Navigation:
DAR Solutions LLP ©2023
All rights reserved.
This version only applies to Users within the European Union. To adjust the region, please use the dropdown button located above.
Terms and Conditions for the use of the DAR Lean Platform of DAR TECH Limited
  1. Preamble

    1. These Terms and Conditions (hereinafter “T&C”) apply to the use of the DAR Lean Platform available via the address https://app.darlean.com and as an app from DAR TECH Limited, HE409398, Themistokli Dervi 3, JULIA HOUSE, 1066, Nicosia, Cyprus (hereinafter “DAR TECH”) including all Services, videos, recordings, sounds, texts, graphics and other materials sent, received, stored or otherwise displayed on the DAR Lean Platform. These T&C create a legal agreement between DAR TECH and each User of the DAR Lean Platform and/or Services.
    2. By accessing or using the DAR Lean Platform and/or Services, the User automatically agrees to the T&C, whether or not the User has entered into a separate contract with DAR TECH. If the User does not agree to the T&C in full, he/she is prohibited from accessing the DAR Lean Platform and Services and using the content and services offered there.
    3. To use the DAR Lean Platform, App and Services, the User must be 18 years old and an Entrepreneur or Business Owner. Contracts are not concluded with consumers.
    4. The User expressly acknowledges that DAR TECH already objects to all deviating regulations in any order or in other business documents of the User.
  2. Definitions

    1. The definitions used in this T&C refer exclusively to this T&C and do not affect the definitions in DAR TECH's Privacy Statement or other documents. In this T&C, unless otherwise expressly stated in the text, the following terms shall have the meanings given below:
      • DAR Lean Platform or Platform: the DAR Lean cloudbased internet platform operated by DAR TECH under the web address https://app.darlean.com, which allows Users to organise and manage operational processes as well as teamwork, including, inter alia, productivity tools, processes, planning, HR management and reporting.
      • DAR Lean App or App: DAR TECH also offers the DAR Lean Services as an app available via an external app store.
      • User: a legal or natural person who uses the Platform and Services of DAR TECH, regardless of whether the User has registered or there is a contractual relationship between the Contracting Parties.
      • Entrepreneurs or Business Owners: natural or legal persons or partnerships with legal capacity who run a business. Businesses are any permanent organisations of independent economic activity, even if they are not profitoriented. Consumers are not Entrepreneurs/Business Owners.
      • Contracting Party/Parties or Party/Parties: This is understood to mean DAR TECH and the User individually or jointly. This applies irrespective of whether a contractual relationship has already been established between the User and DAR TECH or not.
      • User’s Personal Account or Personal Account: a set of protected Platform pages created as a result of the User’s registration, using which the User is able to access the functionality of the DAR Lean Services, allowing the User to manage settings, edit the account, and perform other actions necessary to implement the functionality of the DAR Lean Services within the authority granted to him.
      • Administrator: a person authorised by the User to manage the administrative panel in the User’s Personal Account, responsible for managing the settings, editing the account, and performing actions necessary for the use of the DAR Lean Services within the limits of his authority.
      • Privacy Statement: a document, as amended and supplemented, which defines the procedure and conditions for the collection, use, storage, processing, protection, and privacy of the User’s data, including Personal Data, which forms an integral part of these T&C, and which is available at: https://darlean.com/en/policy.
      • Referral Link: a link to the Platform provided to the User by the Administrator to register and make changes to the account by filling out the form in the User’s Personal Account.
      • DAR Lean Services or Services: the services and tools available to Users through the Platform and the App.
      • General Data Protection Regulation (GDPR): EU-General Data Protection Regulation or GDPR means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46/EC as last published.
      • Personal Data: any information relating to an identified or identifiable natural person (“Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  3. TERMS OF USE

    1. DAR TECH shall grant the User, under the T&C, the right to use the DAR Lean Platform and DAR Lean App as well as the additional Services available therein.
    2. The DAR Lean Platform and DAR Lean App is a fee-based online platform of DAR TECH that offers various DAR Lean Services. In order to use the DAR Lean Services on the Platform and DAR Lean App, Users must meet certain technical requirements, and under certain circumstances, pay a fee for a certain duration, and the User shall pay DAR TECH any such applicable fee as provided in Sections 5 and 6. A separate contract between DAR TECH and the User will be concluded when the use of the DAR Lean Services starts. The conditions in these T&Cs apply to all contracts between DAR TECH and the Users as well as to any use of the DAR Lean Services. Any deviating agreements must be recorded in writing.
    3. The functionality, interface, and any Services provided on the Platform and DAR Lean App, including any Services, may be modified, supplemented, and updated, and may change the form and nature of the Platform’s or Services’ functionality at any time without prior notice to the User, and therefore, their use is offered on an “as is” basis, that is, in the form and volume in which DAR TECH provides them at the time of the User’s request. DAR TECH shall have the right, at its sole discretion, to terminate (temporarily or permanently, in whole or in separate territories, to Users of all or certain categories, or models of devices and (or) operating systems, software products), the provision of support for the DAR Lean Services, its parts, and (or) individual Services (or any individual functions within the Services) to all Users in general or an individual User, in particular, without prior notice.
    4. DAR TECH shall have the right to restrict or prohibit (temporarily or permanently) the User’s access to the DAR Lean Platform, App and/or Services to its functionality, if the User has violated ethical standards both in relation to employees of DAR TECH and other Users or has violated any provisions of these T&C.
    5. Information content of the Platform and DAR Lean App, changes in the design of the Platform and DAR Lean App, and changes in the prices of the fees may be made by DAR TECH without prior notice to the Users.
    6. After successful registration, the User shall gain access to the User’s Personal Account and be able to use the functionalities of the Platform.
    7. DAR TECH may at any time, at its sole discretion and without prior notice to the User, transfer all or part of its rights and obligations arising from these T&C and other legal documents applicable to the legal relations between the Parties to any third party.
    8. The User shall use the DAR Lean Services and the User’s Personal Account in good faith, without violating any laws, any rights or freedoms of any person (including third parties), and the standards of morality and ethics.
    9. If the User has a claim against another User in connection with the latter’s use of the DAR Lean Services, the User shall address the claim directly to that User and settle the claim independently and without the involve-ment of DAR TECH.
    10. If the User violates the T&C, the law, standards of morality and ethics, or technical requirements or fails to meet its payment obligation, DAR TECH shall have the right to suspend, block, or delete the User’s Personal Account, prohibit, or restrict access to some or all of the functions of the DAR Lean Services using the User’s Personal Account.
    11. The User guarantees that all claims of rights holders/authors/contractors arising from the use of the DAR Lean Services information by the User in contradiction with these T&C shall be settled independently by the User, at his own expense. If DAR TECH receives claims from third parties regarding illegal use of the intellectual property on the DAR Lean Platform and DAR Lean App, the User agrees to compensate all losses of DAR TECH incurred as a result of such claims, and DAR TECH also reserves the right to unilaterally terminate these T&C as between the Parties by deleting the User’s profile.
  4. REGISTRATION CONDITIONS

    1. DAR TECH shall provide the User access to information relating to the DAR Lean Services before the User’s registration. The prerequisite for the conclusion of a contract is the registration of the User or Administrator on the DAR Lean Platform and DAR Lean App. The User shall have the right to use the DAR Lean Services after registering in his personal account and entering into these T&C.
    2. By completing registration on the DAR Lean Platform, the User makes a binding offer to conclude a contract. The User and/or Administrator also confirm that all information provided by him/her during registration is true and complete. He/she is obliged to inform DAR TECH immediately of any change in the registration data. DAR TECH may accept this offer by activating the Personal Account for the User’s use of the DAR Lean Services. With the acceptance of the offer, the contract between the Parties is concluded in the form of these T&C.
    3. If an Administrator uses the DAR Lean Services on behalf of a legal entity User, he/she shall (and hereby does) confirm his/her authority to act on behalf of that legal entity User, and such Administrator shall accept these T&C on behalf of such User.
    4. The date of the Agreement between the Parties shall be deemed to be the date of successful registration of the Administrator and/or User on the Platform or App, subject to the available functionality.
    5. Then the Administrator shall register the Users on behalf of a legal entity by successively having the User carry out all of the following specific actions:
      • clicking on the Referral Link provided to the User by the Administrator. By such clicking, the User confirms his/her intention to use the Platform’s or App Services.
      • reading and accepting the T&C, reading the Privacy Statement and successfully registering on the Platform or App.
    6. After registering, the User is given access to the User’s Personal Account using the email address or subscriber phone number, and a password is set up. When registering, the User specifies a subscriber phone number. Further use of the DAR Lean Services by the User constitutes unconditional acceptance of these T&C.
    7. It is the responsibility of the Administrator and/or the User to ensure the security and safety of the password to third parties. If the password is lost or compromised and if third parties gain unauthorised access to the Personal Account, the Administrator and/or User shall immediately notify DAR TECH at the email address: info-eu@darlean.com. Until such a notice is received, all actions taken using the Administrator and/or User’s Personal Account shall be deemed to have been accepted by the Administrator and/or User.
    8. The User undertakes not to use anyone else’s username and password to access the DAR Lean Services and not to provide their verification data to other Users or third parties to access the Platform..
  5. SERVICES FROM DAR TECH

    1. DAR TECH offers Users free (limited access) and several paid subscriptions with additional functions. Full details of the prices and information on the individual subscriptions can be found at: https://darlean.com/en/plans.
    2. DAR TECH shall provide the User with the purchased Services during the term of the applicable Subscription Period in accordance with these T&Cs. This does not affect DAR TECH's right to terminate the contract between the Parties for a good cause or as otherwise provided in these T&C.
    3. For more information on the services, products, information, contract or subscription period and performance of DAR TECH, please refer to: https://darlean.com/en.
  6. SUBSCRIPTION FEE AND PAYMENT PROCEDURE

    1. The prices for the various payment versions are listed on https://darlean.com/en/plans. These prices are not binding and exclude the applicable statutory taxes. As soon as a contract is concluded, the fee is payable and due immediately.
    2. The cost of access to the functionality of the DAR Lean Services may change at the discretion of DAR TECH; however, a change in such cost shall not affect the cost of access to the DAR Lean Services functionality for Users who have paid such cost in full at the previous price for the remainder of the applicable Subscription Period only. DAR TECH shall notify Users of changes to the DAR Lean Services functionality by specifying the cost of the Platform in accordance with Section 6.1.
    3. The purchase of access to the functionality of the DAR Lean Services shall be for a certain period. At the same time, the User shall have the right to select the period for purchasing access to the functionality of the DAR Lean Services (hereinafter “Subscription Period”) in the relevant tab of the Platform from a limited selection of possible Subscription Periods.
    4. Payment for a subscription to access the functionality of the DAR Lean Platform and Services shall be made through electronic payment system providers allowing payment by credit or debit cards of international payment systems. For payment, the User must select one of the payment methods offered on the DAR Lean Platform. Other payment methods are not possible.
    5. In terms of implementing the payment infrastructure, the DAR Lean Services is based solely on financial services.
    6. The User agrees that DAR TECH is not responsible for failures in operating the payment systems.
    7. The processing of card data entry and the payments themselves shall be carried out by a financial service provider.
    8. Payment obligations shall be considered to have been fulfilled by the User if the payment is authorised in the system. The proof of the payment shall be the payment system information about the payment made.
    9. DAR TECH shall have no control over the electronic payment system and shall not be responsible for errors in such a payment system. If, as a result of such errors, the User’s money is debited, but the system does not authorise the payment, the obligation to return the funds to the User shall lie with the electronic payment system provider.
    10. If the User does not fulfil his payment obligation towards DAR TECH, DAR TECH is entitled to temporarily block the User's profile until the owed payment has been received. All other claims of DAR TECH remain unaffected by this.
  7. INTELLECTUAL PROPERTY

    1. The DAR Lean Platform, App and Services contain the results of intellectual activity owned by DAR TECH. DAR TECH owns and reserves all right, title, and interest in and to the DAR Lean Platform, App and the Services, including without limitation any intellectual property rights therein or thereto.
    2. By using the DAR Lean Services, the User acknowledges and agrees that all content on the Platform and App, and the structure of content on the Platform, are protected by copyright, trademark, and other intellectual property rights and that these rights are valid and protected in all forms, on all media and in relation to all technologies, whether currently existing or later developed or created. No rights to any content on the Platform, including but not limited to audio-visual works, images, methodological materials, or trademarks, shall be transferred to the User as a result of using the DAR Lean Services and entering into these T&C.
    3. Without prejudice to the universality of the foregoing provisions, the User acknowledges that the DAR Lean Services contain the results of intellectual activity, protected rights, and other materials of third parties and that, as between the Parties, such rights belong to DAR TECH. The User is prohibited from copying, modifying, changing, deleting, supplementing, publishing, transferring the objects of exclusive and personal non-property rights contained in the Platform or App, creating derivative works, making, or selling products based thereon, reproducing, displaying, or in any other way exercising or using such rights without the express permission of the rights holder.
    4. DAR TECH shall grant a limited, personal, non-exclusive, non-commercial, revocable, and non-transferable license to view the DAR Lean Services content to anyone who has accepted the T&C. The User undertakes not to copy content from the Platform using automated systems (such as scripts, bots, spiders, scanners, etc.) or using other information extraction systems and technologies (frames, User data extraction masks) without the prior written permission of the respective right holder. No materials from the DAR Lean Services may be copied, reproduced, modified, republished, uploaded, posted on third-party products, transferred to third parties, or distributed in any form or by any means without the prior written consent of DAR TECH except as expressly provided in these T&C.
    5. DAR TECH shall have the right to set limits on access to the DAR Lean Services products, including setting time and quantitative limits in order to prevent unauthorized access to the DAR Lean Services products by third parties.
    6. Suggestions made by Users do not give rise to any property rights of the User against DAR TECH. Notwithstanding any provision in these T&C to the contrary, DAR TECH may use, develop and implement any information, suggestions, comments, or other feedback (collectively, “Feedback”) provided to DAR TECH by or on behalf of User in connection with the development, operation, marketing and sale of the Platform and/or Services, in its discretion and with no compensation to any person providing such Feedback, irrespective of any intellectual property or proprietary rights claimed by User in such Feedback. User represents that it has not, and will not, knowingly provide Feedback that is subject to any third-party intellectual property rights.
  8. PERSONAL DATA

    1. Personal data of the User will be stored and processed automatically by DAR TECH in the performance of this contract. In this regard, DAR TECH hereby refers to the Privacy Statement available at https://darlean.com/en/policy.
    2. Insofar as DAR TECH processes Personal Data of Data Subjects attributable to the User (including, but not limited to employees or third parties of the User to whom the User has – within the limitations and prerequisites laid out in the Platform – granted access to the Platform, the App or to Services), DAR TECH shall be Processor within the meaning of Article 4(8) GDPR and the respective User shall be Controller within the meaning of Article 4(7) GDPR. In such a case, the Contracting Parties agree that the Annex to the Terms & Conditions: Processing Agreement for the use of the DAR Lean Platform together with the appendices referenced therein, available at [Link] (hereinafter “Data Processing Agreement”) shall apply as an agreement pursuant to Article 28 GDPR. This Data Processing Agreement shall be deemed an integral part of these T&C.
  9. LIABILITY / DISCLAIMER OF WARRANTIES

    1. DAR TECH shall not be liable for the performance of the DAR Lean Services and does not guarantee the uninterrupted operation of the DAR Lean Services. DAR TECH also does not guarantee the safety of the information posted on the Platform and App and the possibility of uninterrupted access to the Platform and App.
    2. The Platform and App may contain links to other websites or services on the Internet (hereinafter “Third-Party Websites”). DAR TECH shall not check these Third-Party Websites or their content for compliance with any requirements (authenticity, completeness, legality, etc.). DAR TECH shall not be liable for any information or materials posted on Third-Party Websites to which the User gains access in connection with the use of the DAR Lean Platform or Services, including any opinions or statements expressed on Third-Party Websites, advertisements, etc., as well as for the availability of such websites or content and the consequences of their use by the User.
    3. DAR TECH will not be liable for any direct, indirect, incidental, special, exemplary or consequential damages, personal injury/wrongful death, lost profits, lost data, or business interruption, the use or misuse of submissions or content in any way whatsoever arising out of the use of, or inability to use, the Platform and/or any Services, whether or not DAR TECH is advised of the possibility of such damages. In the event that the foregoing exclusion of liability is found by a court of competent jurisdiction to be unenforceable, and a determination is made that DAR TECH is liable, under no circumstances will DAR TECH be liable to any person or entity for more than the amount paid to DAR TECH by such person or entity in the 90 days immediately preceding the date on which the claim was first asserted.
    4. The User shall be liable to DAR TECH for the legality of all instructions given and shall indemnify and hold DAR TECH harmless from and against any and all damages and losses resulting from compliance with such instructions. Further, each User shall defend, indemnify and hold harmless DAR TECH from and against all liability, claims, actions, and expenses, including attorneys' fees and costs, arising out of such User’s use of the Platform and/or Services or such User’s breach or alleged breach of any term, condition, obligation, representation or warranty in this T&C. The User agrees that the provisions in this paragraph will survive any termination of such User’s Personal Account, the Platform or Services, or these T&C.
    5. DAR TECH does not guarantee that the DAR Lean Services meet the User’s requirements and that access to the Platform will be uninterrupted, fast, reliable, or error-free. Software and hardware errors both on the side of DAR TECH and on the side of the User, which made it impossible for the User to access the Platform, are force majeure circumstances and grounds for exemption from liability for non-fulfilment of obligations by DAR TECH under these T&C.
    6. The presentation, information and advertising of products and services on the DAR Lean Platform and/or the App and/or Third-Party Websites and/or any other websites, folders or advertising materials do not constitute a binding offer by DAR TECH to sell specific products or services.
    7. DAR TECH shall not be responsible for advertising materials distributed using the Service and Platform products, as well as for goods and services offered in accordance with these advertising materials.
    8. Subsidiaries, directors, employees, managers, agents, representatives, or vendors of DAR TECH may not give express or implied warranties on behalf of DAR TECH.
    9. Furthermore, to the extent permitted by applicable law, DAR TECH disclaims all express and implied warranties regarding the DAR Lean Services suitability for specific purposes not expressly defined in these T&C, including without limitation any warranty regarding the commercial value, respect for property rights, protection against computer viruses, title, non-infringement, merchantability, or fitness for a particular purpose.
    10. DAR TECH cannot guarantee the absence of errors and defects on the Platform and/or App, as well as uninterrupted access to the Platform and/or App, which may depend on the network connection, the User’s software and equipment, and other factors. The User agrees that he/she is solely responsible for using the Service and the Platform products. DAR TECH cannot guarantee that the Platform or Services are fully available in all jurisdictions, therefore, the use of the DAR Lean Services is permitted subject to the laws of the Republic of Cyprus.
    11. Each User forever releases, discharges, and covenants not to sue DAR TECH from and with respect to any and all liability, claims, actions, and expenses that may arise, whether caused by the negligence of DAR TECH or otherwise, in connection with the User’s use of the Platform and/or Services or the User’s interaction with any person or entity through or as a result of the Platform and/or Services.
    12. DAR TECH shall have no responsibility or liability for, or involvement with, any relationship that exists or comes to exist between or among Users of the Platform.
    13. To the extent permitted by applicable law, each User and DAR TECH agrees that regardless of any statute or law to the contrary, any claim or cause of action arising out of or related to use of the Platform and/or Services or this T&C (including the Privacy Policy) must be filed within ONE (1) YEAR after such claim or cause of action arose (or, if longer, within the shortest statute of limitations for such claim which the Parties may establish by agreement) or the claim will be forever barred.
  10. Additional provision for the use of the dar lean app

    1. The User is granted a non-exclusive, non-transferable and limited right by DAR TECH to access and use the DAR Lean App. This use is solely for personal and non-commercial purposes.
    2. The User may download and install the App from the respective application stores. The availability of the App may vary depending on the device, operating system and region.
    3. The User may not reproduce, distribute, make publicly available, modify or otherwise use the App without authorisation. The App may not be decompiled, reverse engineered, disassembled or otherwise converted into a readable form.
    4. Updates, upgrades and modifications to the App will be made at DAR TECH's sole discretion and may change the way the App is used or restrict the use of the App.
    5. DAR TECH cannot guarantee that the App will be error-free or uninterrupted at all times. Outages may occur due to maintenance, updates or for other reasons beyond DAR TECH's control.
    6. The App is protected by copyright and all rights thereto are owned by DAR TECH or its licensors. By using the App, the User does not acquire any ownership or other rights in the App other than the right to use expressly granted in these T&C.
  11. Final Provisions

    1. DAR TECH shall have the right to unilaterally amend the T&C, with such amendments taking effect 30 days after the publication of the new version of the T&C. On each subsequent visit to the Platform or App prior to using the Personal Account, the User undertakes to read the new version of these T&C. Continued use of the DAR Lean Platform, App and Services and the User’s Personal Account shall constitute the User’s acceptance of the terms and conditions of the new version of these T&C. If the User does not agree with the terms and conditions of the new version of these T&C, he/she shall stop using the Platform and Services.
    2. Should one or more provisions of this contract be or become invalid, this shall not affect the remaining provisions of this contract.
    3. The headings of the provisions contained in these T&C are for convenience only and shall not be used in interpreting them.
    4. This T&C and all aspects of the Platform and Services will be governed by and construed in accordance with the substantive law of the Republic of Cyprus. The applicability of International Private Law (including its referral norms) as well as the United Nations Convention on Contracts for the International Sale of Goods (CISG or Vienna Convention) is expressly excluded.
    5. In the absence of mandatory statutory provisions to the contrary, the court at the seat of DAR TECH shall have exclusive jurisdiction for disputes between the Contracting Parties.
    6. The User may obtain any clarification on the matters of interest by contacting DAR TECH by email at info-eu@darlean.com.

Annex to the Terms & Conditions (T&C)

Processing Agreement for the Use of the DAR Lean Platform of DAR TECH Limited (the “Agreement”) in respect of Personal Data of an EU Contractual Partner

  1. Preamble and Scope of this Agreement, Annex to the Terms & Conditions

    1. This Agreement is an integral part of the Terms & Conditions (T&C) on the use of the DAR Lean Platform concluded between DAR TECH Limited, Themistokli Dervi, 3, Julia House, CY-1066 Nicosia, Cyprus and the Contractual Partner.
    2. This Agreement serves as a Processing agreement pursuant to Article 28 of the General Data Protection Regulation (GDPR) between the Contractual Partner as Controller pursuant to Article 4 (7) GDPR and DAR TECH as Processor pursuant to Article 4 (8) GDPR. For the purpose of this Agreement, the terms of the General Data Protection Regulation shall apply.
    3. This Agreement shall only apply between DAR TECH and the Contractual Partner if the Contractual Partner is based within the European Union.
  2. Definitions

    • DAR Lean Platformmeans the cloud-based internet platform operated by DAR TECH under the web address https://app.darlean.com, which allows Users to organize and manage operational processes as well as teamwork, including, inter alia, productivity tools, processes, planning, HR management and reporting.
    • Annex or Agreement means this Annex to the Terms & Conditions (T&C) of DAR TECH for the use of the DAR Lean Platform.
    • Contractual Partner or Controller means any natural or legal person who concludes or has concluded a contract with DAR TECH for the use of the DAR Lean Platform which includes the Terms & Conditions.
    • DAR TECH or Processor means DAR TECH Limited, Themistokli Dervi, 3, Julia House, CY-1066 Nicosia, Cyprus.
    • General Data Protection Regulation or GDPR means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the Processing of Personal Data, on the free movement of such data and repealing Directive 95/46/EC as last published.
    • EU means the European Union.
    • EU Member State means a member of the European Union.
    • Parties refers to DAR TECH and the Contractual Partner collectively.
    • Personal Data is as defined within the T&Cs.
    • Processing means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
    • Terms & Conditions means DAR TECH’s Terms and Conditions on the use of the DAR Lean Platform.
  3. Objective of the Agreement, Contractual Partner as Controller

    1. DAR TECH undertakes to perform, on behalf of the Contractual Partner, the data Processing operations in accordance with the Terms & Conditions and this Agreement as further described in Appendix 1 of this Agreement.
    2. The Contractual Partner is deemed to be Controller pursuant to Article 4 No. 7 GDPR relating to the data Processing operations in accordance with Section 3.1. Accordingly, the Contractual Partner is obliged to implement all data protection obligations applicable to controllers under the GDPR and to monitor their implementation and compliance. The Contractual Partner confirms that before using the DAR Lean Platform, the Contractual Partner understands and is compliant with the relevant statutory provisions, in particular those relating to European and national data protection law, to which they are subject.
    3. The Contractual Partner undertakes not to make the DAR Lean Platform or individual modules or functions thereof accessible to Users if such use is prohibited under the legal provisions to which the Contractual Partner is subject. In such case, the Contractual Partner must instruct the Users without undue delay not to use the DAR Lean Platform or the relevant modules or functions, and to revoke, if possible, the User authorizations for such use; if such revocation is not possible within the DAR Lean Platform, the Contractual Partner shall immediately inform DAR TECH about this circumstance. The Contractual Partner shall indemnify and hold DAR TECH harmless for any claims of Users against DAR TECH arising from the Contractual Partner's breach of these obliga-tions.
  4. Processing by Processor, Right to Instruction

    1. DAR TECH shall process Personal Data as further described in Appendix 1 of this Agreement only on documented instructions from the Contractual Partner, including with regard to transfers of Personal Data to a third country or an international organization, unless required to do so by Union or Member State law to which DAR TECH is subject; in such a case, DAR TECH shall inform the Contractual Partner of that legal requirement before Processing, unless that law prohibits such information on important grounds of public interest.
    2. The conclusion of a contract on the use of the DAR Lean Platform between DAR TECH and the Contractual Partner to which the Terms & Conditions and this Agreement are attached as integral parts shall be deemed to be such documented instruction to process Personal Data. Subsequent instructions may also be given by the Contractual Partner throughout the duration of the Processing of Personal Data. These instructions shall always be documented.

    3. DAR TECH shall immediately inform the Contractual Partner if, without seeking legal advice, it considers that an instruction given by the Contractual Partner obviously infringes the GDPR or other data protection provisions of the EU or an EU Member State. DAR TECH shall not be obliged to seek legal advice on the performance of this Agreement and shall not provide any legal advice related to the performance of this Agreement.
    4. DAR TECH shall immediately inform the Contractual Partner whether it is obliged, under EU or EU Member State law, to process Personal Data contrary to the instructions of the Contractual Partner or without the instructions of the Contractual Partner, if such notification is legally permissible.
    5. Instructions given by the Contractual Partner must be consistent with the subject matter of this Agreement. Should DAR TECH incur an expense of more than one working hour as a result of following any individual instruction upon the explicit request of the Contractual Partner, the entire expense shall be reimbursed by the Contractual Partner.
  5. Confidentiality

    DAR TECH shall ensure that persons authorized to process Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

  6. Data Security

    1. DAR TECH shall implement technical and organisational measures to ensure the security of the Personal Data. This includes protecting the data against a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access to the data (Personal Data breach). In assessing the appropriate level of security, DAR TECH shall take due account of the state of the art, the costs of implementation, the nature, scope, context and purposes of Processing and the risks involved for the Data Subject.
    2. DAR TECH fulfils its obligation under Section 6.1 by implementing the measures set out in Appendix 2 of this Agreement. DAR TECH is entitled to adapt the technical and organizational measures to the current state of the art from time to time to ensure an adequate level of data security.
    3. DAR TECH shall inform the Contractual Partner of any Personal Data breach, in so far as such breach concerns data processed by DAR TECH on behalf of the Contractual Partner and results in a risk to the rights and freedoms of natural persons. This information shall be provided without delay as soon as DAR TECH becomes aware of such a breach and shall be addressed to the contact point notified in writing by the Contractual Partner.
    4. The information provided to the Contractual Partner pursuant to Section 6.3 shall include the following, as far as possible in the light of the circumstances:
      • the nature of the Personal Data breach including where possible, the categories and approximate number of Data Subjects concerned and the categories and approximate number of Personal Data records concerned;
      • the likely consequences of the Personal Data breach; and
      • the measures taken or proposed to be taken to address the Personal Data breach, including, where appropriate, measures to mitigate its possible adverse effects.
    5. DAR TECH hereby informs the Contractual Partner and the Contractual Partner expressly agrees that DAR TECH may process Personal Data as further described in Appendix 1 of this Agreement, only to the absolutely necessary extent, for the purposes of IT Security and the prevention of fraud and abuse. If certain Personal Data processed on behalf of the Contractual Partner is found to affect IT security (e.g. because certain files contain viruses), DAR TECH reserves the right to delete such data in accordance with the Terms & Conditions and to immediately inform the Contractual Partner.
    6. DAR TECH will, however, never transfer such data to third parties, unless explicitly required to do so by applicable European and/or Member State law; in such a case, DAR TECH shall notify the Contractual Partner immediately that such data transfer, including the reason and legal basis for such transfer, takes place, unless the applicable European and/or Member State law to which DAR TECH is subject prohibits such notification. DAR TECH will not process special categories of data as described in Article 9 (1) GDPR for such purposes.

  7. International Transfers

    1. Any transfer of data by DAR TECH to a third country or an international organisation shall be done only on the basis of documented instructions from the Contractual Partner or in order to fulfil a specific requirement under Union or Member State law to which DAR TECH is subject and shall take place in compliance with Chapter V GDPR.
    2. The Contractual Partner agrees that where DAR TECH engages a Sub-Processor in accordance with Section 8 for carrying out specific Processing activities (on behalf of the Contractual Partner) and those Processing activities involve a transfer of Personal Data within the meaning of Chapter V of Regulation (EU) 2016/679, DAR TECH and the Sub-Processor will ensure compliance with Chapter V of Regulation (EU) 2016/679 by using standard contractual clauses (SCCs) adopted by the Commission in accordance with Article 46(2) GDPR, provided the conditions for the use of those SCCs are met.
  8. Sub-Processing

    1. DAR TECH has the Contractual Partner’s general authorisation for the engagement of sub-processors from an agreed list pursuant to Appendix 3 of this Agreement. DAR TECH shall inform the Contractual Partner of any intended changes concerning the addition or replacement of other processors or sub-processors (hereinafter collectively “Sub-Processors”), thereby giving the Contractual Partner the opportunity to object to and prohibit such changes. If the Contractual Partner does not object within two weeks after such notification, the addition or replacement shall be deemed to have been approved. If such objection is raised, DAR TECH shall be entitled to terminate this Agreement as well as the underlying contractual relationship with the Contractual Partner to the end of the month by giving two weeks‘ notice.
    2. Where DAR TECH engages another Sub-Processor for carrying out specific Processing activities on behalf of the Contractual Partner, the same data protection obligations as set out in this Agreement shall be imposed on that Sub-Processor by way of a contract, in particular providing sufficient guarantees to implement appropriate technical and organizational measures in such a manner that the Processing will meet the requirements of applicable data protection law.
    3. Where that Sub-Processor fails to fulfil its data protection obligations, DAR TECH shall remain fully liable to the Contractual Partner for the performance of that Sub-Processor’s obligations.
  9. Assistance

    1. Taking into account the nature of the Processing, DAR TECH shall assist the Contractual Partner by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of the Contractual Partner‘s obligation to respond to requests for exercising the Data Subject‘s rights under applicable data protection law, including Chapter III of the GDPR. DAR TECH shall fulfil this obligation by forwarding requests received from Data Subjects to the Contractual Partner. If the Contractual Partner deems it necessary to receive additional support from DAR TECH and DAR TECH agrees to provide such support, DAR TECH shall be entitled to demand additional appropriate remuneration for rendering such additional support.
    2. Moreover, taking into account the nature of Processing and the information available to DAR TECH, DAR TECH shall assist the Contractual Partner in ensuring compliance with the Contractual Partner’s obligations under applicable data protection law, including Articles 32 to 36 of the GDPR. DAR TECH shall do so by (i) taking the measures set forth in Sections 5 (“Confidentiality”) and 6 (“Data Security”) of this Agreement; (ii) notifying the Contractual Partner of a breach of Personal Data pursuant to Section 6.3; and (iii) providing the information set forth in Appendix 1 of this Agreement. If the Contractual Partner deems it necessary to receive additional support from DAR TECH and DAR TECH agrees to provide such support, DAR TECH shall be entitled to demand additional appropriate remuneration for rendering such additional support.
  10. Deletion and Return of Personal Data

    1. DAR TECH hereby informs the Contractual Partner that currently a deletion of the entire Workspace is only possible by way of a separate written notification from the Contractual Partner to DAR TECH. DAR TECH is entitled to integrate such functionality into the DAR Lean Platform in the future.
    2. DAR TECH shall moreover, at the choice of the Contractual Partner, delete or return all the Personal Data to the Contractual Partner after the end of the provision of services relating to Processing, and delete existing copies unless applicable Union or EU Member State law requires storage of the Personal Data.
  11. Audit

    1. DAR TECH shall make available to the Contractual Partner all information necessary to demonstrate compliance with the obligations laid down in this Agreement.
    2. DAR TECH shall allow for pre-notified inspections to be carried out during business hours by the Contractual Partner or a third party commissioned by the Contractual Partner. Such inspections may be carried out at reasonable intervals and in a manner that does not interfere with the business of DAR TECH. Costs arising from such audits shall be borne by the Contractual Partner. DAR TECH shall be entitled to reasonable remuneration for all services rendered in connection with its support of inspections.
    3. DAR TECH may also fulfil its obligations under Section 11.2 by having an independent third party carry out a review at least every three years and sending the summary audit results to the Contractual Partner.
  12. Liability

    1. The liability of both Parties is limited to gross negligence. Liability for mere financial losses, including a loss of profit, is excluded.
    2. Notwithstanding the foregoing, the Contractual Partner shall be liable to DAR TECH for the legality of all instructions given and shall indemnify and hold DAR TECH harmless from and against any and all damages and losses resulting from compliance with such instructions.
  13. Miscellaneous

    1. The Final Provisions (Section 10) of the Terms & Conditions shall also apply for this Agreement.
    2. In the event of a contradiction between this Agreement and the provisions of related agreements between the Parties existing at the time when this Agreement is agreed or entered into thereafter, this Agreement shall prevail. This shall not apply for future amendments to this Agreement.

Appendix 1: Description of the Processing

DAR Lean Platform Processing: Definitions

  • Users: Users of the DAR Lean Platform who are either (i) the Contractual Partner, (ii) in a contractual relationship with the Contractual Partner (e.g. as employees or contract partners), or (iii) to whom the Contractual Partner has granted access to the DAR Lean Platform.
  • Interested Party: A natural person who is not yet a User of the DAR Lean Platform but has received an invitation to use it.
  • Workspace Data: Personal Data that a User enters by using the various modules of the DAR Lean Platform within a Workspace, in particular:
    • Invitation Data: This includes Personal Data entered by the User for the purpose of inviting an Interested Party, such as in particular the e-mail address as well as the intended role.
    • Collaboration Data: This includes Personal Data that occurs as a result of multiple Users interacting with each other or within a Team, specifically Personal Data contained in project plans, functional personal tasks, meeting notes, Personal Data related to video conferencing (including video transmission), or related User assignments/assignments.
    • Team Data: This includes Personal Data related to the Team (including human resources) of a Workspace, in particular listings of Users, roles, hierarchies, employee contract terms (if applicable), working time records, leave dates and types.
    • Work Data: This includes Personal Data related to tasks, in particular the assignment of Users to tasks, Per-onal Data related to processes, projects or budgets.
    • Media Data: This includes Personal Data contained in uploaded files, such as Word and PDF files, image, video and audio files.
  • Special categories of personal data: DAR TECH confirms that free-text fields are available within the DAR Lean platform. Whether DAR TECH processes special categories of Personal Data pursuant to Article 9 (1) GDPR is dependant upon whether Users enter such data into the free-text fields within the DAR Lean Platform.

Processing activities on behalf of the Controller (Contractual Partner):

Categories of data subjects: Categories of personal data: Subject matter and nature: Purpose: Duration of the processing:
Users Workspace Data Processing (especially collecting, recording, organizing, structuring, storing, retrieving, combining or erasing) Personal Data that has been entered by the User into the DAR Lean Platform in accordance with the Terms & Conditions as well as this Agreement. The scope of Processing is depending on the subscription plan chosen by the Contractual Partner. Provide Collaboration Tools to Users on behalf of the Contractual Partner Duration of the contractual relationship between the Contractual Partner and DAR TECH.
Users, Interested Party Name, E-Mail Collecting the name and e-mail address of an Interested Party from the User, transmission of an e-mail, storing the invitation data. Invite Interested Parties to the DAR Lean Platform on behalf of the Contractual Partner Until the transmission of the invitation e-mail and then for a reasonable time within which the Interested Party is able to accept the invitation
Users Workspace Data Accessing User’s Workspace Data on an individual basis upon User’s explicit request. Provision of technical assistance and support to Users upon request, on behalf of the Contractual Partner Until the completion of the technical assistance or support activity

Appendix 2: Technical and organizational measures

DAR TECH has implemented suitable technical and organizational measures to fulfil the legal requirements set forth in Article 32 GDPR. These measures include inter alia:

  1. Pseudonymization

    Implementation of suitable pseudoymization methods.

  2. Encryption

    Implementation of SSL encryption, encryption of local hard drives.

  3. Confidentiality

    • Physical access control

      No unauthorized access to data Processing systems, e.g. magnetic or chip cards, keys, electric door openers, plant security or gatekeepers, alarm systems, video systems;

    • Access rights

      No unauthorized system use, e.g. secure passwords, automatic locking mechanisms, two-factor authentication, encryption of data media;

    • Access control

      No unauthorized reading, copying, modification or removal within the system, e.g. Authorization concepts and needs-based access rights, logging of accesses;

    • Separation control

      Separate processing of data collected for different purposes, e.g. multi-client capability, sandboxing;

    • Pseudonymization (Art. 32 para. 1 letter a GDPR)

      The processing of personal data in such a way that the data can no longer be assigned to a specific data subject without the inclusion of additional information, provided that this additional information is kept separately and is subject to appropriate technical and organizational measures.

  4. Integrity

    • Transmission control

      No unauthorized reading, copying, modification or removal during electronic transmission or transport, e.g. encryption, Virtual Private Networks (VPN), electronic signature.

    • Entry control

      Determining whether and by whom personal data have been entered, modified or removed from data processing systems, e.g: logging, document management.

  5. Availability and resilience

    • Availability control

      Protection against accidental or wilful destruction or loss, e.g. backup strategy (online/offline; on-site/off-site), uninterruptible power supply (UPS), virus protection, firewall, reporting channels and emergency plans;

    • Rapid restorability

  6. Procedures for regular review, assessment and evaluation

    • Data protection management;
    • Incident-Response-Management;
    • Privacy-friendly default settings (Art. 25 (2) GDPR);
    • Order control
    • No data Processing in the sense of Art. 28 GDPR without corresponding instruction of the Contractual Partner, e.g. clear contract drafting, formalized order management, strict selection of the service provider, obligation to assure in advance, and follow-up checks.

Appendix 3: Sub-Processors

Sub-Processor Function Country Legal basis for data export
DAR Solutions LLP., 180640002340 Almaty, Koktem microdistrict 2 – 22, Kazakhstan Technical Assistance and Support of Users Kazakhstan Standard Contractual Clauses (SCC)
AMAZON WEB SERVICES EMEA SOCIÉTÉ À RESPONSABILITÉ LIMITÉE 38 AVENUE JOHN F. KENNEDY, L-1855 LUXEMBOURG Hosting Luxembourg (EU Member State)
This version only applies to Users within the United Kingdom. To adjust the region, please use the dropdown button located above.
Terms and Conditions for the use of the DAR Lean Platform of DAR TECH Limited
  1. Preamble

    1. These Terms and Conditions (hereinafter “T&C”) apply to the use of the DAR Lean Platform available via the address https://app.darlean.com and as an app from DAR TECH Limited, HE409398, Themistokli Dervi 3, JULIA HOUSE, 1066, Nicosia, Cyprus (hereinafter “DAR TECH”) including all Services, videos, recordings, sounds, texts, graphics and other materials sent, received, stored or otherwise displayed on the DAR Lean Platform. These T&C create a legal agreement between DAR TECH and each User of the DAR Lean Platform and/or Services.
    2. By accessing or using the DAR Lean Platform and/or Services, the User automatically agrees to the T&C, whether or not the User has entered into a separate contract with DAR TECH. If the User does not agree to the T&C in full, he/she is prohibited from accessing the DAR Lean Platform and Services and using the content and services offered there.
    3. To use the DAR Lean Platform, App and Services, the User must be 18 years old and an Entrepreneur or Business Owner. Contracts are not concluded with consumers.
    4. The User expressly acknowledges that DAR TECH already objects to all deviating regulations in any order or in other business documents of the User.
  2. Definitions

    1. The definitions used in this T&C refer exclusively to this T&C and do not affect the definitions in DAR TECH's Privacy Statement or other documents. In this T&C, unless otherwise expressly stated in the text, the following terms shall have the meanings given below:
      • DAR Lean Platform or Platform: the DAR Lean cloudbased internet platform operated by DAR TECH under the web address https://app.darlean.com, which allows Users to organise and manage operational processes as well as teamwork, including, inter alia, productivity tools, processes, planning, HR management and reporting.
      • DAR Lean App or App: DAR TECH also offers the DAR Lean Services as an app available via an external app store.
      • User: a legal or natural person who uses the Platform and Services of DAR TECH, regardless of whether the User has registered or there is a contractual relationship between the Contracting Parties.
      • Entrepreneurs or Business Owners: natural or legal persons or partnerships with legal capacity who run a business. Businesses are any permanent organisations of independent economic activity, even if they are not profitoriented. Consumers are not Entrepreneurs/Business Owners.
      • Contracting Party/Parties or Party/Parties: This is understood to mean DAR TECH and the User individually or jointly. This applies irrespective of whether a contractual relationship has already been established between the User and DAR TECH or not.
      • User’s Personal Account or Personal Account: a set of protected Platform pages created as a result of the User’s registration, using which the User is able to access the functionality of the DAR Lean Services, allowing the User to manage settings, edit the account, and perform other actions necessary to implement the functionality of the DAR Lean Services within the authority granted to him.
      • Administrator: a person authorised by the User to manage the administrative panel in the User’s Personal Account, responsible for managing the settings, editing the account, and performing actions necessary for the use of the DAR Lean Services within the limits of his authority.
      • Privacy Statement: a document, as amended and supplemented, which defines the procedure and conditions for the collection, use, storage, processing, protection, and privacy of the User’s data, including Personal Data, which forms an integral part of these T&C, and which is available at: https://darlean.com/en/policy.
      • Referral Link: a link to the Platform provided to the User by the Administrator to register and make changes to the ac-count by filling out the form in the User’s Personal Account.
      • DAR Lean Services or Services: the services and tools available to Users through the Platform and the App.
      • EU General Data Protection Regulation or EU GDPR means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46/EC as last published.
      • ● UK General Data Protection Regulation or UK GDPR, for Processing UK Personal Data, means the General Data Protection Regulation, Regulation (EU) 2016/679, as it forms part of domestic law in the UK by virtue of section 3 of the European Union (Withdrawal) Act 2018 (including as further amended or modified by the laws of the UK from time to time).
      • Personal Data: any information relating to an identified or identifiable natural person (“Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  3. TERMS OF USE

    1. DAR TECH shall grant the User, under the T&C, the right to use the DAR Lean Platform and DAR Lean App as well as the additional Services available therein.
    2. The DAR Lean Platform and DAR Lean App is a feebased online platform of DAR TECH that offers various DAR Lean Services. In order to use the DAR Lean Services on the Platform and DAR Lean App, Users must meet certain technical requirements, and under certain circumstances, pay a fee for a certain duration, and the User shall pay DAR TECH any such applicable fee as provided in Sections 5 and 6. A separate contract between DAR TECH and the User will be concluded when the use of the DAR Lean Services starts. The conditions in these T&Cs apply to all contracts between DAR TECH and the Users as well as to any use of the DAR Lean Services. Any deviating agreements must be recorded in writing.
    3. The functionality, interface, and any Services provided on the Platform and DAR Lean App, including any Services, may be modified, supplemented, and updated, and may change the form and nature of the Platform’s or Services’ functionality at any time without prior notice to the User, and therefore, their use is offered on an “as is” basis, that is, in the form and volume in which DAR TECH provides them at the time of the User’s request. DAR TECH shall have the right, at its sole discretion, to terminate (temporarily or permanently, in whole or in separate territories, to Users of all or certain categories, or models of devices and (or) operating systems, software products), the provision of support for the DAR Lean Services, its parts, and (or) individual Services (or any individual functions within the Services) to all Users in general or an individual User, in particular, without prior notice.
    4. DAR TECH shall have the right to restrict or prohibit (temporarily or permanently) the User’s access to the DAR Lean Platform, App and/or Services to its functionality, if the User has violated ethical standards both in relation to employees of DAR TECH and other Users or has violated any provisions of these T&C.
    5. Information content of the Platform and DAR Lean App, changes in the design of the Platform and DAR Lean App, and changes in the prices of the fees may be made by DAR TECH without prior notice to the Users.
    6. After successful registration, the User shall gain access to the User’s Personal Account and be able to use the functionalities of the Platform.
    7. DAR TECH may at any time, at its sole discretion and without prior notice to the User, transfer all or part of its rights and obligations arising from these T&C and other legal documents applicable to the legal relations between the Parties to any third party.
    8. The User shall use the DAR Lean Services and the User’s Personal Account in good faith, without violating any laws, any rights or freedoms of any person (including third parties), and the standards of morality and ethics.
    9. If the User has a claim against another User in connection with the latter’s use of the Platform, the User shall address the claim directly to that User and settle the claim independently and without the involvement of DAR TECH.
    10. If the User violates the T&C, the law, standards of morality and ethics, or technical requirements or fails to meet its payment obligation, DAR TECH shall have the right to suspend, block, or delete the User’s Personal Account, prohibit, or restrict access to some or all of the functions of the DAR Lean Services using the User’s Personal Account.
    11. The User guarantees that all claims of rights holders/authors/contractors arising from the use of the DAR Lean Services information by the User in contradiction with these T&C shall be settled independently by the User, at his own expense. If DAR TECH receives claims from third parties regarding illegal use of the intellectual property on the DAR Lean Platform and DAR Lean App, the User agrees to compensate all losses of DAR TECH incurred as a result of such claims, and DAR TECH also reserves the right to unilaterally terminate these T&C as between the Parties by deleting the User’s profile.
  4. REGISTRATION CONDITIONS

    1. DAR TECH shall provide the User access to information relating to the DAR Lean Services before the User’s registration. The prerequisite for the conclusion of a contract is the registration of the User or Administrator on the DAR Lean Platform and DAR Lean App. The User shall have the right to use the DAR Lean Services after registering in his personal account and entering into these T&C.
    2. By completing registration on the DAR Lean Platform, the User makes a binding offer to conclude a contract. The User and/or Administrator also confirm that all information provided by him/her during registration is true and complete. He/she is obliged to inform DAR TECH immediately of any change in the registration data. DAR TECH may accept this offer by activating the Personal Account for the User’s use of the DAR Lean Services. With the acceptance of the offer, the contract between the Parties is concluded in the form of these T&C.
    3. If an Administrator uses the DAR Lean Services on behalf of a legal entity User, he/she shall (and hereby does) confirm his/her authority to act on behalf of that legal entity User, and such Administrator shall accept these T&C on behalf of such User.
    4. The date of the Agreement between the Parties shall be deemed to be the date of successful registration of the Administrator and/or User on the Platform or App, subject to the available functionality.
    5. Then the Administrator shall register the Users on behalf of a legal entity by successively having the User carry out all of the following specific actions:
      • clicking on the Referral Link provided to the User by the Administrator. By such clicking, the User confirms his/her intention to use the Platform’s or App Services.
      • reading and accepting the T&C, reading the Privacy Statement and successfully registering on the Platform or App.
    6. After registering, the User is given access to the User’s Personal Account using the email address or subscriber phone number, and a password is set up. When registering, the User specifies a subscriber phone number. Further use of the DAR Lean Services by the User constitutes unconditional acceptance of these T&C.
    7. It is the responsibility of the Administrator and/or the User to ensure the security and safety of the password to third parties. If the password is lost or compromised and if third parties gain unauthorised access to the Personal Account, the Administrator and/or User shall immediately notify DAR TECH at the email address: info-eu@darlean.com. Until such a notice is received, all actions taken using the Administrator and/or User’s Per-sonal Account shall be deemed to have been accepted by the Administrator and/or User.
    8. The User undertakes not to use anyone else’s username and password to access the DAR Lean Services and not to provide their verification data to other Users or third parties to access the Platform..
  5. SERVICES FROM DAR TECH

    1. DAR TECH offers Users free (limited access) and several paid subscriptions with additional functions. Full details of the prices and information on the individual subscriptions can be found at: https://darlean.com/en/plans.
    2. DAR TECH shall provide the User with the purchased Services during the term of the applicable Subscription Period in accordance with these T&Cs. This does not affect DAR TECH's right to terminate the contract between the Parties for a good cause or as otherwise provided in these T&C.
    3. For more information on the services, products, information, contract or subscription period and performance of DAR TECH, please refer to: https://darlean.com/en.
  6. SUBSCRIPTION FEE AND PAYMENT PROCEDURE

    1. The prices for the various payment versions are listed on https://darlean.com/en/plans. These prices are not binding and exclude the applicable statutory taxes. As soon as a contract is concluded, the fee is payable and due immediately.
    2. The cost of access to the functionality of the DAR Lean Services may change at the discretion of DAR TECH; however, a change in such cost shall not affect the cost of access to the DAR Lean Services functionality for Users who have paid such cost in full at the previous price for the remainder of the applicable Subscription Period only. DAR TECH shall notify Users of changes to the DAR Lean Services functionality by specifying the cost of the Platform in accordance with Section 6.1.
    3. The purchase of access to the functionality of the DAR Lean Services shall be for a certain period. At the same time, the User shall have the right to select the period for purchasing access to the functionality of the DAR Lean Services (hereinafter “Subscription Period”) in the relevant tab of the Platform from a limited selection of possible Subscription Periods.
    4. Payment for a subscription to access the functionality of the DAR Lean Platform and Services shall be made through electronic payment system providers allowing payment by credit or debit cards of international payment systems. For payment, the User must select one of the payment methods offered on the DAR Lean Platform. Other payment methods are not possible.
    5. In terms of implementing the payment infrastructure, the DAR Lean Services is based solely on financial services.
    6. The User agrees that DAR TECH is not responsible for failures in operating the payment systems.
    7. The processing of card data entry and the payments themselves shall be carried out by a financial service provider.
    8. Payment obligations shall be considered to have been fulfilled by the User if the payment is authorised in the system. The proof of the payment shall be the payment system information about the payment made.
    9. DAR TECH shall have no control over the electronic payment system and shall not be responsible for errors in such a payment system. If, as a result of such errors, the User’s money is debited, but the system does not authorise the payment, the obligation to return the funds to the User shall lie with the electronic payment system provider.
    10. If the User does not fulfil his payment obligation towards DAR TECH, DAR TECH is entitled to temporarily block the User's profile until the owed payment has been received. All other claims of DAR TECH remain unaffected by this.
  7. INTELLECTUAL PROPERTY

    1. The DAR Lean Platform, App and Services contain the results of intellectual activity owned by DAR TECH. DAR TECH owns and reserves all right, title, and interest in and to the DAR Lean Platform, App and the Services, including without limitation any intellectual property rights therein or thereto.
    2. By using the DAR Lean Services, the User acknowledges and agrees that all content on the Platform and App, and the structure of content on the Platform, are protected by copyright, trademark, and other intellectual property rights and that these rights are valid and protected in all forms, on all media and in relation to all technologies, whether currently existing or later developed or created. No rights to any content on the Platform, including but not limited to audiovisual works, images, methodological materials, or trademarks, shall be transferred to the User as a result of using the DAR Lean Services and entering into these T&C.
    3. Without prejudice to the universality of the foregoing provisions, the User acknowledges that the DAR Lean Services contain the results of intellectual activity, protected rights, and other materials of third parties and that, as between the Parties, such rights belong to DAR TECH. The User is prohibited from copying, modifying, changing, deleting, supplementing, publishing, transferring the objects of exclusive and personal nonproperty rights contained in the Platform or App, creating derivative works, making, or selling products based thereon, reproducing, displaying, or in any other way exercising or using such rights without the express permission of the rights holder.
    4. DAR TECH shall grant a limited, personal, nonexclusive, noncommercial, revocable, and nontransferable license to view the DAR Lean Services content to anyone who has accepted the T&C. The User undertakes not to copy content from the Platform using automated systems (such as scripts, bots, spiders, scanners, etc.) or using other information extraction systems and technologies (frames, User data extraction masks) without the prior written permission of the respective right holder. No materials from the DAR Lean Services may be copied, reproduced, modified, republished, uploaded, posted on thirdparty products, transferred to third parties, or distributed in any form or by any means without the prior written consent of DAR TECH except as expressly provided in these T&C.
    5. DAR TECH shall have the right to set limits on access to the DAR Lean Services products, including setting time and quantitative limits in order to prevent unauthorized access to the DAR Lean Services products by third parties.
    6. Suggestions made by Users do not give rise to any property rights of the User against DAR TECH. Notwithstanding any provision in these T&C to the contrary, DAR TECH may use, develop and implement any information, suggestions, comments, or other feedback (collectively, “Feedback”) provided to DAR TECH by or on behalf of User in connection with the development, operation, marketing and sale of the Platform and/or Services, in its discretion and with no compensation to any person providing such Feedback, irrespective of any intellectual property or proprietary rights claimed by User in such Feedback. User represents that it has not, and will not, knowingly provide Feedback that is subject to any thirdparty intellectual property rights.
  8. PERSONAL DATA

    1. Personal data of the User will be stored and processed automatically by DAR TECH in the performance of this contract. In this regard, DAR TECH hereby refers to the Privacy Statement available at https://darlean.com/en/policy.
    2. Insofar as DAR TECH processes Personal Data of Data Subjects attributable to the User (including, but not limited to employees or third parties of the User to whom the User has – within the limitations and prerequisites laid out in the Platform – granted access to the Platform or to Platform Services), DAR TECH shall be Processor within the meaning of Article 4(8) EU-GDPR and Article 4(8) UKGDPR and the respective User shall be Controller within the meaning of Article 4(7) EUGDPR and Article 4(7) UKGDPR. In such a case, the Contracting Parties agree that the Annex to the Terms & Conditions: Processing Agreement for the use of the DAR Lean Platform together with the appendices referenced therein, available at [Link] (hereinafter “Data Processing Agreement”) shall apply as an agreement pursuant to Article 28 EU-GDPR and Article 28 UK-GDPR. This Data Processing Agreement shall be deemed an integral part of these T&C.
  9. LIABILITY / DISCLAIMER OF WARRANTIES

    1. DAR TECH shall not be liable for the performance of the DAR Lean Services and does not guarantee the uninterrupted operation of the DAR Lean Services. DAR TECH also does not guarantee the safety of the information posted on the Platform and App and the possibility of uninterrupted access to the Platform and App.
    2. The Platform and App may contain links to other websites or services on the Internet (hereinafter “ThirdParty Websites”). DAR TECH shall not check these ThirdParty Websites or their content for compliance with any requirements (authenticity, completeness, legality, etc.). DAR TECH shall not be liable for any information or materials posted on ThirdParty Websites to which the User gains access in connection with the use of the DAR Lean Platform or Services, including any opinions or statements expressed on ThirdParty Websites, advertisements, etc., as well as for the availability of such websites or content and the consequences of their use by the User.
    3. DAR TECH will not be liable for any direct, indirect, incidental, special, exemplary or consequential damages, personal injury/wrongful death, lost profits, lost data, or business interruption, the use or misuse of submissions or content in any way whatsoever arising out of the use of, or inability to use, the Platform and/or any Services, whether or not DAR TECH is advised of the possibility of such damages. In the event that the foregoing exclusion of liability is found by a court of competent jurisdiction to be unenforceable, and a determination is made that DAR TECH is liable, under no circumstances will DAR TECH be liable to any person or entity for more than the amount paid to DAR TECH by such person or entity in the 90 days immediately preceding the date on which the claim was first asserted.
    4. The User shall be liable to DAR TECH for the legality of all instructions given and shall indemnify and hold DAR TECH harmless from and against any and all damages and losses resulting from compliance with such instructions. Further, each User shall defend, indemnify and hold harmless DAR TECH from and against all liability, claims, actions, and expenses, including attorneys' fees and costs, arising out of such User’s use of the Platform and/or Services or such User’s breach or alleged breach of any term, condition, obligation, representation or warranty in this T&C. The User agrees that the provisions in this paragraph will survive any termination of such User’s Personal Account, the Platform or Services, or these T&C.
    5. DAR TECH does not guarantee that the DAR Lean Services meet the User’s requirements and that access to the Platform will be uninterrupted, fast, reliable, or errorfree. Software and hardware errors both on the side of DAR TECH and on the side of the User, which made it impossible for the User to access the Platform, are force majeure circumstances and grounds for exemption from liability for nonfulfilment of obligations by DAR TECH under these T&C.
    6. The presentation, information and advertising of products and services on the DAR Lean Platform and/or the App and/or ThirdParty Websites and/or any other websites, folders or advertising materials do not constitute a binding offer by DAR TECH to sell specific products or services.
    7. DAR TECH shall not be responsible for advertising materials distributed using the Service and Platform products, as well as for goods and services offered in accordance with these advertising materials.
    8. Subsidiaries, directors, employees, managers, agents, representatives, or vendors of DAR TECH may not give express or implied warranties on behalf of DAR TECH.
    9. Furthermore, to the extent permitted by applicable law, DAR TECH disclaims all express and implied warranties regarding the DAR Lean Services suitability for specific purposes not expressly defined in these T&C, including without limitation any warranty regarding the commercial value, respect for property rights, protection against computer viruses, title, noninfringement, merchantability, or fitness for a particular purpose.
    10. DAR TECH cannot guarantee the absence of errors and defects on the Platform and/or App, as well as uninterrupted access to the Platform and/or App, which may depend on the network connection, the User’s software and equipment, and other factors. The User agrees that he/she is solely responsible for using the Service and the Platform products. DAR TECH cannot guarantee that the Platform or Services are fully available in all jurisdictions, therefore, the use of the DAR Lean Services is permitted subject to the laws of the Republic of Cyprus.
    11. Each User forever releases, discharges, and covenants not to sue DAR TECH from and with respect to any and all liability, claims, actions, and expenses that may arise, whether caused by the negligence of DAR TECH or otherwise, in connection with the User’s use of the Platform and/or Services or the User’s interaction with any person or entity through or as a result of the Platform and/or Services.
    12. DAR TECH shall have no responsibility or liability for, or involvement with, any relationship that exists or comes to exist between or among Users of the Platform.
    13. To the extent permitted by applicable law, each User and DAR TECH agrees that regardless of any statute or law to the contrary, any claim or cause of action arising out of or related to use of the Platform and/or Services or this T&C (including the Privacy Policy) must be filed within ONE (1) YEAR after such claim or cause of action arose (or, if longer, within the shortest statute of limitations for such claim which the Parties may establish by agreement) or the claim will be forever barred.
  10. Additional provision for the use of the dar lean app

    1. The User is granted a nonexclusive, nontransferable and limited right by DAR TECH to access and use the DAR Lean App. This use is solely for personal and noncommercial purposes.
    2. The User may download and install the App from the respective application stores. The availability of the App may vary depending on the device, operating system and region.
    3. The User may not reproduce, distribute, make publicly available, modify or otherwise use the App without authorisation. The App may not be decompiled, reverse engineered, disassembled or otherwise converted into a readable form.
    4. Updates, upgrades and modifications to the App will be made at DAR TECH's sole discretion and may change the way the App is used or restrict the use of the App.
    5. DAR TECH cannot guarantee that the App will be errorfree or uninterrupted at all times. Outages may occur due to maintenance, updates or for other reasons beyond DAR TECH's control.
    6. The App is protected by copyright and all rights thereto are owned by DAR TECH or its licensors. By using the App, the User does not acquire any ownership or other rights in the App other than the right to use expressly granted in these T&C.
  11. Final Provisions

    1. DAR TECH shall have the right to unilaterally amend the T&C, with such amendments taking effect 30 days after the publication of the new version of the T&C. On each subsequent visit to the Platform or App prior to using the Personal Account, the User undertakes to read the new version of these T&C. Continued use of the DAR Lean Platform, App and Services and the User’s Personal Account shall constitute the User’s acceptance of the terms and conditions of the new version of these T&C. If the User does not agree with the terms and conditions of the new version of these T&C, he/she shall stop using the Platform and Services.
    2. Should one or more provisions of this contract be or become invalid, this shall not affect the remaining provisions of this contract.
    3. The headings of the provisions contained in these T&C are for convenience only and shall not be used in interpreting them.
    4. This T&C and all aspects of the Platform and Services will be governed by and construed in accordance with the substantive law of the Republic of Cyprus. The applicability of International Private Law (including its referral norms) as well as the United Nations Convention on Contracts for the International Sale of Goods (CISG or Vienna Convention) is expressly excluded.
    5. In the absence of mandatory statutory provisions to the contrary, the court at the seat of DAR TECH shall have exclusive jurisdiction for disputes between the Contracting Parties.
    6. The User may obtain any clarification on the matters of interest by contacting DAR TECH by email at info-eu@darlean.com.

Annex to the Terms & Conditions (T&C)

Processing Agreement for the Use of the DAR Lean Platform of DAR TECH Limited (the “Agreement”) in respect of Personal Data of an EU Contractual Partner

  1. Preamble and Scope of this Agreement, Annex to the Terms & Conditions

    1. This Agreement is an integral part of the Terms & Conditions (T&C) on the use of the DAR Lean Platform concluded between DAR TECH Limited, Themistokli Dervi, 3, Julia House, CY-1066 Nicosia, Cyprus and the Contractual Partner.
    2. This Agreement serves as a Processing agreement pursuant to Article 28 of the General Data Protection Regulation (GDPR) between the Contractual Partner as Controller pursuant to Article 4 (7) GDPR and DAR TECH as Processor pursuant to Article 4 (8) GDPR. For the purpose of this Agreement, the terms of the General Data Protection Regulation shall apply.
    3. This Agreement shall only apply between DAR TECH and the Contractual Partner if the Contractual Partner is based within the European Union.
  2. Definitions

    • DAR Lean Platformmeans the cloud-based internet platform operated by DAR TECH under the web address https://app.darlean.com, which allows Users to organize and manage operational processes as well as teamwork, including, inter alia, productivity tools, processes, planning, HR management and reporting.
    • Annex or Agreement means this Annex to the Terms & Conditions (T&C) of DAR TECH for the use of the DAR Lean Platform.
    • Contractual Partner or Controller means any natural or legal person who concludes or has concluded a contract with DAR TECH for the use of the DAR Lean Platform which includes the Terms & Conditions.
    • DAR TECH or Processor means DAR TECH Limited, Themistokli Dervi, 3, Julia House, CY-1066 Nicosia, Cyprus.
    • General Data Protection Regulation or GDPR means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the Processing of Personal Data, on the free movement of such data and repealing Directive 95/46/EC as last published.
    • EU means the European Union.
    • EU Member State means a member of the European Union.
    • Parties refers to DAR TECH and the Contractual Partner collectively.
    • Personal Data is as defined within the T&Cs.
    • Processing means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
    • Terms & Conditions means DAR TECH’s Terms and Conditions on the use of the DAR Lean Platform.
  3. Objective of the Agreement, Contractual Partner as Controller

    1. DAR TECH undertakes to perform, on behalf of the Contractual Partner, the data Processing operations in accordance with the Terms & Conditions and this Agreement as further described in Appendix 1 of this Agreement.
    2. The Contractual Partner is deemed to be Controller pursuant to Article 4 No. 7 GDPR relating to the data Processing operations in accordance with Section 3.1. Accordingly, the Contractual Partner is obliged to implement all data protection obligations applicable to controllers under the GDPR and to monitor their implementation and compliance. The Contractual Partner confirms that before using the DAR Lean Platform, the Contractual Partner understands and is compliant with the relevant statutory provisions, in particular those relating to European and national data protection law, to which they are subject.
    3. The Contractual Partner undertakes not to make the DAR Lean Platform or individual modules or functions thereof accessible to Users if such use is prohibited under the legal provisions to which the Contractual Partner is subject. In such case, the Contractual Partner must instruct the Users without undue delay not to use the DAR Lean Platform or the relevant modules or functions, and to revoke, if possible, the User authorizations for such use; if such revocation is not possible within the DAR Lean Platform, the Contractual Partner shall immediately inform DAR TECH about this circumstance. The Contractual Partner shall indemnify and hold DAR TECH harmless for any claims of Users against DAR TECH arising from the Contractual Partner's breach of these obligations.
  4. Processing by Processor, Right to Instruction

    1. DAR TECH shall process Personal Data as further described in Appendix 1 of this Agreement only on documented instructions from the Contractual Partner, including with regard to transfers of Personal Data to a third country or an international organization, unless required to do so by Union or Member State law to which DAR TECH is subject; in such a case, DAR TECH shall inform the Contractual Partner of that legal requirement before Processing, unless that law prohibits such information on important grounds of public interest.
    2. The conclusion of a contract on the use of the DAR Lean Platform between DAR TECH and the Contractual Partner to which the Terms & Conditions and this Agreement are attached as integral parts shall be deemed to be such documented instruction to process Personal Data. Subsequent instructions may also be given by the Contractual Partner throughout the duration of the Processing of Personal Data. These instructions shall always be documented.

    3. DAR TECH shall immediately inform the Contractual Partner if, without seeking legal advice, it considers that an instruction given by the Contractual Partner obviously infringes the GDPR or other data protection provisions of the EU or an EU Member State. DAR TECH shall not be obliged to seek legal advice on the performance of this Agreement and shall not provide any legal advice related to the performance of this Agreement.
    4. DAR TECH shall immediately inform the Contractual Partner whether it is obliged, under EU or EU Member State law, to process Personal Data contrary to the instructions of the Contractual Partner or without the instructions of the Contractual Partner, if such notification is legally permissible.
    5. Instructions given by the Contractual Partner must be consistent with the subject matter of this Agreement. Should DAR TECH incur an expense of more than one working hour as a result of following any individual instruction upon the explicit request of the Contractual Partner, the entire expense shall be reimbursed by the Contractual Partner.
  5. Confidentiality

    DAR TECH shall ensure that persons authorized to process Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

  6. Data Security

    1. DAR TECH shall implement technical and organisational measures to ensure the security of the Personal Data. This includes protecting the data against a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access to the data (Personal Data breach). In assessing the appropriate level of security, DAR TECH shall take due account of the state of the art, the costs of implementation, the nature, scope, context and purposes of Processing and the risks involved for the Data Subject.
    2. DAR TECH fulfils its obligation under Section 6.1 by implementing the measures set out in Appendix 2 of this Agreement. DAR TECH is entitled to adapt the technical and organizational measures to the current state of the art from time to time to ensure an adequate level of data security.
    3. DAR TECH shall inform the Contractual Partner of any Personal Data breach, in so far as such breach concerns data processed by DAR TECH on behalf of the Contractual Partner and results in a risk to the rights and freedoms of natural persons. This information shall be provided without delay as soon as DAR TECH becomes aware of such a breach and shall be addressed to the contact point notified in writing by the Contractual Partner.
    4. The information provided to the Contractual Partner pursuant to Section 6.3 shall include the following, as far as possible in the light of the circumstances:
      • the nature of the Personal Data breach including where possible, the categories and approximate number of Data Subjects concerned and the categories and approximate number of Personal Data records concerned;
      • the likely consequences of the Personal Data breach; and
      • the measures taken or proposed to be taken to address the Personal Data breach, including, where appropriate, measures to mitigate its possible adverse effects.
    5. DAR TECH hereby informs the Contractual Partner and the Contractual Partner expressly agrees that DAR TECH may process Personal Data as further described in Appendix 1 of this Agreement, only to the absolutely necessary extent, for the purposes of IT Security and the prevention of fraud and abuse. If certain Personal Data processed on behalf of the Contractual Partner is found to affect IT security (e.g. because certain files contain viruses), DAR TECH reserves the right to delete such data in accordance with the Terms & Conditions and to immediately inform the Contractual Partner.
    6. DAR TECH will, however, never transfer such data to third parties, unless explicitly required to do so by applicable European and/or Member State law; in such a case, DAR TECH shall notify the Contractual Partner immediately that such data transfer, including the reason and legal basis for such transfer, takes place, unless the applicable European and/or Member State law to which DAR TECH is subject prohibits such notification. DAR TECH will not process special categories of data as described in Article 9 (1) GDPR for such purposes.

  7. International Transfers

    1. Any transfer of data by DAR TECH to a third country or an international organisation shall be done only on the basis of documented instructions from the Contractual Partner or in order to fulfil a specific requirement under Union or Member State law to which DAR TECH is subject and shall take place in compliance with Chapter V GDPR.
    2. The Contractual Partner agrees that where DAR TECH engages a SubProcessor in accordance with Section 8 for carrying out specific Processing activities (on behalf of the Contractual Partner) and those Processing activities involve a transfer of Personal Data within the meaning of Chapter V of Regulation (EU) 2016/679, DAR TECH and the Sub-Processor will ensure compliance with Chapter V of Regulation (EU) 2016/679 by using standard contractual clauses (SCCs) adopted by the Commission in accordance with Article 46(2) GDPR, provided the conditions for the use of those SCCs are met.
  8. Sub-Processing

    1. DAR TECH has the Contractual Partner’s general authorisation for the engagement of sub-processors from an agreed list pursuant to Appendix 3 of this Agreement. DAR TECH shall inform the Contractual Partner of any intended changes concerning the addition or replacement of other processors or sub-processors (hereinafter collectively “Sub-Processors”), thereby giving the Contractual Partner the opportunity to object to and prohibit such changes. If the Contractual Partner does not object within two weeks after such notification, the addition or replacement shall be deemed to have been approved. If such objection is raised, DAR TECH shall be entitled to terminate this Agreement as well as the underlying contractual relationship with the Contractual Partner to the end of the month by giving two weeks‘ notice.
    2. Where DAR TECH engages another Sub-Processor for carrying out specific Processing activities on behalf of the Contractual Partner, the same data protection obligations as set out in this Agreement shall be imposed on that Sub-Processor by way of a contract, in particular providing sufficient guarantees to implement appropriate technical and organizational measures in such a manner that the Processing will meet the requirements of applicable data protection law.
    3. Where that Sub-Processor fails to fulfil its data protection obligations, DAR TECH shall remain fully liable to the Contractual Partner for the performance of that Sub-Processor’s obligations.
  9. Assistance

    1. Taking into account the nature of the Processing, DAR TECH shall assist the Contractual Partner by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of the Contractual Partner‘s obligation to respond to requests for exercising the Data Subject‘s rights under applicable data protection law, including Chapter III of the GDPR. DAR TECH shall fulfil this obligation by forwarding requests received from Data Subjects to the Contractual Partner. If the Contractual Partner deems it necessary to receive additional support from DAR TECH and DAR TECH agrees to provide such support, DAR TECH shall be entitled to demand additional appropriate remuneration for rendering such additional support.
    2. Moreover, taking into account the nature of Processing and the information available to DAR TECH, DAR TECH shall assist the Contractual Partner in ensuring compliance with the Contractual Partner’s obligations under applicable data protection law, including Articles 32 to 36 of the GDPR. DAR TECH shall do so by (i) taking the measures set forth in Sections 5 (“Confidentiality”) and 6 (“Data Security”) of this Agreement; (ii) notifying the Contractual Partner of a breach of Personal Data pursuant to Section 6.3; and (iii) providing the information set forth in Appendix 1 of this Agreement. If the Contractual Partner deems it necessary to receive additional support from DAR TECH and DAR TECH agrees to provide such support, DAR TECH shall be entitled to demand additional appropriate remuneration for rendering such additional support.
  10. Deletion and Return of Personal Data

    1. DAR TECH hereby informs the Contractual Partner that currently a deletion of the entire Workspace is only possible by way of a separate written notification from the Contractual Partner to DAR TECH. DAR TECH is entitled to integrate such functionality into the DAR Lean Platform in the future.
    2. DAR TECH shall moreover, at the choice of the Contractual Partner, delete or return all the Personal Data to the Contractual Partner after the end of the provision of services relating to Processing, and delete existing copies unless applicable Union or EU Member State law requires storage of the Personal Data.
  11. Audit

    1. DAR TECH shall make available to the Contractual Partner all information necessary to demonstrate compliance with the obligations laid down in this Agreement.
    2. DAR TECH shall allow for prenotified inspections to be carried out during business hours by the Contractual Partner or a third party commissioned by the Contractual Partner. Such inspections may be carried out at reasonable intervals and in a manner that does not interfere with the business of DAR TECH. Costs arising from such audits shall be borne by the Contractual Partner. DAR TECH shall be entitled to reasonable remuneration for all services rendered in connection with its support of inspections.
    3. DAR TECH may also fulfil its obligations under Section 11.2 by having an independent third party carry out a review at least every three years and sending the summary audit results to the Contractual Partner.
  12. Liability

    1. The liability of both Parties is limited to gross negligence. Liability for mere financial losses, including a loss of profit, is excluded.
    2. Notwithstanding the foregoing, the Contractual Partner shall be liable to DAR TECH for the legality of all instructions given and shall indemnify and hold DAR TECH harmless from and against any and all damages and losses resulting from compliance with such instructions.
  13. Miscellaneous

    1. The Final Provisions (Section 10) of the Terms & Conditions shall also apply for this Agreement.
    2. In the event of a contradiction between this Agreement and the provisions of related agreements between the Parties existing at the time when this Agreement is agreed or entered into thereafter, this Agreement shall prevail. This shall not apply for future amendments to this Agreement.

Appendix 1: Description of the Processing

DAR Lean Platform Processing: Definitions

  • Users: Users of the DAR Lean Platform who are either (i) the Contractual Partner, (ii) in a contractual relationship with the Contractual Partner (e.g. as employees or contract partners), or (iii) to whom the Contractual Partner has granted access to the DAR Lean Platform.
  • Interested Party: A natural person who is not yet a User of the DAR Lean Platform but has received an invitation to use it.
  • Workspace Data: Personal Data that a User enters by using the various modules of the DAR Lean Platform within a Workspace, in particular:
    • Invitation Data: This includes Personal Data entered by the User for the purpose of inviting an Interested Party, such as in particular the e-mail address as well as the intended role.
    • Collaboration Data: This includes Personal Data that occurs as a result of multiple Users interacting with each other or within a Team, specifically Personal Data contained in project plans, functional personal tasks, meeting notes, Personal Data related to video conferencing (including video transmission), or related User assignments/assignments.
    • Team Data: This includes Personal Data related to the Team (including human resources) of a Workspace, in particular listings of Users, roles, hierarchies, employee contract terms (if applicable), working time records, leave dates and types.
    • Work Data: This includes Personal Data related to tasks, in particular the assignment of Users to tasks, Personal Data related to processes, projects or budgets.
    • Media Data: This includes Personal Data contained in uploaded files, such as Word and PDF files, image, video and audio files.
  • Special categories of personal data: DAR TECH confirms that free-text fields are available within the DAR Lean platform. Whether DAR TECH processes special categories of Personal Data pursuant to Article 9 (1) GDPR is dependant upon whether Users enter such data into the free-text fields within the DAR Lean Platform.

Processing activities on behalf of the Controller (Contractual Partner):

Categories of data subjects: Categories of personal data: Subject matter and nature: Purpose: Duration of the processing:
Users Workspace Data Processing (especially collecting, recording, organizing, structuring, storing, retrieving, combining or erasing) Personal Data that has been entered by the User into the DAR Lean Platform in accordance with the Terms & Conditions as well as this Agreement. The scope of Processing is depending on the subscription plan chosen by the Contractual Partner. Provide Collaboration Tools to Users on behalf of the Contractual Partner Duration of the contractual relationship between the Contractual Partner and DAR TECH.
Users, Interested Party Name, E-Mail Collecting the name and e-mail address of an Interested Party from the User, transmission of an e-mail, storing the invitation data. Invite Interested Parties to the DAR Lean Platform on behalf of the Contractual Partner Until the transmission of the invitation e-mail and then for a reasonable time within which the Interested Party is able to accept the invitation
Users Workspace Data Accessing User’s Workspace Data on an individual basis upon User’s explicit request. Provision of technical assistance and support to Users upon request, on behalf of the Contractual Partner Until the completion of the technical assistance or support activity

Appendix 2: Technical and organizational measures

DAR TECH has implemented suitable technical and organizational measures to fulfil the legal requirements set forth in Article 32 GDPR. These measures include inter alia:

  1. Pseudonymization

    Implementation of suitable pseudoymization methods.

  2. Encryption

    Implementation of SSL encryption, encryption of local hard drives.

  3. Confidentiality

    • Physical access control

      No unauthorized access to data Processing systems, e.g. magnetic or chip cards, keys, electric door openers, plant security or gatekeepers, alarm systems, video systems;

    • Access rights

      No unauthorized system use, e.g. secure passwords, automatic locking mechanisms, two-factor authentication, encryption of data media;

    • Access control

      No unauthorized reading, copying, modification or removal within the system, e.g. Authorization concepts and needs-based access rights, logging of accesses;

    • Separation control

      Separate processing of data collected for different purposes, e.g. multi-client capability, sandboxing;

    • Pseudonymization (Art. 32 para. 1 letter a GDPR)

      The processing of personal data in such a way that the data can no longer be assigned to a specific data subject without the inclusion of additional information, provided that this additional information is kept separately and is subject to appropriate technical and organizational measures.

  4. Integrity

    • Transmission control

      No unauthorized reading, copying, modification or removal during electronic transmission or transport, e.g. encryption, Virtual Private Networks (VPN), electronic signature.

    • Entry control

      Determining whether and by whom personal data have been entered, modified or removed from data processing systems, e.g: logging, document management.

  5. Availability and resilience

    • Availability control

      Protection against accidental or wilful destruction or loss, e.g. backup strategy (online/offline; on-site/off-site), uninterruptible power supply (UPS), virus protection, firewall, reporting channels and emergency plans;

    • Rapid restorability

  6. Procedures for regular review, assessment and evaluation

    • Data protection management;
    • Incident-Response-Management;
    • Privacy-friendly default settings (Art. 25 (2) GDPR);
    • Order control
    • No data Processing in the sense of Art. 28 GDPR without corresponding instruction of the Contractual Partner, e.g. clear contract drafting, formalized order management, strict selection of the service provider, obligation to assure in advance, and follow-up checks.

Appendix 3: Sub-Processors

Sub-Processor Function Country Legal basis for data export
DAR Solutions LLP., 180640002340 Almaty, Koktem microdistrict 2 – 22, Kazakhstan Technical Assistance and Support of Users Kazakhstan Standard Contractual Clauses (SCC)
AMAZON WEB SERVICES EMEA SOCIÉTÉ À RESPONSABILITÉ LIMITÉE 38 AVENUE JOHN F. KENNEDY, L-1855 LUXEMBOURG Hosting Luxembourg (EU Member State)
This version only applies to Users within the United States. To adjust the region, please use the dropdown button located above.
Terms and Conditions for the use of the DAR Lean Platform of DAR TECH Limited
  1. Preamble

    1. These Terms and Conditions (hereinafter “T&C”) apply to the use of the DAR Lean Platform available via the address https://app.darlean.com and as an app from DAR TECH Limited, Kyriakou Matsi 46, Apt 101, 1082, Nicosia, Cyprus (hereinafter “DAR TECH”) including all Services, videos, recordings, sounds, texts, graphics and other materials sent, received, stored or otherwise displayed on the DAR Lean Platform.

      These T&C create a legal agreement between DAR TECH and each User of the DAR Lean Platform and/or Services.

    2. By accessing or using the DAR Lean Platform and/or Services, the User automatically agrees to the T&C, whether or not the User has entered into a separate contract with DAR TECH. If the User does not agree to the T&C in full, he/she is prohibited from accessing the DAR Lean Platform and Services and using the content and services offered there.
    3. To use the DAR Lean Platform, App and Services, the User must be 18 years old and an Entrepreneur or Business Owner. Contracts are not concluded with consumers.
    4. The User expressly acknowledges that DAR TECH already objects to all deviating regulations in any order or in other business documents of the User.
    5. IMPORTANT NOTICE – This T&C requires the use of arbitration on an individual basis to resolve disputes between any User and DAR TECH, rather than jury trials or class actions. Please read Section 10.6 for further details.
  2. Definitions

    1. The definitions used in this T&C refer exclusively to this T&C and do not affect the definitions in DAR TECH's Privacy Statement or other documents. In this T&C, unless otherwise expressly stated in the text, the following terms shall have the meanings given below:
      • DAR Lean Platform or Platform: the DAR Lean cloud-based internet platform operated by DAR TECH under the web address https://app.darlean.com, which allows Users to organize and manage operational processes as well as teamwork, including, inter alia, productivity tools, processes, planning, HR management and reporting.
      • DAR Lean App or App: DAR TECH also offers the DAR Lean Services as an app available via an external app store.
      • User: a legal or natural person who uses the Platform and Services of DAR TECH, regardless of whether the User has registered or there is a contractual relationship between the Contracting Parties.
      • Entrepreneurs or Business Owners: natural or legal persons or partnerships with legal capacity who run a business. Businesses are any permanent organizations of independent economic activity, even if they are not profit-oriented. Consumers are not Entrepreneurs/Business Owners.
      • Contracting Party/Parties or Party/Parties: This is understood to mean DAR TECH and the User individually or jointly. This applies irrespective of whether a contractual relationship has already been established between the User and DAR TECH or not.
      • User’s Personal Account or Personal Account: a set of protected Platform pages created as a result of the User’s registration, using which the User is able to access the functionality of the DAR Lean Services, allowing the User to manage settings, edit the account, and perform other actions necessary to implement the functionality of the DAR Lean Services within the authority granted to him.
      • Administrator: a person authorised by the User to manage the administrative panel in the User’s Personal Account, responsible for managing the settings, editing the account, and performing actions necessary for the use of the DAR Lean Services within the limits of his authority.
      • Privacy Statement: a document, as amended and supplemented, which defines the procedure and conditions for the collection, use, storage, processing, protection, and privacy of the User’s data, including Personal Data, which forms an integral part of these T&C, and which is available at: https://darlean.com/en/policy.
      • Referral Link: a link to the Platform provided to the User by the Administrator to register and make changes to the account by filling out the form in the User’s Personal Account.
      • DAR Lean Services or Services: the services and tools available to Users through the Platform and the App.
      • General Data Protection Regulation (GDPR): EU-General Data Protection Regulation or GDPR means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46/EC as last published.
      • Personal Data: any information relating to an identified or identifiable natural person (“Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  3. TERMS OF USE

    1. DAR TECH shall grant the User, under the T&C, the right to use the DAR Lean Platform and DAR Lean App as well as the additional Services available therein.
    2. The DAR Lean Platform and DAR Lean App is a fee-based online platform of DAR TECH that offers various DAR Lean Services. In order to use the DAR Lean Services on the Platform and DAR Lean App, Users must meet certain technical requirements, and under certain circumstances, pay a fee for a certain duration, and the User shall pay DAR TECH any such applicable fee as provided in Sections 5 and 6. A separate contract between DAR TECH and the User will be concluded when the use of the DAR Lean Services starts. The conditions in these T&Cs apply to all contracts between DAR TECH and the Users as well as to any use of the DAR Lean Services. Any deviating agreements must be recorded in writing.
    3. The functionality, interface, and any Services provided on the Platform and DAR Lean App, including any Services, may be modified, supplemented, and updated, and may change the form and nature of the Platform’s or Services’ functionality at any time without prior notice to the User, and therefore, their use is offered on an “as is” basis, that is, in the form and volume in which DAR TECH provides them at the time of the User’s request. DAR TECH shall have the right, at its sole discretion, to terminate (temporarily or permanently, in whole or in separate territories, to Users of all or certain categories, or models of devices and (or) operating systems, software products), the provision of support for the DAR Lean Services, its parts, and (or) individual Services (or any individual functions within the Services) to all Users in general or an individual User, in particular, without prior notice.
    4. DAR TECH shall have the right to restrict or prohibit (temporarily or permanently) the User’s access to the DAR Lean Platform, App and/or Services to its functionality, if the User has violated ethical standards both in relation to employees of DAR TECH and other Users or has violated any provisions of these T&C.
    5. Information content of the Platform and DAR Lean App, changes in the design of the Platform and DAR Lean App, and changes in the prices of the fees may be made by DAR TECH without prior notice to the Users.
    6. After successful registration, the User shall gain access to the User’s Personal Account and be able to use the functionalities of the Platform.
    7. DAR TECH may at any time, at its sole discretion and without prior notice to the User, transfer all or part of its rights and obligations arising from these T&C and other legal documents applicable to the legal relations between the Parties to any third party.
    8. The User shall use the DAR Lean Services and the User’s Personal Account in good faith, without violating any laws, any rights or freedoms of any person (including third parties), and the standards of morality and ethics.
    9. If the User has a claim against another User in connection with the latter’s use of the Platform, the User shall address the claim directly to that User and settle the claim independently and without the involvement of DAR TECH.
    10. If the User violates the T&C, the law, standards of morality and ethics, or technical requirements or fails to meet its payment obligation, DAR TECH shall have the right to suspend, block, or delete the User’s Personal Account, prohibit, or restrict access to some or all of the functions of the DAR Lean Services using the User’s Personal Account.
    11. The User guarantees that all claims of rights holders/authors/contractors arising from the use of the DAR Lean Services information by the User in contradiction with these T&C shall be settled independently by the User, at his own expense. If DAR TECH receives claims from third parties regarding illegal use of the intellectual property on the DAR Lean Platform and DAR Lean App, the User agrees to compensate all losses of DAR TECH incurred as a result of such claims, and DAR TECH also reserves the right to unilaterally terminate these T&C as between the Parties by deleting the User’s profile.
  4. REGISTRATION CONDITIONS

    1. DAR TECH shall provide the User access to information relating to the DAR Lean Services before the User’s registration. The prerequisite for the conclusion of a contract is the registration of the User or Administrator on the DAR Lean Platform and DAR Lean App. The User shall have the right to use the DAR Lean Services after registering in his personal account and entering into these T&C.
    2. By completing registration on the DAR Lean Platform, the User makes a binding offer to conclude a contract. The User and/or Administrator also confirm that all information provided by him/her during registration is true and complete. He/she is obliged to inform DAR TECH immediately of any change in the registration data. DAR TECH may accept this offer by activating the Personal Account for the User’s use of the DAR Lean Services. With the acceptance of the offer, the contract between the Parties is concluded in the form of these T&C.
    3. If an Administrator uses the DAR Lean Services on behalf of a legal entity User, he/she shall (and hereby does) confirm his/her authority to act on behalf of that legal entity User, and such Administrator shall accept these T&C on behalf of such User.
    4. The date of the Agreement between the Parties shall be deemed to be the date of successful registration of the Administrator and/or User on the Platform or App, subject to the available functionality.
    5. Then the Administrator shall register the Users on behalf of a legal entity by successively having the User carry out all of the following specific actions:
      • clicking on the Referral Link provided to the User by the Administrator. By such clicking, the User confirms his/her intention to use the Platform’s or App Services.
      • reading and accepting the T&C, reading the Privacy Statement and successfully registering on the Platform or App.
    6. After registering, the User is given access to the User’s Personal Account using the email address or subscriber phone number, and a password is set up. When registering, the User specifies a subscriber phone number. Further use of the DAR Lean Services by the User constitutes unconditional acceptance of these T&C.
    7. It is the responsibility of the Administrator and/or the User to ensure the security and safety of the password to third parties. If the password is lost or compromised and if third parties gain unauthorised access to the Personal Account, the Administrator and/or User shall immediately notify DAR TECH at the email address: support@darlean.com. Until such a notice is received, all actions taken using the Administrator and/or User’s Personal Account shall be deemed to have been accepted by the Administrator and/or User.
    8. The User undertakes not to use anyone else’s username and password to access the DAR Lean Services and not to provide their verification data to other Users or third parties to access the Platform..
  5. SERVICES FROM DAR TECH

    1. DAR TECH offers Users free (limited access) and several paid subscriptions with additional functions. Full details of the prices and information on the individual subscriptions can be found at: https://darlean.com/en/plans.
    2. DAR TECH shall provide the User with the purchased Services during the term of the applicable Subscription Period in accordance with these T&Cs. This does not affect DAR TECH's right to terminate the contract between the Parties for a good cause or as otherwise provided in these T&C.
    3. For more information on the services, products, information, contract or subscription period and performance of DAR TECH, please refer to: https://darlean.com/en.
  6. SUBSCRIPTION FEE AND PAYMENT PROCEDURE

    1. The prices for the various payment versions are listed on https://darlean.com/en/plans. These prices are not binding and exclude the applicable statutory taxes. As soon as a contract is concluded, the fee is payable and due immediately.
    2. The cost of access to the functionality of the DAR Lean Services may change at the discretion of DAR TECH; however, a change in such cost shall not affect the cost of access to the DAR Lean Services functionality for Users who have paid such cost in full at the previous price for the remainder of the applicable Subscription Period only. DAR TECH shall notify Users of changes to the DAR Lean Services functionality by specifying the cost of the Platform in accordance with Section 6.1.
    3. The purchase of access to the functionality of the DAR Lean Services shall be for a certain period. At the same time, the User shall have the right to select the period for purchasing access to the functionality of the DAR Lean Services (hereinafter “Subscription Period”) in the relevant tab of the Platform from a limited selection of possible Subscription Periods.
    4. Payment for a subscription to access the functionality of the DAR Lean Platform and Services shall be made through electronic payment system providers allowing payment by credit or debit cards of international payment systems. For payment, the User must select one of the payment methods offered on the DAR Lean Platform. Other payment methods are not possible.
    5. In terms of implementing the payment infrastructure, the DAR Lean Services is based solely on financial services.
    6. The User agrees that DAR TECH is not responsible for failures in operating the payment systems.
    7. The processing of card data entry and the payments themselves shall be carried out by a financial service provider.
    8. Payment obligations shall be considered to have been fulfilled by the User if the payment is authorised in the system. The proof of the payment shall be the payment system information about the payment made.
    9. DAR TECH shall have no control over the electronic payment system and shall not be responsible for errors in such a payment system. If, as a result of such errors, the User’s money is debited, but the system does not authorise the payment, the obligation to return the funds to the User shall lie with the electronic payment system provider.
    10. If the User does not fulfil his payment obligation towards DAR TECH, DAR TECH is entitled to temporarily block the User's profile until the owed payment has been received. All other claims of DAR TECH remain unaffected by this.
  7. INTELLECTUAL PROPERTY

    1. The DAR Lean Platform, App and Services contain the results of intellectual activity owned by DAR TECH. DAR TECH owns and reserves all right, title, and interest in and to the DAR Lean Platform, App and the Services, including without limitation any intellectual property rights therein or thereto.
    2. By using the DAR Lean Services, the User acknowledges and agrees that all content on the Platform and App, and the structure of content on the Platform, are protected by copyright, trademark, and other intellectual property rights and that these rights are valid and protected in all forms, on all media and in relation to all technologies, whether currently existing or later developed or created. No rights to any content on the Platform, including but not limited to audio-visual works, images, methodological materials, or trademarks, shall be transferred to the User as a result of using the DAR Lean Services and entering into these T&C.
    3. Without prejudice to the universality of the foregoing provisions, the User acknowledges that the DAR Lean Services contain the results of intellectual activity, protected rights, and other materials of third parties and that, as between the Parties, such rights belong to DAR TECH. The User is prohibited from copying, modifying, changing, deleting, supplementing, publishing, transferring the objects of exclusive and personal non-property rights contained in the Platform or App, creating derivative works, making, or selling products based thereon, reproducing, displaying, or in any other way exercising or using such rights without the express permission of the rights holder.
    4. DAR TECH shall grant a limited, personal, non-exclusive, non-commercial, revocable, and non-transferable license to view the DAR Lean Services content to anyone who has accepted the T&C. The User undertakes not to copy content from the Platform using automated systems (such as scripts, bots, spiders, scanners, etc.) or using other information extraction systems and technologies (frames, User data extraction masks) without the prior written permission of the respective right holder. No materials from the DAR Lean Services may be copied, reproduced, modified, republished, uploaded, posted on third-party products, transferred to third parties, or distributed in any form or by any means without the prior written consent of DAR TECH except as expressly provided in these T&C.
    5. DAR TECH shall have the right to set limits on access to the DAR Lean Services products, including setting time and quantitative limits in order to prevent unauthorized access to the DAR Lean Services products by third parties.
    6. Suggestions made by Users do not give rise to any property rights of the User against DAR TECH. Notwithstanding any provision in these T&C to the contrary, DAR TECH may use, develop and implement any information, suggestions, comments, or other feedback (collectively, “Feedback”) provided to DAR TECH by or on behalf of User in connection with the development, operation, marketing and sale of the Platform and/or Services, in its discretion and with no compensation to any person providing such Feedback, irrespective of any intellectual property or proprietary rights claimed by User in such Feedback. User represents that it has not, and will not, knowingly provide Feedback that is subject to any third-party intellectual property rights.
  8. PERSONAL DATA

    1. Personal data of the User will be stored and processed automatically by DAR TECH in the performance of this contract. In this regard, DAR TECH hereby refers to the Privacy Statement available at https://darlean.com/en/policy.
    2. Insofar as DAR TECH processes Personal Data of Data Subjects attributable to the User (including, but not limited to employees or third parties of the User to whom the User has – within the limitations and prerequisites laid out in the Platform – granted access to the Platform, the App or to Services), DAR TECH shall be Processor within the meaning of Article 4(8) GDPR and the respective User shall be Controller within the meaning of Article 4(7) GDPR. In such a case, the Contracting Parties agree that the Annex to the Terms & Conditions: Processing Agreement for the use of the DAR Lean Platform together with the appendices referenced therein, available at [Link] (hereinafter “Data Processing Agreement”) shall apply as an agreement pursuant to Article 28 GDPR. This Data Processing Agreement shall be deemed an integral part of these T&C.
  9. LIABILITY / DISCLAIMER OF WARRANTIES

    1. DAR TECH shall not be liable for the performance of the DAR Lean Services and does not guarantee the uninterrupted operation of the DAR Lean Services. DAR TECH also does not guarantee the safety of the information posted on the Platform and App and the possibility of uninterrupted access to the Platform and App.
    2. The Platform and App may contain links to other websites or services on the Internet (hereinafter “Third-Party Websites”). DAR TECH shall not check these Third-Party Websites or their content for compliance with any requirements (authenticity, completeness, legality, etc.). DAR TECH shall not be liable for any information or materials posted on Third-Party Websites to which the User gains access in connection with the use of the DAR Lean Platform or Services, including any opinions or statements expressed on Third-Party Websites, advertisements, etc., as well as for the availability of such websites or content and the consequences of their use by the User.
    3. DAR TECH will not be liable for any direct, indirect, incidental, special, exemplary or consequential damages, personal injury/wrongful death, lost profits, lost data, or business interruption, the use or misuse of submissions or content in any way whatsoever arising out of the use of, or inability to use, the Platform and/or any Services, whether or not DAR TECH is advised of the possibility of such damages. In the event that the foregoing exclusion of liability is found by a court of competent jurisdiction to be unenforceable, and a determination is made that DAR TECH is liable, under no circumstances will DAR TECH be liable to any person or entity for more than the amount paid to DAR TECH by such person or entity in the 90 days immediately preceding the date on which the claim was first asserted.
    4. The User shall be liable to DAR TECH for the legality of all instructions given and shall indemnify and hold DAR TECH harmless from and against any and all damages and losses resulting from compliance with such instructions. Further, each User shall defend, indemnify and hold harmless DAR TECH from and against all liability, claims, actions, and expenses, including attorneys' fees and costs, arising out of such User’s use of the Platform and/or Services or such User’s breach or alleged breach of any term, condition, obligation, representation or warranty in this T&C. The User agrees that the provisions in this paragraph will survive any termination of such User’s Personal Account, the Platform or Services, or these T&C.
    5. DAR TECH does not guarantee that the DAR Lean Services meet the User’s requirements and that access to the Platform will be uninterrupted, fast, reliable, or error-free. Software and hardware errors both on the side of DAR TECH and on the side of the User, which made it impossible for the User to access the Platform, are force majeure circumstances and grounds for exemption from liability for non-fulfilment of obligations by DAR TECH under these T&C.
    6. The presentation, information and advertising of products and services on the DAR Lean Platform and/or the App and/or Third-Party Websites and/or any other websites, folders or advertising materials do not constitute a binding offer by DAR TECH to sell specific products or services.
    7. DAR TECH shall not be responsible for advertising materials distributed using the Service and Platform products, as well as for goods and services offered in accordance with these advertising materials.
    8. Subsidiaries, directors, employees, managers, agents, representatives, or vendors of DAR TECH may not give express or implied warranties on behalf of DAR TECH.
    9. Furthermore, to the extent permitted by applicable law, DAR TECH disclaims all express and implied warranties regarding the DAR Lean Services suitability for specific purposes not expressly defined in these T&C, including without limitation any warranty regarding the commercial value, respect for property rights, protection against computer viruses, title, non-infringement, merchantability, or fitness for a particular purpose.
    10. DAR TECH cannot guarantee the absence of errors and defects on the Platform and/or App, as well as uninterrupted access to the Platform and/or App, which may depend on the network connection, the User’s software and equipment, and other factors. The User agrees that he/she is solely responsible for using the Service and the Platform products. DAR TECH cannot guarantee that the Platform or Services are fully available in all jurisdictions, therefore, the use of the DAR Lean Services is permitted subject to the laws of the Commonwealth of Massachusetts.
    11. Each User forever releases, discharges, and covenants not to sue DAR TECH from and with respect to any and all liability, claims, actions, and expenses that may arise, whether caused by the negligence of DAR TECH or otherwise, in connection with the User’s use of the Platform and/or Services or the User’s interaction with any person or entity through or as a result of the Platform and/or Services.
    12. DAR TECH shall have no responsibility or liability for, or involvement with, any relationship that exists or comes to exist between or among Users of the Platform.
    13. To the extent permitted by applicable law, each User and DAR TECH agrees that regardless of any statute or law to the contrary, any claim or cause of action arising out of or related to use of the Platform and/or Services or this T&C (including the Privacy Policy) must be filed within ONE (1) YEAR after such claim or cause of action arose (or, if longer, within the shortest statute of limitations for such claim which the Parties may establish by agreement) or the claim will be forever barred.
  10. Additional provision for the use of the dar lean app

    1. The User is granted a non-exclusive, non-transferable and limited right by DAR TECH to access and use the DAR Lean App. This use is solely for personal and non-commercial purposes.
    2. The User may download and install the App from the respective application stores. The availability of the App may vary depending on the device, operating system and region.
    3. The User may not reproduce, distribute, make publicly available, modify or otherwise use the App without authorisation. The App may not be decompiled, reverse engineered, disassembled or otherwise converted into a readable form.
    4. Updates, upgrades and modifications to the App will be made at DAR TECH's sole discretion and may change the way the App is used or restrict the use of the App.
    5. DAR TECH cannot guarantee that the App will be error-free or uninterrupted at all times. Outages may occur due to maintenance, updates or for other reasons beyond DAR TECH's control.
    6. The App is protected by copyright and all rights thereto are owned by DAR TECH or its licensors. By using the App, the User does not acquire any ownership or other rights in the App other than the right to use expressly granted in these T&C.
  11. Final Provisions

    1. Except with respect to Section 11.6 (which can only be amended by mutual written agreement of the parties), DAR TECH shall have the right to unilaterally amend the T&C, with such amendments taking effect 30 days after the publication of the new version of the T&C. On each subsequent visit to the Platform or App prior to using the Personal Account, the User undertakes to read the new version of these T&C. Continued use of the DAR Lean Platform, App and Services and the User’s Personal Account shall constitute the User’s acceptance of the terms and conditions of the new version of these T&C. If the User does not agree with the terms and conditions of the new version of these T&C, he/she shall stop using the Platform and Services.
    2. Should one or more provisions of this contract be or become invalid, this shall not affect the remaining provisions of this contract.
    3. The headings of the provisions contained in these T&C are for convenience only and shall not be used in interpreting them.
    4. This T&C and all aspects of the Platform and Services will be governed by and construed in accordance with the internal laws of the United States and the Commonwealth of Massachusetts governing contracts entered into and to be fully performed in Massachusetts (thus, without regard to conflict of laws provisions), regardless of any User’s location.
    5. With respect to any disputes or claims not subject to informal dispute resolution or arbitration (as set forth below), each User agrees not to commence or prosecute any action in connection therewith other than in the state or federal courts located in Boston, Massachusetts, and each User hereby consents to, and waive all defenses of lack of personal jurisdiction and forum non conveniens with respect to, venue and jurisdiction in the state and federal courts located in Boston, Massachusetts.
    6. 11.6. To expedite resolution and control the cost of any dispute, controversy, or claim related to this T&C ("Dispute"), each User and DAR TECH agrees to first attempt to negotiate any Dispute (except those Disputes expressly provided below) informally for at least thirty (30) days before initiating any arbitration or court proceeding. Such informal negotiations commence upon written notice from one party to the other. If such User and DAR TECH are unable to resolve a Dispute through informal negotiations within 30 days, either such User or DAR TECH may elect to have the Dispute (except those Disputes expressly excluded below) finally and exclusively resolved by binding arbitration. Any election to arbitrate by one party will be final and binding on the other. EACH USER UNDERSTANDS THAT ABSENT THIS PROVISION, SUCH USER WOULD HAVE THE RIGHT TO SUE IN COURT AND HAVE A JURY TRIAL. The arbitration will be commenced and conducted under the Streamlined Arbitration Rules and Procedures (the “Rules”) of JAMS, which is available at the JAMS website at www.jamsadr.com. The determination of whether a Dispute is subject to arbitration will be governed by the Federal Arbitration Act and determined by a court rather than an arbitrator. The User’s arbitration fees and share of arbitrator compensation will be governed by the Rules. The arbitration may be conducted in person, through the submission of documents, by phone, by video conference, or online. The arbitrator will make a decision in writing, but need not provide a statement of reasons unless requested by a party. The arbitrator must follow applicable law, and any award may be challenged if the arbitrator fails to do so. Notwithstanding the above, each User and DAR TECH agrees that arbitration will be limited to the Dispute between DAR TECH and the User individually. To the full extent permitted by law, (a) no arbitration will be joined with any other; (b) there is no right or authority for any Dispute to be arbitrated on a class-action basis or to utilize class action procedures; and (c) there is no right or authority for any Dispute to be brought in a purported representative capacity on behalf of the general public or any other persons. Each User and DAR TECH agrees that the following Disputes are not subject to the above provisions concerning informal negotiations and binding arbitration: (a) any Disputes seeking to enforce or protect, or concerning the validity of, any of DAR TECH’s intellectual property rights; and (b) any claim for injunctive relief or to compel arbitration, stay proceedings pending arbitration, or to confirm, modify, vacate or enter judgment on the award entered by the arbitrator.
    7. The User may obtain any clarification on the matters of interest by contacting DAR TECH by email at support@darlean.com.

Annex to the Terms & Conditions (T&C)

Processing Agreement for the Use of the DAR Lean Platform of (the “Agreement”) DARLEAN US CORP. ("DARLEAN US")

  1. Preamble and Scope of this Agreement, Annex to the Terms & Conditions

    1. This Agreement is an integral part of the Terms & Conditions (T&C) on the use of the DAR Lean Platform concluded between DARLEAN US CORP., 850 New Burton Road, Suite 201, Dover, DE 19904, USA (in short, "DARLEAN US") and the Contractual Partner. Capitalized terms used and not otherwise defined herein shall have the meanings ascribed to them in the T&C.
    2. This Agreement serves as a Processing agreement between the Contractual Partner as Controller and DARLEAN US as Processor.
    3. This Agreement shall only apply between DARLEAN US and the Contractual Partner if the Contractual Partner is based within the United States of America.
  2. Definitions

    • DAR Lean Platformmeans the cloud-based internet platform operated by DARLEAN US under the web address https://app.darlean.com, which allows Users to organize and manage operational processes as well as teamwork, including, inter alia, productivity tools, processes, planning, HR management and reporting.
    • Annex or Agreement means this Annex to the Terms & Conditions (T&C) of DARLEAN US for the use of the DAR Lean Platform.
    • Contractual Partner or Controller means any natural or legal person who concludes or has concluded a contract with DARLEAN US for the use of the DAR Lean Platform which includes the Terms & Conditions.
    • DARLEAN US means DARLEAN US CORP., 850 New Burton Road, Suite 201, Dover, DE 19904, USA.
    • Privacy Lawsmeans the data protection laws applicable to the Processing of Personal Data under this Agreement, including inter alia the following and as amended from time to time:
      • to the extent applicable, the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020, together with any regulations promulgated thereunder (CCPA)
      • in each case to the extent effective and applicable and together with any regulations promulgated thereunder: (i) the Colorado Privacy Act; (ii) the Connecticut Act Concerning Personal Data Privacy and Online Monitoring; (iii) the Utah Consumer Privacy Act; (iv) the Virginia Consumer Data Protection Act; (v) the Delaware Personal Data Privacy Act; (vi) the Indiana Consumer Data Protection Act; (vii) the Iowa Consumer Data Protection Act; (viii) the Montana Consumer Data Privacy Act; (ix) the Oregon Consumer Privacy Act; (x) the Tennessee Information Protection Act; (xi) the Texas Data Privacy and Security Act; (xii) New Jersey SB 332; (xiii) New Hampshire SB 255; (xiv) the Nebraska Data Privacy Act; and (xv) the Kentucky Consumer Data Protection Act, (collectively, State Data Protection Laws).
      • General Data Protection Regulation, Regulation (EU) 2016/679, as it forms part of domestic law in the UK by virtue of section 3 of the European Union (Withdrawal) Act 2018 (UK GDPR);
      • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (EU GDPR).
    • Parties refers to DAR TECH and the Contractual Partner collectively.
    • Personal Data is as defined within the T&Cs.
    • Processing means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
    • Controllermeans, unless explicitly stated otherwise by applicable Privacy Laws, the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data; where the purposes and means of such Processing are determined by law, the Controller or the specific criteria for its nomination may be provided for by such legal provisions.
    • Processormeans, unless explicitly stated otherwise by applicable Privacy Laws, a natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller.
    • Recipientmeans, unless explicitly stated otherwise by applicable Privacy Laws, a natural or legal person, public authority, agency or another body, to which the Personal Data are disclosed, whether a third party or not. However, public authorities which may receive Personal Data in the framework of a particular inquiry in accordance with applicable law shall not be regarded as Recipients; the Processing of those data by those public authorities shall be in compliance with the applicable Privacy Laws according to the purposes of the Processing.
    • Special Categories of Personal Datameans, unless explicitly stated otherwise by applicable Privacy Laws, personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.
    • State Laws Datameans any Personal Data regulated by any State Data Protection Laws and Processed by DARLEAN US solely on behalf of Contractual Partner.
    • Terms & Conditions means DAR TECH’s Terms and Conditions on the use of the DAR Lean Platform.
  3. Objective of the Agreement, Contractual Partner as Controller

    1. DARLEAN US undertakes to perform, on behalf of the Contractual Partner, the data Processing operations in accordance with the Terms & Conditions and this Agreement as further described in Appendix 1 of this Agreement.
    2. The Contractual Partner is deemed to be Controller relating to the data Processing operations in accordance with Section 3.1. Accordingly, the Contractual Partner is obliged to implement all obligations applicable to Controllers under the applicable Privacy Laws and to monitor their implementation and compliance. The Contractual Partner confirms that before using the DAR Lean Platform, the Contractual Partner understands and is compliant with the relevant statutory provisions, in particular those relating to the applicable Privacy Laws to which they are subject. Further, Contractual Partner represents, warrants, and covenants that: (i) it has (and will have) Processed, collected, and disclosed all Personal Data in compliance with applicable law and provided any notice and obtained all consents and rights required by applicable law to enable DARLEAN US to lawfully Process Personal Data as permitted by the T&C and this Agreement; (ii) it has (and will continue to have) full right and authority to make Personal Data available to DARLEAN US under the T&C and this Agreement; and (iii) DARLEAN US‘ Processing of the Personal Data in accordance with the T&C, this Agreement, and/or Contractual Partner‘s instructions does and will not infringe upon or violate any applicable law or any rights of any third party.
    3. The Contractual Partner undertakes not to make the DAR Lean Platform or individual modules or functions thereof accessible to Users if such use is prohibited under the legal provisions to which the Contractual Partner is subject. In such case, the Contractual Partner must instruct the Users without undue delay not to use the DAR Lean Platform or the relevant modules or functions, and to revoke, if possible, the User authorizations for such use; if such revocation is not possible within the DAR Lean Platform, the Contractual Partner shall immediately inform DARLEAN US about this circumstance. The Contractual Partner shall indemnify, defend, and hold DARLEAN US harmless from and against any claims of Users against DARLEAN US arising from the Contractual Partner's breach of these obligations.
  4. Processing by DARLEAN US, Right to Instruction

    1. DARLEAN US shall process Personal Data as further described in Appendix 1 of this Agreement only on documented instructions from the Contractual Partner, including with regard to transfers of Personal Data to a third country or an international organization, unless required to do so by any applicable law to which DARLEAN US is subject; in such a case, DARLEAN US shall inform the Contractual Partner of that legal requirement before Processing, unless that law prohibits such information on important grounds of public interest.
    2. The conclusion of a contract on the use of the DAR Lean Platform between DARLEAN US and the Contractual Partner to which the T&C and this Agreement are attached as integral parts shall be deemed to be such documented instruction to Process Personal Data. Subsequent instructions may also be given by the Contractual Partner throughout the duration of the Processing of Personal Data. These instructions shall always be documented.

    3. DARLEAN US shall immediately inform the Contractual Partner if, without seeking legal advice, it considers that an instruction given by the Contractual Partner obviously infringes applicable Privacy Laws. DARLEAN US shall not be obliged to seek legal advice on the performance of this Agreement and shall not provide any legal advice related to the performance of this Agreement.
    4. DAR TECH shall immediately inform the Contractual Partner whether it is obliged, under EU or EU Member State law, to process Personal Data contrary to the instructions of the Contractual Partner or without the instructions of the Contractual Partner, if such notification is legally permissible.DARLEAN US shall immediately inform the Contractual Partner whether it is legally obliged to process Personal Data contrary to the instructions of the Contractual Partner or without the instructions of the Contractual Partner, if such notification is legally permissible.
    5. Instructions given by the Contractual Partner must be consistent with the subject matter of this Agreement. Should DARLEAN US incur an expense of more than one working hour as a result of following any individual instruction upon the explicit request of the Contractual Partner, the entire expense shall be reimbursed by the Contractual Partner.
  5. Confidentiality

    DARLEAN US shall ensure that persons authorized to process Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

  6. Data Security

    1. DARLEAN US shall implement technical and organisational measures to ensure the security of the Personal Data. This includes protecting the data against a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access to the data (Personal Data breach). In assessing the appropriate level of security, DARLEAN US shall take due account of the state of the art, the costs of implementation, the nature, scope, context and purposes of Processing and the risks involved for the Data Subject.
    2. DARLEAN US fulfils its obligation under Section 6.1 by implementing the measures set out in Appendix 2 of this Agreement. DARLEAN US is entitled to adapt the technical and organizational measures to the current state of the art from time to time to ensure an adequate level of data security.
    3. DARLEAN US shall inform the Contractual Partner of any Personal Data breach, in so far as such breach concerns data processed by DARLEAN US on behalf of the Contractual Partner and results in a risk to the rights and freedoms of natural persons. This information shall be provided without delay as soon as DARLEAN US becomes aware of such a breach and shall be addressed to the contact point notified in writing by the Contractual Partner.
    4. The information provided to the Contractual Partner pursuant to Section 6.3 shall include the following, as far as possible in the light of the circumstances:
      • the nature of the Personal Data breach including where possible, the categories and approximate number of Data Subjects concerned and the categories and approximate number of Personal Data records concerned;
      • the likely consequences of the Personal Data breach; and
      • the measures taken or proposed to be taken to address the Personal Data breach, including, where appropriate, measures to mitigate its possible adverse effects.
    5. In addition to the purposes described in Appendix 1, DARLEAN US hereby informs the Contractual Partner and the Contractual Partner expressly agrees that DARLEAN US may process Personal Data as further described in Appendix 1 of this Agreement, to the extent necessary, for the purposes of IT Security and the prevention of fraud and abuse. If certain Personal Data Processed on behalf of the Contractual Partner is found to affect IT security (e.g. because certain files contain viruses), DARLEAN US reserves the right to delete such data in accordance with the Terms & Conditions and to immediately inform the Contractual Partner.
  7. International Transfers

    Contractual Partner hereby instructs DARLEAN US to transfer Personal Data to, and to Process Personal Data in, the United States and/or to any other jurisdiction in which DARLEAN US or its Sub-Processors have operations, and Contractual Partner hereby consents to the foregoing.

  8. Sub-Processing

    1. DARLEAN US has the Contractual Partner’s general authorisation for the engagement of sub-processors from an agreed list pursuant to Appendix 3 of this Agreement. DARLEAN US shall inform the Contractual Partner of any intended changes concerning the addition or replacement of other processors or sub-processors (hereinafter collectively “Sub-Processors”), thereby giving the Contractual Partner the opportunity to object to and prohibit such changes. If the Contractual Partner does not object within two weeks after such notification, the addition or replacement shall be deemed to have been approved. If such objection is raised, DARLEAN US shall be entitled to terminate this Agreement as well as the underlying contractual relationship with the Contractual Partner to the end of the month by giving two weeks‘ notice.
    2. Where DARLEAN US engages another Sub-Processor for carrying out specific Processing activities on behalf of the Contractual Partner, the data protection obligations required by applicable Privacy Laws shall be imposed on that Sub-Processor by way of a contract.
  9. Assistance

    1. Taking into account the nature of the Processing, DARLEAN US shall assist the Contractual Partner by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of the Contractual Partner‘s obligation to respond to requests for exercising the Data Subject‘s rights under applicable Privacy Laws. DARLEAN US shall fulfil this obligation by forwarding requests received from Data Subjects to the Contractual Partner. If the Contractual Partner deems it necessary to receive additional support from DARLEAN US and DARLEAN US agrees to provide such support, DARLEAN US shall be entitled to demand additional appropriate remuneration for rendering such additional support.
    2. Moreover, taking into account the nature of Processing and the information available to DARLEAN US, DARLEAN US shall assist the Contractual Partner in ensuring compliance with the Contractual Partner’s obligations under applicable Privacy Laws. DARLEAN US shall do so by (i)  taking the measures set forth in Sections 5 (“Confidentiality”) and 6 (“Data Security”) of this Agreement; (ii) notifying the Contractual Partner of a breach of Personal Data pursuant to Section 6.3; and (iii) providing the information set forth in Appendix 1 of this Agreement. If the Contractual Partner deems it necessary to receive additional support from DARLEAN US and DARLEAN US agrees to provide such support, DARLEAN US shall be entitled to demand additional appropriate remuneration for rendering such additional support.
  10. Deletion and Return of Personal Data

    1. DARLEAN US hereby informs the Contractual Partner that currently a deletion of the entire Workspace is only possible by way of a separate written notification from the Contractual Partner to DARLEAN US. DARLEAN US is entitled to integrate such functionality (which would allow Contractual Partner to delete an entire Workspace without providing a separate written notification to DARLEAN US) into the DAR Lean Platform in the future.
    2. DARLEAN US shall moreover, at the choice of the Contractual Partner, delete or return all the Personal Data to the Contractual Partner after the end of the provision of services relating to Processing, and delete existing copies unless applicable law requires storage of the Personal Data.
  11. Intentionally Omitted.

  12. Liability

    1. The liability of both Parties is subject to any limitations of liability set forth in the T&C.
    2. The Contractual Partner shall be liable to DARLEAN US for the legality of all instructions given.
    3. The Contractual Partner shall indemnify, defend, and hold DARLEAN US harmless from and against any and all claims, actions, proceedings, expenses, liabilities (including without limitation any governmental investigations, complaints and actions), damages, attorneys’ fees, and/or losses arising or resulting from Contractual Partner’s breach or alleged breach of this Agreement or from DARLEAN US’s compliance with any instructions of Contractual Partner.
  13. Miscellaneous

    1. The Final Provisions (Section 11) of the Terms & Conditions shall also apply for this Agreement.
    2. In the event of a contradiction between this Agreement and the provisions of related agreements between the Parties existing at the time when this Agreement is agreed or entered into thereafter, this Agreement shall prevail. Notwithstanding the foregong, this Agreement shall not prevail over future amendments to this Agreement (unless expressly specified in such amendment).
  14. U.S. State Law Provisions

    1. To the extent Contractual Partner makes available to DARLEAN US Personal Data regulated by the CCPA for a business purpose pursuant to this Agreement and/or to the extent DARLEAN US Processes Personal Data regulated by the CCPA solely on behalf of Contractual Partner (collectively, “California Personal Data”), then to the extent required by the CCPA, the California Data Appendix (attached hereto as Appendix 4, the “California Data Appendix”) will apply to DARLEAN US’ Processing of such California Personal Data and the Parties hereby agree to comply with such California Data Appendix, which is hereby incorporated into this Agreement in its entirety. In the event of a conflict between this Agreement and the California Data Appendix, the California Data Appendix will control to the extent applicable to the California Personal Data.
    2. To the extent DARLEAN US Processes State Laws Data, then to the extent required by State Data Protection Laws, the Other States Data Appendix (attached hereto as Appendix 5, the “Other States Data Appendix”) will apply to DARLEAN US’ Processing of such State Laws Data and the Parties hereby agree to comply with such Other States Data Appendix, which is hereby incorporated into this Agreement in its entirety. In the event of a conflict between this Agreement and the Other States Data Appendix, the Other States Data Appendix will control to the extent applicable to the State Laws Data.

Appendix 1: Description of the Processing

DAR Lean Platform Processing: Definitions

  • Users: Users of the DAR Lean Platform who are either (i) the Contractual Partner, (ii) in a contractual relationship with the Contractual Partner (e.g. as employees or contract partners), or (iii) to whom the Contractual Partner has granted access to the DAR Lean Platform.
  • Interested Party: A natural person who is not yet a User of the DAR Lean Platform but has received an invitation to use it.
  • Workspace Data: Personal Data that a User enters by using the various modules of the DAR Lean Platform within a Workspace, in particular:
    • Invitation Data: This includes Personal Data entered by the User for the purpose of inviting an Interested Party, such as in particular the e-mail address as well as the intended role.
    • Collaboration Data: This includes Personal Data that occurs as a result of multiple Users interacting with each other or within a Team, specifically Personal Data contained in project plans, functional personal tasks, meeting notes, Personal Data related to video conferencing (including video transmission), or related User assignments/assignments.
    • Team Data: This includes Personal Data related to the Team (including human resources) of a Workspace, in particular listings of Users, roles, hierarchies, employee contract terms (if applicable), working time records, leave dates and types.
    • Work Data: This includes Personal Data related to tasks, in particular the assignment of Users to tasks, Per-onal Data related to processes, projects or budgets.
    • Media Data: This includes Personal Data contained in uploaded files, such as Word and PDF files, image, video and audio files.
  • Special categories of personal data: DARLEAN US confirms that free-text fields are available within the DAR Lean platform. Whether DARLEAN US processes Special Categories of Personal Data is dependent upon whether Users enter such data into the free-text fields within the DAR Lean Platform.

Processing activities on behalf of the Controller (Contractual Partner):

Categories of data subjects: Categories of personal data: Subject matter and nature: Purpose: Duration of the processing:
Users Workspace Data Processing (especially collecting, recording, organizing, structuring, storing, retrieving, combining or erasing) Personal Data that has been entered by the User into the DAR Lean Platform in accordance with the Terms & Conditions as well as this Agreement. The scope of Processing is depending on the subscription plan chosen by the Contractual Partner. Provide Collaboration Tools to Users on behalf of the Contractual Partner Duration of the contractual relationship between the Contractual Partner and DARLEAN US.
Users, Interested Party Name, E-Mail Collecting the name and e-mail address of an Interested Party from the User, transmission of an e-mail, storing the invitation data. Invite Interested Parties to the DAR Lean Platform on behalf of the Contractual Partner Until the transmission of the invitation e-mail and then for a reasonable time within which the Interested Party is able to accept the invitation
Users Workspace Data Accessing User’s Workspace Data on an individual basis upon User’s explicit request. Provision of technical assistance and support to Users upon request, on behalf of the Contractual Partner Until the completion of the technical assistance or support activity

Appendix 2: Technical and organizational measures

DARLEAN US has implemented suitable technical and organizational measures to fulfil the legal requirements set forth in the applicable Privacy Laws. These measures include inter alia:

  1. Pseudonymization

    Implementation of suitable pseudoymization methods.

  2. Encryption

    Implementation of SSL encryption, encryption of local hard drives.

  3. Confidentiality

    • Physical access control

      No unauthorized access to data Processing systems, e.g. magnetic or chip cards, keys, electric door openers, plant security or gatekeepers, alarm systems, video systems;

    • Access rights

      No unauthorized system use, e.g. secure passwords, automatic locking mechanisms, two-factor authentication, encryption of data media;

    • Access control

      No unauthorized reading, copying, modification or removal within the system, e.g. Authorization concepts and needs-based access rights, logging of accesses;

    • Separation control

      Separate processing of data collected for different purposes, e.g. multi-client capability, sandboxing;

    • Pseudonymization (Art. 32 (1) letter a GDPR)

      The processing of personal data in such a way that the data can no longer be assigned to a specific data subject without the inclusion of additional information, provided that this additional information is kept separately and is subject to appropriate technical and organizational measures.

  4. Integrity

    • Transmission control

      No unauthorized reading, copying, modification or removal during electronic transmission or transport, e.g. encryption, Virtual Private Networks (VPN), electronic signature.

    • Entry control

      Determining whether and by whom personal data have been entered, modified or removed from data processing systems, e.g: logging, document management.

  5. Availability and resilience

    • Availability control

      Protection against accidental or wilful destruction or loss, e.g. backup strategy (online/offline; on-site/off-site), uninterruptible power supply (UPS), virus protection, firewall, reporting channels and emergency plans;

    • Rapid restorability

  6. Procedures for regular review, assessment and evaluation

    • Data protection management;
    • Incident-Response-Management;
    • Privacy-friendly default settings (Art. 25 (2) GDPR);
    • Order control
    • No data Processing in the sense of Art. 28 GDPR without corresponding instruction of the Contractual Partner, e.g. clear contract drafting, formalized order management, strict selection of the service provider, obligation to assure in advance, and follow-up checks.

Appendix 3: Sub-Processors

Sub-Processor Function Country Legal basis for data export
DAR Solutions LLP., 180640002340 Almaty, Koktem microdistrict 2 – 22, Kazakhstan Technical Assistance and Support of Users Kazakhstan Standard Contractual Clauses (SCC)
AMAZON WEB SERVICES EMEA SOCIÉTÉ À RESPONSABILITÉ LIMITÉE 38 AVENUE JOHN F. KENNEDY, L-1855 LUXEMBOURG Hosting Luxembourg (EU Member State)

Appendix 4: California Data Appendix

  1. This California Data Appendix (this “Appendix”), forms part of the Agreement. Capitalized terms used and not otherwise defined herein shall have the meanings ascribed to them in the Agreement. The types of California Personal Data subject to processing hereunder are as set forth in Appendix 1.
  2. CCPA Provisions.
    1. In this Appendix, the following terms have the meanings given in the CCPA: "business purpose", “personal information”, “processing”, “service provider”, “contractor”, “person”, “share”, “sharing”, “shared”, “sell”, “selling”, “sale” and “sold”.
    2. Except as otherwise required by applicable law or as otherwise permitted by the CCPA, DARLEAN US shall:
      1. not sell or share California Personal Data;
      2. not retain, use, or disclose California Personal Data for any purpose other than for the business purposes as set out in the T&C and the Agreement (including Appendix 1) for the Contractual Partner, nor retain, use, or disclose California Personal Data for a commercial purpose other than the business purposes specified in the T&C and the Agreement (including Appendix 1), or as otherwise permitted by the CCPA;
      3. not retain, use, or disclose California Personal Data outside of the direct business relationship between the Parties;
      4. not combine California Personal Data, which DARLEAN US receives pursuant to the Agreement or from or on behalf of Contractual Partner, with personal information which it receives from or on behalf of another person or persons, or collects from its own interaction with the individual to whom such California Personal Data relates, except as otherwise expressly permitted by the CCPA;
      5. reasonably cooperate with Contractual Partner in responding to any requests from any individual regarding California Personal Data relating to such individual, including reasonably assisting Contractual Partner in deletion, correction, or limitation of the use of such California Personal Data where required under the CCPA, and including instructing DARLEAN US’ service providers and/or contractors (if any) to so reasonably cooperate in such response;
      6. reasonably assist Contractual Partner through appropriate technical and organizational measures in Contractual Partner’s complying with the requirements of subdivisions (d) to (f), inclusive, of Section 1798.100 of the CCPA, taking into account the nature of the California Personal Data processing by DARLEAN US;
      7. implement and maintain commercially reasonable security procedures and practices, including the procedures and practices set out in Appendix 2, appropriate to the nature of the California Personal Data intended to protect such California Personal Data from unauthorized access, destruction, use, modification, or disclosure;
      8. comply with all applicable obligations under the CCPA and provide the same level of privacy protection with respect to California Personal Data as required by the CCPA;
      9. notify Contractual Partner if DARLEAN US determines it can no longer meet its obligations under the CCPA; and
      10. to the extent required by the CCPA, comply with Section 1798.140(m) of the CCPA with respect to deidentified data (as defined in the CCPA) received by DARLEAN US from Contractual Partner.

      To the extent DARLEAN US is a contractor, DARLEAN US certifies that DARLEAN US understands the restrictions provided in Sections 2(b)(i), 2(b)(ii), 2(b)(iii), and 2(b)(iv) and will comply with them.

    3. DARLEAN US acknowledges and agrees that the California Personal Data has been disclosed to it for the limited and specified purposes set forth in the T&C and the Agreement (including Appendix 1) and DARLEAN US further acknowledges and agrees that Contractual Partner shall have the right: (i) to take reasonable and appropriate steps to ensure that DARLEAN US uses California Personal Data in a manner consistent with Contractual Partner’s obligations under the CCPA; and (ii) upon notice from Contractual Partner to DARLEAN US, to take reasonable and appropriate steps to stop and remediate unauthorized use of California Personal Data.
    4. To the extent required by the CCPA and to the extent DARLEAN US is a contractor, DARLEAN US shall permit, subject to agreement of the Parties, Contractual Partner to monitor DARLEAN US’ compliance with this Appendix through measures, including, but not limited to, ongoing manual reviews and automated scans, and regular assessments, audits, or other technical and operational testing once every twelve (12) months (each, an “Audit”), upon reasonable prior notice from Contractual Partner, provided that no third-party auditor (each an “Auditor”) shall be a competitor of DARLEAN US, nor shall any Auditor be compensated on a contingency basis, and provided further that in no event shall Contractual Partner or any Auditor have access to the information of any other customer of DARLEAN US and the disclosures made pursuant to this Section 2(d) (“Audit Information”) shall be held in confidence as DARLEAN US’ confidential information and subject to any confidentiality obligations in the T&C, and provided further that no Audit shall be undertaken unless or until Contractual Partner has requested, and DARLEAN US has provided, information about DARLEAN US’ data protection practices and Contractual Partner reasonably determines that an Audit remains necessary to demonstrate material compliance with the obligations laid down in this Appendix. Without limiting the generality of any provision in the T&C, Contractual Partner shall employ the same degree of care to safeguard Audit Information that it uses to protect its own confidential and proprietary information and in any event, not less than a reasonable degree of care under the circumstances, and Contractual Partner shall be liable for any improper disclosure or use of Audit Information by Contractual Partner or its agents.
    5. If DARLEAN US engages any other person to assist DARLEAN US in processing California Personal Data for a business purpose on behalf of Contractual Partner, DARLEAN US shall notify Contractual Partner of such engagement, and the engagement shall be pursuant to a written contract binding the other person to observe substantially similar requirements to those set forth in this Appendix. DARLEAN US hereby notifies Contractual Partner that DARLEAN US may engage the persons listed in Appendix 3 of the Agreement to assist DARLEAN US in processing California Personal Data for a business purpose on behalf of Contractual Partner.

Appendix 4: California Data Appendix

  1. State Data Protection Laws. This Other States Data Appendix (this “Appendix”), forms part of the Agreement. Capitalized terms used and not otherwise defined herein shall have the meanings ascribed to them in the Agreement.
    1. Instructions. Contractual Partner hereby instructs DARLEAN US to Process State Laws Data as set out in the T&C and the Agreement (including Appendix 1).
    2. Nature of the Processing; Purpose of the Processing. The nature and purpose of the Processing is as set forth in the T&C and the Agreement (including Appendix 1).
    3. Types of State Laws Data. The types of State Laws Data subject to Processing are as set forth in Appendix 1.
    4. Duration of Processing. The duration of the State Laws Data Processing is as set forth in the Agreement (including Appendix 1).
    5. Rights, Duties, and Obligations. Except as otherwise required or permitted by applicable law, DARLEAN US shall:
      1. Ensure that each person Processing State Laws Data on behalf of DARLEAN US is subject to a duty of confidentiality with respect to such State Laws Data;
      2. At Contractual Partner’s choice and direction, delete or return all State Laws Data to Contractual Partner in accordance with Section 10 of the Agreement, unless retention of such State Laws Data is required by applicable law;
      3. Make available to Contractual Partner all information necessary to demonstrate DARLEAN US’ compliance with the obligations in the State Data Protection Laws;
      4. Taking into account the context of Processing, DARLEAN US shall implement appropriate technical and organizational measures, including the measures set out in Appendix 2, designed to ensure a level of security with respect to the State Laws Data appropriate to the risk in accordance with the Agreement;
      5. Allow for, contribute to, and cooperate with reasonable audits, inspections, and/or assessments (each a “State Audit”) by Contractual Partner or Contractual Partner’s designated third-party representative (each, a “State Auditor”), provided that, to the extent permitted by State Data Protection Laws, as an alternative, Contractual Partner hereby consents that DARLEAN US may arrange for a qualified and independent auditor or assessor to conduct (at least annually and at Contractual Partner’s expense (except to the extent State Data Protection Laws require such expense to be borne by DARLEAN US)) a State Audit of DARLEAN US’ policies and technical and organizational measures in support of the obligations under the State Data Protection Laws using an appropriate and accepted control standard or framework and State Audit procedure for the State Audits as applicable and DARLEAN US shall provide a report of such State Audit (and the results thereof) to Contractual Partner upon request. No third-party State Auditor appointed by Contractual Partner shall be a competitor of DARLEAN US, nor shall any such State Auditor be compensated on a contingency basis. In no event shall Contractual Partner or any State Auditor have access to the information of any other customer of DARLEAN US and the disclosures made pursuant to this Section 1(e)(v) (“State Audit Information”) shall be held in confidence as DARLEAN US’ Confidential Information and subject to the confidentiality obligations in the T&C, and provided further that no State Audit under this Section 1(e)(v) shall be undertaken unless or until Contractual Partner has requested, and DARLEAN US has provided, information about DARLEAN US’ data protection practices and Contractual Partner reasonably determines that such a State Audit remains necessary to demonstrate material compliance with the obligations laid down in the State Data Protection Laws. Without limiting the generality of any provision in the T&C, Contractual Partner shall employ the same degree of care to safeguard State Audit Information that it uses to protect its own confidential and proprietary information and in any event, not less than a reasonable degree of care under the circumstances, and Contractual Partner shall be liable for any improper disclosure or use of State Audit Information by Contractual Partner or its agents; and
      6. Engage a subcontractor to Process State Laws Data on behalf of DARLEAN US only after providing Contractual Partner with an opportunity to object, and DARLEAN US shall bind each such subcontractor to a written contract in accordance with State Data Protection Laws that requires such subcontractor to comply with obligations of processors (as defined in the State Data Protection Laws) under the State Data Protection Laws and to meet equivalent obligations with respect to such State Laws Data as are set forth in this Other States Data Appendix. Contractual Partner hereby consents to DARLEAN US’ engagement of the subcontractors listed in Appendix 3 of this Agreement to Process State Laws Data.
    6. Deidentified Data. To the extent required by State Data Protection Laws, with respect to Deidentified Data received by DARLEAN US from Contractual Partner, DARLEAN US shall: (A) take reasonable measures to ensure that such data cannot be associated with an individual; (B) publicly commit to maintain, use, and Process such Deidentified Data only in a de-identified fashion and not attempt to re-identify such Deidentified Data; and (C) comply with the State Data Protection Laws. “Deidentified Data” means data that cannot reasonably be used to infer information about, and that cannot otherwise be linked to, an identified individual or an identifiable individual, or to a device linked to such individual.