Object

1. These general terms and conditions (“General Conditions”) contain the terms and conditions governing the provision, by Aryel S.r.l. with registered office in Via Arcivescovo Calabiana 6, 20139, Milan (“Company”), of the services offered through the website https://aryel. io/ (“Platform”), such as, by way of example but not limited to, the possibility of creating and customizing augmented reality content, customizing 3D models present in the Company’s library or uploaded by Users (“Content”), as well as the possibility of creating new immersive forms of advertising, such as, by way of example but not limited to, rich media displays as well as the possibility to purchase online and offline media spaces (“Media Services”) on which to distribute the Contents (jointly and unless otherwise specified, “Services”), offered under the terms and economic conditions indicated therein in favor of natural and/or legal persons interested in the Services within the scope of their professional activity (unless otherwise provided in the text, “User” shall mean both professionals and companies that will use the Services through the Platform).
2. By proceeding with the purchase and/or use of the Services, the User declares and accepts i) the conditions of use of the Services as described on the Platform in terms of their description and economic and payment details and, in particular, ii) that all Services may be interrupted at the discretion of the Company and therefore a minimum duration of the same is not guaranteed, without prejudice to the User’s right to receive any refund of the part of the Services not used exclusively in relation to the discretionary interruption of the Services by the Company.
3. Any further agreements prevail only with regard to specific services that do not concern the Platform.

Conclusion of the General Conditions

4. The User declares that he/she has read and expressly accepted the General Conditions when using the Platform and/or registering (“Registration”) to the Platform by creating an account (“Account”) and/or purchasing one or more Services  in return for payment (“Fee”). The General Conditions are to be considered applicable, without distinction, to all Users who use all or part of the Services.
5. The User interested in the Services, at the time of Registration may choose whether to use the Platform i) in “self-service” mode, which allows the User to create and/or share augmented reality Content and/or 3D models independently with the help of a wide selection of 3D models and “ready-to-use” templates (“Self-service”); ii) with the support of the Company which provides its expertise in the creation of personalized Content (“Service Management”).
6. In the event that the User intends to implement new immersive forms of advertising or to use the Media Services both in Self-Service mode and in Service Management mode, the Company undertakes to provide the User with a detailed media plan including costs (“Media Plan”), which shall be considered an integral and substantial part of the General Conditions. The User undertakes to: i) approve the Media Plan prior to the date of commencement of execution of each Media Plan via the Platform and/or communications with the Company, including by email; ii) sign each document that the media space providers may eventually request from the Company in order to obtain, by way of example but not limited to, specific guarantees related to the payments due for the Media Plan and/or confirmation of the mandate with/without representation given to the Company and/or adherence to regulations or commitments to comply with the regulations relating to the Services, including the self and iii) without prejudice to what is provided elsewhere in the General Conditions, to pay all the costs relating to the Media Plan in accordance with the terms and conditions of the media suppliers, it being understood that under no circumstances may the Company be required to finance and/or pay for the User’s advertising campaigns and/or the relevant advertising space and/or in any case to advance any sum necessary for the performance of the aforesaid Services, before having received express written approval of the Media Plan from the User. The User undertakes as of now to advance the aforementioned payments under the terms agreed in the General Conditions or by means of specific communications.
7. The purchase of the spaces referred to in the Media Services may be made by the Company through direct/programmatic purchase.
8. If the User does not intend to accept even one of the terms and conditions of the General Conditions, the User is invited to refrain from Registration on the Platform.
9. The User acknowledges and agrees that the Company reserves the right to modify the General Conditions at any time, at its own discretion, by informing the User by email. The User acknowledges and agrees, therefore, that it will be the User’s responsibility to provide the Company with the last valid email address in order to receive communications, including communications relating to changes to the General Conditions. The communication from the Company shall be considered to have been notified even if the address provided by the User is not valid.

Self-service Mode

10. The User acknowledges and agrees that the Company reserves the right, at its sole discretion, to cancel, by e-mail notice of thirty (30) days, one or more Services even if already purchased by the User. In this case the User agrees and acknowledges that the Company shall only pay a refund for the Services in proportion to the period not used.
11. Through the Self-service mode, the User will be able to use the tools on the Platform and will have access to a set of augmented reality content and 3D models that, the User may modify and/or use within the limits and terms set out in the General Conditions.

Service Management Mode

12. The User acknowledges and agrees that the Company reserves the right, at its sole discretion, to cancel, by e-mail notice of thirty (30) days, one or more Services even if already purchased by the User. In this case the User agrees and acknowledges that the Company shall only pay a refund for the Services in proportion to the period not used.
13. Through the Service Management Mode, the User shall be supported by the Company in the creation of Content such as, but not limited to, promotional content in augmented reality and/or 3D according to the User’s needs and requests and as better specified in a specific agreement (“Customized Content”).

Registration and Payments

14. In order to access the Services, the User must complete the Platform Registration process. The fees (“Fees”) for the Services, payment methods and any changes thereto are indicated on the Platform and/or in ad hoc communications relating to the Services, without prejudice to what is set out below. In particular, the User acknowledges and agrees that, depending on the choice at the time of purchasing Services by means of a monthly or annual subscription formula, the terms for the interruption of the same vary, with particular reference to the Fees.
15. In relation to the immersive Contents object of the Media Services, the consideration due to the Company shall be composed of the amount due based on the monthly or annual subscription formula chosen by the User and/or an amount agreed on a CPM basis (so-called cost per thousand, i.e. related to the number of impressions reached on the publisher’s websites, social media, search engines or any other platform). The User acknowledges and agrees that, where foreseen as part of the consideration, the amount due calculated on a CPM basis may vary depending on the modalities agreed between the Parties with regard to the distribution of the Contents (i.e., whether managed autonomously by the User or coordinated by the Company) as better indicated in the estimate and/or in the invoices that the Company shall issue in relation to the Services which shall be governed by the General Conditions.
16. The User acknowledges and agrees that the Company reserves the right to propose different prices or free access to certain categories of Users or particular commercial promotions and, in this regard, the User hereby waives any claim, even by way of reimbursement or compensation, against the Company. At the time of Registration, the User is required to provide one or more current, valid and accepted payment methods (e.g. credit card, bank transfer etc.), which can be updated from time to time (“Payment Method”). The User acknowledges and agrees that if the User selects a monthly subscription formula, the only accepted Payment Method will be by credit card.
17. In order to proceed with payment for the Services, the User must follow the instructions on the Platform and, where applicable, use the page provided by the Company and enter all the data required for billing. The User acknowledges and agrees that the payments and all management of the data required to make the payment may be handled by third party companies other than the Company with regard to all or part of the Services. At no time during the above-mentioned purchase procedure is the Company able to know the User’s credit card information. In no case, therefore, can the Company be held responsible for any fraudulent or undue use of credit cards and for the management of the data necessary for payment by third parties.
18. In the event of payment by credit card, at the conclusion of the online transaction, the relevant payment gateway shall authorize only the amount related to the purchase made. The relevant amount shall be charged to the User’s credit card at the time of purchase.
19. In the event of cancellation of the purchase by the User, the payment gateway shall cancel the transaction and release the pledged amount. The time of release, for some types of cards, depends exclusively on the payment gateway’s system and may be up to their natural expiry date (24th day from the date of authorisation). Once the transaction has been cancelled, the User acknowledges and expressly agrees that under no circumstances may the Company be held liable for any damages, direct or indirect, caused by delays in the payment gateway’s failure to release the amount committed.
20. The Company reserves the right to ask the User for additional information (e.g. identification document) or to send copies of documents proving the ownership of the credit card used. In the absence of the requested documentation, the Company reserves the right not to accept the order.
21. The User acknowledges and agrees that it shall be his or her responsibility, during Registration, to indicate any reference to the tax code and/or VAT number and/or other invoicing data in the event that he or she wishes an invoice to be issued with such indication.
22. In the event of payment of the Fees with a delay of more than 30 (thirty) days, the Company shall charge the User default interest at the rate of 1.5% of the outstanding balance per month, or the maximum rate permitted by law, whichever is lower. In such cases, the User acknowledges and agrees that the Company shall be entitled to terminate the General Conditions by discontinuing the provision of the Services or, alternatively and at its own discretion, suspend the Services until full payment of all amounts due, including interest for late payment. Notwithstanding the foregoing, the Company’s right to take action for damages shall remain unaffected.
23. The User acknowledges and agrees that any correspondence relating to financial information and/or otherwise administrative matters shall be made by e-mail exclusively to the following contact: The User acknowledges and agrees that any correspondence relating to financial information and/or otherwise administrative matters shall be made by e-mail exclusively to the following contact: afc@aryel.io
24. The User acknowledges and agrees that:
    1. The Company reserves the right each year, at its sole discretion, to change the Fees for the Services by means of an e-mail notice of at least thirty (30) days. In relation to the foregoing, the User has the right not to accept the aforementioned increases and to terminate the General Conditions solely in relation to the Services for which he/she does not accept the increase in Fees, otherwise the adjustment of the Fees shall apply to the User from the date of entry into force of the said changes within the terms communicated by the Company;
    2. in no event shall the User be liable to be reimbursed for any Fees, in whole or in part, already paid to the Company (including, without limitation, any commissions paid in connection with the Media Services);
    3. all payments for the Services shall be made in Euro (€) and, any changes to the Fees resulting from the conversion from another currency, i.e. exchange rates, shall not be deemed a change to the Fees within the meaning of (a) above;
    4. if the Services have an annual duration and the User purchases a Service with such a duration, payment of the full annual subscription fee shall be due in full even if the User requests termination of the Service in accordance with the General Conditions.

Intellectual Property Rights

25. The User acknowledges and agrees that the rights are the exclusive property of the Company and/or of third parties that have licensed their use to the Company, and are protected against unauthorized use, copying and dissemination by intellectual and industrial property law (“Rights”). The mere use of the Services does not grant the User any rights, including but not limited to intellectual and industrial property rights, over the Services in whole or in part; therefore, the User may not use the Rights in any way whatsoever, except for what is strictly necessary to use the Services and for the duration of the same.
26. IThe User acknowledges and agrees that in relation to the Rights on the Services, against the correct and full payment of the Fees, the Company grants the User a license to exploit the Intellectual Property Right on the Services, for the purposes and under the terms of the General Conditions and/or any documents linked to the same (by way of example, any details concerning the Services agreed via the Platform). In particular, the Company grants:
    1. an exclusive license, in the national territory of reference indicated on the Platform or in other written communication between the Parties (unless otherwise agreed), in relation to the Personalized Content and the Media Services to the extent and for the duration agreed in relation to each Service, including through the Platform. However, the Company acknowledges and agrees that i) the aforesaid license relates to the Personalized Content in its final version and/or the material provided in connection with the Media Services in its final version as obtained by the User, while the object code and source code from which the Personalized Content may be created shall remain the exclusive property of the Company, ii) the template of the Personalized Content may be uploaded within the Platform – free, in any case by any and all trademarks and/or materials provided by the User – and may also be used by other Users of the Platform without the User being able to claim and/or claim exclusivity over such templates, and iii) any use of the Customized Content for purposes or in ways other than those referred to in this article (for example, use in a different territory or by a party other than the User) must be authorized in advance in writing by the Company, which shall be entitled to obtain ad hoc compensation for such further use;
    2. a non-exclusive license in relation to the Content created by the User on the Platform, in connection with which the User acknowledges and agrees that the models of standard augmented reality Content and standard 3D models may also be used by other Users of the Platform without the User being able to claim and/or claim exclusivity over such standard models.
27. Except to the extent necessary to use the Services, the User may not download, copy, use, assign, rent, sub-license, lend, modify, adapt, attempt to modify or alter the source code, reverse engineer, decompile, disassemble or otherwise operate all or any part of the Services and/or the Platform.
28. The unauthorized use, copying, reproduction, modification, republication, updating, downloading, sending by post, transmission, distribution or duplication or any other abusive use of the Services and/or the Platform and/or the object of the Rights by the User is prohibited. As a user of the Services, the User agrees not to use the object of the Rights for illicit purposes and/or in violation of the provisions of the General Conditions and agrees not to violate the Rights of the Company and/or its third-party licensors.
29. In relation to the foregoing, the User hereby undertakes to indemnify and hold harmless the Company from any damage or loss directly or indirectly consequent to the use that the User shall make of the Rights in violation of the provisions of the General Conditions.
30. In relation to all materials and/or products of third parties that may be made available to the User through the Services, the User acknowledges and agrees that the Company i) has received from the aforementioned third parties the necessary authorizations exclusively for the purposes directly connected to the Services and ii) cannot provide any guarantee regarding the correctness, truthfulness completeness, originality and updating of such Content and therefore, by way of example only, does not guarantee that the Content does not violate third party rights or that it is adequate and/or sufficient for the User to achieve particular objectives or results (by way of example, in economic terms, personal or professional success).
31. The User acknowledges and agrees that violation of this article shall be considered a serious breach of the General Conditions with all the legal consequences associated with such violation.

User Declaration and Warranties

32. The User acknowledges and expressly agrees that, in the event of a violation by the User of the law, third party rights or the General Conditions, the Company may suspend or interrupt the provision of the Service purchased by the User, prevent the User from accessing the Platform and/or the Account at any time and for any reason at the discretion of the Company as well as take any other action useful to protect the rights and interests of the Company.
33. The User acknowledges and agrees that in the event of malfunctions and/or assistance in using the Platform, the User should contact the Company at help@aryel.io.
34. In order to use the Services, the User must be at least eighteen years of age and, in this regard, the Company reserves the right, during Registration, to request proof that the User has reached the age of majority.
35. The User declares and warrants that:
    • he/she has read and understood the General Conditions;
    • he/she has the necessary authority to act for the purposes set out therein and that
    • he/she has the capacity to act and sign legally binding contracts;
    • he/she has, when registering with the Platform, chosen a secure and complex password; and that for the duration of the relationship that has arisen from the signing of the General Conditions, the User: i) shall keep the password secure and secret; ii) shall not assign his/her Account on the Platform or access to the Services purchased; iii) shall not allow third parties to use his/her Account and/or the Services purchased through the same; and iv) shall comply with any applicable laws regarding the management of computer accounts;
    • any and all material provided to the Company in connection with the Services, including but not limited to 3D models, does not violate any third-party rights including image rights, intellectual property rights and, more generally, the laws applicable to them, including the laws relating to advertising and privacy and the protection of personal data;
    • the Company shall under no circumstances be held liable for any breach of the regulations applicable to the Services, including, but not limited to, the regulations on advertising, intellectual property, privacy and protection of personal data, it being the User’s responsibility to carry out all necessary and appropriate verifications in order to be able to use the Services, including the Media Services, in compliance with the foregoing;
    • he/she shall refrain from reproducing, duplicating, copying, using, selling, reselling and in any case exploiting for commercial purposes the Services and all that is the subject matter of the Rights;
    • he/she shall refrain from any form of direct and/or indirect use of the Services that is against the law or that does not comply with the provisions of the General Conditions;
    • he/she shall not use systems of so-called spamming, chain messages or pyramid selling;
    • he/she shall not spread viruses, spyware, adware, rootkits, backdoors, trojans and other similar computer threats via the Services and/or the Platform;
    • he/she shall not use software or other automatic or manual mechanisms to copy or access the pages offering the Services and/or their content;
    • he/she shall not use/make use of harmful, fraudulent, misleading, threatening, harassing, defamatory, obscene or otherwise objectionable material;
    • he/she has the necessary equipment and applications to use the Services such as, for example, Internet services and, in this regard, the Company shall not be held responsible for any malfunctions, inability to access or poor conditions of use of the Platform attributable, for example, to unsuitable equipment;
    • if the User registers on the Platform in the name and on behalf of a company or training institute, that the User has all the authority to represent the company or training institute, agreeing to indemnify and hold the Company harmless from any and all prejudicial consequences resulting from a breach of this guarantee, which shall be considered a serious breach of the General Conditions. In relation to the aforementioned, the User agrees, where the company or educational institution that the User represents allows minors to use the Platform, to actively monitor their use of the Platform, acknowledging and accepting that, for any detriment caused by the use of the Platform by the aforementioned minors, the User shall be solely responsible to the Company, agreeing to indemnify and hold harmless the Company from any and all detrimental consequences resulting from the breach of this guarantee and specific commitment.

Liability – Limitation of Liability in Favour of the Company

36. The User acknowledges and agrees that, except where expressly specified in the General Conditions, the Company makes no representations or warranties, express or implied, with respect to the Services.
37. The Services may also be provided through the support of third parties, by way of example, through trainers, experts, mentors other than subjects belonging to the Company and/or connected to the same. The User acknowledges and agrees that the Company shall not be held responsible for what is stated by third parties and/or shown through the Contents during the use of the Services and, in this regard, hereby waives any claim against the Company.
38. The Company shall in no way be held responsible for the results obtained by the User by using the Services, whether positive or negative, and in particular the Company shall not be held responsible for any consequences that may arise for the User from the use of the Media Services of anything else provided by the Company through the Services (by way of example, in the case of consultancy services or professional updating). The actions taken by the User in any area that can be directly or indirectly linked to the Contents are exclusively their own responsibility and in no way can the Company be held responsible for any possible negative consequences, losses and/or damages deriving from the legal, commercial, corporate, tax etc. choices that may be taken (and/or not taken) by the User following the use of the Services.
39. Except in the case of wilful misconduct or gross negligence, the User i) acknowledges and agrees that the Company shall in no way be liable to the User for any damages, losses, costs, charges and expenses, direct or indirect, including any legal fees, incurred and/or borne by the User in connection with the Services and ii) hereby waives any and all claims, including reimbursement or compensation, against the Company. Notwithstanding the foregoing, the Company shall in no way be liable to the User for any delays or failures to perform its obligations in connection with the Services if such delays or failures result from force majeure.
40. The Company is not necessarily affiliated and/or partnered with the natural and/or legal persons who own the websites to which there are links within the Platform and/or Services and is not responsible in any way for the content of these websites. These links are made solely for the convenience of the User and access to these sites is at the discretion and sole responsibility of the User. A link from the Platform or the Services to any other website does not imply that the Company approves, endorses or recommends in any way said website or has any control over any element of the content of said website.
41. Without prejudice to the foregoing, the User acknowledges and agrees that i) the Services provided by the Company are supported by the majority of Android and iOS devices on the market the complete list can required and consulted; ii) the performance of the experience is related to the technical hardware and software specifications of each device; iii) the metrics measured depend on the distribution strategy and are therefore the responsibility of the User if the User is in charge of distribution; iv) the quality of the Internet connection and the loading times of the experiences depend on third party factors for which the Company may never be held responsible.
42. The User acknowledges and agrees that in the event of malfunctions of the Platform and/or the Services, the Company shall not be held liable except in cases where the Company detects, through its dedicated team, errors directly attributable to the Company and its actions.
43. The User acknowledges and agrees that the Company is not liable for interruptions and/or unavailability of the Services generated by:
    • ordinary or extraordinary maintenance;
    • misuse, incorrect configuration and/or commands performed voluntarily and/or involuntarily by the User;
    • failure to connect the virtual infrastructure(s) to the public network;
    • Internet network failures;
    • incompatibility between the local firewall and the Company’s firewall;
    • errors and malfunctions of any third-party services integrated into and/or otherwise connected to the Platform.

Indemnification

44. The User undertakes to indemnify and hold harmless the Company, its subsidiaries and affiliates, as well as their representatives, partners and employees from any damage, liability, cost, burden or expense, including legal fees, deriving from third party claims resulting from User’s use of the Services in a way that does not comply with the General Conditions and/or violates the provisions contained therein, including the representations and guarantees referred to in the relevant clause of the General Conditions.

Data Protection

45. For the purposes of the General Conditions, “Privacy Law” shall mean the Legislative Decree No. 196/2003, as amended and supplemented (“Privacy Code”), Regulation (EU) 679/2016 (“Regulation”), and any measures of the competent supervisory authority, including those of an injunctive or sanctioning nature applicable to the Services and any other national legislation relating to the protection of personal data and applicable to the processing of data related to the performance of the Services.
46. The User undertakes to ensure that its properties within the Services (i) contain a privacy policy that is clear, easy to understand and complies with the Privacy Law, (ii) provide for the correct identification of the legal basis and/or the obtaining of all consents of the individuals to whom the personal data relate that may be required by the Privacy Law. The privacy policy and/or extended cookie policy shall, at a minimum, provide for the sending of “cookies” or advertising identifiers and/or indications of how the Company collects information based on what the Company tells the User.
47. The Client expressly acknowledges and accepts, also on behalf of the third parties appointed by the Client, that Aryel may integrate, within the Services, at its own discretion, cookies and/or other types of identifiers and/or analytics and/or profiling identifiers in order to monitor the performance of the Services and/or the behavior of the data subjects in the context of the Services.
48. The Parties acknowledge and accept that if the Services referred to in the General Conditions provide for processing, on the part of the Company, of personal data of which the User is Data Controller or Data Processor, as applicable. If User is a Data Processor, User warrants to the Company that User’s instructions and actions with respect to User personal data, including its appointment of the Company as another processor, have been authorized by the relevant Data Controller. The User shall appoint the Client as data processor and/or sub-processor pursuant to art. 28 of the Regulation, with the Data Processing Agreement (DPA) included in Annex 1, which shall constitute an integral and substantial part of the General Conditions – regardless of its signature by the User, and which the User undertakes as of now to examine in detail, deemed to be accepted in full through the acceptance of the Annexes – which will also regulate any processing prior to the acceptance of the same and/or any testing activity.
49. By signing the DPA, the User represents and warrants that it, in turn, has entered into the appropriate data protection agreements with the third parties appointed by the User, and undertakes to indemnify and hold the Company, its subsidiaries and affiliates, as well as their respective representatives, partners and employees, harmless from any damages, liabilities, costs, charges or expenses, including legal fees, arising from the breach (or non-compliance with the Privacy Law) of such agreements.
50. Aryel will be the Data Controller of the personal data of the users who access to the Platform and will process such data for management and administrative purposes inherent to the fulfilment of contractual and legislative obligations, as better specified within the Platform Privacy Policy available on the website.

Assignment

51. The User may not assign all or part of the General Conditions, including any debts/credits, to third parties.

Duration and Survival of Clauses

52. The General Conditions shall be effective as of the date of acceptance thereof and shall remain in effect for the entire duration of the User’s use of the Services, unless terminated earlier under the terms described in the General Conditions and as provided below.
53. The following clauses of the General Conditions shall remain in force and effect even after the termination of the effect of the General Conditions: User Declarations and Warranties; Liability – Limitation of Liability in favor of the Company; Intellectual Property Rights; Applicable Law and Jurisdiction; Miscellaneous.

Right of Cancellation

54. The User may cancel the purchased Services at any time and will continue to have access to the same until the end of the current month or other billing period. Payments made and Fees due for Services with annual duration are in no case refundable and therefore the Company shall not be obliged to make refunds or grant credits for periods of partially used Services or for Services and/or part thereof not used. In order to cancel the Services, the User must send no later than 60 (sixty) days prior to the expiration date of each subscription period a notice by e-mail to hello@aryel.io in order to activate the support of the sales team and complete the cancellation process. Failure to send the notice of cancellation within the above terms will result in the automatic renewal of the license referred to in the General Conditions for an additional period equal to the current one (and thus one month in the case of a monthly subscription and one year in the case of an annual subscription) and the User will be required to pay the Fee in full for the renewal period, not being able to obtain a refund or other compensation under any circumstances.

Termination Clause

55. The Company, pursuant to Article 1456 of the Italian Civil Code, may terminate the General Conditions with immediate effect, by simply sending written notice to the User, including by e-mail, if the User has violated one or more of the following provisions of the General Conditions: Registration and Payments; User Declarations and Warranties; Intellectual Property Rights; Assignment. This shall be without prejudice in any case to the Company’s right to compensation for damages.

Applicable Law and Jurisdiction

56. The General Conditions are governed entirely by Italian law.
57. In relation to the type of Services offered to professionals in the context of professional activity, the Parties agree that the Consumer Code shall not apply. Any dispute arising between the Parties in relation to the validity, interpretation, execution and termination of the General Conditions and/or in any case in connection with the General Conditions shall be the exclusive jurisdiction of the Court of Milan, to the exclusion of any other, even concurrent or alternative, jurisdiction.

Miscellaneous

58. Any tolerance on the part of the Company towards conduct of the User carried out in violation of any provision of the General Conditions shall not constitute a waiver of the rights arising from the violated provision, nor of the right to demand the proper fulfillment of all provisions of the General Conditions themselves.
59. The General Conditions contain the overall agreement reached by the Parties with respect to the subject matter thereof and prevail over all previous communications, statements, as well as understandings and agreements, whether oral or written, reached by the Parties.
60. Should any term or other provision of the General Conditions be declared void, voidable or unenforceable, all other terms and provisions of the General Conditions shall, however, remain in full force and effect.
61. The Company and the User act in full autonomy and independence. The General Conditions do not give rise to any relationship of collaboration, agency, association, intermediation or employment between them.
62. In case of complaint to any Service, please contact the Company via help@aryel.io.

Data Processing Agreement

Pursuant to Article 28 of Regulation EU 2016/679 dated 27 April 2016 (hereinafter, the “Regulation”), the User who subscribes to the General Conditions (hereinafter, the “User” or “Data Controller”),

Whereas:

1. The User and Aryel S.r.l., with registered office in Via Arcivescovo Calabiana 6, 20139 Milano (MI), VAT No. 11294810962 (hereinafter, the “Supplier”) have entered into a contract, concerning a subscription-based licence (SaaS) to implement augmented reality marketing campaigns, of which this document is an integral and substantial part (hereinafter referred to as the “Contract”).
2. the User acts as Data Controller with reference to the personal data processed in order to implement the Contract and indicated more precisely in Sub-Annex 1 (hereinafter the “Personal Data”);
3. Pursuant to Article 28 of the Regulation, the Data Processor is optionally designated by the Data Controller and, if appointed, is identified among subjects who, due to experience, capacity and reliability, provide the appropriate guarantee of full compliance with the applicable provisions on processing, including the safety profile;
4. The tasks entrusted to the Data Processor must be specified in writing by the Data Controller, and the Data Processor must comply with the instructions given by the Data Controller, who, also through periodic checks, ensures that they are strictly observed;
5. The User has found that – and the Supplier guarantees that – the Supplier, by virtue of its experience, capacity, and reliability, can provide sufficient guarantees regarding compliance with the applicable provisions on protection of personal data, including the safety profile, as required by the Applicable Law, as defined below;
6. It is the intention of the User, as Data Controller, to appoint the Supplier, who accepts, as an external Data Processor.

Given the above, the User hereby

Appoints

The Supplier as the External Data Processor for the processing of Personal Data to be carried out according to the Contract and in the manner and within the limits specified below.

1. Definitions
In this letter of appointment (hereinafter, the “Appointment” or “DPA”) the terms whose first letter is written in capital letters have the same meaning as defined by the Applicable Law. The following words have the following meanings:
“Applicable Law” the Regulation, as well as any other personal data protection legislation applicable in Italy, already in force or that will enter into force after this Appointment comes into force, including the provisions of the Italian Data Protection Authority (Garante per la protezione dei dati personali) issued in implementation of the Code;
“Security Measures” are measures intended to protect personal data from accidental or illegal destruction or loss, alteration, disclosure or unauthorized access, as provided for in art. 32 of the Regulation;
“Sub-supplier” (or “Sub-Processor”), natural or legal persons who carry out their business for the Supplier by dealing with Personal Data belonging to the User.

2. Obligations of the Parties
2.1 Obligations of the Supplier
2.1.1 Processing purposes
The Supplier, as Data Processor, is committed to:

1. Processing the Personal Data for the exclusive purpose of executing the Contract, and within the limits what it was established by it, while strictly adhering to the instructions given by the User;
2. Only processing the Personal Data that is strictly required for a correct and full implementation of the User, or to fulfil legal obligations;
3. Making sure that its employees and Sub-Suppliers have access and only process the Personal Data that is strictly required for a full and correct implementation of the Contract, or to fulfil legal obligations;
4. Processing the Personal Data in a lawful manner, according to fairness and in full compliance with the Applicable Law.

2.1.2 Security measures
The Supplier undertakes to correctly implement the Security Measures and any other security measure prescribed by the Applicable Law, taking into account the state of the art and the costs of implementation.
Also based on new solutions provided by technical and technological progress and, taking into account the nature of the data and the characteristics of the processing, the Supplier undertakes to implement Security Measures to minimize the potential risks of destruction or voluntary or accidental loss of Personal Data, unauthorized access or processing in violation of the law.

2.1.3 Authorized persons
The Supplier agrees to:

1. Instruct, according to article 29 of the Regulation, those responsible for processing operations (hereinafter “Authorized Persons”), choosing from among its employees who, by experience, capacity, and training, can ensure compliance with Applicable Law;
2. Give to the Authorized Persons detailed operational instructions in writing regarding the methods for carrying out the processing entrusted to them as well as to strictly monitor the exact fulfilment of the instructions received;
3. Implement physical, technical and organizational measures to ensure that each Authorized Persons may have access only to Personal Data that may be processed based on its authorization profile;
4. Draft and update a list of Authorized Persons, and annually checking the scope of processing allowed.

2.1.4 Rights of the data subjects
The Supplier must ensure the effective exercise of the rights recognized by the Applicable Law to the Data Subjects, by undertaking to promptly notify the User of any request to exercise such rights presented by one of the Data Subjects and to enclose a copy of the request.
The Supplier undertakes to cooperate with the User to ensure that the requests for exercising the rights abovementioned, including requests for objection to processing, are met within the times and according to the law and, more generally, to ensure full compliance with the Applicable Law.

2.1.5 Data communication and transfer abroad
The Supplier will not be able to exercise autonomous control over the Personal Data and undertakes to refrain from disseminating or communicating said data to third parties, unless expressly provided for in the Contract or authorized by the User in writing, and in any case in compliance with the provisions of the information given to the data subjects and any consents they may have given in relation to the different processing purposes.
In the event of transfer of Personal Data outside the territory of the European Economic Area (EEA), the Supplier undertakes to ensure that such transfer takes place in compliance with the guarantees set forth in Chapter V of the Regulation.

2.1.6 Sub-Suppliers
If the Supplier intends to entrust a Sub-Supplier with all or part of the performance of the Contract, and this is permitted by the Contract or authorized by the User, the Supplier shall first notify the User whether its Sub-Supplier shall process Personal Data of which the User is the Data Controller.
If so, the User may directly appoint the authorized Sub-Supplier as its Data Processor, or the User may authorize the Supplier to appoint the Sub-Supplier by a deed of appointment substantially equivalent to this DPA.
Verification activities involving any Sub-Supplier shall be conducted in accordance with the Sub-Providers’ access rules and security policies.
In Sub-Annex 2 of this DPA, the User and the Supplier list the approved Sub-Suppliers as of the date of the signing of this DPA.

2.2 Obligations of the Controller
2.2.1 The User represents and warrants that any mode of collection of personal data processed under this DPA:

1. will take place following the presentation to the data subjects of a privacy policy that is clear, simple to understand but at the same time complete and compliant with the Regulation, (i) is easily usable by the data subjects and (ii) identifies how the information obtained will be collected and used;
2. offers data subjects the opportunity to remain excluded from such collection and processing of such information;
3. provides, when necessary, for obtaining all the consents of the data subjects, to whom the personal information relates, as required by the Regulation.

2.2.2 Given what is stated in Article 2.2.1 above in particular, the User guarantees and expressly declares that it will ensure that:

1. those affected by the processing give consent to the User, where applicable, to the processing of their data through a free, specific, informed and unambiguous manifestation of will, for each purpose referred to in the processing operations covered by this DPA.
2. the data shall be collected in each case pursuant to an appropriate legal basis, as well as in accordance with fairness and lawfulness and for purposes corresponding to those for which they are processed under this DPA.

3. Audit
The Supplier acknowledges that, in compliance with art. 28 of the Regulations, the User may periodically assess the activities carried out, in order to verify compliance with the organizational, technical and safety measures prescribed by the Applicable Law or issued by the User as Controller.

The User will also have the right to access offices, computers and other IT systems / documents of the Supplier and its Sub-Suppliers, where this is deemed necessary to verify that the Supplier or its Sub-Supplier acts in compliance with the obligations agreed in virtue of this DPA.

In the event of access to the Supplier’s or Sub-Supplier’s premises by the User, it will be required to give the Supplier written notice of at least 7 working days. The User expressly recognizes and accepts that any costs of any verification referred to in this article will be at its sole expense.

Nothing contained in this DPA presupposes Supplier’s consent to disclosure to the User, as well as User’s access to:

1. internal accounting or financial data of the Supplier;
2. Supplier’s trade secrets;
3. information which, on the basis of reasonable objections raised by the Supplier, could: (A) compromise the security of the Supplier’s systems or offices; or (B) entail the violation of the obligations of the Supplier as per the Applicable Law or of its obligations regarding security and / or confidentiality towards the User or third parties; or
4. information to which the User (or any external auditors appointed by the latter) seek to access for reasons beyond the duty of good faith in fulfilling the obligations of the User as set out in the Applicable Law.

4. Statements and guarantees of the Supplier
The Supplier states and ensures that it is aware of the obligations assumed under the Applicable Law as a result of the appointment as Data Processor, and to have the required experience, skills and professionalism to perform this function.

5. Fee
Without prejudice to what was established in the Contract, the Supplier will carry out its function as Data Processor without payment, unless otherwise agreed with the User.

6. Duration
This Appointment takes effect starting from the validity date of the Contract and will remain in force until the date on which the Contract is terminated, regardless of the cause for termination.
If the Contract is terminated for whatever reason, the Supplier will return the Personal Data in its possession to the User and will delete any copies thereof. Upon the User’s request and at its full discretion, the Supplier must alternatively delete the Personal Data in its possession, giving written confirmation to the User without delay, unless the retention of data is required by law.

Annex 1

Data Subjects
The personal data processed concern the following categories of data subjects:

• users interacting with accounts and/or platforms;
• users interacting with technology and/or experience and/or campaign developed by Aryel.

Data categories
The personal data processed concern the following data categories:

• biographical data (first name, surname);
• pseudonymous data relating to online browsing, such as IP, identifiers collected via cookies and/or other tracking tools;
• contact data (telephone number, email address);
• images, videos, and/or data relating to any technology developed by Aryel.

Special categories of personal data (if applicable)
The personal data processed concern the following special categories of data:
There is no processing of special categories of data.

Processing operations
The personal data processed fall under the following basic processing activities:

• Purpose of the processing: The purpose of the processing is provision of the service by Aryel.
• Nature and purpose of the processing: The nature and purpose of the processing is the execution of the Contract between parties.
  

Annex 2

Approved Sub-Processors

Below are name, address and services provided by the Sub-Processors authorized at the date of signature of this DPA. The updated list of Sub-Processors authorized should be maintained by the Supplier for internal registration purposes and any changes notified:

DigitalOcean

• Location/Place of processing: Our servers are on Serverfarm in Frankfurt for applications and databases and in Amsterdam for hosting binary files (images, videos, 3D models etc).
• Processing activities: Cloud hosting service

Segment

• Location/Place of processing: Dublin (Ireland)
• Processing activities: Business and marketing metrics collection

Stripe

• Location/Place of processing: Dublin (Ireland)
• Processing activities: 3D secure online payment service

Intercom

• Location/Place of processing: Dublin (Ireland)
• Processing activities: Used as a Help Centre and Customer Care platform

Pipedrive

• Location/Place of processing: Dublin (Ireland)
• Processing activities: Platform for managing all phases of sales.

HubSpot

• Location/Place of processing: Dublin (Ireland)
• Processing activities: Inbound Marketing Management Platform, it is an all-in-one solution capable of handling all sales phases, from lead generation to customer support

June

• Location/Place of processing: Dublin (Ireland)
• Processing activities: It is used to create interactive dashboards on platform utilisation data