Note legali

During the provision of our services, Happy Brain may manage customer data on behalf of the customer. For this both parties undertake to respect the following provisions.

This DPA applies where and only to the extent that Happy Brain processes Personal Data on behalf of the Customer in the course of providing the Services and such Personal Data is subject to the data protection laws of the European Union, the European Economic Area and / or their member states, Switzerland and / or the United Kingdom (hereinafter referred to as “Customer Data”).

This DPA forms part of the Agreement, the Privacy Policy and other relevant policies and documents announced on our website.

This DPA will be valid and legally binding only for the physical / legal entity indicated in the User Area account and only for the Services purchased directly from Happy Brain within the respective account.

This DPA will be effective and will replace all terms previously applicable to privacy, data processing and / or data security.

Each party will comply with the obligations applicable to it under the European Data Protection Legislation in relation to the processing of such Customer data.

The Customer may send Customer Data in the course of its use of the Services, the extent of which is determined and controlled by the Customer in its sole discretion and which may include, by way of example but not limited to, the Personal Data relating to the following categories of subjects of the data:

• prospectuses, customers, business partners and suppliers of the Customer (who are natural persons and legal persons);
• employees or contact persons of customers, customers, business partners and suppliers;
  employees, agents, consultants, freelancers of the Client (who are natural persons);
• Customer users authorized by the Customer to use the Services;
• subjects who transmit data through the Services, including people who collaborate and communicate with the Customer or the Customer’s end users;
• subjects whose data is provided to Happy Brain through the Services by or on behalf of the Customer or by the Customer’s end users.

The parties acknowledge and accept that:

Happy Brain is a Customer Data Processor under the European Data Protection Legislation;
The Customer is a Data Controller or Data Processor, if applicable, of the Customer Data under the European Data Protection Legislation; and has obtained all necessary consents and rights under the Data Protection Laws for Happy Brain to process Customer Data and provide the services in accordance with this Agreement and this DPA;
Happy Brain (Data Processor) will operate solely and exclusively on the basis of written requests sent by the Customer (Data Controller). Happy Brain may act differently only and exclusively when required by Italian and / or European legislation.

The Customer instructs Happy Brain to process the Customer Data only in accordance with the applicable law:
provide the Services and related technical and other support;
as initiated by the Client and end users in their use of the Services;
as specified in the Agreement, Terms of Service, Privacy Policy and other relevant policies governing the provision of the Services and related technical and other support.

Happy Brain cannot access or use Customer Data, except as necessary to provide the Services and related technical support to the Customer in accordance with the DPA, the Agreement and other relevant policies.
Happy Brain will only process Client Data on behalf of and in accordance with Client’s documented instructions for the following purposes:
Provide the Services and related technical support in accordance with this DPA and with the Orders to which it applies;
Process the data provided by Users in accordance with our terms of Service;
Process the data in order to maintain and improve the services.

The Customer, in his use of the Services, will process his Data in accordance with the requirements of the Data Protection laws and regulations applicable to them. The Customer is solely responsible for the accuracy, quality and legality of their Data and the means by which the Customer has acquired this Data.

During the Applicable Term, Happy Brain, in a manner consistent with the functionality of the Services, allows the Customer to access, rectify and limit the processing of the Customer Data, including by deleting all or some of the Customer Data under their account or deletion of the entire account.

Happy Brain will allow the Client to delete the Client Data during the applicable duration in a manner consistent with the functionality of the Services and the characteristics according to the respective Order. If the Client uses the Services to recover or delete the Client Data and the Client Data cannot be recovered, this will constitute an instruction to Happy Brain to erase the Client Data stored on the backup systems in accordance with applicable law and within a maximum period of 60 calendar days.

The deactivation of the Services or the expiry of the applicable Term will constitute an instruction to Happy Brain for the deletion of the Customer Data stored on the backup systems within a maximum period of 60 calendar days.

Happy Brain will not disclose Customer Data to any government, law enforcement or other authority, except as necessary to comply with law or a valid and binding order from a law enforcement agency (such as a subpoena or injunction of the court).

Happy Brain restricts its staff from processing customer data without authorization from Happy Brain. Access to customer data is limited to personnel who perform a role and responsibility in accordance with the Agreement. It imposes adequate contractual obligations on its staff, including obligations relating to confidentiality, data protection and data security. Happy Brain guarantees that these confidentiality obligations survive the termination of the personal assignment.

The customer acknowledges and accepts that:
Happy Brain Partners could be considered Sub-processors;
Happy Brain and Happy Brain partners may employ sub-processors to be able to provide their respective Services. Happy Brain has made a written agreement with each Sub-processor containing the obligations for data protection, no less restrictive than what is contained in this DPA

In the event that the Customer has specified a Data Center outside the European Economic Area and in the event that Happy Brain provides the Service and related support of a technical or other nature, the Customer accepts that Happy Brain could access and process data in the EEA, United States and other countries where Happy Brain and / or its Partners and Sub-processors own Data Centers, offices or perform data processing operations.

To the extent that Happy Brain processes or transfers (directly or by onward transfer) Personal Data under this DPA from the European Union, the European Economic Area and / or their member states and from Switzerland (“EU Data”) to countries o to countries that do not ensure an adequate level of data protection under the applicable data protection laws of the aforementioned territories, the parties agree that Happy Brain is deemed to provide adequate safeguards for such data by virtue of the certification of compliance with the Privacy Shield . The customer authorizes any transfer of EU data to, or access to EU data, from such destinations outside the EU provided that such measures have been taken.

The customer acknowledges that Happy Brain is required, subject to the GDPR, to:

(a) collect and maintain records of certain information, including the name and contact details of any processor and / or controller on whose behalf Happy Brain is acting and, where applicable, the local and official data protection representatives of such processors / controllers;

(b) make such information available to supervisory authorities. Consequently, if the GDPR applies to the processing of Customer data, the Customer may, when requested, provide such information to Happy Brain through the Site or other means provided by Happy Brain, and may use the Site or such other means to ensure that all information provided is kept accurate and up to date.

Happy Brain will implement and maintain technical and organizational measures to protect Customer Data from destruction, loss, alteration, unauthorized disclosure or access, accidental or illegal as described in Appendix 2 (“Security Measures). The Security Measures include measures to provide the encrypted transmission of customer data outside the Service environment; to help ensure the ongoing confidentiality, integrity, availability and resilience of Happy Brain systems and services; to assist in the timely restoration of access to Customer Data from an available backup copy provided by the Happy Brain Backup Services or from a private copy of the Customer following an accident; and for regular efficacy tests.
Happy Brain may update or modify the Security Measures from time to time, provided that these updates and changes do not result in the degradation of the general security of the Services. Happy Brain will reasonably assist the customer in compliance with the obligations established by the GDPR in relation to the security of processing, notification in the event of a data breach and on the assessment of the impact on the protection of personal data.

The Client is solely responsible for his own use of its Services, including:

1. make appropriate use of the Services to ensure a level of security appropriate to the risk towards Customer Data;
2. protect the authentication credentials of the account, systems and devices that the customer uses to access the Service;
3. make sure that all programs, scripts, addons, plugins and other software installed on the account are safe and that their use does not pose a security risk with respect to the Customer’s data and the account itself;
4. protect all programs, scripts, addons, plugins and other installed software, their configuration and their regular maintenance;
5. any contents of the account;
6. any action and activity on the account;
7. backup your data;
8. Happy Brain has no obligation to protect the Customer Data that the Customer decides to store or transfer outside the systems of Happy Brain and its sub-processors (for example, offline or on on-premise storage), or to protect the Customer Data implementing or maintaining Additional Security Controls except to the extent that the Customer has chosen to use.
9. The Client acknowledges and agrees that (taking into consideration the implementation costs and the nature, purpose, context and purpose of the Client Data processing and the risk to individuals) the Security Measures implemented and maintained by Happy Brain as described in the Section 7.1 provide a level of security appropriate to the risk in compliance with Customer Data.
10. It is the Customer’s responsibility to backup Customer Data and any data and consent stored in the account to prevent any possible loss of data.

Happy Brain maintains security incident management policies and procedures and will notify Customers without delay upon learning of destruction, loss, alteration, unauthorized, accidental or illegal disclosure, or access to Customer Data, including transmitted Customer Data. , stored or Processed in any way by Happy Brain or by the Sub-processors of which Happy Brain is made aware (a “Customer Data Incident”). Happy Brain shall make reasonable efforts to identify the cause of such Incident and do what Happy Brain deems necessary and reasonable to remedy the cause of such Customer Data Incident to the extent that the remedy is within Happy Brain’s reasonable control. . The duties mentioned herein do not apply to accidents caused by the Customer, the use of the Customer’s Services, the Customer’s actions or the Customer’s activities or Users.

The notification of or response to a Data Incident by Happy Brain under section 10 should not be construed as an admission by Happy Brain of guilt or responsibility towards the Data Incident.

10.1. The Client should indemnify and keep Happy Brain indemnified against all data protection breaches and losses suffered or caused by, arising from or in connection with:
(a) any non-compliance by the Client with data protection laws and regulations;
(b) any breach arising from the Client or its data protection duties under this Agreement;
10.2. Happy Brain will be responsible for data protection flaws and losses caused by the Processing of Customer Data only to the extent directly resulting from Happy Brain’s failure to fulfill its duties as Data Processor under the Data Protection laws and regulations.

This DPA will take effect from the Effective Date until the end of the provision of the Services by Happy Brain under the applicable Agreement, including, if applicable, any period during which the Services have been suspended and any post-termination period (in this case 60 Calendar days) during which Happy Brain may continue to provide Services for Transition purposes. The DPA will automatically expire upon deletion of all Customer Data from Happy Brain. Upon expiration of the contract Happy Brain will remove or return all personal information to the Customer should this be requested. In no way when stated by this DPA does it relieve Happy Brain from its direct responsibilities under the GDPR

Welcome to our agreement on Terms and Conditions relating to our hosting plans.
Acceptance of these Terms is mandatory and binding in order to activate and use the services you have chosen.