By using this website, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
Menu
By using this website, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Terms & Conditions

Find more information about our terms of service, our privacy policy, or our latest security statement.

Terms of service

Last updated: 5 July 2023
PLEASE READ THESE TERMS OF SERVICE CAREFULLY BEFORE USING OUR PRODUCTS OR SERVICES

Introduction

These Terms of Service (the “Terms”) is a binding legal agreement between HeroCoders sp. z o.o., a company incorporated under the laws of Poland under registration number NIP: 5833433174, having its registered address at: Zosi 16, Gdansk 80-119, Pomorskie, Poland, or any one of its subsidiaries or affiliated companies (collectively referred to as “HeroCoders”, “we”, “us” or “our”), and a customer (“you” or “your”), the user of  the Websites (as defined below), being a person, entity or organization subscribing to our Apps  (as defined below), hereinafter referred to together as the “Parties” and individually as a “Party”.

By referring to the “Partner Platform” or “Partner Platforms”, we imply our marketplace partners, which include, but are not limited to, the Atlassian Marketplace Platform (Jira), the Microsoft Corporation Commercial Marketplace Platform (Microsoft Teams), and monday.com’s Marketplace (monday.com) with which HeroCoders has executed partnership agreements with respect to publishing, promotion, selling, testing and distribution of our Apps. We encourage you to read the Partner Platforms’ terms and conditions, as well as their privacy policies and other public documents, before purchasing (if applicable), installing and using the Apps since they may apply to you along with these Terms. In case you need further information about the Partner Platforms, please contact us at: support@herocoders.com.

The Terms govern your:

(i) use of our products and services, including all of our SaaS/Cloud software products(the Cloud-Based Saas Products), plug-in applications and our downloadable software products (the Downloadable Software with Perpetual Licensing, the Subscription-Based Downloadable Software) offered to you through The HeroCoders Websites and/or the Partner Platforms (collectively, the “Apps”);

(ii) use of the websites provided and maintained by HeroCoders, and any of their subdomains,  including, but not limited to:

(iii) other interactions with us (for example, by contacting us through email or Support Portal or applying for a job).

We refer in the Terms to all of these products, the Apps, and the Websites, together with our other services, as the “Services”, or if severally, as the “Service”.


1. Acceptance of the Terms

1.1. The Terms apply to all our Apps licensed to you. Before purchasing (if applicable), installing, and/or using the Apps, please carefully read the Terms. By purchasing (if applicable), installing and/or using the Apps, you acknowledge that you have read, understood and agree to be bound by the Terms, including, without limitation, the terms of other documents and/or policies that are incorporated herein by reference or mentioned. If you are accepting the Terms on behalf of another person or company or other legal entity, you represent and warrant that you have full authority to bind that person, company or legal entity under the Terms.

1.2. If you do not agree to the Terms, or you do not have the necessary authority, you are not authorized to install and/or use the Apps for any purpose whatsoever and you must promptly unsubscribe from the Apps.

1.3. HeroCoders is a vendor on the Partner Platforms. As such the Terms are governed by the Atlassian Marketplace Terms of Use and related Atlassian terms and conditions for Jira apps; and the Microsoft Commercial Marketplace Terms of Use and related Microsoft terms and conditions for Microsoft apps; and monday.com’s Marketplace listings Terms and related monday.com terms and conditions for monday.com apps. These are collectively referred to as the “Partner Platforms Terms”. If you do not agree with the Partner Platforms Terms, you shall consequently not be authorized to use the applicable marketplace product and our Apps.

1.4. Please read the Terms carefully, as they contain important information concerning your rights and limitations on these rights, as well as information about the governing law and jurisdiction for the disputes. 

1.5. HeroCoders reserves the right, at its sole discretion, to change, modify, update, add, or remove portions of the Terms at any time, with or without any prior notice to you. Please check the Terms periodically for any changes. Your continuing use of the Services following any revisions or changes to the Terms will constitute your irrevocable acceptance of any and all such revisions and changes.

1.6. BY ACCESSING OR USING THE SERVICES, YOU REPRESENT THAT YOU HAVE READ, ACKNOWLEDGED AND UNDERSTOOD THE TERMS AND AGREE TO BE BOUND BY THE TERMS, AND USE THE SERVICES IN ACCORDANCE WITH AND SUBJECT TO THE TERMS, THE PRIVACY POLICY, AND THE DATA PROCESSING AGREEMENT. IF YOU ARE ENTERING INTO THE TERMS ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO BIND SUCH ENTITY AND ITS AFFILIATES TO THE TERMS, IN WHICH CASE THE TERMS “YOU” OR “YOUR” SHALL REFER TO SUCH ENTITY AND ITS AFFILIATES. IF YOU DO NOT HAVE SUCH AUTHORITY, OR IF YOU DO NOT AGREE WITH THE TERMS AND OUR PRIVACY POLICY OR THE DATA PROCESSING AGREEMENT, YOU MUST NOT ACCEPT THE TERMS AND MAY NOT USE THE SERVICES. 


2. Term

2.1. Subject to the Terms and subject to the termination rights stipulated under Section 18 hereof, the duration of the Terms shall continue in force for the period of:

(i) the Subscription License (defined below) or the renewal period of the Subscription-Based Apps;

(ii) the Evaluation Period (defined below) of the Evaluation License (defined below); or

(iii) your utilization of the Free  Apps as provided on the applicable Partner Platform until the Free Apps are uninstalled and/or removed from our Services offerings.


3. The Apps

3.1. HeroCoders develops add-ons for the Partner Platforms, which serve as the functional tools that help businesses to make their processes more effective by, e.g., making communication of goals and objectives or time reporting easier for teams using our add-ons.

3.2. We offer, without limitation, the following Apps:

(i) the Cloud-Based SaaS Products:

  • a) Issue Checklist for Jira - Pro;
  • b) Issue Checklist for Jira - Free;
  • c) Checklist for Jira (Cloud);
  • d) Clockwork Automated Timesheets – Pro;
  • e) Clockwork Automated Timesheets – Free;
  • f) Backlog Pro;
  • g) Epics Map for Jira;
  • h) Acceptance Criteria for Jira – Free;
  • i) To-do Checklist for Team;
  • j) Clockwork Time Tracking & Timesheets for monday.com;

(ii) the Downloadable Software with Perpetual Licensing:

  1. a) Checklist for Jira (Server);

(ii) the Subscription-Based Downloadable Software:

  1. a) Checklist for Jira (Data Center).

3.3. The list of the available Apps, their descriptions, conditions for installing, pricing and other details can be found on the Websites.

3.4. The Apps offered to you through the Partner Platforms are offered to you:

  1. (i) on a subscription basis (the “Subscription-Based Apps”); or
  2. (ii) for free, i.e., without billing (the “Free Apps”).

3.5. The Terms apply whether you purchase our Apps directly from HeroCoders, through the Partner Platforms, through an authorized reseller or otherwise. If you purchase through a reseller, your license rights shall be stated in the order provided to you by the reseller. Resellers are not authorized to make any promises, commitments or impose additional terms and conditions on our behalf, and we are not bound by any obligations to you other than what is included in the Terms.

3.6. To make use of our Apps, you may be required to register on the Partner Platform. You are to ensure that any information that you provide on the Partner Platform is correct, complete and current, as you shall be responsible for updating the accuracy of your information.

3.7. Once you have submitted an order for the subscription and/or renewal and/or use of the Apps via the Partner Platform or its authorized reseller, you shall be directed on your authorized use of the Apps which shall include: the type of license you have acquired, your name, contact details, the number of permitted users inside the Partner Platform’s product(s) and the SaaS Product(s), the required Fees, and any other related information as reasonably required.

3.8. The Apps shall be sent electronically to you and you shall be responsible for the installation of the Apps.

3.9. You might need a valid user account with the Partner Platform in order to log in to the SaaS Product. 

3.10. You may also create an account using Support Portal if you wish to use HeroCoders Help Center to get product support or other services.

3.11. We have the right to change, modify, upgrade, add to, or discontinue the Services or any portion or feature thereof at any time without any prior notice to you. We also reserve the right to assign or transfer the Terms, in whole or in part, without restriction.

4. Grant of License

4.1. The Terms entitle you to install and use the amount of copies of the App, which is specified in the license terms and conditions of the particular App on the Websites. The Terms do not permit the installation or use of multiple copies of the Apps on a system that allows shared use of applications. Multiple copy use or installation is only allowed if you obtain the appropriate license for each copy of the Apps. Furthermore, the Apps may only be installed and used on the systems you own, lease or which are controlled by you, or your third party service provider, provided you remain responsible for the third party’s compliance with the terms and conditions of the Terms.

4.2. Subject to the Terms, you are granted a worldwide, limited, non-transferable, non-exclusive, non-sublicensable, “as-is” right to install and use the Apps for the term and applicable licensing Fee that is associated with the particular Apps you choose to purchase.

4.3. The Apps are licensed to you either on a Subscription License, an Evaluation License, or a Free License, or a Perpetual License, subject to the following terms:

(i) The Subscription License

The Subscription-Based Apps shall be granted on a time specific limit as per the subscription license (the “Subscription License”), providing you with a worldwide, non-exclusive, non-transferable, non-sublicensable use of the Subscription-Based Apps, subject to automatic renewal for successive monthly or annual terms unless either Party notifies the other of nonrenewal or we cease to make a particular Service available. If you cancel your subscription to the Subscription-Based Apps, your subscription will terminate at the end of the then-current billing cycle, and you will not be entitled to any refunds for amounts accrued or paid prior to such termination.
You acknowledge and agree to the use of the Cloud-Based SaaS Products, which are provided to you as a cloud service, and are hosted by us and/or the Partner Platforms. You also acknowledge and agree that HeroCoders and/or the Partner Platforms may make changes to the Cloud-Based SaaS Products from time to time.


(ii) The Evaluation License

The Partner Platform may provide you, at their sole discretion, with a time-limited, worldwide, non-exclusive, non-transferable, non-sublicensable, limited license for the purposes of assessing the functionality of the Apps (the “Evaluation License”). The Evaluation License will provide you with the full version of the Apps for free for 30 (thirty) days (the “Evaluation Period”) unless stated otherwise, after which you must either purchase or uninstall the Apps. Upon the expiry of the Evaluation Period, you shall be obligated to pay for the full license Fee or stop using the Apps, and all components of the Apps shall cease to function.


(iii) The Free License

The Free Apps shall be granted to you at no cost and shall be provided to you on a time-limited, worldwide, non-exclusive, non-transferable, non-sublicensable limited license (the “Free License”). Your use of the Free Apps shall be subject to any other terms and conditions as we deem necessary and shall be for a stipulated period of time.

(iv) The Perpetual License

The Downloadable Software with Perpetual Licensing shall be granted to you with a time-limited (e.g., a year or two years), worldwide, non-exclusive, non-transferable, non-sublicensable, limited license (the “Perpetual License”), allowing you free upgrades in the limited amount of time the license was bought. The Perpetual License allows for an infinite usage of the bought version or the most recent version released within the “upgrade allowed” timeframe.

4.4. You acknowledge that we may cancel the Free Apps at any time and for whatever reason, at our sole discretion. You may, however, upgrade to a similar product offered as a Subscription-Based App, if available, and all your applicable data will be transferred by us automatically if possible.

4.5. We reserve the right to terminate or suspend your Subscription License without providing any prior notice or reason in case of any violation of these Terms or the applicable law, or at our sole discretion. If your Subscription License is terminated or suspended by us for any reason, you may be further prohibited from being granted a new Subscription License, even if you may be acting on behalf of a third party.


5. Restrictions

5.1. The Apps are licensed, not sold, to you and we shall retain ownership of all the Apps, including copies of the Apps. Accordingly, the following restrictions shall apply:


(i) Restrictions on Transfer

You may not assign your rights and obligations under the Terms, or redistribute, encumber, distribute, sell, rent, lease, sublicense, or otherwise transfer your rights to the Apps as granted to you under the Terms or make the Apps available to a third party without our prior written consent.


(ii) Restrictions on Use

You may not use, copy or install the Apps on any system, or permit the use, copying, or installation of the Apps on more than one Partner Platform’s product(s). If you hold multiple, validly licensed copies, you may not use, copy, or install the Apps on any system with more users than the number permitted by the applicable license. You may not:

  1. (i) decompile, reverse-engineer, disassemble, alter, duplicate, modify, rent, lease, loan, sublicense, make copies of, create derivative works from, distribute or provide non-authorized users with access to the Apps in whole or part;
  2. (ii) use the Apps for the benefit of any third party;
  3. (iii) incorporate any of the Apps into a product or service you provide to a third party;
  4. (iv) interfere with any license key mechanism in the Apps or otherwise circumvent mechanisms in the Apps intended to limit your use;
  5. (v) remove or obscure any proprietary notices on the Apps or any permitted copies of Apps;
  6. (vi) publicly disseminate information regarding the benchmarking performance of the Apps; or
  7. (vii) otherwise attempt to derive the source code of the Apps.

You may not use the Services in any manner, which is illegal or contravenes any applicable law, regulation or a third party’s intellectual property rights.


(iii) Restrictions on Alteration

You may not modify the Apps or create any derivative works of the Apps. Derivative works include, but are not limited to, translations. You may not alter any files or libraries in any portion of the Apps.


(iv) Restrictions on Copying

You may not copy any part of the Apps.


(v) Restrictions on Export

You acknowledge and agree to not export or re-export the Apps outside the jurisdiction in which the Apps were obtained by you without our prior written consent or as authorized by applicable laws and regulations. You shall be solely responsible for determining the existence of applicable laws and compliance with relevant laws as regards to the export of the Apps from the country of original purchase. We are not liable for your use of the Apps in your jurisdiction or as specified under the Terms. You are solely responsible for complying with applicable laws and obtaining any needed authorization for export. You agree to not export the Apps from any country where there are applicable legal restrictions on such export. We reserve all our rights not expressly granted to you under the Terms.


6. Job Openings Services

HeroCoders lists the job openings available at the company on its website.. You can browse available vacancies on  the HeroCoders Websites, however, in order to apply for a position, you will be redirected to our hiring page at https://herocoders.breezy.hr/. You will be asked to enter your personal information on the hiring web page. The processing of your personal data shall be subject to our Privacy Policy and the Data Processing Agreement.

7. The Maintenance Services and Upgrades

7.1. We may provide you with version upgrades, and/or enhancements of the Apps and make them generally available from time to time.

7.2. To address any technical issues you may have regarding the Apps, we shall provide you with online technical support (the “Maintenance Services”).The Maintenance Services shall be provided to you with reasonable skill and care for the duration of your Subscription License and for the duration of the Free License, including any applicable renewal periods thereof.


8. The Support Services

8.1. We shall provide you with support services, which shall include, but are not limited to, bug fixes and patches (the “Support Services”) for the duration of your Subscription License and for the duration of the Free License, including any applicable renewal periods thereof.

8.2. You can request the Support Services through one of the following channels:

  1. (i) by submitting a ticket on our Support Portal;
  2. (ii) via email at: support@herocoders.com; or
  3. (iii) on Atlassian Marketplace’s Community Forum. You acknowledge that requests made via the Atlassian Marketplace’s Community Forum are monitored by our support team and are answered on a best efforts basis.

8.3. The use of the Support Services is governed by our Service Level Agreement.


9. The Services Content, Intellectual Property, and Links

9.1. The Apps and the HeroCoders Websites as a whole and accounts on social media belong to us and are protected by the intellectual property legislation. All the Apps and the HeroCoders Websites information, content, software, graphics, text, sounds, images, buttons, trademarks, services marks, trade names, logos and the software required for our Apps and the HeroCoders Websites used by or contained on/in the Apps and the HeroCoders Websites are owned by HeroCoders or HeroCoders’ licensors (the “Intellectual Property Materials” or the “Services Content”), and protected by copyright, trademarks, national and international laws, conventions, treaties and other laws. You agree that we exclusively retain all right, title, interest and intellectual property rights in and to the Intellectual Property Materials.

9.2. Our Intellectual Property Materials may not be used, copied, reproduced, distributed, transmitted, broadcast, displayed, sold, transferred, assigned, licensed, or otherwise exploited for any other purposes whatsoever without the prior written consent of HeroCoders. 

9.3. Nothing in the Terms shall operate to assign or transfer any intellectual property rights from us to you or vice versa. The intellectual property rights shall mean any and all intellectual and industrial property rights throughout the world, whether subsisting now or in the future, and include all copyright and analogous rights, all rights in relation to inventions, patents, source code, software, trademarks and designs (whether registered or not), circuit layouts, trade names, trade secrets, business names, company names or the Internet domain names.

9.4. HeroCoders shall retain all right, title and interest in and to the Apps and  the HeroCoders Websites, as well as all the intellectual property rights not expressly granted by us under the Terms.

9.5. The Services may contain links to third-party websites or services, which do not belong to us, and we do not control them. We shall not be responsible for the content, privacy practices and the functioning of third-party websites and services. We disclaim any liability for any aspects of such third-party websites and services via your direct access or through the HeroCoders Website. Please read public documents of those third-party websites and services before using them.


10. User Content

10.1. “User Content” means any content created, posted, or shared by you, on or through the Services, including, without limitation, any information, data, and other content relating to you.

10.2. In connection with the use of the Services and the Services Content or the User Content, you are not authorised to nor can allow a third party to:

  1. (i) violate any applicable laws, rules or regulations, notably cause damage or injury to any person or property, infringe any rights of third parties, including, but not limited to, any intellectual property rights and privacy rights or perform any other illegal, harmful or fraudulent activities;
  2. (ii) probe, scan, or test the vulnerability of any system or network;
  3. (iii) remove, circumvent, disable, damage or otherwise interfere with any security measures of any network, computer or communications system, software application, or network or computing device;
  4. (iv) attempt to connect without permission and/or damage, in any way whatsoever, any users, hosts or networks;
  5. (v) disturb, hamper, interfere or interrupt the access to or operation of the Services and the Services Content, including by transmitting any worms, viruses, spyware, malware or any other code of a destructive or disruptive nature.  

10.3. You represent and warrant that you retain ownership of all of your intellectual property rights in the User Content or that this User Content is subject to a license granted to you by a third party holding these rights, under conditions allowing you to freely use and/or transfer these elements for the purpose of using the Services, under the conditions described in the Terms. HeroCoders does not claim ownership of the User Content.    

10.4. You agree to hold HeroCoders harmless from all claims or actions brought by third parties on the grounds of an infringement of their rights, including, without limitation, publicity rights, copyrights, trademark and/or other intellectual property rights or privacy rights in the User Content.

11. The Fees and Payments

11.1. The Apps shall be offered to you either on a subscription basis or free of charge, which is indicated in the description to each of the Apps on the respective Partner Platform.

11.2. The Partner Platforms are responsible for handling subscriptions and payments on our behalf. HeroCoders as a vendor of the Partner Platforms sets the price only and does not handle any payments for the Apps. For Atlassian Marketplace, HeroCoders only sets the per-user price. The final price is calculated by Atlassian and HeroCoders has no control over it.

11.3. The Fees for the Apps provided on a subscription basis shall be charged based on the number of users subscribed on your side, unless otherwise stipulated by the Partner Platforms licensing terms and conditions You can refer to the Partner Platforms Terms to find out more about factors affecting the price you will be charged:

  1. (i) for Atlassian Marketplace refer to Marketplace App Licensing;
  2. (ii) for Microsoft Marketplace, refer to the Purchasing and Billing section of the Microsoft Commercial Marketplace Terms of Use;
  3. (iii) for monday.com’s Marketplace, refer to the Pricing, Collection and Revenue Sharing section of monday.com’s Marketplace listings Terms.

11.4. The Partner Platforms may offer a free trial for the Apps or portion thereof on the terms set forth in the Partner Platforms Terms (the “Trial”):

  1. (i) for Atlassian Marketplace, refer to clause 2.4. Trial Periods of the Atlassian Marketplace Terms of Use;
  2. (ii) for Microsoft Marketplace, refer to the Purchasing and Billing section of the Microsoft Commercial Marketplace Terms of Use;
  3. (iii) for monday.com’s Marketplace, refer to the Pricing, Collection and Revenue Sharing section of monday.com’s Marketplace listings Terms

11.5. The Trial implies that you may use the Apps free of charge for 30 (thirty) days or 1 (one) billing cycle, unless otherwise stated on the Websites. Upon expiration of the Trial, you will have to pay for the subscription plan you chose, otherwise the Apps will either cease to function or operate under certain limitations.

11.6. You agree to pay all applicable fees for the Apps (the “Fee(s)”) on their due date and in a manner directed at the time of subscribing for the Apps. Should you fail to pay the applicable Fees, this may result in the termination of the licenses granted to you under the Terms.

11.7. The Fees for the Apps are non-refundable, unless otherwise stipulated by the Partner Platforms Terms.


12. Warranties, Acknowledgements, and Warranty Limitations

12.1. We warrant that HeroCoders has the legal right and authority to enter into the Terms and to perform its obligations under the Terms.

12.2. You acknowledge and warrant to us that you have the legal right and authority to enter into the Terms and to perform your obligations under the Terms.

12.3. You acknowledge and agree that HeroCoders is the sole owner of the Apps, including improvements made based on the feedback you may provide about the Apps (the “Improvements”). You hereby agree you will make no claims of intellectual property rights to such Improvements or to such modified software, programs, data structure or other intellectual property created pursuant to the Improvements, and where HeroCoders is not by law the first owner of such Improvements, you hereby assign and transfer to HeroCoders any and all right, title and interest you have or may have in the Improvements.

12.4. All of the Parties’ warranties and representations in respect of the subject-matter of the Terms are expressly set out in the Terms. To the maximum extent permitted by applicable law, no other warranties or representations concerning the subject-matter of the Terms will be implied into the Terms or any related contract.

12.5. You acknowledge that:

  1. (i) generally, software is never wholly free from defects, errors and bugs; and therefore subject to the other provisions of the Terms, we give no warranty or representation that theApps will be wholly free from defects, errors and bugs;
  2. (ii)  generally, software is never entirely free from security vulnerabilities; and therefore, subject to the other provisions of the Terms, we give no warranty or representation that theApps will be entirely secure;
  3. (iii)  the Apps are only designed to be compatible with the respective Partner Platform’s software applications; and we do not warrant or represent that the Apps will be compatible with any other software; and
  4. (iv) the Apps may use third-party hosting services which may be provided to you without any warranties. As such, HeroCoders cannot ensure that these third-party hosting services are provided to you free of defect or without interruption.

13. DISCLAIMER OF WARRANTIES

THE SERVICES ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS WITHOUT ANY WARRANTIES OF ANY KIND, TO THE FULLEST EXTENT PERMITTED BY LAW AND HEROCODERS EXPRESSLY DISCLAIMS ANY AND ALL WARRANTIES, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, TITLE, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. YOU ACKNOWLEDGE THAT HEROCODERS DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, TIMELY, SECURE, ERROR-FREE OR VIRUS-FREE AND NO INFORMATION OR ADVICE OBTAINED BY YOU FROM HEROCODERS OR THROUGH THE SERVICES SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THE TERMS. WITHOUT LIMITATION TO THE FOREGOING, THE HEROCODERS PROVIDES NO WARRANTY OR UNDERTAKING, AND MAKES NO REPRESENTATION OF ANY KIND THAT THE SERVICES WILL MEET YOUR REQUIREMENTS, ACHIEVE ANY INTENDED RESULTS, BE COMPATIBLE OR WORK WITH ANY OTHER SOFTWARE, APPLICATIONS, SYSTEMS OR SERVICES, OPERATE WITHOUT INTERRUPTION, MEET ANY PERFORMANCE OR RELIABILITY STANDARDS OR BE ERROR-FREE OR THAT ANY ERRORS OR DEFECTS CAN OR WILL BE CORRECTED.

14. Electronic Communications

You consent that any emails, surveys, other information or feedback you provide to us through the Services or via any other medium, except for personal data, as defined in the Privacy Policy, can be used by HeroCoders in any manner, including, but not limited to, for testimonials, reviews and ratings on our Website or third-party websites.

15. Publicity Rights

You agree that HeroCoders may use your name and logo for the purpose of identifying you as a user of the Apps. We undertake to comply with a written request to discontinue such use within 30 (thirty) days.

16. Privacy and Data Protection

We are committed to protecting your privacy. The provisions of our Privacy Policy and the Data Processing Agreement will govern any personal information/data gathered from you in connection with the Apps.


17. Limitation of Liability

17.1. You agree that your use of the Apps is at your own risk. To the maximum extent permitted by applicable law, in no event shall HeroCoders be liable to you for, or to those claiming through you for, any indirect, consequential, incidental or special damage or loss of any kind including, but not limited to, loss of profits, loss of contracts, business interruptions, cost of substitute goods or services, loss of or corruption of data, however caused, and whether arising under contract or tort (including, without limitation, negligence). The limitations in this clause shall apply notwithstanding the failure of the essential purpose of any remedy.

17.2. In no event shall our aggregate liability to you arising out of or in connection with the Terms, from all causes of action and theories of liability (including, without limitation, negligence), exceed the amounts paid for the current subscription period of the Subscription-Based Apps. HeroCoders, however, shall not be liable to you for the Free SaaS Products.

17.3. In no event shall HeroCoders be liable for any failure of performance due to circumstance beyond our control, including, but not limited to, a power outage, computer virus, malware, spyware, key logger application, system failure, fire, flood, earthquake, terrorism, act of war, or extreme weather conditions.


18. Indemnity

18.1. Upon becoming aware of an actual or potential breach and/or claim and/or infringement, you agree to cooperate with HeroCoders (at your expense) and you agree to notify us and provide us with all such assistance as may be reasonably requested to allow us the exclusive conduct of all disputes, proceedings, negotiations and settlements with third parties. You must, furthermore, not admit liability to any third party or settle any disputes or proceedings involving a third party without our prior written consent.

18.2. You shall indemnify, defend and hold HeroCoders harmless from and against any and all claims, liabilities, suits, actions and expenses (including legal counsel fees, legal expenses and amounts reasonably paid in settlement of legal claims) suffered or incurred by us, arising directly or indirectly from: (i) any information that is inaccurate, not up to date, incomplete, misleading or a misrepresentation; (ii) any breach of the Terms by you or an authorized user; (iii) any misuse of the Services by you, your employees, contractors and/or authorized users; (iv) any breach of law, regulation or license by you or an authorized user; and (v) any claim brought by a third party arising out of or in connection with your or an authorized user’s use of the Services.

18.3. The obligations under this section will survive termination of the Terms.


19. Termination

19.1. The Terms may terminate through: (i) the expiration of the Subscription License; or (ii) the expiry of the Evaluation Period; or (iii) the uninstallment of a Free License; or (iv) the termination for convenience; or (iii) the termination for cause.

19.2. If we terminate the Terms for convenience where you are paying for a Subscription License, your license to the Subscription-Based Apps shall automatically terminate and you shall be required to remove all components of the Apps from your systems and destroy any copies.

19.3. HeroCoders may terminate the Terms if you materially breach them or any other agreement you have entered into with us. A material breach shall include, but is not limited to, your failure to timely pay the Fees when they have become due and owing to us, when you significantly put our system at risk as a result of not using the designated user interface elements to access data and non-UI access as per the applicable documentation, and where you attempt to access all your data at once from our servers. As such, where it has been found that you have caused a material breach, HeroCoders shall, in its sole discretion, temporarily deny you access to the Apps so as to afford us with the opportunity to protect our system and our other customers.

19.4. Should we terminate the Terms for cause, we will provide you with a 10 (ten) days’ prior written notice, if we have your contact details, after which period the Terms will automatically terminate. Upon termination of the Terms, you shall cease all use of the Apps and you shall reasonably cooperate in: (a) removing, uninstalling or deactivating all copies of the Apps; and (b) satisfying all financial obligations you may have to us.

19.5. If you terminate the Terms for convenience or if we terminate the Terms for cause, you shall not be entitled to a refund of any portion of the Fees you have paid for the Apps.

20. General Provisions

20.1. Relationship of the Parties. The Parties are independent parties under the Terms and expressly disclaim any partnership, franchise, joint venture, agency, employer/employee, fiduciary or other special relationship. Neither Party intends the Terms to benefit, or create any right or cause of action in or on behalf of, any person or entity other than the Parties and listed affiliates. The Terms are not intended to create a third-party beneficiary of any kind. You must not represent to any third party that it has any right to bind us in any manner and you will not make any representations or warranties on behalf of us.

20.2. Severability. If a court holds that any provision of the Terms is invalid or unenforceable under applicable law, the court will modify the provision to the minimum extent necessary to make it valid and enforceable or, if it cannot be made valid and enforceable, the court will sever and delete the provision from the Terms. The change will affect neither the validity of the amended provision nor the validity of any other provision of the Terms, which will continue in full force and effect.

20.3. No Waiver. A Party’s failure or delay in enforcing any provision of the Terms will not operate as a waiver of the right to enforce that provision or any other provision of the Terms at any time. A waiver of any provision of the Terms must be in writing, specify the provision to be waived and signed by the Party agreeing to the waiver.

20.4. Force Majeure. A “Force Majeure” event means any event beyond a Party’s reasonable control that, by its nature, could not have been foreseen or, if it could have been foreseen, was unavoidable, including strikes, lock-outs or other industrial disputes (whether involving its own workforce or a third party’s one), acts of God, war, riot, embargoes, acts of civil or military authorities, acts of terrorism or sabotage, shortage of supply or delay in delivery by our vendors, fire, flood, earthquake, accident, radiation, inability to secure transportation, failure of communications or energy sources, malicious damage, breakdown of plant or machinery, or default of suppliers or subcontractors. Neither Party is liable for delays or failures to perform any of its obligations under the Terms to the extent caused by a Force Majeure event.

20.5. Notices. Any notice given under or in relation to the Terms must be in writing and emailed: (i) if to us, at: support@herocoders.com; (ii) if to you, at the email address provided by you when purchasing the Apps.

20.6. Assignment. You may not sublicense, assign or transfer any rights under the Terms without our prior written consent. Any attempt by you to sublicense, assign or transfer any of your rights, duties or obligations under the Terms, whether directly or indirectly, by merger, acquisition or change of control, will be null and void.

20.7. Governing Law. The Terms, and any dispute or claim arising out of or in connection with it or its subject-matter or formation (including non-contractual disputes or claims), shall be governed by and construed in accordance with Polish and European Union laws, and the Parties irrevocably agree to submit to the exclusive jurisdiction of the courts of Poland and the European Union

20.8. Entire Agreement. The Terms, the Privacy Policy, the Data Processing Agreement, the Security Statement, the Service Level Agreement, and other public documents (as applicable), constitute the entire agreement and understanding between you and HeroCoders in relation to the use of the Services and supersede all oral or written proposals, and all communications between the Parties relating to the subject-matter of the Terms.

20.9. Changes to the Agreement. We reserve the right to amend the Terms, as well as the contents of the Services, at any time and for any reason and without liability to you, any other user or any third party. Any amendment will be effective on the posting of an updated version at this page. You understand and agree that your continued access or use of the Services after such change signifies your acceptance of the updated Terms. This right shall not affect the Terms accepted by you upon making a legitimate purchase (if applicable) or installation of the Apps. We will note the date that updates were last made to the Terms at the top of this page, and the updated Terms will take effect upon posting. It is your responsibility to check the Terms each time you access the Services and review the most current version of the Terms.

21. Contact Details

For any questions regarding the Terms, claims, complaints or comments, please email us at: support@herocoders.com. Also, regarding our Jira-relatedApps, you can contact us through our Help Center at: https://herocoders.atlassian.net/servicedesk

Privacy Policy

Last updated: 18 April 2023

Introduction

HeroCoders (“We”, “Us”, the “Company”, or “ HeroCoders ”) is committed to protecting and respecting your privacy. We want to tell You how we use and protect your personal information or data (“Personal Data”). This includes informing You of your rights regarding your Personal Data that we hold.

We believe that the General Data Protection Regulation (GDPR) is an important step forward in the protection of your Personal Data, and we have published this Privacy Policy in order to be compliant with the GDPR. We are committed to GDPR compliance across our Company and provide GDPR related assurances in this Privacy Policy. In addition to this, we will also take into account other data protection legislation that may apply to us, most notably, the California Consumer Privacy Act of 2018. Please refer to the dedicated sections of this Privacy Policy to know more about your rights under the California privacy law.

This Privacy Policy (the “Policy”) covers the information we collect about you when you use our products or services, including all of our SaaS/Cloud software products and our downloadable software products (collectively, the “Apps”) and all public websites (“Website(s)”) provided and/or maintained by HeroCoders, or otherwise interact with us (for example, by contacting us through email, the support portal or applying for a job). We refer to all of these products, Apps, and Websites, together with our other services as “Services” in this Policy. Depending on the context, “You” means the end-user of our products or the legal entity who is the licensee of our products, or the visitor of our public websites. 

If you do not agree with this policy, do not access or use our Services or interact with any other aspect of our business.

Who is HeroCoders?

This is HeroCoders’ registered address and contact information:

HeroCoders sp. z o.o.

Zosi 16

Gdansk 80-119

Poland

E-Mail: support@herocoders.com

Notice to End Users

Many of our Services are intended for use by organizations. Where the Services are made available to You through an organization (e.g., your employer), that organization is the administrator of the Services and acts as a data controller of your Personal Data, while Herocoders process it on their behalf as a data processor. If this is the case, please direct your data privacy questions to your administrator, as your use of the Services is subject to that organization’s policies.

Administrators are able to:

  • restrict your access to the Services and therefore restrict your ability to edit, modify or delete your Personal Data; and
  • access, modify and remove the information about You.

Even if the Services are not currently administered or made available to You by an organization, if You use an email address provided by an organization (such as your work email address) to access the Services, then the owner of the domain associated with your email address (e.g. your employer) may assert administrative control over your account and your use of the Services at a later date.

If You do not want an administrator to be able to assert control over your account and your use of the Services, please use your personal email address to register for or access the Services.

Please contact your organization or refer to your administrator’s organizational policies for more information.

Information We May Collect From You

As a data controller, We may process your Personal Data only if we have identified a specific purpose and a legal basis to do so. In other cases, We may process your Personal Data acting as a data processor on behalf of our customers and solely for the purposes of providing our Services to them. 

Information You Give Us

You may give us information about You, for example:

  1. By filling in a form or sending us an e-mail.
  2. By contacting us via e-mail or some other medium to request service or support (e.g., the support portal or Intercom).
  3. Applying for a job at HeroCoders.
  4. Installing and using our Apps.

Email and support portal

When You contact us via e-mail or for service through the support portal, we will collect your name, your email address, and any other information You choose to provide. 

HeroCoders Job Portal

We may also receive and process Your personal data when You access the webpage https://herocoders.breezy.hr and decide to apply for a job opportunity that We´ve posted by clicking on a job posting on https://www.herocoders.com/careers. You may apply to us by sending your information to jobs@herocoders.com. In such a case, We may process Your name, email, address, phone number, as well as any details You decide to add to Your CV and the cover letter.

Social Media

We may receive certain information about You when you interact with our social media accounts.  

Information We Automatically Collect About You / Website

If You visit our Website, we may automatically collect information about You, for example:

  1. Technical information;
  2. IP addresses;
  3. Information about what type of device You use to connect to our Website or Services; and
  4. The manner in which You interact with our Services.

Any data or information that is entered into any form on our Services is only used for the indicated purposes or as described in the present Privacy Policy.

Information We Collect About You / Apps

When using our Apps, We may process certain information about You. This information is made accessible to Herocoders since our Apps need to work together with the host products such as Jira from Atlassian,Microsoft Teams from Microsoft and monday.com from monday.com Ltd.

The scope of the personal data processed and other details of the respective data processing activities can be different and depend on the specific App that You choose to use. To make things more comprehensive for You, We provide more details about this in a separate table available at https://herocoders.com/terms#Personal-Data-Access.

Please also note that We are not always directly responsible for the processing of Your information via Apps. You may need to contact the  company that has subscribed to our Services if you wish  to exercise the control over Your personal information.


Information Received From the Partner Platforms

As part of Our Services, We have access to the contact information (e.g., your name, phone number and email address) and license information (e.g., number of licenses, term of the license, etc.) You provide when You subscribe to a license for any of Our Services or when You renew maintenance for Our Services on the Partner Platform.

Why Does HeroCoders Collect Your Data?

HeroCoders may process your data for some or all of the following reasons:

  • To allow us to enhance and personalize your experience and the usability of the Services;
  • To provide support services (including technical support) to You after You have requested or purchased such services;
  • To send You information and updates pertaining to our Services if You have consented to receive such communications;
  • To send You occasional company news, updates, related products and Services, promotions, special offers or service information pertaining to our products and Services if You have consented or requested to receive such communications. You may choose to opt-out of certain e-mail communication at any time by utilizing the “unsubscribe” feature in the e-mail message;
  • To provide information about Services You have shown interest in purchasing within a reasonable time afterwards, if You are already an existing HeroCoders customer;
  • For any other specific purpose for which you have specifically provided consent;
  • To employ You or consider You for employment; or
  • To diagnose problems with our Services;
  • To enhance and otherwise modify our Services;
  • For Herocoders administrative, support and training purposes;
  • To develop other products and services, provided we de-identify your data; and
  • To provide Services to You under contract.

What Legal Basis Does HeroCoders Have For Processing Your Personal Data?

As a data controller, HeroCoders may process your information because:

  • You have given us permission to do so (GDPR Art. 6.1.(a));
  • We have a contract with You (GDPR Art. 6.1(b));
  • It is necessary in order to comply with a legal obligation to which we are subject (GDPR Art. 6.1. (c));
  • It is necessary for the purposes of the legitimate interests pursued by us or by other parties (Art. 6.1. (f)).

Where Herocoders acts as a data processor, We will process your Personal Data on behalf of our customers. 

Who Might HeroCoders Share Your Information With?

HeroCoders will share the information we have collected about You (including your Personal Data) only if we are required to do so by law, or if:

  • Herocoders engages certain service providers (as detailed below) to process information to support our business and our Services; 
  • a third party acquires HeroCoders or substantially all of its assets, Personal Data held by HeroCoders about its customers will be one of the transferred assets of the company;
  • HeroCoders must comply with any legal obligation; or
  • it is necessary in order to protect the rights, property, or safety of HeroCoders, our customers or others.

Additional information about the service providers we use to support delivery of our services and other activities is set forth at https://www.herocoders.com/terms#Data-Processing-Agreement. Regardless of whether you use our Services, whenever You interact with the content on our social media channels (e.g. Twitter, LinkedIn), be aware that Your personal data may be shared with social media management software. 

In case your Personal Data is provided to service providers outside the EEA (European Economic Area), We will implement appropriate safeguards to protect your Personal Data, including Standard Contractual Clauses as adopted by the European Commission. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA. 

We reserve the right, consistent with data privacy and other user data protection requirements applicable to the jurisdiction where data is stored, and if mandated by applicable law, regulation, legal process, or governmental order, disclose user data or other information, but only to the extent required to satisfy those laws, regulations, or orders. Unless prohibited by law or other order, we will provide reasonable notice of any such required or requested disclosure to you and reasonably cooperate to limit such disclosure to the extent allowed by law.

Data Storage

How Long Do We Store Your Data

We store data for varying lengths of time depending on the circumstances:

  • Information You share on the Services is stored until the end- user, who modified or created the text (or any other authorized user), deletes that text and all related information.
  • If Your account is deactivated, terminated, or disabled, all data and content You have provided or that has been provided on or through your account will remain active and accessible for as long as necessary to allow Your team members or other users to make full use of the Services.
  • After uninstalling the App, We store data for ninety (90) days to make sure it is there if you want to renew your subscription and start using the Service again. If you want us to remove the data earlier, please follow the procedure provided below.


Downloadable Apps

Our downloaded Apps store all information in the Atlassian Jira on-premise  product where they are installed. All data is located in your IT system (server or data center) that hosts the Atlassian Jira -  on-premise product.

No information stored on the installation IT system is made available to Us when You download, install, or use the Apps. The Apps do not transmit data from your IT system or from the end-user’s web browser to us or to any third-party.

Information Received From the Partner Platforms

The contact and license Information We collect about our customers (i.e. company information and contact information of the contact persons) is stored in our databases forever. 

SaaS/Cloud Apps

SaaS/Cloud Apps, (e.g. Issue Checklist, To-do Checklist for Team) are hosted by HeroCoders. In that case, we may store the information or data provided by you on our secured servers, but we currently utilize a third-party to provide this service. With SaaS/Cloud Apps, we have access to user information as provided in this Privacy Policy, which may include data regarding how and when the Apps are utilized.

In case of SaaS/Cloud Apps, Your personal data may be stored for varying lengths of time depending on the specific product or Services You use. Specifically, We undertake to remove Your personal information:

  • Issue Checklist Apps - 90 days after the end user has uninstalled the App;
  • Clockwork Apps - 30 days after the end user has uninstalled the App;
  • Checklist for Jira Apps - until Checklist Definitions are deleted from the account by the user
  • Backlog Pro for Jira -  No Personal Data is Stored
  • Epics Map for Jira -  No Personal Data is stored
  • To-do Checklist for MS Teams -  No Personal Data is stored

Email / Support portal / Job portal

When You contact us via email or through our support portal, we will only store Your personal information for as long as needed to fulfill the purpose of its initial collection. For example, the information contained in your customer request will only be processed until your request is fulfilled. 

When You apply for a job position at our https://herocoders.breezy.hr webpage, we will store your file for no longer than 24 months after it was collected in case another position fitting for You opens up. After this period, the information provided by You will be deleted.

Website

In case of your Personal Data that may be collected via our Website, we will store the data as long as it is necessary for the purposes it was collected.

Data About You We Store or Transfer

In the case of SaaS/Cloud Apps, We primarily store and process the data or information you provide in the United States of America, it being understood that we do not store any of your Personal Data. Furthermore, in the case of SaaS/Cloud Apps, your Personal Data will never be transferred, out of the host application (Jira) and browser, to us or to any other third-party. For these services, we store only the contact information of the administrator who has installed the app in our CRM system in order to send product-related emails and notifications to them.

However, in the case of downloadable Apps, the information will be stored on Your systems and servers, wherever Your systems and servers are located.

We will use our best efforts to ensure your Personal Data is only processed or utilized, as identified in this Privacy Policy, inside the United States of America. If your Personal Data cannot be processed within the United States of America, we will comply with applicable law and use our best efforts to protect your Personal Data.

What If You Choose Not To Give Us Your Personal Data?

If the Personal Data is necessary in order to supply products or services to You under a contract between You and HeroCoders, then we will not enter into that contract or provide the services or goods if You do not give us Your Personal Data.

Your Rights

HeroCoders will respect your legal rights to your data.

As a processor of Personal Data, we will assist our customers and end users with responding to individual rights requests that they receive under the GDPR. In many cases, customers may be able to address these types of requests by logging into the applicable product and using settings available within such product or your account. Where this is not possible, please contact us to request assistance with any such individual rights requests.

Below are the Legal rights that You have under law, and what HeroCoders does to protect those rights:

The right to be informed

HeroCoders is publishing this Privacy Policy to keep You informed as to what we do with your Personal Data. We strive to be transparent about how we use your data.

The right to access

You have the right to access your information. Our Services give you the ability to access and update or delete certain information about you from within the Service. For example, you can access Jira issue and checklist items stored for that issue and then update or remove checklist items that hold Your information. In certain cases, you may need to contact the administrator of your account or your company’s account. Please contact HeroCoders at support@herocoders.com if have any questions or You wish to access the Personal Data HeroCoders holds about you.

The right to rectification

If the information HeroCoders holds about You is inaccurate or not complete, You have the right to ask us to rectify it. If that data has been passed to a third party with your consent or for legal reasons, then we must also ask them to rectify the data. Please contact Us at support@herocoders.com if You need us to rectify your information.

The right to erasure

This is sometimes called ‘the right to be forgotten’. If You want HeroCoders to erase all your Personal Data and we do not have a legal reason to continue to process and hold it, please contact Us at support@herocoders.com.

The right to restrict processing

You have the right to ask HeroCoders to restrict how we process your data. This means We are permitted to store the data but not further process it. We keep just enough data to make sure we respect your request in the future. If You want Us to restrict processing of your data, please contact Us at support@herocoders.com.

The right to object

You have the right to object to HeroCoders processing your data even if it is based on Our legitimate interests, the exercise of official authority, direct marketing (including data aggregation), and processing for the purpose of statistics. If You wish to object please contact Us at support@herocoders.com.

The right to withdraw consent

If You have given Us your consent to process your data but change your mind later, You have the right to withdraw your consent at any time, and HeroCoders must stop processing your data. If You want to withdraw your consent, please contact Us at support@herocoders.com.

The right to complain to a Supervisory Authority

You have the right to complain to the competent Data Protection Authority if You feel that HeroCoders has not responded to your requests to solve a problem.


Your rights under the laws of California

In case You are a resident of California, You are entitled to certain rights over your personal data under the California Consumer Privacy Act of 2018. Specifically, as a resident of California, You have the right to:

  • know about the categories and specific pieces of personal data that we have collected about You and access a copy of your personal data (“Right to Know”);
  • have inaccurate personal data about You corrected (“Right to Correction”);
  • request deletion of your personal data that we have collected (“Right to Deletion”);
  • opt out of the sale of your personal data (“Right to Opt-Out”). Please note that we don’t sell personal data to any third parties. 

Please note that we may ask you and/or your agent to provide certain information to verify your and/or your agent’s identity and authorization before fulfilling the request. The information We request will depend on your prior interactions with us.

We undertake to treat You like everyone else and not discriminate against You if You choose to exercise your rights. To submit the request to exercise your rights, You can send an email to support@herocoders.com or contact the administrator of your account or your company’s account.

Data Security

Data provided through the support portal are securely stored on our Atlassian Jira Cloud instance herocoders.atlassian.net hosted and maintained by Atlassian.

All of the data related to our Products and Apps is stored on servers with restricted access and only HeroCoders’ authorized users have access to such data, to the extent required for the performance of their job duties. All staff with access to customer data are required to sign a non-disclosure agreement and complete security and privacy awareness training. In addition, We will take reasonable precautions to prevent the loss, misuse or alteration of your Personal Data. Data transmission over the Internet is inherently insecure and we cannot guarantee the security of data sent over the Internet.

You are responsible for keeping your passwords confidential. We will not ask You for your passwords.

We assume no responsibility for the deletion of data, loss of data, the corruption of data or the failure to store data. Neither do we have any obligation to monitor the use of the data transmitted or stored through Our Services.

All data you enter into Our Services shall be owned solely by you. Although personal information, usernames, passwords and prompts exchanged through the Our Services are protected by encryption techniques, these security measures still require your responsible behavior in protecting your data. You shall assume the entire responsibility at all times for the supervision, management, control and confidentiality of your data and assume the entire risk for the fraudulent or unauthorized use of your data. You represent and warrant that you have obtained all the necessary rights, releases, authorizations and permissions to provide your data to us, to the transfer and use of your data by Herocoders. You further warrant that the transfer of your data to us does not violate any laws, third party rights, including any Intellectual Property Rights, rights of privacy, or rights of publicity, and any use, collection and disclosure of your data as authorized under this Policy is not inconsistent with the terms of any applicable privacy policies. You acknowledge and agree that Herocoders are not responsible for any deletion, corruption, failure to store or loss of any your data if such deletion, corruption, failure to store or loss is due to an act or omission by you, your employee(s), contractor(s), agent(s), any authorized user or other third party.

Cookies

What Are Cookies?

Cookies are small files which are stored on a user’s computer. They are designed to hold a modest amount of data specific to a particular client and website. This allows the server to deliver a page tailored to a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website (or related site) to the next.

Cookies in our Services

We use cookies in some of our Apps and our Website as detailed below.

Website

Our Website uses cookies to store some information about the way visitors use the website. We may store the information about cookies for up to 2 years after your last visit to our Website.

Epics Map

We use Google Analytics to understand how the users of our App use and engage with it.

Other cookies

We do not use cookies in our Services directly. However, the Atlassian Connect framework and JIRA use cookies in the authentication and authorization process, which are sent to Our servers. These cookies are then employed to secure communication and match the request to customer and end-user data that we store.

Enabling and Disabling Cookies

We can place cookies on your device by default if they are strictly necessary for the use of Services. For all other types of cookies, we need your consent.

Unless you choose otherwise, we can store and process only those cookies that are necessary for the operation of our Services. If you don’t want to be tracked by other types of cookies, you can refuse to give your initial consent or opt out later. 

You can check the specific types of cookies in the pop-up window shown during your first visit on the Website. 

You may refuse the use of cookies in our Apps by selecting the appropriate settings on your browser, however, please note that if You do this You may not be able to use the full functionality of the Website or Services.

View your browser’s help pages or information on how to manage cookies at https://allaboutcookies.org.

Links to Other Websites

From time to time, the Website or Services may contain links to and from other websites, advertisers, and affiliates. If You follow a link to any of these websites, please note that these websites may have their own privacy notices and that We do not accept any responsibility or liability for any such notices. Please check these notices, where available, before You submit any Personal Data to these websites.

Changes to Our Privacy Policy

HeroCoders may change this Policy from time to time in the future. Any such changes will be posted here and, where appropriate, notified to You in writing. We advise You to check back frequently to see any updates or changes.

Security Statement

Last updated: 15 January 2021

Introduction

This document covers security aspects of apps created by HeroCoders for Atlassian Cloud products which are available now or in the future.

It is important to understand that Atlassian Cloud apps are separate web services which are hosted by their vendors. This is a consequence of Atlassian Cloud products architecture. It means that the service and its data are maintained by the vendors.

Please visit our Privacy Policy document to understand what data is transferred and stored on our servers.

Issue Checklist

Data storage

  • We host all data provided by customers on mongoDB (N. Virginia us-east-1 AWS region).
  • Our apps (running services) use the Heroku platform by Salesforce.
  • All data transmission is encrypted with Transport Layer Security (TLS 1.2+) technology.
  • Data are encrypted both in-transit and at-rest.

Backups

  • Data backups are created on a daily and weekly basis.
  • Daily data backups are available for eight subsequent days.
  • Weekly data backups are triggered on Saturday and stored for eight subsequent weeks.

Clockwork

Data storage

  • We host all data provided by customers on Heroku PostgreSQL.
  • Our apps (running services) use the Heroku platform by Salesforce.
  • All data transmission is encrypted with Transport Layer Security (TLS 1.2+) technology.
  • Data are encrypted both in-transit and at-rest.

Backups

  • Data backups are created on a daily basis.
  • Daily data backups are available for four subsequent days.

Data protection

The security of your data is extremely important to us.

  • We encrypt all network transmissions using Transport Layer Security (TLS 1.2+) technology.
  • We safeguard our services against web attacks such as SQL injections, XSS or XSRF.
  • We regularly back up your data to help prevent data loss and aid in data recovery.
  • We perform regular peer code reviews and security audits to minimize security risks.
  • We host data in secure, audited data centers provided by mongoDB and Heroku, located in the US.
  • We enforce 2FA (two-factor authentication) in all our systems.
  • All paid apps provided by HeroCoders and available in Atlassian Marketplace, participate in BugBounty program, which allows third-party security engineers to test our apps for security holes.
  • Only comercially reasonable subset of employees has access to customers data.

We use the Atlassian Connect framework created and maintained by Atlassian to integrate our apps with Atlassian Cloud products. This provides an additional layer of security and separates our apps from sensitive data stored on the Atlassian side (such as passwords and payment details).

Overall, we employ all commercially reasonable safeguards (physical, managerial and technical) to preserve the integrity and security of your data, once it is received and stored.

No method of electronic transmission or storage is 100% secure, and we cannot ensure or warrant the absolute security of any information you transmit to us or store with our apps.

Changes to our Security Statement

If we change our Security Statement, we will post the amendments on this page to keep you up-to-date on what information has changed. Adjustments to this Security Statement are effective from the date they are posted on this page.

Questions

If you have any questions or concerns regarding security, please send us an email message to support@herocoders.com. Your security is important to us, and we will do our very best to resolve your concerns.

Previous versions

Service Level Agreement

Last updated: 15 January 2021

When creating a support request through HeroCoders’s support desk, we will respond within no more than 24 business hours from the time of your initial request. Our goals are to answer the majority of requests within the same business day.

HeroCoders will use reasonable efforts to provide support in accordance with this Service Level Agreement, and will not be responsible for any delays caused by the customer for reasons beyond HeroCoders’s control.

Applications up time

HeroCoders apps’ status and up-time can be monitored at http://status.herocoders.com

Business Hours and Response Time

HeroCoders’s business hours are from 8 am to 5 pm GMT, Monday through Friday. All requests are answered within 24 business hours, excluding national holidays. We are constantly monitoring our support channels to respect the high priority of our enterprise customers and any critical issues.

Support Channels

You can request support through one of the following channels:

  • Submitting a ticket through HeroCoders’s service desk system
  • Requests made through open forums such as Atlassian Community are monitored by our support team and answered on a best-effort basis.

HeroCoders’s Support Includes:

  • Assistance with configuring our products
  • Help with troubleshooting problems with our products
  • Help with issues arising out of our product upgrades

HeroCoders’s Support Does Not Include:

  • Phone support
  • Product training
  • Support for Jira configurations not related to HeroCoders’s product

Personal Data Access by HeroCoders Apps

Last updated: 17 July 2023

Definitions

The following notations are used for showing the type of personal data used or accessed by our Apps:

U: (Users) → Access to User’s data

C: (Customers) → Access to Customer’s data

O: (Others) → Access to data of someone else or access under certain conditions

The difference between U and C: a company may have 1000 employees but introduce two specific persons as its contact persons. Access to the personal data of those 2 specific people is shown by C while access to the personal data of all 1000 employees is shown by U.

Letters in parentheses:

  • N: No Access
  • A: Access (but not used)
  • A+: Access used
  • P: Processed (i.e. sent to the server)
  • S: Stored

These categories are inclusive, so only one category must be listed in the table below (S contains P, P contains A+, and A+ contains A).

For every product, when a user contacts our customer support portal, some of their personal data is stored in our support portal:

App name
Has access to
Explanation
All Apps - when someone contacts our support portal O → Name(S)¹, Email Address(S)¹, IP address (S)² ¹ When users contact our customer support, the personal data they provide to us will be stored in our support portal.
² When users contact our customer support using intercom, their IP address is stored by intercom.

And for each product:

App name
Has access to
Explanation
Issue Checklist for Jira Free U → IP address(S)¹, Name (A+)² ¹ IP of the HTTP requests are stored in our logs.
² Display name of the mentioned person is fetched from Jira in the user browser and displayed (as long as Jira permissions allow the user to see the display name)
Issue Checklist for Jira Pro U → IP address (S)¹, Name (A+)³
C → Name(S)², Email Address(S)², Phone Number(S)², Address(S)²
¹ IP of the HTTP requests are stored in our logs.
² For the people introduced by a customer as contact persons (technical or billing), this data is stored in our CRM system.
³ Display name of the mentioned person is fetched from Jira in the user browser and displayed (as long as Jira permissions allow the user to see the display name)
Acceptance Criteria U → IP address(S)², Cookie Identifier(P)¹, Gender(P)¹, Name (A+)³ ¹ We use Google Analytics for collecting usage data.
² IP of the HTTP requests are stored in our logs.
³ Display name of the mentioned person is fetched from Jira in the user browser and displayed (as long as Jira permissions allow the user to see the display name)
Checklist for Jira Cloud U → IP address (S)¹, cookie identifier (P)³
C → Name(S)², Email Address(S)², Phone Number(S)², Address(S)²
¹ IP of the HTTP requests are stored in our logs.
² For the people introduced by a customer as contact persons (technical or billing) this data is stored in our CRM system.
³ Cookie is used for authentication.
Checklist for Jira Server C → Name(S)¹, Email Address(S)¹, Phone Number(S)¹, Address(S)¹ The application runs on the customer's machine.
We only process data related to licenses or when someone from a company contacts us for support.
¹ For the people introduced by a customer as contact persons (technical or billing) this data is stored in our CRM system.
Checklist for Jira Data Center C → Name(S)¹, Email Address(S)¹, Phone Number(S)¹, Address(S)¹ The application runs on the customer's machine.
We only process data related to licenses or when someone from a company contacts us for support.
¹ For the people introduced by a customer as contact persons (technical or billing) this data is stored in our CRM system.
Clockwork Timesheets for Jira Free U → IP address(S)¹, Name(A)², Email Address(S)³
O → Name(S)⁴, Email Address(S)⁴
O → Name(S)⁵, Email Address(S)⁵
¹ IP of the HTTP requests are stored in our logs.
² We have access to the name of all users of the app.
³ We save users' email addresses for sending them onboarding emails.
⁴ for users selected by Manager to notify to log work.
⁵ for users who optionally provide this information in our surveys.
Clockwork Timesheets for Jira Pro U → IP address(S)¹, Name(A)³, Email Address(S)⁴
C → Name(S)², Email Address(S)², Phone Number(S)², Address(S)²
O → Name(S)⁵, Email Address(S)⁵
O → Name(S)⁶, Email Address(S)⁶
¹ IP of the HTTP requests are stored in our logs.
² For the people introduced by a customer as contact persons (technical or billing), this data is stored in our CRM system.
³ We have access to the name of all users of the app.
⁴ We save users' email addresses for sending them onboarding emails.
⁵ for users selected by Manager to notify to log work.
⁶ for users who optionally provide this information in our surveys.
Clockwork Time Tracking & Timesheets for monday.com U → IP address(S)¹, Name(A+)², Email Address(A)³ ¹ IP of the HTTP requests are stored in our logs.
² We have access to the name of all users of the app. We are not using the access to email address.
³ We have access to the email address of all users of the app. We are not using the access to email address.
Epics Map for Jira U → IP address (S)¹ The applications store no data. It runs entirely on the user's browsers.
¹ IP of the HTTP requests are stored in our logs.
To-do Checklist for Team U → Name (A+)¹, email address (A)², Username (P)³, Social Media Profile (P)³, IP address (S)⁴ ¹ We use this access to display the last user who has toggled a checklist item.
² We have access to users' emails but are not using this access. The access is needed to enable single sign-on with Microsoft Teams. The benefit for the user is that they don't need to enter another username and password to log into our app.
³ We have access to the username of the users. This is the username they use to log into their Microsoft Teams account.
⁴ IP of the HTTP requests are stored in our logs.

Subprocessors

Last updated: 17 July 2023

Definitions

The following notations are used for showing the type of personal data used or accessed by our Apps:

U: (Users) → Access to User’s data

C: (Customers) → Access to Customer’s data

O: (Others) → Access to data of someone else or access under certain conditions

The difference between U and C: a company may have 1000 employees but introduce two specific persons as its contact persons. Access to the personal data of those 2 specific people is shown by C while access to the personal data of all 1000 employees is shown by U.

Subprocessors with access to personal data

Entity Name
Service Location
(country where processing is performed)
Task Performed
Has access to
Explanation
Heroku United States, Ireland Infrastructure Services U → IP address¹ ¹ IP of the HTTP requests are stored by Heroku Router in the logs.
Amazon Web Services United States Infrastructure Services U → IP address¹ ¹ We use AWS as a CDN in Clockwork (Free and Pro). AWS logs the IP address for these requests.
DataDog United States Infrastructure Monitoring U → IP address¹ ¹ IP address in logs of all HTTP requests.
Sentry (Functional Software, Inc.) United States Software Development Services - Log & error collection U → IP address¹ ¹ IP of the HTTP requests are sent to Sentry.
Papertrail (Solarwinds) United States Application log management and archive U → IP address¹ ¹ Papertrail archives our logs for 365 days.
Okapya Canada Technical maintenance and support C → Name¹, Email Address¹, Phone Number¹, Address¹ ¹ For customers of Checklist for Jira Apps.
Live Chat / intercom United States Customer Support Tools O → Name (optional)¹, IP address¹ ¹ For the users who contact our customer support through the in-app dialogue.
HubSpot Canada CRM system C → Name¹, Email Address¹, Phone Number¹, Address¹ ¹ For the people introduced by a customer as contact persons (technical or billing) this data is stored in our CRM system.
Zapier United States Infrastructure Services - Integration - handles newsletter subscriptions O → email address¹, name¹ ¹ For those who subscribe to our email newsletters from our website.
Webflow United States Website Builder O → IP address¹, email address², name² ¹ for every visitor of herocoders.com
² for visitors of herocoders.com who subscribe to our newsletter or contact us using the contact form
Jira Service Management (Atlassian) Australia Customer Support Tools - Help Desk O → Name¹, Email Address¹ ¹ When users contact our customer support, the personal data they provide to us will be stored in our support portal. We are using a third-party service provider for our support portal. Thus the data is shared with that service provider (Jira Service Management).
Google Cloud United States Infrastructure Services U → IP address¹⁻², Gender¹⁻²
O → IP address¹⁻², Gender¹⁻²
¹ We are using Google Analytics in Acceptance Criteria. Google saves this data for all users of our app.
² We are using Google Analytics on our website. Google saves this data for all visitors to our website.
Google Workspace United States Work Tools - Company emails, online document editing tools, cloud storage O → name¹, cookie identifier¹, email address¹, phone number (optional)¹, IP address¹, Social media profile ID / link (optional)¹, address (optional)¹, job title (optional)¹, education history (optional)¹, employment history (optional)¹, gender (optional)¹, place/country of birth (optional)¹, date of birth (optional)¹ ¹ For the candidates who apply to our job openings If they provide this information in their resume. Their resume will remain in our Gmail accounts.
Calendly United States Work Tools - Online meeting scheduler O → Name¹, Email Address¹ ¹ This data is stored for the people arranging a meeting with our customer support using Calendly.
Breezy United States Work Tools - Job Portal and Hiring Solutions O → name¹, cookie identifier¹, email address¹, phone number (optional)¹, IP address¹, Social media profile ID / link (optional)¹, address (optional)¹, job title (optional)¹, education history (optional)¹, employment history (optional)¹, gender (optional)¹, place/country of birth (optional)¹, date of birth (optional)¹ ¹ For the candidates who apply to our job openings If they provide this information in their resume. We use HR services from Breezy, and they store this data.
Twilio (SendGrid) United States Sending emails O → Name¹, Email Address¹ ¹ for users selected by Manager to notify to log work.
SurveyMonkey United States Marketing and Product Management Tools - Online Survey O → Name¹, Email Address¹ ¹ for users who optionally provide this information in our surveys.

Data Processing Agreement

Last updated: 4 April 2023

This Data Processing Agreement (the “Agreement”) is attached to the Herocoders’ Terms of Service available at https://www.herocoders.com/terms (the “Master Agreement”) between HeroCoders (the “Processor”) and the party that has accepted the Master Agreement (the “Controller”).

BACKGROUND

  1. (A) The Parties entered into the Master Agreement. 
  2. (B) Due to the scope and subject-matter of the Master Agreement, it is necessary for the Processor to Process the Personal Data on behalf of the Controller.
  3. (C) This Agreement sets out the additional terms, requirements and conditions on which the Processor shall Process the Personal Data on behalf of the Controller under the Master Agreement. This Agreement contains the mandatory clauses required by Article 28(3) GDPR for contracts between data controllers and data processors.
  1. (D) The date of execution of the Master Agreement shall constitute the date of execution of this Agreement.

AGREED Master Agreement

1. Definitions and interpretation

1.1 The Parties acknowledge that, as per definitions in the Data Protection Legislation, the Controller is a controller and the Processor is a processor, unless otherwise explicitly stated in the Agreement. 

1.2 Where the Agreement uses terms that are defined in the Master Agreement, the terms shall have the same meaning as in the Master Agreement.

1.3 The terms used in this Agreement have the following meaning:

  1. Data Protection Legislation” means all privacy and data protection laws applicable to the Processing, including the GDPR and any applicable national implementing laws, regulations and secondary legislation relating to the Processing of the Personal Data and the privacy of electronic communications, as updated, amended or replaced from time to time.
  2. Data Subject” means an individual who is a subject of the Personal Data.
  3. GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), and its national implementing laws, including, but not limited to, the UK GDPR as defined in section 3 of the UK Data Protection Act 2018.
  4. Personal Data” means any information relating to an identified or identifiable natural person that is Processed by the Processor as specified herein; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as name, identification number, location data, online identifier, or to one or more factors specific to the physical, the physiological, genetic, mental, economic, cultural or social identity of that natural person.
  5. Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration or unauthorised disclosure of, or access to, the Personal Data transmitted, stored or otherwise Processed. 
  6. Processing”, Processes”, “Process” and “Processed” mean either any activity that involves the use of Personal Data or as the Data Protection Legislation may otherwise define “processing”, “processes”, “process” or “processed”. The Master Agreement includes any operation or set of operations performed on the Personal Data or on sets of the Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction, as well as transferring the Personal Data to third parties.
  7. Regulation (EU) 2018/1725” means Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.
  8. SCCs means the Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council.

1.4 Any reference to “writing” or “written” includes faxes, email and electronic messaging services.

2. The Personal Data types and the Processing purposes

2.1 The Controller retains control of the Personal Data and remains responsible for its compliance obligations under the applicable Data Protection Legislation, including providing any required notices and obtaining any required consent for the Processing instructions it gives to the Processor.

2.2 Subject-matter and nature of the Processing: 

The performance of the services to the Controller under the Master Agreement.

The nature of the Processing activities implies the set of operations, such as collection, recording, organisation, structuring, usage, storage, erasure or destruction of data. 

2.3 Duration of the Processing: the term of the Master Agreement unless otherwise agreed by the Parties.

2.4 The categories of Data Subjects (as determined and controlled by the Data Controller) may include: employees, consultants and contractors of the Controller.

2.5 The categories of Personal Data subject to the Processing may include: name, cookie identifiers, IP address, email address, username, social media profile ID/links and any other information provided by the Controller and the Data Subjects. 

2.6 Security measures: as indicated in the Processor´s Security Statement.

2.7 Subprocessors involved: the list of Subprocessors are available at https://herocoders.com/terms#Subprocessors.

3. The Processor’s obligations

3.1 The Processor shall only Process the Personal Data in accordance with the Controller’s written instructions specified herein. The Processor shall not Process the Personal Data for any other purpose or in a way that does not comply with this Agreement or the Data Protection Legislation. The Processor shall promptly notify the Controller if, in the Processor’s opinion, the Controller’s instructions would not comply with the Data Protection Legislation.

3.2 The Processor shall promptly comply with any of the Controller’s requests or instructions requiring the Processor to amend, transfer, delete or otherwise Process the Personal Data, or to stop, mitigate or remedy any unauthorised Processing.

3.3 The Processor shall maintain the confidentiality of all the Personal Data and shall not disclose the Personal Data to third parties, unless the Controller or this Agreement specifically authorises the disclosure, or as required by law. If a law, court, regulator or supervisory authority requires the Processor to Process or disclose the Personal Data, the Processor shall first inform the Controller of the legal or regulatory requirement and give the Controller an opportunity to object or challenge the requirement, unless the law prohibits such notice.

3.4 The Processor shall reasonably assist the Controller with meeting the Controller’s compliance obligations under the Data Protection Legislation, taking into account the nature of the Processor’s Processing and the information available to the Processor, including in relation to the Data Subject’s rights, data protection impact assessments and reporting to and consulting with the supervisory authorities under the Data Protection Legislation.

3.5 The Processor shall promptly notify the Controller of any changes to the Data Protection Legislation that may adversely affect the Processor’s performance of the Master Agreement. 

3.6 The Processor shall ensure that all its employees with access to the Personal Data:

  • are informed of the confidential nature of the Personal Data and are bound by confidentiality obligations and use restrictions in respect of the Personal Data;
  • have undertaken training on the Data Protection Legislation relating to handling the Personal Data and how it applies to their particular duties; and
  • are aware of both the Processor’s obligations and their personal obligations under the Data Protection Legislation and this Agreement.

3.7 The Processor shall take reasonable steps to ensure the reliability, integrity and trustworthiness of the employees with access to the Personal Data and conduct their background checks consistent with applicable law.

4. Security

4.1 The Processor shall at all times implement appropriate technical and organisational measures against the unauthorised or unlawful Processing, access, disclosure, copying, modification, storage, reproduction, display or distribution of the Personal Data, and against accidental or unlawful loss, destruction, alteration, disclosure or damage of the Personal Data.

4.2 The Processor shall implement such measures in accordance with Article 32 GDPR to ensure a level of security appropriate to the risk involved.

4.3 The Controller hereby confirms that technical and organisational measures specified herein are sufficient and appropriate under the Data Protection Legislation and this Agreement.

5. The Personal Data Breach

5.1 The Processor shall promptly and without undue delay notify the Controller if any Personal Data is lost or destroyed, or becomes damaged, corrupted, or unusable. The Processor shall restore such Personal Data at its own expense.

5.2 The Processor shall immediately and without undue delay notify the Controller if the Processor becomes aware of:

  • any accidental, unauthorised or unlawful Processing of the Personal Data; or
  • any Personal Data Breach.

5.3 Where the Processor becomes aware of (a) and/or (b) of Clause 5.2 hereof, the Processor shall, without undue delay, also provide the Controller with the following information:

  • description of the causes and nature of (a) and/or (b) of Clause 5.2 hereof, including the categories and approximate number of both the Data Subjects and the Personal Data records concerned;
  • the likely consequences; and
  • description of the measures taken or proposed to be taken to address (a) and/or (b) of Clause 5.2 hereof, including measures to mitigate the possible adverse effects.

5.4 Immediately, following any unauthorised or unlawful Processing of the Personal Data or the Personal Data Breach, the Parties shall coordinate with each other to investigate the matter. The Processor shall reasonably cooperate with the Controller in the Controller’s handling of the matter, including:

  • assisting with any investigation; 
  • providing the Controller with physical access to any facilities and operations affected;
  • facilitating interviews with the Processor’s employees, former employees and others involved in the matter; 
  • making available all relevant records, logs, files, data reporting and other materials required to comply with all the Data Protection Legislation or as otherwise reasonably required by the Controller; and 
  • taking reasonable and prompt steps to mitigate the effects and to minimise any damage resulting from the Personal Data Breach or the unlawful Processing of the Personal Data. 

5.5 The Processor shall not inform any third party of any Personal Data Breach without first obtaining the Controller’s prior written consent, except when required to do so by law. 

5.6 The Processor agrees that the Controller has the sole right to determine:

  • whether to provide a notice of the Personal Data Breach to any Data Subjects, supervisory authorities, regulators, law enforcement agencies or others, as required by law or regulation or in the Controller’s discretion, including the contents and delivery method of the notice; and
  • whether to offer any type of a remedy to the affected Data Subjects, including the nature and extent of such remedy.

5.7 The Processor shall cover all reasonable expenses associated with the performance of the obligations under Clauses 5.2 and 5.4 hereof, unless the matter arose from the Controller’s specific instructions, negligence, wilful default or breach of this Agreement, in which case the Controller shall cover all reasonable expenses. 

6. Cross-border transfers of the Personal Data

6.1 The Controller hereby authorises the Processor to transfer or otherwise Process the Personal Data outside the European Economic Area (the “EEA”) subject to conditions laid down in this Agreement. 

6.2 The Processor may only Process, or permit the Processing of, the Personal Data outside the EEA under one of the following conditions:

  • the Processor Processes the Personal Data in a territory which is subject to a current finding by the European Commission under the Data Protection Legislation that the territory provides adequate protection for the privacy rights of individuals.
  • the Processor takes, where appropriate, one of the safeguards specified by the Data Protection Legislation, notably by Article 46 GDPR.

6.3 If any Personal Data transfer between the Controller and the Processor requires the execution of the SCCs in order to comply with the Data Protection Legislation, the Parties shall complete all relevant details and take all other actions required to legitimise the transfer.

7. Subprocessors

7.1 The Processor may not authorise a third party (subprocessor) to Process the Personal Data, unless all of the following conditions are met:

  • the Controller has given a specific or general written authorisation to the engagement of the subprocessor(s);
  • the Processor shall enter into a written agreement with each of the authorised subprocessors, which shall contain terms substantially the same as those set out in this Agreement, in particular, in relation to requiring appropriate technical and organisational data security measures;
  • at the Controller’s request, the Processor shall provide to the Controller a copy of such an agreement with the subprocessor and any subsequent amendments. To the extent necessary to protect a business secret or other confidential information, including Personal Data, the Processor may redact the text of the agreement prior to sharing the copy;
  • the Processor shall maintain control over all the Personal Data it entrusts to the subprocessor(s).

7.2 The Controller hereby gives a general authorisation to involve subprocessors to Process the Personal Data under this Agreement. In case the Processor intends to update the list of subprocessors engaged, the Processor shall inform the Controller in advance and provide the Controller with the information necessary to enable the Controller to exercise the right to object.

7.3 Where the subprocessor fails to fulfil its obligations under a such written agreement, the Processor remains fully liable to the Controller for the subprocessor’s performance of its obligations. 

7.4 Where the Processor fails to fulfil its guarantees under Clause 7.1 hereof, the Processor shall indemnify all of the Controller’s arising direct and indirect damages.

8. Complaints, the Data Subjects requests and third-party rights

8.1 The Processor shall, at no additional cost, take such technical and organisational measures as may be appropriate and promptly provide such information to the Controller, as the Controller may reasonably require, to enable the Controller to comply with:

  • the rights of the Data Subjects under the Data Protection Legislation, including the Data Subjects’ access rights, the rights to rectify and erase the Personal Data, object to the Processing and automated Processing of the Personal Data, and restrict the Processing of the Personal Data; and 
  • information or assessment notices served on the Controller by any supervisory authority under the Data Protection Legislation. 

8.2 The Processor shall notify the Controller immediately and without undue delay if the Processor receives any complaint, notice or communication that relates directly or indirectly to the Processing of the Personal Data or to either Party’s compliance with the Data Protection Legislation.

8.3 The Processor shall notify the Controller immediately and without undue delay when the Processor receives a request from a Data Subject for access to their Personal Data or to exercise any of their related rights under the Data Protection Legislation.

8.4 The Processor shall provide the Controller with the Processor’s full cooperation and assistance in responding to any complaint, notice, communication or the Data Subject’s request in connection with the Personal Data Processed. 

8.5 The Processor shall not disclose the Personal Data to any Data Subject or to a third party other than at the Controller’s request or instructions, as provided for in this Agreement or as required by law.

9. Term

This Agreement shall remain in full force and effect so long as:

  • the Master Agreement remains in effect, or 
  • the Processor retains any Personal Data related to the Master Agreement in the Processor’s possession or control (the “Term”).

10. Non-compliance with the Agreement and termination

10.1 Without prejudice to any provisions of the GDPR and/or the Regulation (EU) 2018/1725, in the event that the Processor is in breach of its obligations under this Agreement, the Controller may instruct the Processor to suspend the Processing of the Personal Data until the Processor complies with its obligations under this Agreement or the Agreement is terminated.

10.2 The Controller shall be entitled to terminate the Agreement if:

  • the Processing of the Personal Data by the Processor has been suspended by the Controller pursuant to Clause 10.1 hereof and if compliance with the obligations under this Agreement is not restored within a reasonable time and in no event later than within 1 (one) month following suspension;
  • the Processor is in substantial or persistent breach of its obligations under this Agreement or its obligations under the GDPR and/or the Regulation (EU) 2018/1725;
  • the Processor fails to comply with a binding decision of a competent court or a competent supervisory authority regarding its obligations pursuant to this Agreement or the GDPR and/or the Regulation (EU) 2018/1725.

10.3 The Processor shall be entitled to terminate the Agreement where, after having informed the Controller that the Controller’s instructions infringe applicable legal requirements in accordance with Clause 3.1 hereof, the Controller insists on compliance with the instructions.

10.4 Any provision of this Agreement, which expressly or by implication should come into or continue in force on or after termination of the Master Agreement in order to protect the Personal Data, shall remain in full force and effect.

10.5 If a change in any Data Protection Legislation prevents either Party from fulfilling all or part of its Master Agreement obligations, the Parties shall suspend the Processing of the Personal Data until that Processing complies with the new requirements. If the Parties are unable to bring the Processing of the Personal Data into compliance with the Data Protection Legislation within 2 (two) months, a Party may terminate the Master Agreement on written notice to the other Party.

11. Data return and destruction

11.1 At the Controller’s request, the Processor shall give the Controller a copy of or access to all or part of the Controller’s Personal Data in the Processor’s possession or control in the format and on the media reasonably specified by the Controller.

11.2 Upon termination of the Master Agreement for any reason or expiry of its term, the Processor shall securely delete or destroy or, if directed in writing by the Controller, return and not retain all or any Personal Data related to this Agreement in the Processor’s possession or control. 

11.3 If any law, regulation or governmental or regulatory body requires the Processor to retain any documents or materials that the Processor would otherwise be required to return or destroy, the Processor shall notify the Controller in writing of that retention requirement, giving details of the documents or materials that the Processor shall retain, the legal basis for retention, and establishing a specific timeline for destruction once the retention requirement ends.

11.4 Upon the request from the Controller, the Processor shall certify in writing that the Processor has destroyed the Personal Data.

12. Audit

12. 1 If the Controller is required to show its compliance with the Data Protection Legislation, or the Controller reasonably believes that a Personal Data Breach occurred or is occurring, or the Processor is in breach of any of its obligations under this Agreement or any Data Protection Legislation, the Processor shall permit an assigned and eligible third-party representative of the Controller to audit the Processor’s compliance with its obligations under this Agreement on at least 15 (fifteen) days’ notice during the Term. The Processor shall give the third-party representative of the Controller all necessary assistance reasonably required to conduct such audits. The assistance may include, but is not limited to: 

  • physical access to, remote electronic access to any information held at the Processor’s premises or on systems storing the Personal Data;
  • access to and meetings with any of the Processor’s personnel reasonably necessary to provide all explanations and perform the audit effectively; and
  • necessary inspection of all infrastructure, electronic data or systems, facilities, equipment or application software used to store, Process or transfer the Personal Data. 

12.2 If a Personal Data Breach occurred or is occurring, or the Processor becomes aware of a breach of any of its obligations under this Agreement or any Data Protection Legislation, the Processor shall:

  • promptly conduct its own audit to determine the cause; 
  • produce a written report that includes a detailed plan to remedy any deficiencies identified by the audit; 
  • provide the Controller with a copy of the written audit report; and 
  • promptly remedy any deficiencies identified by the audit.

12.3 The Processor shall promptly address any exceptions noted in the audit reports with the development and implementation of a corrective action plan by the Processor’s management.

12.4 The Controller shall cover all reasonable expenses incurred by the Processor in connection with performing its obligations under Clause 12.1 hereof.

13. Governing law

This Agreement shall be governed by, construed and interpreted in accordance with the laws of Poland.

By using this website, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.