Latest update: November 17th, 2020
THIS SERVICE AGREEMENT («AGREEMENT») IS A LEGAL AGREEMENT BETWEEN BOOXI INC. («BOOXI») AND THE INDIVIDUAL OR LEGAL ENTITY («CUSTOMER») USING OR ACCESSING THE BOOXI PRODUCTS WHETHER IN CONNECTION WITH A PAID SUBSCRIPTION OR A FREE TRIAL. THIS AGREEMENT ALONG WITH THE SUBSCRIPTION DOCUMENTATION SIGNED BY THE CLIENT ARE TO BE REGARDED AS FORMING AN INDIVISIBLE WHOLE. IF THERE IS ANY CONTRADICTION BETWEEN THOSE DOCUMENTS, THE SUBSCRIPTION DOCUMENT PREVAILS OVER THE AGREEMENT. PLEASE READ THIS AGREEMENT CAREFULLY BEFORE AGREEING. BY AGREEING TO THESE TERMS OR USING THE BOOXI PRODUCTS, WHICHEVER OCCURS EARLIER, CUSTOMER IS AGREEING TO BE BOUND BY THE TERMS OF THIS AGREEMENT.
Customer hereby agrees to license the BOOXI product(s) (each a «Product») identified in the subscription documentation (i.e., the quote or invoice)(the «Subscription») exchanged by the parties in conjunction with Customer’s acceptance of this Agreement. The specific Products and the fees payable with respect to such Products are set forth in the Subscription. Each Product may include updates, cloud-based services, support services, applications or documentations, each of which is subject to the terms of this Agreement as applicable. BOOXI may add to, change or discontinue any component of the Products at any time; however, if such change shall materially increase Customer’s obligations or materially decrease Customer’s entitlements under this Agreement, Customer will be able to terminate his Subscription. Customer agrees to be responsible for the confidentiality of their account credentials, and for any activity resulting from the use of their account. Customer agrees to make reasonable efforts to prevent unauthorized access to, or use, of the BOOXI Products. Customer may not share their account and password, allow third parties to use the account nor assist anyone who is not a registered user to gain access to the BOOXI Product. Customer is responsible for all actions taken under its BOOXI account credentials, regardless of whether such actions are taken by Customer, its employees or a third party. BOOXI is not liable for any loss or damage arising from any unauthorized use of Customer’s account. «Customer» means the person who is using or accessing the BOOXI Products through a subscription or free trial. The Customer can then give access to the BOOXI Products through an end user. «Users» means end users who access the BOOXI Products through the Customer, including any employees or clients of the Customer.
During the Term (as defined below), BOOXI grants Customer a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to use, the Products on the terms set forth in this Agreement. Customer agrees that all rights, title and interest in and to all the intellectual property rights in the Products, and all modifications, extensions, scripts and other derivative works of the Products provided or developed by BOOXI, including all associated documentation and materials are owned exclusively by BOOXI or its licensors. All rights not granted to Customer in this Agreement are reserved by BOOXI. The content included in or made available through the Products is our property. No portion of the Products may be reproduced in any form or by any means, except as expressly permitted by this Agreement. Customer shall remain the sole and exclusive owner of all right, title, and interest into its Intellectual Property. BOOXI retains all title to, and, except as expressly licensed herein, all rights to the Products, all copies, derivatives and improvements thereof and all related documentation and materials. Our trademarks, logos and Product are our Intellectual Property. Except as otherwise permitted by law, please do not use or display in any manner our trademarks without our prior consent. «Intellectual Property» means any and all intellectual property, including without limitation, works, inventions (whether patentable or not), discoveries, improvements, trade secrets, know-how, scientific formulae, data, information, images, reports, results, analysis, software, models, research and development information, technical information, prototypes, specifications, patterns, drawings, algorithms, products, compositions, processes and protocols, methods, tests, devices, computer programs, trademarks and any and all proprietary rights provided under patent law, copyright law, trademark law, design patent or industrial design law, semiconductor chip or mask work law, or any other statutory provision or civil or common law principles applicable to the protection of intangible proprietary information or rights, including trade secret law, which may provide a right in any of the foregoing as well as any and all applications, registrations or other evidence of a right in any of the foregoing.
Customer and any Users shall not (and shall not allow any third party to): (i) decompile, disassemble, or otherwise reverse engineer or attempt to reconstruct or discover any source code, underlying ideas, algorithms, file formats or programming or interoperability interfaces of the Products, by any means whatsoever; (ii) distribute viruses or other harmful or malicious computer code via or into the Products; (iii) engage in any conduct that disrupts or impedes a third party’s use and enjoyment of the Products; (iv) remove any product identification, copyright or other notices from the Products; (v) sell, lease, lend, assign, sublicense; (vi) use, resell, sublicense, distribute or transfer or allow others to use the Products to or for the benefit of third parties; (vii) modify or incorporate into or with other software or create a derivative work of any part of the Products; (viii) use the output or other information generated by the Products for any purpose other than as contemplated by this Agreement; (ix) use the Products for any use other than Customer’s internal business use; (x) use unauthorized modified versions of the Products, including without limitation, for the purpose of building a similar or competitive product or service or for the purpose of obtaining unauthorized access to the Product; (xi) use the Products to distribute or share pornographic images; (xii) use the Products to support an activity that is contrary to the law; or (xiii) use the Products in any way that is contrary to applicable local, state/provincial, federal and foreign laws, including without limitation those relating to privacy, data protection, electronic communications and anti-spam legislation. Customer shall at all time remain liable for the acts and omissions of end users of the Product provided to Customer. Customer shall not enter comments that are defamatory, obscene or offensive when using the Products.
The «Initial Term» shall mean the number of months in the term as specified in the Subscription beginning on the date specified in the Subscription («Activation Date»). Upon expiration of the Initial Term and unless otherwise stated in the Subscription, this Agreement will automatically renew on a yearly basis (each a «Renewal Term», and the Initial Term and all Renewal Terms collectively, the «Term») until terminated by Customer or BOOXI by delivery of written notice to the other party at least thirty (30) days prior to the end of the Initial Term or then-current Renewal Term, as applicable. In the case of Products licensed on a trial basis, the Term of this Agreement shall be limited to the duration of the trial period identified in the Subscription. Except as specified in Section 12 below, Customer may not terminate this Agreement prior to the expiration of the Initial Term. Following expiration of the Initial Term, BOOXI may increase the fees payable by Customer under this Agreement, upon not less than 60 days’ written notice.
Customer shall pay BOOXI the annual and/or monthly fees («Fees») specified in the Subscription, in accordance with the timing and currency specified in the Subscription. Except as set forth in this Agreement, all payments by Customer to BOOXI under this Agreement are non-refundable and made via the payment methods offered by BOOXI in the Subscription, or as otherwise agreed by the parties. Customer shall undertake any additional actions reasonably requested by BOOXI to implement the foregoing automated fee payment process (If applicable). Any amounts past due from Customer under this Agreement shall accrue interest at a rate corresponding to one and a half percent (1.5%) monthly or eighteen percent (18%) annually. Any applicable federal, state, provincial, or other goods and services or sales taxes might be added to fees owing pursuant to this Agreement.
«Confidential Information» means any and all information of a party (the «Disclosing Party») which has or will come into the possession of the other party (the «Receiving Party») of confidential or proprietary nature, including information of a technical nature; such as know-how, software, source code, algorithms, specifications, formulas, trade secrets, list of orders, Products ordered, employees and contractor lists, and information of a business nature, such as information about costs, profits, pricing policies, markets, sales, suppliers, customers, plans for future development, plans for future products, marketing plans or strategies, and other information of a similar nature, which is not generally disclosed by a party to the public. The Receiving Party shall take commercially reasonable steps as necessary to prevent the unauthorized access and disclosure of the Disclosing Party’s Confidential Information, such as enforcing access on a need-to-know basis. The Receiving Party and the Disclosing Party will make no use of such Confidential Information except as necessary to fulfill their respective obligations under the terms and during the term of this Agreement. Each party shall treat the terms and conditions of this Agreement as confidential; however, either party may disclose such information in confidence to its immediate legal and financial consultants as required in the ordinary course of that party’s business. Notwithstanding the foregoing, the restrictions set forth above will not apply to (i) information previously known to the receiving party without reference to the disclosing party’s Confidential Information, (ii) information which is or becomes publicly known through no wrongful act of the receiving party, (iii) information that is independently developed by either of the parties, or (iv) information required to be disclosed pursuant to applicable law. Upon termination of this Agreement for any reason, the Receiving Party shall, at the Disclosing Party’s option, (i) return the Confidential Information without undue delay and/or (ii) securely destroy the Confidential Information without undue delay, and in accordance with industry’s best standards. Upon request, the Receiving Party shall confirm in writing that the Confidential Information has been returned and/or deleted. Notwithstanding the foregoing, the Receiving Party is authorized to keep a copy of the Confidential Information as required for business continuity purposes, pursuant to international retention schedules, and for legal, auditing or financial reasons. The foregoing shall also not prevent BOOXI from using Customer data on an aggregate, anonymized basis.
Customer represents and warrants that currently and throughout the Term (i) it is fully authorized to enter into this Agreement and that Customer and any Users are fully authorized to utilize the Products, (ii) Customer and any Users are and will remain in compliance with all applicable laws and regulations with respect to its and their activities related to this Agreement, including but not limited to privacy laws; and (iii) if Customer or any of its Users imports lists into the Products for the purpose of sending electronic communications (e.g., emails, texts) to such list, or otherwise collects electronic addresses for the purpose of sending electronics messages, then Customer warrants that each person on such list has previously opted-in to receive promotional electronic communications from Customer and that the content of such communications by Customer will comply with applicable laws and regulations. Customer shall indemnify, defend and hold harmless BOOXI and its officers, employees, agents and affiliates from and against all losses, expenses, liabilities, damages and costs including, without limitation, reasonable attorneys’ fees (collectively «Costs»), attributable to any breach by Customer or any User, employee, independent contractor, or affiliate thereof, of (a) its representations, warranties or other obligations set forth in this Agreement (b) its willful misconduct, intentional fault, gross negligence and/or criminal or fraudulent conduct. BOOXI reserves its exclusive right, at Customer’s expense, to conduct the defense of any such claims and assume control of any matter, subject to indemnification by Customer, in which event, the Customer shall cooperate with BOOXI in asserting any and all available defenses. Customer and each of its Users agree to comply with all BOOXI policies and all laws, rules and regulations relating to the use of the Products. Customer will indemnify BOOXI for any Costs, fines or damages incurred by BOOXI due to Customer’s or its User’s failure to comply with this section.
BOOXI uses and protects Customer data, including information transmitted via the Products, in accordance with the BOOXI Privacy Policy. You agree to allow BOOXI to use and share with third parties non-personal information to build anonymous data profiles, provide segmented marketing information, create aggregate statistical reports, and to improve current and new products and services. Each party shall comply with applicable laws to the collection, use and disclosure of personal information. Customer is solely responsible for providing a privacy policy covering its processing of personal information and for obtaining an informed consent for doing so when applicable. Customer agrees not to include any Sensitive Personal Data about any individual in the comments section when filling out appointment information. Customer agrees not to include any financial information, including credit card numbers or bank account information, in the comments in the appointment section. «Sensitive Personal Data» includes personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, biometric data processed solely to identify a human being, health-related data or data concerning a person’s sex life or sexual orientation. If Customer is subject to the General Data Protection Regulation, the Data Processing Agreement is available below.
Customer agrees that any feedbacks that it provides to BOOXI, including but not limited to comments, suggestions and regarding BOOXI or the Products, shall belong exclusively to BOOXI, without any requirement to acknowledge or compensate Customer, and Customer hereby assigns to BOOXI, without limitation of any kind, all of their rights, titles and interests therein, and BOOXI accepts such assignment.
Customer may decide to enable, access or use any Third-Party Services (as defined below). Customer agrees that access and use of such Third-Party Services shall be governed solely by the terms and conditions of such Third-Party Services, and that BOOXI is not responsible or liable for, and makes no representations as to any aspect of such Third-Party Services, including, without limitation, their content or the manner in which they handle data (including Customer’s data) or any interaction between Customer and the provider of such Third-Party Services, regardless of whether or not such Third-Party Services are provided by a third party that is a member of a BOOXI partner program or otherwise designated by BOOXI as «certified», or «approved» by BOOXI. Any use by Customer of Third-Party Services shall be solely between Customer and the applicable third-party provider. Customer irrevocably waives any claim against BOOXI with respect to such Third-Party Services. BOOXI is not liable for any damage or loss caused or alleged to be caused by or in connection with Customer’s enablement, access or use of any such Third-Party Services, or Customer’s reliance on the privacy practices, data security processes or other policies of such Third-Party Services. We encourage you to review their terms and conditions, as well as their privacy practices, before using such Third-Party Services. «Third-Party Services» means third-party products, applications, services, software, products, networks, systems, directories, websites, databases and information which one or more Products link to, or which Customer may connect to or enable in conjunction with one or more Products.
BOOXI may perform scheduled or unscheduled repairs or maintenance, or remotely patch or upgrade the Product, which may temporarily degrade the quality of the services or result in a partial or complete outage of the Product. BOOXI will endeavor to carry out such repairs or maintenance during times that will cause the least disruptions to Customer’s business. Customer shall cooperate, if necessary, to perform maintenance or repair work.
In the event of a material breach of this Agreement by either party, the non-breaching party may terminate this Agreement by giving the breaching party written notice specifying the nature of the breach in reasonable detail and the non-breaching party’s intention to terminate (a «Termination Notice»). If the breach has not been cured within the period ending thirty (30) days following delivery of the Termination Notice, then this Agreement shall automatically terminate. Notwithstanding the foregoing, if Customer is in breach of any material provisions of this Agreement, including the license restrictions of Section 3, the payment terms of Section 5, or the confidentiality restrictions of Section 6, then BOOXI may immediately suspend or terminate Customer’s use of the Products. Any such suspension shall not relieve Customer of any of its obligations under this Agreement or entitle Customer to any refund of payments previously made. If the Agreement is breached as a result of a fault by Customer, all fees due for the Initial Term shall be due immediately and payable by Customer upon receipt of an invoice. If the Agreement is breached as a result of a fault by BOOXI, BOOXI shall reimburse any fees paid in advance and in proportion of the time remaining in the Subscription after the termination date.
Customer hereby waives the application of articles 2125 and 2129 of the Civil Code of Quebec.
BOOXI may suspend Customer’s access to the Products immediately if BOOXI, in its sole reasonable discretion, believes: (i) such suspension is required by law; (ii) Customer has breached this Agreement and has not remedied such breach within 15 days of receiving notice of the alleged breach from BOOXI; or (iii) there is a security or privacy risk. Any suspension of Customer’s access to the Products will not limit or waive BOOXI’s rights to terminate this Agreement or Customer’s access to the Products.
Upon termination of this Agreement, Customer shall discontinue its use of the Product(s). Notwithstanding the foregoing, termination of this Agreement by BOOXI shall not limit Customer’s obligation to pay all of the applicable fees, nor restrict BOOXI from pursuing any other remedies available to it, including injunctive relief. Sections 3, 5, 6, 7, 9-14, and 16-20 shall survive termination of this Agreement, along with any other provisions that are intended by their terms to survive.
Customer understands and agrees that BOOXI has no control over the content of the data, including personal information that is collected, used or disclosed by BOOXI on Customer’s behalf. Customer is responsible for the content quality, validity, legality and for taking its own steps to maintain appropriate security, confidentiality, protection and back-up of its data and software, including the use of appropriate back-up and archiving. Customer remains responsible for properly providing notices regarding its data practices to its clients. Customer understands and agrees that BOOXI is not responsible for any loss or corruption of Customer data or other software. Customer agrees that following termination of Customer’s account and/or use of the Product, BOOXI may immediately deactivate Customer’s account and delete Customer data. Customer further agrees that BOOXI shall not be liable to Customer nor to any third party for any termination of Customer access to the Product or deletion of Customer data. It is Customer’s responsibility to retrieve any such Customer data before the end of the Term.
BOOXI (INCLUDING AFFILIATES, DIRECTORS, EMPLOYEES, AGENTS AND SUPPLIERS) AGGREGATE LIABILITY UNDER THIS AGREEMENT SHALL BE LIMITED TO THE FEES PAID BY CUSTOMER DURING THE THREE (3) MONTH PERIOD IMMEDIATELY PRECEDING THE DATE THE CLAIM GIVING RISE TO SUCH LIABILITY WAS FIRST ASSERTED. EXCEPT WITH RESPECT TO (i) ANY WILLFUL OR DELIBERATE INFRINGEMENT OR MISAPPROPRIATION BY CUSTOMER OF ANY OF BOOXI’S, ITS AFFILIIATES’ OR SUPPLIERS’ INTELLECTUAL PROPERTY RIGHTS; (ii) A BREACH OF APPLICABLE LAWS BY CUSTOMER AND (iii) CUSTOMER’S INDEMNIFICATION OBLIGATIONS UNDER THIS AGREEMENT, AND TO THE MAXIMUM EXTENT PERMITTED BY LAW, NEITHER PARTY SHALL BE LIABLE FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, RELIANCE OR PUNITIVE DAMAGES OR LOST OR IMPUTED PROFITS OR ROYALTIES, LOST DATA OR COST OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, WHETHER FOR BREACH OF CONTRACT, WARRANTY, TORT, STATUTORY REMEDY OR ANY OBLIGATION ARISING THEREFROM OR OTHERWISE AND IRRESPECTIVE OF WHETHER EITHER PARTY HAS ADVISED OR BEEN ADVISED OF THE POSSIBILITY OF ANY SUCH LOSS OR DAMAGE. CUSTOMER HEREBY WAIVES ANY CLAIM THAT THESE EXCLUSIONS DEPRIVE IT OF AN ADEQUATE REMEDY. THE PARTIES ACKNOWLEDGE THAT THE PROVISIONS OF THIS SECTION FAIRLY ALLOCATE THE RISKS UNDER THIS AGREEMENT AS BETWEEN THEM. THE PARTIES ACKNOWLEDGE THAT THE LIMITATIONS SET FORTH IN THIS SECTION ARE INTEGRAL TO THE AMOUNT OF FEES CHARGED IN CONNECTION WITH MAKING THE PRODUCTS AVAILABLE TO CUSTOMER AND THAT, WERE BOOXI TO ASSUME FURTHER LIABILITY OTHER THAN AS SET FOR HEREIN, SUCH FEES WOULD OF NECESSITY BE SET SIGNIFICANTLY HIGHER.
CUSTOMER ACKNOWLEDGES THAT (i) BOOXI CANNOT GUARANTEE THE RESULTS GENERATED THROUGH THE PRODUCTS, OR THAT THE PRODUCTS WILL BE CONTINUOUSLY AVAILABLE FOR USE WITHOUT INTERRUPTION, AND (ii) THE PRODUCTS ARE PROVIDED «AS-IS», ON AN «AS AVAILABLE» BASIS WITHOUT ANY REPRESENTATION, WARRANTY OR CONDITION OF ANY KIND, AND BOOXI HEREBY DISCLAIMS ALL CONDITIONS, REPRESENTATIONS AND ALL WARRANTIES WHETHER EXPRESS OR IMPLIED, ARISING BY LAW OR OTHERWISE WITH RESPECT TO THE PRODUCTS, INCLUDING, BUT NOT LIMITED TO, ANY (a) IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, (b) IMPLIED WARRANTY ARISING FROM COURSE OF PERFORMANCE, COURSE OF DEALING, OR USAGE OF TRADE, (c) WARRANTY OF TITLE OR NON-INFRINGEMENT; OR (d) STATUTORY REMEDY.
Except in the context of a merger and acquisition or a sale of part or all of its assets, or in the case of a bona fide corporate reorganization, Customer may not assign any of its obligations under this Agreement without BOOXI’s prior written consent, which shall not be unreasonably withheld. BOOXI may, without Customer’s prior consent, assign its rights and obligations under this Agreement. Subject to the foregoing, the provisions of this Agreement shall be binding on and inure to the benefit not only of the parties hereto but also to their successors and assigns. BOOXI shall be free to perform all or any part of this Agreement through one or more subcontractors.
This Agreement shall be governed by and interpreted in accordance with the laws of the Province of Quebec, Canada. In the event of any controversy or claim arising out of or relating to this Agreement, or the breach or interpretation thereof, the parties agree to submit to the exclusive jurisdiction of and venue in the courts of the Province of Quebec, in the judicial district of Montreal. Each party hereby waives all defenses of lack of personal jurisdiction and forum non conveniens in connection with any action brought in the foregoing courts.
If one or more of the provisions of this Agreement is held to be invalid, illegal or unenforceable in any respect by a court of competent jurisdiction, then the validity, legality and enforceability of the remaining provisions of this Agreement shall be unaffected. Neither party shall be deemed in default or otherwise liable for any delay in or failure of its performance under this Agreement (other than payment obligations) by reason of any act of God, fire, natural disaster, accident, act of government, shortage of materials or supplies, failure of transportation or communication or of suppliers of goods or services, epidemic, pandemic (including any additional consequences or situations arising from the outbreak of coronavirus COVID-19) or other natural disaster, strike or other labor disputes, acts of war, acts of civil disobedience, denial-of-services and distributed-denial-of-services, ransomware and other cyber-attacks that are not caused or facilitated by negligence, or any other cause to the extent it is beyond the reasonable control of such party. This Agreement constitutes the entire agreement and understanding between the parties with respect to the subject matter hereof and supersedes all prior or contemporaneous written, electronic or oral communications, representations, agreements or understandings between the parties with respect thereto. BOOXI may amend this Agreement at any time upon reasonable prior notice. Upon receiving the notice, Customer shall have ten (10) days to object to the change.
The parties are independent contractors. Neither party shall be deemed to be an employee, agent, partner or legal representative of the other for any purpose, and neither shall have any right, power or authority to create any obligation or responsibility on behalf of the other. BOOXI may provide any and all notices, statements and other communications to Customer through either e-mail, posting on its Site, or by mail or express delivery service. The Parties acknowledge that they have required these Terms of Services and all related documents to be prepared in English only.
Latest update: November 17th, 2020
Welcome to Booxi! At Booxi, we understand that your personal data is important to you. In this Privacy Policy we want to explain to you what we do with the personal data that Booxi Inc (hereafter referred to as Booxi, or we or us or our) processes. As a participant of the Digital Advertising Alliance («DAA»), we adhere to DAA’s interest-based advertising principles by providing you with an enhanced notice, transparency and control of our digital marketing practices as stated at http://www.aboutads.info/principles. In addition, this Privacy Policy covers the use of your personal data for interest-based advertising («IBA»). For more information about this topic, refer to the specific section further down. If you have any questions or suggestions regarding our Privacy Policy, please do not hesitate to contact us. You can email us at privacy@booxi.com or send a letter to the following address: Booxi Inc.3662 rue Saint-HubertMontreal (Quebec)H2L 4A2, Canada However, if your request is about how a Subscriber processes personal data, we recommend that you reach out to this Subscriber directly.
This Privacy Policy applies when you visit booxi.com (the «Website») or when you subscribe to, use or access the software services that we offer either through a paid subscription or a trial (the «Software Services», together, the «Services»).Subscribers means any person who is subscribed to the software services that we offer the Software Services to either through a paid subscription or a trial. Users means the individuals who are using or accessing the Software Services, such as to make an appointment. Under European data protection laws, when we deliver the Software Services, we are a ‘data processor’, which means that we only process your personal data on behalf of another entity. We are a data controller when we process the personal data of Website visitors (the «Visitors»), or for other marketing purposes.
If you click through to links to third parties’ websites, applications, or services from our Services, this Privacy Policy does not apply to the processing of personal data by such external services. We recommend reading these third parties’ privacy policies. Our Subscribers are responsible for implementing their own privacy policy which describes in further detail how they process your personal data. We do not have full control on how our Subscribers process personal data, please refer to their respective privacy policy for further information.
When we use the term «Personal Data», we mean any information that relates to an identified or identifiable natural person. This includes the obvious data such as a name, home address, email address, phone number and birth date. A «cookie» is a file that a website puts on a computer’s hard disk so that the website can remember something about individuals at a later time. In this Privacy Policy, when we refer to «cookies», we also include other technologies with similar purposes such as pixels, tags and beacons. For more information on cookies, you can refer to websites such as http://www.cookiecentral.com/ and https://www.allaboutcookies.org/. This Privacy Policy is for transparency purposes and some of the data that we identify in this Privacy Policy as personal data may not be protected as personal data under applicable laws. For instance, business contact information is often excluded, and individuals may not have the same rights over such data under the law.
Our Services are not directed to children under the age of 13, and we do not knowingly process any personal data about children under the age of 13. If you are aware that the personal data of children under the age of 13 years old has been processed as part of our Services, you may reach out to us and we will proceed with the deletion of such personal data without undue delay.
We process your personal data to offer our Software Services, such as to allow Users to make appointments, add notes, and use the functionalities available to them. We also collect personal data from Subscribers’ personnel, such as when they create an account. The Software Services contain several functionalities requiring the processing of personal data, such as to process payments. We process such personal data in accordance with the instructions of our Subscribers, who are also responsible for determining which lawful basis allows them to process your personal data and, if applicable, to obtain your consent.
As part of our Services, we use various technologies such as «session» and «persistent» cookies (small data files that we transfer to your computer), web beacons (tiny image files on web pages that communicate information about the page viewer to the beacon owner), log data, and third-party analytics services to collect and analyze information about Visitors or Subscribers. Web beacons, tags and scripts may be used on our Services, in e-mails or other electronic communications we send to you. These technologies help us in understanding how our Websites and Services are used, what other websites our Visitors have visited and when an email is being opened and acted upon.
Our servers automatically record information («Log Data») created by your use of the Services. We receive Log Data when you interact with our Services, for example, when you visit our websites, sign into our Services, or interact with our email notifications. Log Data may include information such as:
We collect this for our Services to function effectively, to fix bugs, or ensure the security of our Services. For instance, we may collect the language of your browser so that we present you with the right linguistic version of the Service. We also collect this information so that we can:
We process such personal data based on your consent, except for electronic data collected automatically and used for not other purposes, such as essential cookies, in which case, we process your personal data based on our legitimate interests. Our legitimate interests include to offer the Services in a secure and functional manner, so that you can enjoy them.
If you inquire about our Services by e-mail, social media or otherwise, if you interact with us through our live chat or if you request support from us, we will process the personal data as required to respond to your inquiries, including any attachments and content you include in your communication. We process such personal data based on your consent.
When you sign up for a business account with Booxi, we collect the following information to create a business profile:
We collect this data to set up a trial or regular account for our Software Services, provide such Software Services, to manage our relationship with our Subscribers and to provide customer support.
When someone makes an appointment through Booxi, we collect:
If you interact with us on social media, we will process the personal data which you make available to us based on your consent. We also perform interest-based advertising through social media platform and these third parties provide us with audiences based on the information that they collect about your online behavior both inside and outside such platforms and including on our Website. We perform such marketing activities based on your consent.
We process your phone number, e-mail and consent for communication purposes. These communications may include marketing messages, in which case we will only communicate with you if we have obtained your consent prior for doing so. You may unsubscribe at any time from receiving marketing communications from Booxi through your account settings or through the unsubscribe mechanism in our marketing communication. If you are not sure how to proceed, you can also reach out to us. We may also use your communication data to provide you with notifications in relation to your use of the Software Services, such as through push notification or SMS. You can modify your communication preferences in your account.
We use «session» cookies to keep you logged in while you use our Services, to better understand how you interact with our Services, and to monitor aggregate usage and web traffic information on our Services. A session cookie is a cookie which is only installed for the duration of your browsing session.
We use «persistent» cookies to recognize you each time you return to our Website or Services. For example, we create a persistent cookie that includes some basic information about you, like your most recent search. We use this persistent cookie to remember your preferences and, if you create an account, to make your user experience consistent after you register. A persistent cookie is installed longer than your browsing session and is required for interest-based advertising and other type of behavioral analysis. They are never installed for more than 2 years.
Essential cookies are necessary to operate the core functions of our Services. These include login cookies, session ID cookies, language cookies as well as security cookies.
Functional cookies are used to provide you with some functionalities, such as live chatting, and to remember preferences, consents and configurations.
Analytic cookies are used to generate aggregated statistical data about traffic and behaviour of Visitors and Subscribers when using our Services. Booxi uses Google Analytics to view key metrics such as how many visitors view the website, peak hours of traffic, and response to specific marketing campaigns or press. Google Analytics is Google’s analytical tool that helps us to understand how users engage with our Services.
Marketing cookies are used to deliver advertising more relevant to you and your interests. Without marketing cookies, you would still receive advertising, but advertisements would not be tailored to you. They are also used to limit the number of times you see an ad. We do not have any marketing cookies in our Software Services.
We conduct interest-based advertising, also referred to as targeted advertising or behavioural advertising. However, we never conduct this in our Software Services, we only conduct on our Website. Retargeting means that the ads that you are being served are personalized based on your behaviour when browsing online. This is enabled through cookies and requires the processing of electronic data that is considered personal information under certain laws. For instance, we use Facebook and LinkedIn cookies to conduct IBA. This means that Facebook and LinkedIn cookies use the information to show you relevant ads and to improve the advertising that you see.
You can manage your cookie preferences through your browser using the instructions provided below by clicking on the browser that you are using. However, by blocking some cookies that enable the functions of the Services, parts of the Services may not be available.
You can also use WebChoices which is a browser-based tool for opting out of interest-based advertising. AdChoices provides additional solutions and explanations to control block and control cookies, as well as plug-ins to retain opt-out cookie preferences, even if you delete your cookies. You can install the Google Analytics opt-out browser add-on, which prevents the Google Analytics JavaScript (ga.js, analytics.js and dc.js) from sharing information with Google Analytics about visits activity. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy.
We may engage third-party service providers to work with us to administer, provide and improve the Services, and these third-party service providers have access to Subscribers’ Personal Data only to perform these services for us.
We use service providers so that we can send you messages via SMS or to enable our chat function on our website, such as :
We also use IT service providers to offer you the Services, such as to host the Services.
We use third-party service providers to monitor and analyze the use of our Services. For example, we use Google Analytics. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Services. This data is shared with other Google services. Analytics and performance data is usually aggregated, and often it is not possible to identify you from the data. You can find Google’s privacy policy here.
We may use third-party service providers to market our Services. For example, we use Facebook for advertising. You can find Facebook’s cookie policy here. Some of these third-party service providers may be located outside the EEA. If this is the case, we will provide for an adequate level of protection regarding your Personal Data. Otherwise, we will only share your Personal Data at your direction and according to this Privacy Policy.
Some parts of our Services allow Subscribers to submit and view UGC. UGC includes posting a question, an answer or a blog post. When you post UGC, other Subscribers will be able to see certain information about you, such as your username or handle. You should be aware that any Personal Data you submit in UGC can be read, collected, distributed or used by other Subscribers and could be used by third parties to send you unsolicited messages. We are not responsible for the Personal Data you choose to include in the UGC you provide through the Services.
We may release Personal Data when we believe that doing so is appropriate to comply with applicable laws, regulations or legal requests; to enforce or apply our policies and guidelines; to initiate, render, bill, and collect amounts owed to us; to protect our rights or property; to protect the safety of our Subscribers and Users; to address fraud, security or technical issues; to prevent or stop activity that we consider to be illegal or unethical; or if we reasonably believe that an emergency involving immediate danger of death or serious physical injury to any person requires disclosure of communications or justifies disclosure of records without delay. We may also be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Information about our Subscribers is a business asset of Booxi. Consequently, information about our Subscribers, including Personal Data, may be disclosed as part of any merger or acquisition involving Booxi, the creation of a separate business to provide some or all the Services, the sale or pledge of Booxi’s assets, as well as in the event of an insolvency, bankruptcy or receivership.
The law provides rights concerning personal data. However, these rights may change depending on where you’re located in the world. These rights generally include the right to access and correct your Personal Data, as well as the right to withdraw your consent. Individuals in the European Economic Area have the following rights regarding their personal data:
You have the right to access your Personal Data at any time and to receive a copy of the personal data undergoing processing. You can require us to rectify your Personal Data modified if it is not correct. You can also ask us to receive your data in a commonly used electronic form.
If we are processing your Personal Data on the basis of a legitimate interest, you may object to the processing activity. Upon receipt of an objection, we will cease the processing activity unless we can demonstrate a legitimate ground which overrides your interests, or that the processing is necessary for the establishment, exercise or defense of legal claims.
If there is no longer a reason for us to process your Personal Data or if we don’t have a legal ground for processing your Personal Data, you can request that we delete your Personal Data. We will take steps to delete your information as soon as is practicable, but some information may remain in archived/backup copies for our records or as otherwise required by law. You can also require us to restrict the processing of your data if such processing is unlawful or if there is a dispute about the accuracy of the data.
The right to data portability gives you the right to receive personal data you have provided to a controller in a structured, commonly used and machine readable format. It also gives you the right to request that a controller transmits this data directly to another controller.
The GDPR has provisions on automated individual decision-making (making a decision solely by automated means without any human involvement) and profiling (automated processing of personal data to evaluate certain things about an individual). Profiling can be part of an automated decision-making process. This gives you the right not to be subject to a decision that is made by a purely automated system, including if it involves profiling, in certain circumstances.
If you wish to invoke any of your rights in relation to your Personal Data, please send us a written notice in this regard at privacy@booxi.com or by mail to : Booxi Inc.3662 rue Saint-HubertMontreal (Quebec)H2L 4A2, Canada We will try to help you with your request free of charge. However, we may request that you pay a reasonable fee if you request a transcript, or a reproduction or for us to send a copy of your Personal Data, if the law allows us to do so. If we need to charge a fee to process your application, we will contact you before addressing your request. For security reasons and to avoid any fraudulent request, we may be required to ask that you provide a proof of identity with your request. We will not use such personal data for any other purposes. We will respond to your request within thirty (30) days, unless agreed otherwise. If your request is denied, we will notify you in writing, and provide you with detailed motives and information on how to contest our decision. If you are in Canada, you can contact the Office of the Privacy Commissioner (OPC).
The OPC drafted this FAQ to help you access your Personal Data when it is held by a business.
You can also contact the Office of the Privacy Commissioner of Canada’s Information Center:
Telephone:
Toll-free: 1-800-282-1376 (9:00 am to 4:00 pm EST)
Mailing address:
Office of the Privacy Commissioner30 Victoria Street
Gatineau (Québec) K1A 1H3, Canada
If you are in the European Union and you want to learn more about your rights, you can consult this guide published by the Information Commissioner’s Office of the United Kingdom. If you’re not satisfied with how we process your request, you can communicate with your local data protection authorities or privacy commissioners, and lodge a complaint. We will provide you with explanations on how to do so in our response to your request based on your location. To launch a complaint with the OPC, you can fill out this form. You can consult a list of data protection authorities here.
We use Google Cloud Platform to store your personal data, which uses secure-by-design infrastructure and built-in protection, and regularly undergoes independent verification of their security, privacy and compliance controls, and is certified ISO/IEC 27001 and is PCI DSS compliant. Please be aware, however, that no method of transmitting information over the Internet or of storing information is completely secure. It’s your responsibility to keep your credentials secure and ensure that you’re connected on a safe network.
Your Personal Data may be stored on servers located in a country other than where you reside. We use Google Cloud Provider to host personal data in the United States. Customers who use the enterprise version of the Software Services can choose to have their data hosted in the United States or Belgium. However, our service providers may process your Personal Data internationally, including in the United States, depending on where they are located. Personal data is always subject to the local laws of the jurisdictions within which it is collected, used, disclosed and/or stored, and may be accessed by governmental authorities and law enforcement agencies in those jurisdictions. When the personal data is from an individual in the EU or EEA, there are specific rules in the GDPR about sending that personal data outside the EU/EEA. We will provide for an adequate level of protection of this data such as through the use of standard contractual clauses with our service providers and sending personal data to countries that have been approved to receive personal data from the EU/EEA.
When we have no further need to process your personal data in line with the purpose for which we collected it, we will delete it unless we are legally required to keep it longer. If deletion is not possible, we will anonymize personal data in a way that cannot be reversed. If anonymizing is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.
Latest update: November 17th, 2020
This Data Processing Addendum (the «DPA») is a legal agreement between Booxi, Inc. («Booxi») and the individual or legal entity using or accessing the Product (as defined in the Service Agreement) whether in connection with a paid subscription or a free trial (the «Customer»). This DPA is applicable when Booxi acts as a Data Processor on behalf of the Customer pursuant to the GDPR. This DPA applies to Personal Data and is deemed attached and part of the Service Agreement available at https://www.booxi.com/privacy-legal (the «Service Agreement»). In the event of a conflict between the Service Agreement and this DPA, this DPA shall prevail. The capitalized terms used in this DPA but not defined herein shall have the same meaning as defined in the Service Agreement.
«Agreement»: The Service Agreement and the DPA, along with any amendments, exhibits, addendums and order forms.
«Applicable Laws»: In the context of this DPA, «Applicable Laws» refers to the laws applicable in the European Union or a Member State to which the Data Processor is subject.
«Data Controller»: Refers to the party who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. As between the parties, Customer is the Data Controller.
«Data Processor»: A person or entity who processes personal data on behalf of the Data Controller on the basis of a formal, written contract, but who is not an employee of the Data Controller. As between the parties, Booxi is the Data Processor.
«Data Subject»: An identified or identifiable natural person whose Personal Data is being processed by the Data Processor on behalf of the Data Controller.
«Personal Data»: Any information relating to an identified or identifiable natural person (a Data Subject), an identifiable natural person is one who can be identified, directly or indirectly, in particular, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person, which are subject to the GDPR and are processed by the Data Processor on behalf of the Data Controller.
«Personal Data Breach»: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed by Data Processor on behalf of Data Controller.
«GDPR»: Refers to the EU General Data Protection Regulation – the «GDPR», as well as any other applicable legislation, regulation, recommendation or opinion replacing, adding to or amending, extending, reconstituting or consolidating the GDPR.
2.1. The parties agree that Customer is the Data Controller and Booxi is the Data Processor of the Personal Data. Notwithstanding the foregoing, it is agreed upon and understood between the parties that each party is responsible for complying with its respective obligations as Data Controller and Data Processor under GDPR.
3.1. The Data Processor will process Personal Data in accordance with the Data Controller’s documented instructions, including the Service Agreement, unless the Data Processor is required to do so by Applicable Laws. In such a case, the Data Processor shall inform the Data Controller of that legal requirement before processing, unless such Applicable Laws prohibits such information on important grounds of public interest.
3.2. The subject-matter and purpose of the processing is to provide Data Controller with the Products described in the Service Agreement and associated documentation, including, without limitation, the provision of smart booking solutions in accordance with Booxi’s Privacy Policy, such as online appointment booking, online and store payment, confirmation and reminders, rental management and customer relationship management, along with any integrations requested by Customer as part of the documented processing instructions. The nature of the processing is a software-as-a-service along with text messages and e-mail reminders.
4.1. The Data Processor shall ensure that access to Personal Data is on a need-to-know basis and that the persons authorised to process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
4.2. Taking into account the state of the art, the costs of implement and the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for the rights and freedoms of Data Subjects, the Data Processor shall implement appropriate technical and organizational measures in accordance with Article 32 GDPR.
4.3. The Data Controller hereby consent to the Data Processor engaging third-party subprocessors as necessary to provide the Product, and in accordance with this Agreement. The Data Processor shall inform the Data Controller of any intended changes concerning the addition or replacement of such subprocessors before doing so, thereby giving the Data Controller the opportunity to object to such changes.
4.4. Prior for engaging a subprocessor for carrying out specific processing activities on behalf of the Data Controller, the Data Processor shall enter into an agreement setting out requirements for the processing of Personal Data substantially in accordance with this DPA and as set forth in the GDPR.
4.5. The Data Processor shall deploy commercially reasonable efforts to ensure that subprocessors provide sufficient guarantees to implement appropriate technical and organisational measures in such a manner that the processing will meet the requirements of the GDPR. Notwithstanding anything to the contrary, if the Data Processor fails to fulfill such obligations, the Data Processor shall remain fully liable to the Data Controller for the performance of that other subprocessor’s obligations.
4.6. Taking into account the nature of the processing, the Data Processor shall assist the Data Controller by appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Data Controller’s obligation to respond to request for exercising Data Subjects’ rights under the GDPR.
4.7. The Data Processor shall assist the Data Controller in ensuring compliance with the obligations pursuant to Art. 32 to 36 GDPR, taking into account the nature of processing and the information available to the Data Processor. Without limiting the generality of the foregoing, the Data Processor shall notify the Data Controller of a Personal Data Breach without undue delay and no later than within seventy-two (72) hours of its discovery.
4.8. Upon the termination of the Subscription or expiration of the Subscription for any reasons, the Data Processor shall delete or return the Personal Data to the Data Controller, and delete existing copies without undue delays, except if such copies much be retained in accordance with Applicable Laws. 4.9. It is agreed and understood that the Personal Data will be processed by the Data Processor in Canada, and that an adequacy status is applicable to the processing of such Personal Data. If the Data Processor transfers the Personal Data in other jurisdictions than those within the European Union, the Data Processor shall ensure that adequate safeguards are implemented in accordance with the GDPR, such as standard contractual clauses.
4.10.The Data Processor shall make available to the Data Controller the information reasonable required to demonstrate compliance with the obligations laid down in this DPA and allow for and contribute to audits, including inspections, conducted by the Data Controller or another auditor mandated by the Data Controller. Subject to compelling reasons requiring otherwise, such audit rights may only be exercised once annually, during Booxi’s business hours and shall be designed such as to minimize any operational impacts on Booxi. Any auditor shall be subject to a non-disclosure agreement. It is agreed upon between the parties that this right is subject to the right of Booxi to protect confidential information and to litigation privilege or attorney-client privilege.