Terms of Services

This Terms of Services (including any terms set forth in Exhibits, “ToS”) is entered into on the day of acceptance during the registration process between Vibe Advertising Inc SAS, (“” or “Vibe”) and the Customer listed above.

For good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, Customer and (collectively, the “Parties” and each, a “Party”) hereby agree as follows: 

  1. Agreement

When the Party uses our Ad Services, Vibe, you agree to this Vibe Terms of Services.

If the Party uses the Ad Services for a third party, you must have permission to do so.

If the Party is accessing or using the Ad Services on behalf of a business or third party, the Party represents and warrants that the Party has the authority to do so and to bind that business or third party to this Terms of Services, and your agreement to this Terms of Services will be treated as their respective agreement. In this event, may hold the Party responsible for violations of this Terms of Services by that business or third party, and "you," "your" and "party" will also refer and apply to that business or third party.

  1. Ad Services

2.1 Overview

We try to optimize your campaigns and offer you optimization choices.  

Your use of the Ad Services must comply with Applicable Law and all applicable terms. 

You are responsible for use of the Ad Services through your account. 

If you use the Ad Services for a business, that business can receive information about your use and remove you from its accounts.

We may reject Ads, modify or terminate the Ad Services and participate in auctions for ads on the Ad Services.

The Ad Services are designed to enhance the effectiveness of your campaigns. may offer you choices about whether you would like to use certain automated optimizations. With your permission, also may manually assist you with your campaigns.

You are responsible for (i) all ads and content therefore submitted by or on your behalf through the Ad Services or otherwise to, including the creatives, , text, images, branding, URLs, tags, and pixels that comprise the ads and content thereof (collectively, your "Ads"), (ii) all ad trafficking or targeting decisions made by or on your behalf, (iii) all content and property to which Ads direct viewers, as well as redirects ("Destinations"), and (iv) all services and products advertised on Destinations ("Advertised Goods"). Except as expressly agreed by in writing, will determine the size, placement and positioning of your Ads. will serve your Ads as inventory becomes available on the Properties. Your Ads, Destinations, Advertised Goods and use of the Ad Services must comply with the Terms of Services and all applicable laws, self-regulatory rules, industry rules and governmental requirements (collectively, "Applicable Law").

You are responsible for any activity conducted through your account, including any purchases made or charges incurred. If you identify that you are using the Ad Services on behalf of a business, you agree that may share information about your purchases and use of the Ad Services with that business, including its representatives and agents. If that business indicates that you are no longer authorized to place ads on its behalf (e.g., if you leave that business or change roles within that business), you agree you may be removed from accounts associated with that business.

Without limiting the prohibitions in the Terms of Services, you will not, and you will not enable or authorize any third party to (a) engage in illegal or fraudulent conduct (for example, to discriminate against protected classes), including by virtue of the Ads, Destinations, Advertised Goods or use of the Ad Services, (b) except as expressly authorized by in writing, use any automated means or form of scraping or data extraction to access, query or otherwise collect information from the Properties, (c) except as expressly authorized by in writing, copy, modify or create derivative works of the Ad Services or any related technology, (d) provide Ads that assert or imply personal characteristics, or (e) provide Ads that contain malware, spyware or any other malicious code or otherwise interfere with the operation of the Ad Services or any device or system or breach or circumvent any security measure of or a third party. may reject, remove or not deliver any Ad at any time for any reason, including to comply with Applicable Law (defined below). may, in its sole discretion, modify, or terminate any part or all of the Ad Services or suspend your ability to use the Ad Services (including in instances where you do not meet’s credit approval requirements). and its affiliates retain the complete and unqualified right to serve advertisements for its own products and services and to participate in auctions through the Ad Services to serve such advertisements.

2.2 The Ad Review Process

In order to maintain the professionalism and integrity of Vibe, ads will not run until approved through our ad review process, which checks your ad against the policies we detail below. We strive to review ads as soon as possible and usually do so within 24 hours.

2.3 What to do if your Ad is rejected

If your ad is rejected, we’ll provide the reason in Vibe when you hover over the ad status and also via email. If you prefer, you can edit your ad to comply with our policies and resubmit. If you have further questions, please contact us.

2.4 Prohibited Content

Illegal Products, Services and Activities. Ads for illegal products, services and activities are prohibited. Ads must comply with all applicable laws, including laws covering what content is allowed in ads and how ads are targeted.

Discrimination. does not tolerate discrimination based on age, gender, disability, religion, ethnicity, race, color, national origin or sexual preference. Ads must comply with this as well as all laws, including laws that prohibit discrimination in connection with education, housing, credit and employment.

Offensive to Good Taste. Ads must not be offensive to good taste. This means ads must not be, for example, hateful, vulgar, sexually suggestive or violent. In special circumstances, may determine that an ad that was acceptable is no longer appropriate as we update our policies to reflect new laws or clarify our position.

Fraud and Deception. Ads must not be fraudulent or deceptive. Your product or service must accurately match the content of your ad. Any claims in your ad must have factual support. Do not make deceptive or inaccurate claims about competitive products or services. Do not imply you or your product are affiliated with or endorsed by others without their permission. Do not advertise prices or offers that are inaccurate - any advertised discount, offer or price must be easily discoverable from the link in your ad.

Trademark Infringement. Ads must not use trademarks belonging to third parties unless express permission has been granted by the trademark owner. You should not use trademarks, logos, service marks or company names in a way that would be confusing to the user, or imply an affiliation or endorsement when there is none. Trademark owners can send concerns about the use of their trademarks to [email protected].

Copyright Infringement. Ads must not use copyrights belonging to third parties unless express permission has been granted by the copyright owner.

Fake Documents and Related Services. Ads for fake documents and related services are prohibited.

Tobacco Products. Ads for tobacco products are prohibited. This includes ads selling or promoting, directly or indirectly, any tobacco products (such as cigarettes, pipes, cigars), alternative tobacco products (such as e-cigarettes or vaporizers), or any related equipment that facilitates the use of tobacco. Lawful products and services which promote quitting tobacco are permitted.

Drugs. Ads related to illegal, prescription, over-the-counter or recreational drugs are prohibited.

Weapons, Fireworks and Other Violent Products or Services. Ads related to the promotion, use or sale of weapons, ammunition, fireworks or any other violent product or service are prohibited.

Adult Content. Ads containing adult content, including ads for adult products and services, are prohibited.

Ringtones. Ads for downloadable ringtones are prohibited.

Counterfeit. Ads for counterfeit goods are prohibited.

Occult Pursuits. Ads for fortune telling, dream interpretations and individual horoscopes are prohibited, except when the emphasis is on amusement rather than serious interpretation.

Sensitive Events. does not allow ads that are inappropriate during the time of or in relation to a tragedy, disaster, or similarly sensitive event.

Hacking, Cracking and Circumvention. Ads that promote products or services for hacking, cracking or circumvention are prohibited.

Incomplete Ad. Incomplete ads will be rejected. If your ad is rejected as incomplete, please finalize it and resubmit.

2.5 Restricted Content

Alcohol. Ads for alcoholic products are restricted and only available in certain countries. If you are interested in placing an ad related to an alcoholic product please contact our support team.

Animal Products. reserves the right to limit ads for animals or animal products. Ads for products related to endangered species are prohibited.

Dating Services. Ads for dating services are restricted. Such ads may never be targeted at members under 18. The dating services must be legal in the applicable jurisdiction and must not engage in “escort type” services where any person is compensated to participate in the date. reserves discretion to determine the appropriateness of the service.

Soliciting Funds. Ads for soliciting funds are restricted. allows ads that solicit funds only if they comply with applicable laws and would qualify as tax deductible or charitable in the applicable jurisdiction.

Medical Devices and Medical Treatments. reserves the right to limit ads for medical devices and medical treatments.

Short-term Loans and Financial Services. Ads for payday loans, paycheck advances or similar short-term loan products are restricted

Health Matters. Ads promoting unrealistic or misleading claims about health improvements, including related to diet and weight loss, are prohibited. Ads promoting unhealthy or unsafe behaviors, such as excessive consumption of an item, are also prohibited. reserves the right to restrict advertising related to any health matter if targeted inappropriately.

Affiliate Advertising. reserves the right to restrict advertising related to affiliate advertising are prohibited.

Political. reserves the right to restrict Political ads, including ads advocating for or against a particular candidate, party, or ballot proposition or otherwise intended to influence an election outcome; ads fundraising for or by political candidates, parties, political action committees or similar organizations, or ballot propositions; and ads exploiting a sensitive political issue even if the advertiser has no explicit political agenda.

Gambling and Sweepstakes. reserves the right to restrict ads related to gambling or sweepstakes of any kind.

Cryptocurrency. reserves the right to restrict ads related to the buying, selling or trading of cryptocurrencies are prohibited.

2.6 Safety and Privacy

Harm to or its Members. Ads must not promote or endorse products, services or actions that would result in a breach of Vibe Master agreement, or that may result in harm to or its members.

Fair and Legal Billing Practices. The products and services advertised in your ad must have fair billing practices and follow all applicable laws.

Malicious Software/Browser. Do not use an ad to promote, install or distribute viruses, worms, spyware, malware or other malicious software. Software should only be installed with the permission of the user and should be readily removable by the user. Software features should be made apparent to the user, with no undisclosed features or functions that could harm the user or the user’s data, software or devices. Do not use any browser flaws/exploits to install software or bypass standard browser security restrictions.

Phishing. Do not use an ad to promote a website that tricks a user into providing personal or other information.

HTTPS and HTTP Support. If you collect sensitive information on the site linked to the ad, you must use HTTPS. Sensitive information includes, but is not limited to, financial info, government-issued identification info, medical info, login info such as usernames and passwords and sensitive characteristics such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sexual orientation, criminal record, information regarding minors or students.

Link Behavior. Do not deceive, confuse or otherwise degrade the experience of members who click on your ad. The domain of your Display URL must match the domain of your Destination URL. All members must be sent to the same destination URL and landing page from a click on your ad. Do not send members to a landing page that generates a pop-up. The landing page must allow users to navigate away from the page, including via the browser’s ‘Back’ button, and return to the page that the ad was displayed on.

Privacy. Advertisers are responsible for complying with applicable privacy and data protection laws and regulations. Do not use tracking cookies to track users across sites without full disclosure and consent of the users (e.g. do not use an “ever cookie” or “zombie cookie”).

Targeting on Sensitive Characteristics. Ads must not target based on sensitive categories such as health, political affiliation/beliefs, racial or ethnic origin, religious or philosophical affiliation/beliefs, alleged/actual commission of a crime, sexual behavior/orientation, trade union membership or income.

  1. Fees, Balance, Payment and Cancellation

The party will be assigned a Balance that can be refilled through a deposit (wire payment). Payment will be charged periodically on the balance. Balance can be withdrawn partially or wholly at any moment by requesting it to [email protected]. Wire transfer to the party will occur within 10 business days.

You agree to pay on the basis and at the rate shown when a campaign, order or other purchase was submitted through your account ("Rate"), e.g., price per impression, click, other conversion, lead or period, whether with a fixed or automatically optimized bid, whether with daily budget, lifetime pacing, or other budget options. You also agree to pay all applicable taxes, government charges and foreign exchange fees. For these purposes, taxes include all federal, state, and local sales, use, gross receipts, VAT, GST, levies and similar transaction taxes. You will have no liability for income taxes that are statutorily imposed on including taxes or fees measured by's net or gross income.

The party acknowledges that it is wholly responsible for payment of Fees for any Transactions entered into through the Ads services, regardless of the payment terms, including, without limitation, the timing of such payments, between Customer and Customer’s clients. 

Deposits and payments shall be made in U.S. dollars or Euros. Customer acknowledges that it is wholly responsible for payment for any Transactions purchased using the Services, regardless of the payment terms of payment speed of any of Customer’s Advertisers. 

If the Party believes that Vibe SAS has billed the Party incorrectly, the Party must contact no later than 10 days after the closing date of the last day of the calendar month in which the error or problem appeared, in order to receive an adjustment or credit. 

Unpaid amounts not disputed are subject to a finance charge of 1.5% per month on any outstanding balance, or the maximum permitted by Applicable Laws, whichever is lower, plus all expenses of collection and may result in immediate termination of Service.. 

The amount you owe will be calculated based on's tracking mechanisms. is not responsible for click fraud, fraudulent leads, technological issues or other potentially invalid activity by third parties that may affect the cost of running Ads. Your exclusive remedy for suspected invalid activity is to make a claim for an Ad Services credit within 90 days of the date of that activity, and's exclusive liability is, in's sole discretion, to issue Ad Services credit for suspected invalid activity. Any Ad Services credit that you may accrue are non-refundable and non-transferable and must be used prior to termination of this Terms of Services or your account.

Company’s credit or debit card will be charged and an invoice will be issued at the end of each month, or when Company’s total ad spend across all campaigns reaches a billing threshold of $500.00 unless otherwise adjusted up or down in writing by Vibe. Company’s billing threshold is an amount of spend across all of campaigns that triggers a charge once reached. If the Company’s credit or debit card payment fails, all campaigns will remain inactive until the invoice is paid in US dollars. The metrics reported by Vibe and its Providers shall be decisive, including for purposes of calculating amounts owed.

Promotions and Discount Codes may provide discount codes that can be used by clients on the platform. These discount codes are subject to the following terms:
- Vibe reserves the right to block or deactivate discount codes at any time without notice or liability.
- You are responsible for all charges that exceed the value of the promotional credit. To manage your spending, you have the ability to set a daily budget and end date for your campaign. Additionally, you can pause and resume campaigns whenever you choose.
- Discount codes can only be applied through the Vibe platform.
- A discount code cannot be combined with other offers or discounts or applied to previous transactions.
- Promotional credit is non-transferable and cannot be redeemed for cash or other services.

Types of Discount Codes:
- New User Discount Code: Exclusively available to new users who have not yet launched a campaign.
- Spend-based Discount Code: Can be used when a specified spending condition is met.

  1. Intellectual Property Rights and Privacy. 

You grant us a license to your ads to perform the Ad Services.

We may use feedback and testimonials you choose to provide.'s pricing, metrics, member demographics and beta features are confidential.

You may not target Ads based on Sensitive Data.

You may use Ad Services Data only on an aggregate and anonymous basis to assess the performance and effectiveness of your campaigns and to optimize your campaigns. You must protect the confidentiality of Ad Services Data using industry standard security safeguards.

You grant to a non-exclusive, worldwide, royalty-free, sublicensable and transferable license to use, copy, modify, distribute and publish your Ads in connection with the performance of the Ad Services (including for testing, compliance, marketing and promotional purposes). You represent and warrant that you own or have all necessary rights (including intellectual property rights) to your Ads (including to grant the license above).

If you choose to provide suggestions and feedback to, you agree that can (but does not have to) use and share such feedback for any purpose without compensation to you. You may not disclose any information about's pricing, metrics, member demographics or beta features. If you provide testimonials about our Ad Services or submit Ads to, we may post those testimonials and Ads in connection with our promotion of the Ad Services.

Each party will comply with Applicable Law relating to its performance of this Terms of Services, including privacy and security laws (e.g., the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), as well as the Data Processing Agreement where and as applicable). 

  1. Disclaimer of Warranties 

This is our disclaimer of legal liability for the use of the Ad Services

To the extent allowed under law, in addition to disclaiming all implied warranties, disclaims all warranties regarding the accuracy of the information on which targeting categories are based (e.g., member profile information or segments that you or third parties provide), the match rate or changes to such rate for Matched Audiences, the rate at which inventory for your Ads becomes available on the Properties, the nature and content of the Properties on which Ads are served, the match rate for block lists of Properties, the results of your campaigns and other uses of the Ad Services.

  1. Indemnity 

This is your indemnification obligation.

Notwithstanding any review or approval of any Ad by, you agree to indemnify and our affiliates and hold and our affiliates harmless from any damages, losses and costs (including, reasonable attorneys' fees) related to third party claims or proceedings, arising out of or related to your Ads, Destinations, Advertised Goods, use of the Ad Services and breach of this Terms of Services.

  1. Limitation of Liability

These are the limits of legal liability each of us may have to the other.

To the fullest extent permitted by law, neither party, including its respective affiliated companies, will be liable to the other in connection with this Terms of Services for lost profits or lost business opportunities, loss of data, or any indirect, incidental, consequential, special or punitive damages.

Neither party, including its respective affiliated companies, will be liable to the other in connection with this Terms of Services for an amount that exceeds the greater of (a) 5 times the total fees paid or payable to during the 1-month period before the event giving rise to the liability or (b) USD $100.00.

These limitations of liability do not apply to a party's (i) payment, confidentiality or indemnification obligations; (ii) liability for fraud, gross negligence or intentional misconduct; (iii) liability for death or personal injury; or (iv) violation of the other party's intellectual property rights.

  1. Data Processing Agreement

If either party processes Personal Data on behalf of the other pursuant to this Ads Agreement, then we will each comply with the terms of Data Processing Agreement, presented in Exhibit.

  1. Miscellaneous

Here are some important details about this Terms of Services, including changes to the terms, surviving terms, the contracting entity and dispute resolution.

Neither party relies on any undertaking, promise, assurance, statement, representation, warranty or understanding (whether in writing or not) of any person (whether a party to this Terms of Services or not) relating to the subject matter of this Terms of Services, other than as stated in this Terms of Services. This Terms of Services does not create a partnership, agency relationship, employer relationship or joint venture between the parties. may change the terms of this Terms of Services by notice to you (for example, by a notice displayed in the Ad Services, email, text message or mail), and both parties agree that changes cannot be retroactive. If you do not agree to these changes, you must stop using the Ad Services.


The Vibe SAS entity entering into this Terms of Services with you is determined pursuant to the Contracting Entity Terms. If an issue arises under this Terms of Services (including non-contractual disputes or claims) and the contracting entity based on the Contracting Entity Terms is Vibe SAS, then this Terms of Services is governed by the laws of the France State, and any action or proceeding (including those arising from non-contractual disputes or claims) related to this Terms of Services will be brought in a court in Paris. Each party irrevocably submits to the jurisdiction and venue of the applicable courts. The prevailing party in any litigation may seek to recover its legal fees and costs. Notwithstanding the foregoing, if you have your registered office within the European Union, may agree to facilitate referral of a dispute to one of the following mediation service providers in the first instance where, due to the nature of the dispute, such referral is likely to bring about a prompt and definitive resolution.

The Parties have caused this Agreement to be executed by their duly authorized representative.

Exhibit A : Data Processing Agreement

The purpose of this Agreement is to define the conditions under which undertakes to perform, on behalf of Customer, the processing of personal data as defined in the agreement between the parties.

  1. Definitions


“CCPA” means the California Consumer Privacy Act of 2018 together with any subordinate legislation or regulations.


“Controller-to-Controller SCCs” means the Standard Contractual Clauses (Controller to Controller Transfers - Set II) in the Annex to the European Commission Decision of December 27, 2004, as may be amended or replaced from time to time by the European Commission.


“Controller-to-Processor SCCs” means the Standard Contractual Clauses (Processors) in the Annex to the European Commission Decision of February 5, 2010, as may be amended or replaced from time to time by the European Commission.


“Data Protection Requirements” means the General Data Protection Regulation, and any applicable laws, regulations, and other legal requirements relating to (a) privacy, data security, and protection of Personal Data; and (b) the Processing of any Personal Data. Data Protection Requirements may include, but are not limited to the GDPR , and the CCPA.


“EU Personal Data” means Personal Data the sharing of which pursuant to this Agreement is regulated by the General Data Protection Regulation.


“General Data Protection Regulation” means Regulation (EU) 2016/679 of the European Parliament and of the Council together with any subordinate legislation or regulation implementing the General Data Protection Regulation.


“Personal Data” means information about an individual that (a) can be used to identify, contact or locate a specific individual; (b) can be combined with other information that can be used to identify, contact or locate a specific individual; or (c) is defined as “personal data” or “personal information” by applicable laws or regulations relating to the collection, use, storage or disclosure of information about an identifiable individual.


“Personal Data Breach” means any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data.


“Process” and its cognates mean any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.   


“SCCs” means all Controller-to-Processor SCCs and Controller-to-Controller SCCs entered into between the parties under the Agreement.


“Subprocessor” means any entity which provides processing services to in furtherance of’s processing of Customer Personal Data.


“Supervisory Authority” means an independent public authority which is (i) established by a European Union member state pursuant to Article 51 of the General Data Protection Regulation; or (ii) the public authority governing data protection, which has supervisory authority and jurisdiction over Customer.

  1. Nature of data processing


Each party agrees to Process Personal Data received under the Agreement only for the purposes set forth in the Agreement.




  1. Compliance with Laws


The parties shall each comply with their respective obligations under all applicable Data Protection Requirements.




  1. Customer obligations

4.1   Customer agrees to:


(i) determine the purposes and general means of’s Processing of Customer Personal Data in accordance with the Agreement; and


(ii) comply with its protection, security and other obligations with respect to Customer Personal Data prescribed by Data Protection Requirements for data controllers.  


4.2   Customer agrees to, at's request, designate to a single point of contact (the “Master Admin”) responsible for (i) receiving and responding to data subject requests receives from Customer data subjects relating to Customer Personal Data; and (ii) notifying of Customer’s intended response to a data subject request relating to the access to or the rectification, erasure, restriction, portability, blocking or deletion of Customer Personal Data that processes for Customer, and authorizing to fulfill such responses on behalf of Customer.




  1. Obligations

5.1 Processing Requirements. will:


  1. Process Customer Personal Data (i) only for the purpose of providing, supporting and improving’s services (including to provide insights and other reporting), using appropriate technical and organizational security measures; and (ii) in compliance with the instructions received from Customer. will not use or Process the Customer Personal Data for any other purpose. will promptly inform Customer in writing if it cannot comply with the requirements under Sections 5-8 of this DPA, in which case Customer may terminate the Agreement or take any other reasonable action, including suspending data processing operations;
  2. Inform Customer promptly if, in’s opinion, an instruction from Customer violates applicable Data Protection Requirements;
  3. If is collecting Customer Personal Data from individuals on behalf of Customer, follow Customer’s instructions regarding such Customer Personal Data collection (including with regard to the provision of notice and exercise of choice);
  4. Take commercially reasonable steps to ensure that (i) persons employed by it and (ii) other persons engaged to perform on’s behalf comply with the terms of the Agreement;
  5. Ensure that its employees, authorized agents and any Subprocessors are required to comply with and acknowledge and respect the confidentiality of the Customer Personal Data, including after the end of their respective employment, contract or assignment;
  6. If it intends to engage Subprocessors to help it satisfy its obligations in accordance with this DPA or to delegate all or part of the processing activities to such Subprocessors, the use of which Customer approves, obtain the prior written consent of Customer to such subprocessing, such consent to not be unreasonably withheld; (i) remain liable to Customer for the Subprocessors’ acts and omissions with regard to data protection where such Subprocessors act on’s instructions; and (ii) enter into contractual arrangements with such Subprocessors binding them to provide the same level of data protection and information security to that provided for herein; and


5.2 Notice to Customer. will inform Customer if becomes aware of:

  1. Any non-compliance by or its employees with Sections 5-8 of this DPA or the Data Protection Requirements relating to the protection of Customer Personal Data Processed under this DPA;
  2. Any legally binding request for disclosure of Customer Personal Data by a law enforcement authority, unless is otherwise forbidden by law to inform Customer, for example to preserve the confidentiality of an investigation by law enforcement authorities;
  3. Any notice, inquiry or investigation by a Supervisory Authority with respect to Customer Personal Data; or
  4. Any complaint or request (in particular, requests for access, rectification, erasure, restriction, portability, blocking or deletion of Customer Personal Data) received directly from data subjects of Customer. will not substantively respond to any such request without Customer’s prior written authorization.


5.3 Assistance to Customer. will provide reasonable assistance to Customer regarding:


  1. Any requests from Customer data subjects in respect of access to or the rectification, erasure, restriction, portability, blocking or deletion of Customer Personal Data that Processes for Customer. In the event that a data subject sends such a request directly to, will promptly send such request to Customer;
  2. The investigation of Personal Data Breaches and the notification to the Supervisory Authority and Customer's data subjects regarding such Personal Data Breaches; and
  3. Where appropriate, the preparation of data protection impact assessments and, where necessary, carrying out consultations with any Supervisory Authority.


5.4 Required Processing. 


If is required by Data Protection Requirements to Process any Customer Personal Data for a reason other than providing the services described in the Agreement, will inform Customer of this requirement in advance of any Processing, unless is legally prohibited from informing Customer of such Processing (e.g., as a result of secrecy requirements that may exist under applicable EU member state laws).


5.5 Security. will:


  1. Maintain appropriate organizational and technical security measures (which may include, with respect to personnel, facilities, hardware and software, storage and networks, access controls, monitoring and logging, vulnerability and breach detection, incident response, encryption of Customer Personal Data while in transit and at rest) designed to protect against unauthorized or accidental access, loss, alteration, disclosure or destruction of Customer Personal Data;
  2. Be responsible for the sufficiency of the security, privacy, and confidentiality safeguards of all personnel with respect to Customer Personal Data and liable for any failure by such personnel to meet the terms of this DPA;
  3. Take reasonable steps to confirm that all personnel are protecting the security, privacy and confidentiality of Customer Personal Data consistent with the requirements of this DPA; and
  4. Notify Customer of any Personal Data Breach by, its Subprocessors, or any other third parties acting on’s behalf without undue delay and in any event within 48 hours of becoming aware of a Personal Data Breach.
  5. If a Personal Data Breach results from either (i) the negligence or intentional misconduct of (or any Subprocessor consistent with Section 5.1(f)) or (ii) a material failure of to comply with the terms of this DPA, shall bear all costs associated with investigating and remediating the Personal Data Breach. shall provide reasonable reimbursement to Customer for any costs associated with notifying affected individuals as required by law or providing individuals with credit monitoring or other appropriate remediation services, provided that, as a processor, will adhere to its commitments under 5.3(b) of this DPA.





6.1 Supervisory Authority Audit. 


If a Supervisory Authority requires an audit of the data processing facilities from which Processes Customer Personal Data in order to ascertain or monitor Customer's compliance with Data Protection Requirements, will cooperate with such audit. Customer is responsible for all costs and fees related to such audit, including all reasonable costs and fees for any and all time expends for any such audit, in addition to the rates for services performed by


6.2 Audits. 


Upon request, will provide to Customer each year an opinion or Service Organization Control report provided by an accredited, third-party audit firm under the Statement on Standards for Attestation Engagements (SSAE) No. 18 (“SSAE 18”) (Reporting on Controls at a Service Organization) or the International Standard on Assurance Engagements (ISAE) 3402 (“ISAE 3402”) (Assurance Reports on Controls at a Service Organization) standards applicable to the services under the Agreement (each such report, a “Report”). If a Report does not provide, in Customer’s reasonable judgment, sufficient information to confirm’s compliance with the terms of this DPA, then Customer or an accredited third-party audit firm agreed to by both Customer and may audit’s compliance with the terms of this DPA during regular business hours, with reasonable advance notice to and subject to reasonable confidentiality procedures. Customer is responsible for all costs and fees related to such audit, including all reasonable costs and fees for any and all time expends for any such audit, in addition to the rates for services performed by Before the commencement of any such audit, Customer and shall mutually agree upon the scope, timing, and duration of the audit. Customer shall promptly notify with information regarding any non-compliance discovered during the course of an audit. Customer may not audit more than once annually.




  1. Data transfers


For purposes of GDPR, where there is a member-directed export of Personal Data or where Customer already may access such Personal Data, both Customer and will be independent controllers of Personal Data originally derived on the Services. The parties agree that, for such cases, and the customer would each act as a data controller with respect to their particular copy of the Personal Data. Each party will, to the extent that it, along with the other party, acts as data controller, as the term is defined in applicable Data Protection Requirements, with respect to Personal Data, reasonably cooperate with the other party to enable the exercise of data protection rights as set forth in the General Data Protection Regulation and in other Data Protection Requirements. agrees and warrants that it will process Personal Data exclusively within the territory of the European Union and not allow access to Personal Data to persons located in Third Countries. shall disclose to the Customer in writing all geographic locations where Customer Personal Data will be processed by and any Sub-processors. agrees and warrants that it will obtain the prior written authorization of the Customer before making any change in the geographic location where the services are performed or from which a Sub-processor accesses the Personal Data.

Where this is a Third Country, undertakes to provide, or obtain from the Sub-processor an undertaking that it will provide, the appropriate safeguards governing such a transfer as provided for in Article 46 of Regulation (EU) 2016/679 of the European Parliament and of the Council, including the execution by and/or relevant Sub-processor and the Customer of the standard data protection clauses adopted by the Supervisory Authority and approved by the European Commission.




  1. Data return and deletion


The parties agree that on the termination of the data processing services or upon Customer’s reasonable request, shall, and shall cause any Subprocessors to, at the choice of Customer, return all the Customer Personal Data and copies of such data to Customer or securely destroy them and demonstrate to the satisfaction of Customer that it has taken such measures, unless Data Protection Requirements prevent from returning or destroying all or part of the Customer Personal Data disclosed. In such case, agrees to preserve the confidentiality of the Customer Personal Data retained by it and that it will only actively Process such Customer Personal Data after such date in order to comply with applicable laws. For clarity, may continue to Process Customer Personal Data that has been aggregated in a manner that does not identify individuals or customers to improve’s systems and services.  





  1. Third Party Data Processors 


Customer acknowledges that in the provision of some services,, on receipt of instructions from Customer, may transfer Customer Personal Data to and otherwise interact with third party data processors. Customer agrees that if and to the extent such transfers occur, Customer is responsible for entering into separate contractual arrangements with such third-party data processors binding them to comply with obligations in accordance with Data Protection Requirements. For avoidance of doubt, such third-party data processors are not Subprocessors.




  1. Term


This DPA shall remain in effect as long as carries out Personal Data processing operations on behalf of Customer or until the termination of the Contract (and all Personal Data has been returned or deleted in accordance with Section 8 above).




  1. Governing Law, Jurisdiction, and Venue


This Agreement shall be governed by, and construed in accordance with, the law of France. The courts of Paris shall have exclusive jurisdiction to hear any dispute or other issue arising out of, or in connection with, this Agreement, except where otherwise required by Applicable Data Protection Law.


Exhibit B : Payment Instructions

For payment and deposit instruction, please contact your account manager.