GENERAL CONDITIONS 1stKYC

  • IT IS BROUGHT TO THE ATTENTION OF USERS (SEE DEFINITION BELOW) THAT THIS SITE WAS DEVELOPED IN A POSITIVE SPIRIT OF COLLABORATION BETWEEN THEM AND THE COMPANY.
  • THEY ARE REQUESTED TO READ VERY CAREFULLY THE GENERAL CONDITIONS BELOW WHICH APPLY TO ALL RELATIONS BETWEEN THE COMPANY AND THE USERS.

1 – General information

The company which operates the website www.1stkyc.com and which operates the application is the Belgian company AML SERVICES srl, whose registered office is at 1 Esplanade Simone Veil – 4000 Liège – Belgium, BCE 0771 320 640.

hereinafter referred to as “the Company”.

Unless otherwise expressly agreed in writing, these general conditions are the only ones applicable to all our offers, orders, commitments or contractual relationships, even if the user’s conditions assert their own primacy. The general terms and conditions have been necessarily read and approved at the time of entering into relations and are available at any time on the company’s website (www.1stkyc.com).

These General Conditions are drawn up in French, which will be accepted as the sole language of reference. Translations into other languages are for information purposes only.

No waiver, change, variation or addition to these terms and conditions shall be effective unless in writing and expressly accepted by the authorised signature of both parties on or after the date of signature of the contract or offer by both parties. No argument may be drawn from a favour, even if it has been repeated.

2 – Definitions

The present conditions apply to the use of the website www.1stkyc.com, hereinafter defined as “the Site”. The Site allows you to obtain an online general presentation of the company and its products and services, on the one hand, and on the other hand, access to the Application discussed below.

The “FILE” must be understood as consisting of all the information entered by the Owner and the Users authorised by him/her in the databases that they have created.

The “OWNER” of a File should be understood as the person who has registered as such and is legally responsible for the entity that has registered; he/she is defined under the generic term “the Owner”. In other words, the owner of the file is not considered to be the Owner in the primary sense of the term, but in the sense of “the owner of all the rights of use linked to the subscription, a right which he may also have with regard to his employees, principals and other servants, for whom the Owner remains responsible”. Such an Owner, within the meaning of this agreement, may technically, as the person responsible for the File, invite a User (who may be, for example, one of his principals) to access his File, but he does so under his sole, full and entire responsibility.

The “USERS” of the site are the persons defined under the generic term “the User”: these are the persons who may use the site and its various functionalities, or only some of them, after having been invited by the Owner, in the context of their professional activity, regardless of their level of responsibility at the level of the entity that has been registered by the Owner. The Owner is also a User, but with the highest level of authorisation.

The User is always a natural person who is obliged to identify himself/herself correctly by providing correct data to the Company, which cannot be held responsible for incorrect or incomplete information.

The site offers the use of an application designed to manage the AML/CFT (Anti-Money Laundering & Counter Terrorist Financing) data of the Owner’s clients, an application called 1stKYC.

By registering, Users formally accept that they may receive informative messages in the form of mailings or any other technical or informative notification relating to the Application they use. In this respect, reference is made to the section “company privacy policy and information in application of the data protection regulation – RGPD (General Data Protection Regulation – htps://eur-lex.europa.eu/legal-content/EN/VXV/HVML/?uri=CELEX:32016R0679&from=EN”).

As set out in the “Confidentiality” sections below, the Company will never pass on to any external operator any information relating to Users or the data recorded by them in their File: it is, however, authorised, without prior agreement, to pass on such Confidential information to third parties (a) if it is required to do so by law or by a regulatory authority, (b) if it is requested to do so by a governmental or fiscal authority and strictly within the limits of such a request, provided that it is in order.

If it has to use subcontractors, as is the case, for example, with the servers it uses to host its data, these servers must have the highest possible degree of security and confidentiality, in compliance with the provisions of the RGPD.

Whether in a test period or not, the User, here understood in the broadest sense, acknowledges that he/she has the right to use the site, without more. The Owner holds the property of the data that he has encoded on the site and has the possibility of repatriating them locally in a standard format commonly used, which he is free to use or not.

The issue of the duration of the conservation of the editions sent to him is the exclusive responsibility of the User: it is up to him to examine, with regard to the Directives, laws and regulations on which he depends, the way in which he intends to use the tool and the period of conservation of the data he has compiled, collected or both thanks to the Application.

In the event that the subscription is discontinued for more than 365 days (non-payment), the company notifies the Owner that it will destroy the unused File within 5 days. The attention of the Users is drawn to the fact that as soon as the destruction is effective: they will no longer have access to the data, which is otherwise destroyed. If, between the first and the 360th day not covered by payments of the right of use, the Data Owner decides, within the time limits mentioned by the IVth Directive, to reactivate his subscription, in particular to prove, for example, that he has carried out research on his clients or that he has fulfilled his duties in good time, he will have to pay an amount equivalent to the period of retention of the said data, i.e. a maximum of 360 days, before being able to access his data again.

During the periods in which their right of use is not covered by a payment, Users cannot exercise vigilance, as long as their access is suspended. Apart from its own responsibility, the Company has no other solution than to manage this problem in this way through an application whose principle is to allow its users to save both paper and backups on their own machines.

3 – Product acceptance

The site offers an Application which is in a state of permanent offer. The fact that a User registers as an Owner or User obliges him/her to read and expressly accept these general conditions. Access to the Application is not possible, even in the case of free use, on a trial basis, without confirmation that these conditions have been read and expressly accepted.

The Application is provided as a tool for professionals to assist them in fulfilling their obligations and the company can therefore only decline all responsibility for the misuse or diversion of this tool for purposes other than those for which it is intended.

By registering on the site, Users agree to accept and use the Application as is and acknowledge the Company’s right to make any changes to the site that it deems useful for the proper functioning of the Application.

4 – Minimum hardware requirements

In order to use the Application correctly, Users need a computer connected to the Internet via a good quality telephone line.

Users have checked the quality of their line; proper use requires a connection that is free of frequent interruptions and has sufficient bandwidth. For information: the loss of connection with the server does not present a risk of corruption of files but rather represents an inconvenience for the User.

The Company has verified that the site supports the FIREFOX or CHROME Internet browsers. No guarantee is given for other browsers. Microsoft Explorer is to be avoided.

5 – Limitation of liability & control

The company guarantees the proper functioning of the Application, provided that it is used correctly, as indicated in the help, as far as possible, in a maximum of common languages that the company knows are those of identified users, users being invited to show tolerance as regards translations, and also invited, in case of doubt, to contact the company to question it, preferably in French or English.

See also article 8.

In the event that a programming error made by the Company is detected, the Company undertakes to correct it as soon as possible. The Company’s liability is limited to this precise point (article 7).

The Users ensure that they have sufficient knowledge of the professional matters covered by the Application made available to them, to ensure its proper functioning. The Company cannot be held responsible for any errors in handling or interpretation, whatever their consequences.

The Application is intended for use in connection with legal and recognised activities in their country of origin.

Neither party shall be liable to the other in the event of failure or delay in the performance of its obligations above attributable to an act of God or a fortuitous event.

6 – Insurance

The Company shall not be held liable for any event that occurs outside its scope of intervention and/or provision of services. All the exclusions relating to its liability are set out in the general conditions.

They result, among other things, from the civil liability insurance taken out by the company (extract below).

Civil liability insurance contract means the contract taken out by the Company to cover the contractual and extra-contractual civil liability that may fall to it due to damage of any kind caused to Third Parties and resulting from errors, omissions or negligence committed by it, in its capacity as a provider of IT services within the framework of its activities.

Neither party shall be liable to the other in the event of failure or delay in the performance of its obligations above attributable to an act of God or a fortuitous event.

In the context of the liability and insurance provisions that follow, the term “Insured” may refer to the Company, but also to certain Users of a particular function of the site.

The following are excluded from the company’s guarantee and consequently from the company’s possible liability under this agreement

Damage caused intentionally by an Insured, who would use the material made available to him/her for the purpose of harming the interests of a Third Party, for example. However, if the Insured at fault is neither the policyholder nor one of its partners, directors, managers, organs, executive employees or technical managers, the guarantee shall remain valid for the Insured other than the person at fault, subject to the deductible provided for in the contract and the recourse that the company is entitled to exercise against the latter.

The following are also excluded: damage caused by :

The operating procedures of the business, accepted by the Insureds or by such a failure to comply with the standards of prudence or safety specific to the insured activities that the harmful consequences of this failure or these operating procedures were – in the opinion of any person normally competent in the matter – almost inevitable;

Multiple repetitions, due to the absence of precautions, of damage of the same origin;

The failure to subject the methods recommended or used to sufficient prior verification, taking into account the knowledge acquired on a technical and scientific level.

Damage resulting from the non-return of funds, breach of trust, embezzlement, misappropriation or any similar acts, as well as unfair competition or infringement of intellectual property rights such as patents, trademarks, designs and copyrights;

Judicial, transactional, administrative or economic fines, punitive or dissuasive damages (such as “punitive damages” or “exemplary damages” under certain foreign laws), as well as the judicial costs of repressive proceedings.

The civil liability of the company’s directors and officers is engaged under the applicable legislation in case of mismanagement committed by them in their capacity as directors or managers.

Liability that may fall to subcontractors, partners or members of a consortium or temporary association working in collaboration with the Company.

7 – Responsibility of the User

The User expressly undertakes, notwithstanding any recourse to the assistance services, to report as soon as possible, in writing, any technical problem of any kind that he/she may encounter in the course of his/her use.

If a User is found to have failed to comply with this duty of care and good cooperation within the shortest possible time of the occurrence of a problem, the User may be held responsible for the damage or its aggravation.

Without prejudice to the foregoing, the Company’s full liability to Users for the Services provided under this Agreement, as well as any negligence, positive act or omission by the Company’s consultants, whether subcontractors or agents, taking into account death, injury, loss or damage caused by, or resulting from, any such entity, shall in no event be incurred where the User’s actions interfere with the Company’s services.

As Belgian law applies in the context of these conditions, both because of the Company’s registered office, which is aimed at professionals, and because of the choice of court clause stipulated and expressly accepted in the context of these general conditions, there can be no question of claiming anything other than the actual damage.

8 – Use of the helpdesk

The helpdesk under the heading “Need help / New help ticket” is available at all times. This is the only correct way to contact the helpdesk. The Company does not guarantee a correct follow-up of support requests made in any other way.

The price of the support service is included in the application fee.

The company will use its best endeavours and take all necessary measures to ensure the best possible support service, but cannot be held responsible for problems external to its organisation, such as failure of the Users’ equipment or lack of technical knowledge of the subject matter of the Application.

In case of unavailability of the support service via the tickets, it is also possible to exchange by e-mail at the address: help@1stkyc.com

The company will do its best to respond to requests made via tickets or e-mail but does not guarantee a response time.

9 – Prices

Subject to Article 10, the prices for the Application offered by the site are readily available on the “Settings/General Information” page or on request via the various forms available on the site www.1stkyc.com

The prices announced are valid for the current calendar quarter. Any modification will be made with a minimum of 15 days notice.

The advertised prices are always exclusive of VAT. The application of VAT is subject to the legal provisions in force in the users’ country.

Only the payment methods indicated on the site are accepted by the company. Payment by cheque will always be banned.

When subscribing, the User chooses the duration for which he/she is committed. When this period comes to an end, he is informed and invited to extend his subscription, which he can freely choose to do or not.

Once the price of the subscription or of a possible renewal remains unpaid for seven calendar days, the User’s access to the data will be suspended (see also Article 2, in fine, concerning the conservation of data and Article 11: “payment terms”).

10 – Market segmentation

Insofar as tax policy may vary from one country to another and insofar as the Application is intended for all countries, Users are fully informed that the prices displayed on the Site are “tax neutral”, i.e. they are exclusive of VAT and exclusive of any other type of taxation that a particular country may apply to the sale of the Application’s services due to a territorial link or any other link that may connect Users or any other party to that country.

The Owner expressly agrees that he/she is aware that the prices are expressed net of any taxation and that any taxation due in his/her country of origin may be passed on in addition to the invoice sent to him/her, i.e. that the prices displayed may be increased by VAT or any other existing or future tax that may be claimed by a state involved at any level in the process of providing the Application made available to said Users by the Company.

11 – Terms of payment

The right to use the Application is invoiced according to a price scale found in the Parameters / General Information menu and taking into account the volume of information specific to each File managed by the system. This right of use is invoiced in advance, on the anniversary date of the switch to the paid version.

Invoices are filed, after payment, in the “Settings/My Invoices” menu of the Application.

The payment process is managed by Stripe (www.stripe.com), which alone retains the payment parameters for the Files.

When registering, the Owner chooses the payment methods from among the options offered by the STRIPE collection site. Namely:

credit card with direct debit

SEPA direct debit

In the event that the STRIPE payment organisation refuses the direct debit for any reason whatsoever, the Company shall be entitled to pass on to the Owner at least the charges imposed by the external partner Stripe®, which, as an indication, are generally €7.50 per refused transaction.

In the event of an unpaid invoice within 360 days, the file shall be deemed to be in default and liable to be deactivated, as indicated in art.2 §11 hereof. If the customer who has gone into escheat wishes to reactivate his account within 360 days, i.e. before the time limit for deletion of his data, he must then pay an amount intended to cover the period of effective retention of his data (as also stipulated in art. 2).

Any complaint or request for information relating to invoicing or questions relating to payments shall be addressed to the e-mail address invoices@1stkyc.com

12 – Application test period

The Application has a free test period.

During the test period, free access to the Application is limited to fifteen days and to a single File, with a limit of 15 records per File.

An Owner may invite as many other Users as he wishes to his Folder.

13 – Ownership of the software, the application and intellectual property rights

The application made available to Users is a “cloud” application, i.e. it is hosted on a server that belongs to the company. Users send search requests via their own machine to the company’s server, which sends them the results of these searches. These results are archived and the said archives are accessible by the users.

The user is therefore not the owner of the software that enables the company’s server to carry out the searches in question, nor of the server itself, nor of anything relating to the design of the entire solution that is remotely available for use: the user has only a right to use the whole and, as long as he continues to be in a time period for which he is in order to pay, a right of access to the history of his requests and to the related archives.

This second aspect of his right of use, the first being to carry out searches, should enable him to demonstrate, without any internal archiving problems, that he has indeed fulfilled his search duties in due time.

As this is a “virtual” product, in that the user pays for a right to use it remotely, it is worth emphasising that the intellectual rights remain the sole property of the company, especially as it is not technically possible to download the application to install it so that it runs on a machine that is independent of the company’s server.

The company’s intellectual rights are strictly reserved to it and cannot in any case be acquired or even rented by the user who, let us repeat, only has a right of use.

Intellectual rights are those rights qualified as such by the definitions given by the different legal systems in the world, whether they are legal systems or definitions that derive from Common Law systems and are therefore legally recognised, and in particular:

Copyrights, patents, trade secrets, trade secrets, know-how, trademarks, patents, inventions, designs, logos, trade dress, moral rights (see below, e.g. copyright), wordmarks, slogans and other advertising formulae and derivatives of any kind, used for professional commercial purposes, and any other form of private intangible rights

any application or right of application of the above-mentioned rights

These rights are only ever assigned in a strictly limited manner and only by virtue of an express, prior and written agreement by the Company.

An implicit renewal, extension or restoration of this licence assignment is not synonymous with assignment.

In other words and in summary, the intellectual rights implemented or used in the context of the use of the site remain the property of the Company, unless expressly agreed otherwise in writing.

The intellectual property rights relating to the site and its image are also the exclusive property of the Company and include in particular

– The rights of reproduction and communication to the public.

14 – Methods of use

The Company alone shall have the right to fix the work, in whole or in part, by any technique on any medium and in particular

An online medium, including the Internet, as well as any Intranet network, any computer terminals in private and/or public places. The authorisation to reproduce on the Internet also includes the authorisation to establish any link from or to the site where the work is reproduced, and generally to make any normal use of the site and its content;

A “paper” medium such as :

publication in whole or in part in a periodical, information publications, books, syllabuses, instructions for use, etc.

the right to reproduce the work on another medium, including off-line computer media such as CD-ROM, databases, floppy disks, DVDs, USB sticks, flash drives, etc.

The right to reproduce the work in an unlimited number of copies of each medium;

The right to distribute the work and to communicate it to the public by any communication technique, including communication by cable, satellite, radio, Internet and computer networks;

15 – Specific intellectual property

The user of the 1stKYC application is advised that the “Watchlist” used by the system is limited to the uses provided by the 1stKYC application, to the exclusion of any other use.

The Watchlist is confidential and may not be altered, modified, used or disclosed in any way.

Neither party may assign or transfer, whether in return for payment or free of charge, all or part of its rights or obligations under the Agreement to a third party without the prior written consent of the other party: this clause is generic and concerns all aspects of the Company’s activity and these General Terms and Conditions, but is also particularly valid for all elements of intellectual property.

16 – Claims and applicable law

With regard to complaints, a distinction should be made between general complaints and complaints relating more specifically to invoicing.

For any dispute, controversy or claim arising from the application of these general terms and conditions or any subsequent amendment thereto (relating in particular, but not exclusively, to their formation, validity, binding effects, interpretation, execution, breach or resolution) and any extra-contractual claim or, in general, any claim other than those relating to the specific point of invoicing (see below), on pain of nullity (inadmissibility), the parties, i.e. the Company and the Owner, undertake to first seek an agreement through mediation with an approved mediator.

The parties undertake, in accordance with Article 1725, § 1 of the Judicial Code, to initiate a mediation process with an accredited lawyer mediator prior to bringing any legal action.

Unless the parties have expressly agreed otherwise, the mediation may not exceed 3 months from the date of the appointment of the mediator.

The place of the mediation shall be Liège (B) and the language of the procedure shall be French and the mediating lawyer(s) shall be chosen from the list of mediators approved by the Courts of Liège for civil and commercial mediation (list available online: https://barreaudeliege-huy.be/fr/reglement-des-conflits/mediation/mediation-civile-et-commerciale ).

In the event that mediation fails, and only in this case, the dispute will then be exclusively submitted to the Courts of Liège (B).

The present general conditions are governed by Belgian law. The present General Conditions are drawn up in French. This language will be accepted as the only language of reference. Translations into other languages are for information purposes only.

Complaints concerning invoices must be made in writing within 8 calendar days of the date of dispatch of the invoice and/or the summary e-mail. Invoices whose summary (e-mail) has not been protested within the specified period shall in any case no longer be disputable upon receipt.

17 – Legal costs

In the event that a dispute concerning an obligation to pay is brought before the Courts, it is recalled that all countries of the European Union, by way of legislation or case law, have recognised the principle of “reasonable compensation for the relevant recovery costs incurred as a result of late payment”.

For information, in practice, there is a tendency for the courts to award compensation equivalent to at least 10% of the amount outstanding, for the procedural indemnity alone, without prejudice to other damages or those mentioned above and without counting the costs of the bailiff and others.

Belgian law applies to any dispute arising from the use of the site. The courts of Liège (B) have exclusive jurisdiction.

18 – Confidentiality of information and data

There are two types of data:

Data concerning the Users themselves and their beneficiaries, i.e. the data of the Owners and paying or non-paying Users of the Site and the Application: in accordance with the RGPD regulation, the data collected is more than minimal, being limited to what is strictly necessary for the proper execution of the contractual relationship with the Company, and it is not kept beyond what is necessary, it being understood that here, the duration is influenced by the AML directive or IV Directive: as regards these data, see Article 19 and Article 22.

Data sent by Users under their own responsibility in order to fulfil their AML obligations under the Fourth Directive. These are sent to the company’s server which then queries other databases, based on the User’s instructions. By default, when reference is made to “data”, it is this second type of data, those sent by the User to the Company’s server in the context of an AML search, that is referred to.

It should be noted that the Company does not process the data in any way whatsoever: the data sent by the client is then distributed automatically by the Company’s software, which queries other servers and the client receives the results of these queries in return, with the tool provided by the Company simply serving to simplify the search tasks recommended by the IVth AML Directive with external databases.

The Company takes all necessary measures to preserve the integrity of the data stored on its site by the Users, with a view to and in compliance with .

The User remains solely responsible for the data sent by him to the Company, and it is therefore recommended that he makes a backup copy prior to any transmission.

This copy must be kept by the client until the final verification of the transfer and at least for a period of 5 years (retention period set with reference to the recommendations of the 4th AML Directive).

If such a copy is not kept for this period, the Company cannot be held liable in any way for any missing or corrupted data.

Similarly, access to confidential data (such as passwords, information relating to the User’s customers, etc.) recorded in the File is the sole responsibility of the User who, except in the case of obvious malice, may not hold the Company liable if such data is used, disseminated, stolen or hacked.

Similarly, the Company cannot be held responsible for any incidents, not of its making, which would lead to an abnormal diffusion of the information stored on its site.

19 – Company privacy policy and information pursuant to the Data Protection Regulation – RGPD

Our company provides services that involve the collection of personal data from natural persons residing, in particular, in the European Union, and is therefore subject to the RGPD.

For the purposes of the RGPD, the data in question is that of the Owners and Users of the Site and the Application, whether or not they pay for it, and not that which they themselves enter in their Files. The data that Owners and Users encode in their Folders is their exclusive property, is placed under their exclusive responsibility and is encrypted in such a way that the Company’s development manager can only have access to it with their consent (the Owner’s explicit consent) to the extent that it implies active collaboration in the implementation of the decryption of the computer key by the Company’s members.

As a natural person residing in the European Union, the Owner and the User hereby give their consent to the processing of their personal data, including sensitive data.

As a company, with respect to the personal information of your employees, directors, shareholders or others, we believe that the processing of their personal information is necessary for the purposes of the legitimate interests pursued by our company (primarily, with respect to our website: customer information) in accordance with Article 6 f of the GDPR.

Our company only retains this information for the period for which the right of use is granted or for the duration of the legal obligations arising from the fight against money laundering and the financing of terrorism, and by virtue of its liability obligations.

Our internal procedures and servers are designed to ensure the highest possible security of your data.

Your rights, as guaranteed by the GDPR, are as follows:

A facilitated right of access.

In the event of a request for access by a natural person (Owner or User) to his or her personal data, in addition to the fact that they are part of his or her Personal File and are accessible to him or her, this natural person may contact our Data Officer (see below) responsible for notifications, who will then have a maximum of one month to satisfy the request: in this case, the Owner will be asked for prior written authorisation to access the encryption key by the Company, which will otherwise not have access to this data.

At any time, a User may view his or her personal data as recorded on the Site, by consulting the “My account” page.

A right to be forgotten

In all cases, a User may delete his account himself, which will have the effect of immediately deleting all his personal data, with the corollary that he will be unable to access the Applications.

If an Owner deletes his account, he also deletes, in addition to his personal information, the Folder(s) of which he is the Owner as well as the data relating to the Users.

A right to limit processing

This right is only applicable in a few specific cases provided for in Article 18 of the GDPR. Please contact us if you believe that you are in one of these cases.

A right to data portability.

This is a new right, arising from the GDPR, which allows a person to retrieve the data he or she has provided, in an easily reusable form and, if necessary, to transfer it to a Third Party. By going to the “My Profile” menu and clicking on the “Export Data” button, all the information in your File(s) is transferred to you in a current electronic format.”

Information on data security

Data breach notification. Companies will be required to take action in the event of a security breach resulting in the destruction, loss, alteration or unauthorised disclosure of data.

In the event of a security breach, the Company will notify the relevant regulatory authority (the Data Protection Authority) within 72 hours. Affected individuals will be informed as soon as possible if the data breach or violation involves a high risk to their rights and freedoms.

Backup

Our server is subject to a daily back-up procedure carried out by the hosting company OVH in Frankfurt (Germany). As a subcontractor, this company has undertaken to apply the RGPD and to notify us of any data compromise.

Terms and conditions of the hosting company

The general conditions of the hosting company, OVH, are available on their website (https://www.soyoustart.com/fr/mentions-legales.xml)

Data Protection Officer

Our company has less than 25 employees and Mr Michel Vansimpsen (michel@1stkyc.com) is also the Data Protection Officer. Users are invited to take into account the size of the Company when dealing with the person assuming the functions of DPO.

Software & data

The data of natural and legal persons registered by the Users are stored in my sql tables located on the OVH server. This data is systematically encrypted by the system; our company’s employees have no knowledge of the encryption key, which is held by the Development Manager. He cannot access it without the express prior agreement and collaboration of the Owner of the File, within the framework of a clear exceptional procedure requiring the Owner’s agreement to access the encryption key that makes this data accessible.

For troubleshooting procedures, the Company will use software that allows it to connect remotely to the user’s computer (such as “Teamviewer”) to be troubleshooted and with the user’s agreement & collaboration.

References

In derogation of the first paragraph of art.18, the Owner accepts that the logo of his/her company/entity be included in a “References / They use 1stKYC” page on the Company’s website.

Should the Owner object to this referencing, he/she must notify the Company, and more specifically the DPO, at michel@1stkyc.com.

20 – Personnel management

The HR manager is Michel Vansimpsen.

She and the company’s directors have access to the specific directory where all the personal information (pay slips, etc.) of our company’s staff is stored.

21 – Management of subcontractors

As developed in the previous points, the Company never transmits data to external operators of any kind, apart from the hosting company (see below).

If it has to resort to subcontractors, as is the case for example with the servers it uses, they will be actors who benefit from the highest possible degree of security and confidentiality.

If, by impossibility and in the future, the company should have recourse to other external parties, it will always ensure, as mentioned ab initio, that they submit to the present general conditions, including the protection of the data and rights of the owners and users of the subscriptions and files.

To be more precise as to who they are, the Company operates essentially with three subcontractors:

– the host of our applications is the company OVH, 2 rue Kellerman in F59100 Roubaix (France), RC 424 761 419 00045,

– the supplier of the Watchlist database is NameScan, Suite 213, 7 Railway Street, Chatswood, NSW207, Australia

– Stripe, the above-mentioned company, which is involved in the management of subscriptions and their collection and whose registered office is located in Dublin (Ireland), 1Grand Canal Street Lower, Grand Canal Dock, D02H210.

The subcontractors shall remain solely responsible for any direct or indirect damage that may result from the execution of this agreement, both towards the company and towards the Users.

It is recalled that the subcontractors are obliged to take out at their own expense, risk and peril the insurance required (and, more particularly, they must take out operating and post-delivery liability insurance to the extent of the risk that their assignment involves) and ensure that the premiums are paid in due time.

In particular, the subcontractor shall indemnify, if necessary on first request, the Company against any claim by a third party claiming to have an intellectual or industrial right to all or part of the work carried out by the subcontractor under this agreement.

If the Company is called into question in the context of a problem involving it, the subcontractor shall assist the Company in its defence and shall bear any legal costs incurred by the Company in the context of proceedings brought by the end client and/or a third party, as well as any damages to which the Company may be condemned as a result of the service provided under this agreement.

In this context, in addition to the fact that the subcontractor is required to insure its civil liability covering, in particular, damage due to third parties, but also its professional operating liability, the insurance of its staff against accidents at work, etc., it has acknowledged that it may have access to sensitive and confidential information and that this information must be processed by it, any sister companies, and or employees, or even customers, and suppliers or any other co-contractor, within the strict limits of these general conditions, and in compliance with the laws and Regulations of the EU and Belgium.

The subcontractor therefore undertakes to treat as strictly confidential all information communicated to it within the framework of the agreement binding it to the company and to refrain from disclosing it or using it for the benefit of persons or entities other than the company or beyond this mission. It should also be noted that the subcontractor has undertaken to respect this obligation of confidentiality, including, where applicable, by its agents, partners and employees.

22 – General information on the RGPD

The “Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, abbreviated as RGPD” is on the protection of individuals with regard to the processing of personal data and the free movement of such data, and repeals Directive 95/46/EC (General Data Protection Regulation),” OJ L 119, 4. 5.2016, pp. 1-88, § (n.d.), htp://data.europa.eu/eli/reg/2016/679/oj (“GDPR”).

Our company provides services that involve the collection of personal data from natural persons residing, inter alia, in the European Union, and is therefore subject to the GDPR. It also processes personal data of its partners, associates and employees.

As a processor ourselves, we confirm that we have adopted the procedures required by the GDPR and undertake to notify the Owners without delay of any information relating to such third party data processing.

Anyone who requires further information may contact the Data Protection Authority at contact@apd-gba.be, or any other similar body within the European Union.

The website of this body is: htp://www.autoriteprotectiondonnees.be/ ).

The customer is solely responsible for any illegal use of the tools made available to him.

***

The 1stKYC staff would like to thank you for your trust and will do everything in their power to ensure that users maintain a high level of satisfaction.

 

Print Friendly, PDF & Email