Acceptance of Terms
By accessing the website at https://reboo.io (Develvet Ltd. is the owner of the site), you are agreeing to be bound by these terms of service, all applicable laws and regulations, and agree that you are responsible for compliance with any applicable local laws. If you do not agree with any of these terms, you are prohibited from using or accessing this site. The materials contained in this website are protected by applicable copyright and trademark law.
Permission is granted to temporarily download one copy of the materials (information or software) on Develvet Limited's website for personal, non-commercial transitory viewing only. This is the grant of a license, not a transfer of title, and under this license you may not:
i. modify or copy the materials;
ii. use the materials for any commercial purpose, or for any public display (commercial or non-commercial);
iii. attempt to decompile or reverse engineer any software contained on Develvet Limited's website;
iv. remove any copyright or other proprietary notations from the materials; or
v. transfer the materials to another person or "mirror" the materials on any other server.
This license shall automatically terminate if you violate any of these restrictions and may be terminated by Develvet Limited at any time. Upon terminating your viewing of these materials or upon the termination of this license, you must destroy any downloaded materials in your possession whether in electronic or printed format.
The materials on Develvet Limited's website are provided on an 'as is' basis. Develvet Limited makes no warranties, expressed or implied, and hereby disclaims and negates all other warranties including, without limitation, implied warranties or conditions of merchantability, fitness for a particular purpose, or non-infringement of intellectual property or other violation of rights.
Further, Develvet Limited does not warrant or make any representations concerning the accuracy, likely results, or reliability of the use of the materials on its website or otherwise relating to such materials or on any sites linked to this site.
In no event shall Develvet Limited or its suppliers be liable for any damages (including, without limitation, damages for loss of data or profit, or due to business interruption) arising out of the use or inability to use the materials on Develvet Limited's website, even if Develvet Limited or a Develvet Limited authorized representative has been notified orally or in writing of the possibility of such damage. Because some jurisdictions do not allow limitations on implied warranties, or limitations of liability for consequential or incidental damages, these limitations may not apply to you.
Accuracy of materials
The materials appearing on Develvet Limited's website could include technical, typographical, or photographic errors. Develvet Limited does not warrant that any of the materials on its website are accurate, complete or current. Develvet Limited may make changes to the materials contained on its website at any time without notice. However Develvet Limited does not make any commitment to update the materials.
Develvet Limited has not reviewed all of the sites linked to its website and is not responsible for the contents of any such linked site. The inclusion of any link does not imply endorsement by Develvet Limited of the site. Use of any such linked website is at the user's own risk.
Develvet Limited may revise these terms of service for its website at any time without notice. By using this website you are agreeing to be bound by the then current version of these terms of service.
These terms and conditions are governed by and construed in accordance with the laws of the United Kingdom and you irrevocably submit to the exclusive jurisdiction of the courts in that State or location.
Refund Requests on Subscription Renewals
For monthly/yearly subscriptions, the refund policy will only cover the FIRST charge for purchasing the software. The second, third, fourth and so on charges will not be covered by the refund policy.
Users can still request for the cancellation of the subscription and we will cancel the subscription immediately - no questions asked.
DEVELVET DATA PROCESSING ADDENDUM TO THE SERVICES AGREEMENT
This Data Processing Addendum ("Addendum") is made on [●] ("Effective Date") and supplements the Develvet customer terms of service agreement available at https://reboo.io/terms.html as updated from time to time between customer and Develvet Ltd.. This Addendum covers when the GDPR applies to your use of Develvet services to process Customer Data. This Addendum is an agreement between you or the entity you represent (“Customer”, “You, “Your”) and Develvet. (“Company”)
DATA PROCESSING TERMS
In providing the Subscription Services to Customer pursuant to the service Agreement (“Develvet services”), Develvet may in certain scenarios process Personal Data on behalf of the Customer. In such scenarios involving EU Data subjects Personal Data, Develvet will comply with the provisions in this GDPR Addendum with respect to its Processing of any such Personal Data.
Means the entity which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data
Means paid member of subscription Service of Develvet who is party to this Agreement.
Means any data, information or material originated by Customer that Customer submits to Develvet, collects through its use of the Subscription Services or provides to Develvet in the course of using the Subscription Services.
Means the individual to whom Personal Data relates.
Means the European Economic Area, which constitutes the member states of the European Union and Norway, Iceland and Liechtenstein, as well as for the purposes of this GDPR Addendum, the United Kingdom.
General Data Protection Regulation as of 25 May 2018
Means any Customer Data relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly. In particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological genetic, mental, economic, cultural or social identity of that natural person.
Means an entity which Processors Personal Data on behalf of the Controller.
Means any operation or set of operations which is performed on Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination restriction, erasure or destruction.
Means the website editor services provided by Develvet to customer under the Terms of service at https://reboo.io/terms.html
Means an independent public authority which is established by an EU member state pursuant to EU Data Protection Legislation.
2. Applicability of GDPR Addendum
2.1 Applicability. This Addendum shall apply only to the extent Customer is established within the EEA or Switzerland and/or to the extent Develvet Processes Personal Data of Data Subjects located in the EEA or Switzerland on behalf of Customer or an agent of the Customer.
2.2 In this context, Develvet will act as “processor” to Customer who may act either as “controller” or “processor” with respect to Customer Data (as each term is defined in the GDPR).
3. Customer Controls
3.1 The Services provide Customer with a number of controls, including security features and functionalities, that Customer may use to retrieve, correct, delete or restrict Customer Data as described in the Documentation.
4. Details of Data Processing
4.1 Subject matter. The Subject matter of the data processing under this Addendum is Customer Data.
4.2 Duration. As between Develvet and Customer, the duration of the data processing under this Addendum is determined by Customer.
4.3 Purpose. The purpose of the data processing under this Addendum is the provision of the Services initiated by the Customer from time to time.
4.4 Nature of the processing. Compute, storage and such other services as described in the Documentation and initiated by Customer from time to time.
4.5 Type of Customer Data: Customer names, addresses and email addresses of Authorized Customers, the nature and size of the business, and the nature and size of the advertising inventory that the Authorized Customer intends to purchase or sell.
4.6 Categories of data Subjects: The data subjects may include Customer’s customers, employees, suppliers and end-users.
5. Compliance with Develvet
Each party will comply with all Develvet , rules and regulations applicable to it and binding on it in the performance of this Addendum, including GDPR.
6. Customer Instructions
The parties agree that this Addendum and the agreement (including the provision of instructions via configuration tools such as Reboo dashboard, management console and API’s made available on the software) constitute Customer’s documented instructions regarding Develvet’s processing of Customer Data (“Documented Instructions”).
6.1 Develvet will process Customer Data only in accordance with Documented Instructions. Additional instructions outside the scope of the Documented instructions (if any) require prior written agreement between Develvet and the Customer, including agreement on additional fees payable by the Customer to Develvet for carrying out such instructions.
6.2 Customer is entitled to terminate this Addendum and the Agreement if Develvet declines to follow instructions requested by Customer that are outside the scope of or changed from those given and agreed to be given in this Addendum.
7. Confidentiality of Customer Data
Develvet will not access or use, or disclose to any third party, any Customer Data, except, in each case, as necessary to maintain or provide the Services, or as necessary to comply with the law or a valid and binding order of a governmental body (such as a subpoena or court order). If a governmental body sends Develvet a demand for Customer Data, Develvet will attempt to redirect the Governmental body to request the data directly from Customer.
7.1 As part of this effort, Develvet may provide Customers basic contact information to the Governmental body.
7.2 If compelled to disclose Customer Data to Governmental body, then Develvet will give Customer reasonable notice of the demand to allow Customer to seek a protective order or other appropriate remedy unless Develvet is legally prohibited from doing so.
8. Confidentiality Obligations of Develvet Personnel
Develvet restricts its personnel from processing Customer Data without authorisation by Develvet as described in the Develvet Security Standards. Develvet imposes appropriate contractual obligations upon its personnel, including relevant obligations regarding confidentiality, data protection and data security.
9. Security of Data Processing
9.1 Develvet has implemented and will maintain the technical and organisational measures for the Develvet Network as described in the Develvet Security Standards and this Section. In particular, Develvet has implemented and will maintain the following technical and organisational measures
9.1.1 Security of Reboo Network
9.1.2 Physical security of the facilities
9.1.3 Measures to control access rights of Develvet employees and contractors in relation to Reboo Network
9.1.4 Processes for regularly testing, assessing and evaluating the effectiveness of the technical and organisational measures implemented by Develvet.
9.2 Customer may elect to implement technical and organisational measures in relation to Customer Data. Such technical and organisational measures include the following which may be obtained by Customer from Reboo as described in the Documentation, or directly from a third party supplier:
9.2.1 pseudonymisation and encryption to ensure an appropriate level of security;
9.2.2 measures to ensure the ongoing confidentiality, integrity, availability and resilience of the processing systems and services that are being operated by Customer; Develvet GDPR Data Processing Addendum 3
9.2.3 measures to allow Customer to backup and archive appropriately in order to restore availability and access to Customer Data in a timely manner in the event of a physical or technical incident; and
9.2.4 processes for regularly testing, assessing and evaluating the effective
10. Sub Processing
10.1 Authorised Sub-processor. Customer agrees that Develvet may use sub-processors to fulfill its contractual obligations under this Addendum or to provide certain services on its behalf such as providing support services.
10.2 Develvet will list its sub processors that are currently engaged by Develvet to carry out processing activities on Customer Data on behalf of Customer. At least 30 days before Develvet engages a new sub-processor it will update the applicable website and provide Customer with a mechanism to obtain notice of that update.
10.3 Customer consents to Develvets use of sub-processors as described in this Section
10.4 Develvet will not permit a sub-processor to carry out processing activities on Customer Data on behalf of Customer if Processor does not subscribe to the sub processor obligations set out below. Sub-processor Obligations. Where Develvet authorises any sub-processor:
10.4.1 (i) Develvet will restrict the sub-processor’s access to Customer Data only to what is necessary to maintain the Services or to provide the Services to Customer and any End Users in accordance with the Documentation and Develvet will prohibit the sub-processor from accessing Customer Data for any other purpose;
10.4.2 (ii) Develvet will enter into a written agreement with the sub-processor and, to the extent that the sub-processor is performing the same data processing services that are being provided by Develvet under this Addendum, Develvet will impose on the subprocessor the same contractual obligations that Develvet has under this Addendum; and
10.4.3 (iii) Develvet will remain responsible for its compliance with the obligations of this Addendum and for any acts or omissions of the sub-processors that cause Develvet to breach any of Develvet obligations under this Addendum.
12. Optional Security Features
Develvet makes available a number of security features and functionalities that Customer may elect to use. Customer is responsible for
12.1 implementing the measures described in Section 9.2, as appropriate,
12.2 properly configuring the Services,
12.3 using Develvet GDPR Data Processing Addendum 4 the controls available in connection with the Services (including the security controls) to allow Customer to restore the availability and access to Customer Data in a timely manner in the event of a physical or technical incident (e.g. backups and routine archiving of Customer Data), and
12.4 taking such steps as Customer considers adequate to maintain appropriate security, protection, and deletion of Customer Data, which includes use of encryption technology to protect Customer Data from unauthorised access and measures to control access rights to Customer Data.
13. Security Breach Notification
13.1 . Security Incident. Develvet will (a) notify Customer of a Security Incident without undue delay after becoming aware of the Security Incident, and b) take reasonable steps to mitigate the effects and to minimise any damage resulting from the Security Incident.
13.2 Develvet Assistance. To assist Customer in relation to any personal data breach notifications Customer is required to make under the GDPR, Develvet will include in the notification such information about the Security Incident as Develvet is reasonably able to disclose to Customer, taking into account the nature of the Services, the information available to Develvet, and any restrictions on disclosing the information, such as confidentiality.
13.3 Unsuccessful Security Incidents. Customer agrees that:
13.3.1 an unsuccessful Security Incident will not be subject to this. An unsuccessful Security Incident is one that results in no unauthorised access to Customer Data or to any of Develvet equipment or facilities storing Customer Data, and may include, without limitation, pings and other broadcast attacks on firewalls or edge servers, port scans, unsuccessful log-on attempts, denial of service attacks, packet sniffing (or other unauthorised access to traffic data that does not result in access beyond headers) or similar incidents; and
13.3.2 Develvet obligation to report or respond to a Security Incident under this Section is not and will not be construed as an acknowledgement by Develvet of any fault or liability of Develvet with respect to the Security Incident.
13.4 Communication. Notification(s) of Security Incidents, if any, will be delivered to one or more of Customer’s administrators by any means Develvet selects, including via email. It is Customer’s sole responsibility to ensure Customer’s administrators administrators maintain accurate contact information on the Develvet management console and secure transmission at all times.
14. Privacy Impact Assessment and Prior Consultation
Privacy Impact Assessment and Prior Consultation. Taking into account the nature of the Services and the information available to Develvet , Develvet will assist Customer in complying with Customer’s obligations in respect of data protection impact assessments and prior consultation pursuant to Articles 35 and 36 of the GDPR, by providing the information Develvet makes available under this Section.
15. Audit Reports
At Customer’s written request, and provided that the parties have an applicable NDA in place, Develvet will provide Customer with a copy of the Report so that Customer can reasonably verify Develvet compliance with its obligations under this Addendum.
16. Customer Audits
Customer agrees to exercise any right it may have to conduct an audit or inspection including under the standard Contractual clauses if they apply by instructing Develvet to carry out the audit in section 14 and 15. If Develvet declines to follow any instruction requested by the customer regarding audit and inspections, the Customer is entitled to terminate his account with no compensation.
17. Transfer of Personal Data
Develvet is a worldwide service. By using Develvet , you authorize us to transfer and store your information outside your home country, including in the United States, for the purposes described in this policy. The privacy protections and the rights of authorities to access your information in these countries may not be the same as in your home country. We take additional measures when information is transferred from the European Economic Area (EEA). This includes having standard clauses approved by the European Commission in our contracts with parties that receive information outside the EEA. We also rely on European Commission adequacy decisions about certain countries, as applicable, for data transfers to countries outside the EEA.
18. Return or Deletion of Consumer Data
The Services provide Customer with controls that Customer may use to retrieve or delete Customer Data as described in the Documentation. Up to the Termination Date, Customer will continue to have the ability to retrieve or delete Customer Data in accordance with this Section. For 90 days following the Termination Date, Customer may retrieve or delete any remaining Customer Data from the Services, subject to the terms and conditions set out in the Agreement, unless prohibited by law or the order of a governmental or regulatory body or it could subject Develvet or its Affiliates to liability. No later than the end of this 90 day period, Customer will close all Develvet accounts. Develvet will delete Customer Data when requested by Customer by using the Service controls provided for this purpose by Develvet.
19. Duties to Inform
Where Customer Data becomes subject to confiscation during bankruptcy or insolvency proceedings, or similar measures by third parties while being processed by Develvet, Develvet will inform Customer without undue delay. Develvet will, without undue delay, notify all relevant parties in such action (e.g. creditors, bankruptcy trustee) that any Customer Data subjected to those proceedings is Customer’s property and area of responsibility and that Customer Data is at Customer’s sole disposition.
20. Entire Agreement; Conflict
Except as amended by this Addendum, the Agreement will remain in full force and effect. If there is a conflict between any other agreement between the parties including the Agreement and this Addendum, the terms of this Addendum will control.
Develvet Security Standards
Capitalised terms not otherwise defined in this document have the meanings assigned to them in the Agreement.
1. Information Security Program. Develvet will maintain an information security program (including the adoption and enforcement of internal policies and procedures) designed to (a) help Customer secure Customer Data against accidental or unlawful loss, access or disclosure, (b) identify reasonably foreseeable and internal risks to security and unauthorised access to the Develvet Network, and (c) minimise security risks, including through risk assessment and regular testing. Develvet will designate one or more employees to coordinate and be accountable for the information security program. The information security program will include the following measures:
a) Network Security. The Develvet Network will be electronically accessible to employees, contractors and any other person as necessary to provide the Services. Develvet will maintain access controls and policies to manage what access is allowed to the Develvet Network from each network connection and user, including the use of firewalls or functionally equivalent technology and authentication controls. Develvet will maintain corrective action and incident response plans to respond to potential security threats.
b) Physical Security. Physical Access Controls. Physical components of the Develvet Network are housed in nondescript facilities (the “Facilities”). Physical barrier controls are used to prevent unauthorised entrance to the Facilities both at the perimeter and at building access points.
c) Physical Security Protections. All access points (other than main entry doors) are maintained in a secured (locked) state. Access points to the Facilities are monitored by video surveillance cameras designed to record all individuals accessing the Facilities.
2. Continued Evaluation. Develvet will conduct periodic reviews of the security of its Develvet Network and adequacy of its information security program as measured against industry security standards and its policies and procedures. Develvet will continually evaluate the security of its Develvet Network and associated Services to determine whether additional or different security measures are required to respond to new security risks or findings generated by the periodic reviews.