This agreement shall be interpreted and construed in accordance with the laws of Finland.
10.2. Any dispute, controversy or claim arising out of or relating to this contract, or the breach, termination or validity thereof, shall be finally settled by arbitration in accordance with the Arbitration Rules of the Finland Chamber of Commerce. The number of arbitrators shall be one. The seat of arbitration shall be Helsinki, Finland. The language of the arbitration shall be English.
11. Amendments
11.1. This DPA may only be amended by written agreement between the Service Provider and the Client.