Last updated: 18 June 2020


Welcome to Belvo!

The Belvo Terms of Service is an agreement between Belvo Technologies, Inc. (“Belvo”, “we”, “us”, “our”) and an application (“the Client”, “Client”, “you”) that wishes to use Belvo’s services. The Terms of Service listed below are the fundamental provisions that will govern a legal relationship between Belvo and a Client, not all the legal provisions. Should you wish to enter into an agreement with us, please email us at legal@belvo.co, and we shall send through the full agreement including schedules and fees.

Content

Section 1: About Belvo Technologies, Inc.
Section 2: Definitions
Section 3: Scope of the Agreement
Section 4: Services
Section 5: Fees
Section 6: Intellectual Property Rights
Section 7: Clients’ Obligations
Section 8: Guarantees and Liability
Section 9: Reports and Audit
Section 10: Personal Data Protection
Section 11: Term and Termination
Section 12: Confidentiality
Section 13: Notices
Section 14: Entire Agreement, Modification, No Waiver
Section 15: Severability
Section 16: Force Majeure
Section 17: Governing Law and Jurisdiction
Annex I: Services Provided by Belvo
Annex II: Data Processing Agreement

Other relevant policies to be read alongside these Terms of Service:

Section 1: About Belvo Technologies, Inc.

Who we are

Belvo Technologies, Inc. is a company duly incorporated and validly existing under the laws of Delaware, domiciled at 3500 South Dupont Highway, Dover, County of Kent, DE, 19901, USA (“Belvo”, “Company”, “we”, “us, “our”);

What Services we provide

Belvo is a technology company whose main activity is the development and maintenance of a software platform (the “Platform”) and tool designed to connect consumers, financial institutions and developers (the “Tool”), and to provide such technology to partners (such as the Client) in order for them to offer end-users a wide range of financial services and tailored solutions in this field, on an on-demand basis (the “End-Users”). The Client wishes to make the Tool accessible to End-Users through the Client Website or Application in order to extract, systematize and access its End-Users’ financial data. The Agreement (the “Agreement” or the “Services Agreement”) shall govern Belvo’s provision to the Client of an application programming interface (the “API”) from which the Tool can be integrated into, and accessed by End-Users via, the Client Website or Application.

Section 2: Definitions

Definitions in this Agreement shall have the following meanings:

“Account Information” means, in relation to an End-User, information on one or more Bank, Financial or Payment Accounts held by that End-User with a Bank, Financial or Payment Service Provider or with more than one Bank, Financial or Payment Service Provider, including (but not limited to) such information set out in Annex I.

“Agreement” means this Services Agreement as well as each of its annexes.

“API” means the application programming interface provided by Belvo for purposes of enabling the Tool to be integrated into, and accessed by, End-Users via the Client’s Website or application.

“Confidential Information” shall mean all scientific, technical, technological, regulatory, marketing, financial, legal, and commercial information or data, as well as trade secrets, whether communicated in written, oral, graphic, electronic or visual form, that is provided by one Party to the other Party under this Agreement. By way of example only, Confidential Information of Belvo includes Belvo’s Intellectual Property Rights and any invention disclosed by Belvo to the Client, and Confidential Information of the Client includes any information to which Belvo or the auditor appointed by Belvo may have access under clause 8.

“End-User” means the Client’s end-users.

“Documentation” means the API integration user guides and SDKs, as amended by Belvo from time to time.

“Intellectual Property Rights” shall mean all industrial and/or intellectual property rights of any kind existing in the world whether or not registered, such as copyrights, Trademarks, service marks, trade secrets, trade names, software, domain names, moral rights, database rights, design rights, patents and other rights in goodwill, rights in know-how, trade secrets and other confidential information as well as other proprietary right that is recognized under the Laws and shall include all re-examinations, reissues, extensions and any other post-issuance counterparts to any of the foregoing, and applications or registrations for any of the foregoing, including provisionals, new versions, developments, divisionals, substitutions and continuations (in whole or part).

“Platform” includes any data, images, text, and content, including but not limited to any Software, application program interfaces, tools or other information or materials provided, made available and/or integrated into the Client’s software by Belvo and accessible by the Client through Belvo’s website/app, API or SDK and by means of which the Services are rendered.

“Provider” shall mean the Party that discloses Confidential Information to the other Party under this Agreement.

“Recipient” shall mean the Party that receives Confidential Information from the other Party under this Agreement.

“SDK” shall mean Belvo’s software development kit that allows for the creation of applications for a certain software package, software framework, hardware platform, computer system, operating system, or similar development platform.

“Services” means the services to be rendered by Belvo, according to the terms set forth in this Agreement, as further described in Annex I.

“Software” means all software which is included in the Platform and used in order to provide the Services, including any present or future enhancements and extension thereof.

“Tool” means the tool provided by Belvo that allows End-Users to access and share Account Information with the Client.

“Trademark” shall mean any word, name, symbol, color, designation or device or any combination thereof that functions as a source identifier, including any trademark, trade dress, service mark, trade name, logo, design mark or domain name, whether or not registered.

Section 3: Scope Of The Agreement

  • This Agreement sets forth the terms and conditions that shall govern the use of the Platform and the Services supplied by Belvo to the Client.
  • Any rights on the Belvo’s Intellectual Property Rights not expressly granted herein are reserved to Belvo and expressly excluded from the scope of the Agreement.
  • Nothing in this Agreement shall be deemed to grant to the Client any right to use the Trademark “Belvo”, its corporate logo, or any other Trademark owned by Belvo.

Section 4: Services

  • Subject to the terms and conditions of this Agreement, Belvo shall provide the Client with the services listed below and further defined in Annex I of this Agreement:
    • Make the Platform available to the Client through an integration process to be carried out by the Client with Belvo’s support
    • Connection through the Platform to extract, systematize and access to the End-Users’ bank and financial data
    • Maintenance of the technology that allows Client to access the Platform and its updates, modifications, new features, new functionalities, upgrades or new versions implemented by Belvo from time to time.
  • The Client acknowledges that the rendering of the Services by the Company is subject to the Client’s information and collaboration (in particular during the integration of the Platform), and, on that basis, undertakes to provide Belvo with such information and to facilitate further collaboration deemed essential in order to render the Services, in accordance with this Agreement.
  • Belvo shall make the Documentation available to the Client. The Client shall comply with the Documentation in connection with the integration and use of the API. The Client shall keep all user IDs, passwords and other access codes pertaining to the Belvo API confidential and secure from all unauthorised persons, according to the provisions set out in this Agreement.

Section 5: Fees

  • The fees payable by the Client for the Services rendered by Belvo shall be calculated on a monthly basis in accordance with the service plan contracted by the Client.
  • As compensation for the rendering of the Services, Belvo shall issue a monthly invoice detailing the services provided to the Client within that month, which shall be payable through the credit or debit card registered or provided by the Client. The invoices may be issued by Belvo in electronic format and may be sent by email to the Client or made available through the Platform or through Belvo’s website.
  • Alternatively, in the event that Belvo and the Client so agree, payments may be made by means of a transfer to the Company’s bank account within the first five (5) days of each month.
  • The total amount of monthly fees is VAT excluded. VAT shall be payable by the Client at the applicable rate, given the case, as indicated in the invoice provided by Belvo on a monthly basis.
  • Belvo shall have the right to suspend the performance of all or part of its obligations in case the Client is in default of its payment obligations and has not cured such default within five (5) days after the notice from Belvo.

Section 6: Intellectual Property Rights

  • The Client hereby acknowledges that all Intellectual Property Rights of the Platform and other related Belvo’s Intellectual Property Rights are the proprietary information of Belvo, which has the exclusive ownership of all enhancements, alterations, modifications, fixes, patches, workarounds and other additions to them.
  • Likewise, the Client acknowledges and agrees that the brand, name and all Intellectual Property in and to the Platform is the ownership of Belvo, and that nothing in this Agreement shall be understood as to transfer, or is intended to operate or transfer, any right, title or interest in or to the Platform, except of the use of the Platform by the Client in accordance with the terms and conditions set forth in this Agreement.
  • The rights granted to the Client under this Agreement are limited to the specific provisions with the extension defined herein. Every right not expressly granted to Client in this Agreement shall be understood to be retained by Belvo.
  • The Client shall not, directly or indirectly, (i) reverse engineer, decompile, disassemble or otherwise attempt to discover the source code or underlying ideas or algorithms of any relevant element of the Platform; (ii) modify, translate, or create derivative works based on the Software; (iii) rent, lease, distribute, sell, resell, assign, or otherwise transfer rights to use the relevant elements of the Platform; (iv) use the Platform for purposes not related to the rendering of the services to End-Users; (v) remove or alter any proprietary notices from the Platform or otherwise any reference to the Belvo brand or name and shall not otherwise rebrand or re-badge any relevant element of the Platform without Belvo’s prior written consent and on payment of such additional charges as Belvo may determine; (vi) publish or disclose to third parties any evaluation of the Platform without Belvo’s prior written consent; or (vii) create any link to Belvo’s website, the Platform or frame or mirror any content contained on, or accessible from, the Platform, or (viii) otherwise replicate or seek to replicate the functionality or look and feel of the Platform.

Section 7: Client’s Obligations

Further to other undertakings set forth in this Services Agreement, the Client hereby agrees to undertake the following obligations:

  1. The Client is responsible for obtaining and maintaining all computer hardware, software and communications equipment needed to access Belvo’s website and the Platform;
  2. The Client shall be solely responsible for its actions and the actions of its End-Users while using the Platform and the contents of Belvo’s website, and otherwise for all actions carried out using its user name, password, encryption keys and other identifications elements;
  3. Not to use the Platform for illegal purposes;
  4. Not to access information, features or other tools developed by Belvo that the Client has not expressly been authorized to access;
  5. To promptly notify Belvo of any misuse of the Platform by the End-User, as well as of any current or potential security breach or unauthorized access to the Platform or to the Account Information;
  6. Not to upload, post, promote or transmit through the Platform any unlawful, harassing, libellous, abusive, threatening, harmful, vulgar, obscene, hateful, racially, ethnically or otherwise objectionable material of any kind or nature;
  7. Not to upload, promote, transmit or post any material that encourages conduct that could constitute a criminal offence or give rise to civil liability;
  8. To comply with all regulations, policies and procedures of networks connected to the Platform, in particular with the applicable regulations in Personal Data Protection; and
  9. To ensure that any End-User is aware of the terms of this Agreement.

Section 8: Guarantees And Liability

  • Except as expressly provided to the contrary in this Agreement, the Platform is warranted to the Client to the extent of and in accordance with the conditions set forth herein.
  • The Platform is provided under this Agreement on an “as is” basis, without warranty of any kind, either expressed or implied, including, without limitation, warranties that the Software is free of defects, merchantable, fit for a particular purpose, non-infringing, capable of integrating with the system of the Client, non-interference and accuracy of informational content.
  • In no event shall Belvo be liable for any consequential, indirect, exemplary, special, or incidental damages, including the loss of profit or revenue, arising from or relating to this Agreement. Belvo’s total cumulative liability in connection with this Agreement, whether in contract or tort or otherwise, shall not exceed the amount effectively received by the Client as consideration of the Services set forth in Clause 4 within the last six (6) months.
  • This disclaimer of warranty constitutes an essential part of this Agreement, and no use of the Platform is authorized hereunder except under this disclaimer.

Section 9: Reports And Audit

  • The Client shall keep complete and accurate records and accounts pertaining to the use of the Services, the calculation of the use of the Services in sufficient detail to permit Belvo to confirm the accuracy of all due fees made due hereunder for at least three (3) full calendar years following the end of the calendar year to which such records and accounts pertain. This obligation shall remain enforceable during the term of the Agreement and until the third anniversary of expiration or termination of the Agreement.
  • Belvo shall have the right, once a month, to directly audit or cause an independent accountant reasonably acceptable to the Client to audit the Client’s records and accounts maintained to confirm the payment traffic of the Services and the applicable fees for a period covering the preceding three (3) full calendar years. Such audits may be exercised during normal business hours upon reasonable prior written notice to the Client. The auditor shall disclose to Belvo only such information as is reasonably necessary to provide Belvo with information regarding any actual or potential discrepancies between amounts reported and actually paid and amounts payable under this Agreement.
  • In the event that the results of the audit reveal any underpayment by the Client shall pay the amount of such underpayment to Belvo within fifteen (15) days after receipt of the audit report. In the event that the results of the audit disclose an overpayment by the Client, then the Client shall deduct the amount of such overpayment from future payment of Royalties under this Agreement.
  • Belvo shall bear the full cost of such audit unless such audit discloses an underpayment by the Client of more than ten per cent (10%) of the amount due for any calendar year, in which case, the Client shall bear the costs of the review or audit.

Section 10: Personal Data Protection

  • When applicable the Parties undertake to comply with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 (“GDPR”) or any other data protection regulations that may modify, develop, repeal or consolidate them, including, where appropriate, the guides and codes of practice issued by supervisory authorities. Each Party agrees to process the personal data provided under this Agreement only for the purposes set forth in this Agreement and for managing the contractual relationship.
  • The legal basis for the processing is the contractual relationship between the Parties, and the compliance with legal obligations. The data will be kept until the termination of the contractual relationship and once it has terminated, it will be kept blocked for the period legally required for the compliance of any legal obligations.
  • The data may be disclosed to the Tax Agency and other government authorities for the fulfilment of legal obligations, as well as to banks and/or financial entities for the recovery and payment management.
  • The data subjects may exercise their rights of access, to rectification, erasure, restrict processing, data portability and object by writing to the addresses included in this Agreement as the address of each party. If they haven’t obtained satisfaction in the exercise of their rights, they may file a complaint with the competent data protection authority.
  • Whereas, the Parties entered into a contractual relationship with this Agreement, which involves the processing of personal data, in compliance with the provisions of article 28 GDPR, the Parties enter into a Data Processing Agreement, attached as Annex II.

Section 11: Term And Termination

  • This Agreement shall come into force in the upon its signature and shall remain in force until the same is terminated in accordance with clauses below.
  • The Agreement may be terminated at any time upon sixty (60) days written notice without cause or penalty by either the Company or the Client.
  • In case of automatic renewal, the Parties will negotiate in good faith an adjustment in the fees agreed in this Agreement for the Services to be provided by Belvo.
  • Each Party shall have the right to terminate this Agreement upon written notice to the other Party if such other Party is in material default of any of the terms, obligations, conditions and undertakings of this Agreement and has not cured such default within a term of thirty (30) days from the receipt of the notice issued by the non-defaulting Party (by certified mail, burofax or by means of a Notary Public notification) requesting the cure of such default. Any such termination shall become effective at the end of the abovementioned period provided that (i) the defaulting Party had not cured its default prior to the end of such period and (ii) the non-defaulting Party had provided a subsequent notice of termination.

Section 12: Confidentiality

  • The Parties acknowledge that each Party will have access to Confidential Information of the other Party. The Recipient shall not disseminate Confidential Information of the Provider and shall keep such information under strict confidentiality and secrecy. Notwithstanding the foregoing, the Recipient may share the Provider’s Confidential Information with those of its officers, directors, employees, consultants and other representatives that have a need to know such information for the purposes expressly authorized by this Agreement, have been advised by the Recipient of the Recipient’s confidentiality obligations under this Agreement, and are contractually or legally bound by obligations of nondisclosure and nonuse at least as stringent as those contained herein.
  • The restrictions on the dissemination and use by the Recipient of the Provider’s Confidential Information shall not apply to information of public knowledge, or that becomes of public knowledge without the violation of this Agreement, or was already known by the Recipient at the time of receiving such information from the Provider, as evidenced by its preexisting written records, disclosed to Recipient by a third party, or independently developed by Recipient. The Recipient may disclose Confidential Information if such disclosure is required pursuant to an order of judicial or administrative nature, but shall duly inform the Provider before the dissemination and reasonably give Provider any assistance required in seeking an appropriate protective order or other remedy, and shall otherwise continue to perform its obligations of confidentiality set out herein.
  • In addition, the Recipient may disclose Confidential Information if, and to the extent that, such disclosure is reasonably necessary in the following instances:
  • Enforcing the Recipient’s rights under this Agreement; or
  • Prosecuting or defending litigation as permitted by this Agreement.
  • Except as otherwise provided in this Agreement, each Party agrees not to disclose to any third party the terms or existence of this Agreement without the prior written consent of the other Party hereto.
  • The obligations assumed under this clause shall remain enforceable and binding between the Parties during the term of the Agreement and for as long as the Confidential Information remains secret and confidential.

Section 13: Notices

  • All notifications to a Party under this Services Agreement shall be processed in writing and sent to the addresses specified in the heading of the same, and shall be deemed to have been duly given when received, if personally delivered; when receipt is electronically confirmed, if transmitted by facsimile or email; the day after it is sent, if sent for next day delivery by recognised overnight delivery service; and upon receipt, if sent by certified or registered mail, return receipt requested.

Section 14: Entire Agreement, Modification, No Waiver

  • This Agreement contains the entire agreement between the parties with respect to the subject matter hereof and, unless otherwise provided herein, this Agreement can only be modified by a written document that references this Agreement and is duly signed by the persons authorized to sign agreements on behalf of Belvo and the Client. No term or provision hereof shall be deemed waived and no breach excused, unless such waiver or consent are in writing and signed by the party who claimed to have waived or consented. Any consent by any party to, or waiver of, or breach by the other, whether express or implied, shall not constitute a consent to, waiver of, or excuse for any other different or subsequent breach.

Section 15: Severability

  • If any provision or subpart of this Agreement is held to be void or unenforceable, it shall in no way effect the validity of enforceability of any other provision of this Agreement.

Section 16: Force Majeure

  • Neither Party shall be liable for its inability to perform any of the obligations assumed under this agreement provided that such inability is due to causes beyond its reasonable control such as, but not restricted to, fire, floods, strikes, labour disputes or other industrial disturbances, restrictions, the unavailability of fuel or power supply, accidents, war (declared or undeclared), an embargo, isolation, mutiny, insurrection or a change of government.

Section 17: Governing Law And Jurisdiction

  • This Agreement is governed by and construed under the laws of Delaware. The courts within of the state of Delaware shall have exclusive jurisdiction to adjudicate and resolve any dispute arising out of this Agreement. The Client and Belvo hereby expressly waive any other jurisdictions that may be deemed competent in accordance with international treatises or the applicable law.

Annex I

Services provided by Belvo

The Services provided by Belvo generally include access to End-user Account Information. This access shall be provided as further explained below:

1. Make the Platform available to the Client through an integration process to be carried out by the Client with Belvo’s support
  • Documentation and a starting guide shall be provided so that the Client can seamlessly integrate with the Platform and take the necessary steps to make it compatible with its own infrastructure
  • In addition to Documentation, Belvo shall provide SDKs and Widgets to ensure that the integration process is smooth. SDKs are to be provided in a series of programming languages and Widgets are intended to be placed inside the Client’s app or website so as to allow an easy communication between a Client’s End-User and Belvo
  • Belvo shall also provide integration examples and sandbox environment so that the Client can run a test integration with simulated data prior to doing so directly in production
2. Connection through the Platform to extract, systematize and access to the End-Users’ bank and financial data
  • Once connected to the Belvo API, the Client will be able to extract data and synchronise it on a recurring basis if it’s necessary for its particular use case
  • The Client shall make a request to the Belvo API with an End-User’s credentials set, captured via the Tool on its interface – all of which is encrypted with the highest degree of security – and Belvo shall return all relevant data in a systematic and homogeneous format, regardless of the data source that is being checked
  • This data can then be used by the Client according to its own internal requirements
3. Maintenance of the technology that allows Client to access the Platform and its updates, modifications, new features, new functionalities, upgrades or new versions implemented by Belvo from time to time.
  • Belvo shall conduct proper maintenance of the Platform and shall update and add data sources on a recurring basis
  • Enhancements will be made from time to time and the Client will be notified via and appropriate channel
  • Belvo shall use reasonable endeavours, but shall not be under an obligation, to commit to uptime of 99% for the Service, except for Permitted Down Time, and unless a reduction in service level percentage occurs as a result of a third party’s negligence or a Force Majeure event. Uptime refers to services being available online
  • Permitted Down Time shall be limited to the suspension of the Service necessary:
    • To enable us or our Agents to comply with an order or request from the Government, any competent regulatory body or other competent administrative authority; or
    • To enable us or our Agents to carry out work relating to the maintenance or upgrade of the Service

Account Information shall include, but not be limited to, the following Financial and Personal Information:

  • Personal information: name, date of birth, full address(es), email address, phone number, gender;
  • Bank account information:
    • Account type (E.g. Current, Saving, Investment, Credit Card);
    • Account name;
    • Account number (both local and international);
    • Currency;
  • Account balance information:
    • Current balance;
    • Available balance (credit cards);
    • Interest rate;
    • Payment due date (credit cards);
    • Next closing date (credit cards);
    • Minimum payment due (credit cards);
  • Transactions:
    • Time;
    • Description;
    • Amount;
    • Meta data (arbitrary data that banks associate with a transaction); and/or
  • Additional data which Belvo may collect in the future:
    • Loans data;
    • Insurance data; and/or
    • Investments data
    • Fiscal and third-party provider (E.g. Utilities) information

Annex II

Data processing Agreement

The Parties enter into the following data processing agreement (the “Data Processing Agreement”) in compliance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”) or any other data protection regulations that may modify, develop, repeal or consolidate them.

1. Scope

This Data Processing Agreement is part of the SAAS AGREEMENT (the “Main Agreement“) which govern the service provided by Belvo Technologies, Inc. (“Belvo” and/or “Data Processor”) for the Client (the “Client” and/or “Data Controller”).

For the purpose of the Data Processing Agreement, the Client and Belvo agree that the Client shall be the Data Controller of its personal data and from its own End-Users and/or end-users, and that Belvo shall be Data Processor of those data, except that (a) the Client acts in the capacity of Data Processor, then Belvo acts as sub-processor, or (b) if otherwise agreed between the Parties.

Hereafter, each party will be referred to as “Party” and jointly as the “Parties”.

2. Data Processing

2.1. Purpose of the processing

Belvo is authorized to process, on behalf of the Client, personal data to the extent that it is or becomes necessary to provide the service in accordance with the Main Agreement, and as specified in this Data Processing Agreement.

Belvo undertakes to process personal data only in order to provide to the Client the services in accordance with the Main Agreement and, for purposes compatible with the provision of such services. Belvo shall not process such personal data for any purpose other than that stipulated in this Data Processing Agreement.

Personal data will also be used for technical security and diagnostic purposes of the services, and for improving its machine learning algorithms and technology, as for statistical reasons, in an anonymized form.

2.2. Description of the data processing

The nature of the processing activities carried out by Belvo are: collection, structuring, use, access, organization, consultation, combination and interconnection.

The categories of data subjects are the Data Controller End-Users, Users and/or End-Users.

The categories of personal data types being processed are: identifying data; personal characteristics; goods and services transactions, social circumstances and/or economic and financial data.

2.3. Sharing personal data

Belvo shall not disclose or otherwise reveal any personal data covered by the Data Processing Agreement, except (1) as instructed by the Client and/or (2) as required by law, court or official authority.

When data processed under this Data Processing Agreement is transferred from a country within the European Economic Area (EEA) to a country outside the EEA, the Data Processor shall ensure that the personal data are adequately protected. To achieve this, the Data Processor shall unless agreed otherwise, rely on European Union approved standard contractual clauses for the transfer of personal data.

3. Data Controller Responsibilities

The Client, as Data Controller, undertakes to (1) ensure that the data processor complies with all the obligations set out in this Data Processing Agreement; (2) comply with its obligations as data controller according to the regulations in force.; and (3) provide to its clients, users and/or end-users the necessary information required by article 13 GDPR.

4. Data Processor Responsibilities

Belvo, as Data Processor, undertakes to:

4.1. Record of processing activities

Belvo shall keep in writing a record of all the categories of processing activities carried out on behalf of the Controller in compliance with article 30.2 GDPR, and as long as it is applicable to the processing of personal data carried out on behalf of the Client, Belvo shall make such record available to the Client on request.

4.2. Rights of data subjects

Belvo shall assist the Client in fulfilling its duty of answering requests from data subjects in the exercise of their rights of access, rectification, erasure and objection, restriction of processing and data portability. In the unlikely event that Belvo receives a request from a data subject exercising its rights, BELVO shall send it to the Client without undue delay, and in any case within five (5) working days after receipt.

4.3. Reporting personal data breaches

Belvo shall notify the Client before the maximum period of seventy-two (72) hours and through the e-mail address indicated by the Client, any know personal data breach, together with all relevant information to document and report the incident. This notification shall contain, at least, the information required by article 33.3 GDPR.

4.4. Assistance

Belvo shall immediately inform the Client if there’s a believe that any of the instructions violate the GDPR or any other applicable data protection provision.

Belvo shall make available to the Client on request all information necessary to demonstrate compliance with this Data Processing Agreement, and shall allow for and contribute to audits, including inspections, by the Client or an auditor mandated by the Client in relation to the processing of done by Belvo on behalf of the Client.

Audits shall be carried out upon notification during normal working hours and without interruption of Belvo s business activity and operations.

Belvo shall provide reasonable assistance to the Client when carrying out any Data Protection Impact Assessment (“PIA”), and in prior consultations with Supervising Authorities or other competent Data Privacy Authorities, when appropriate.

4.5. Destination of the personal data

Upon the termination of the provided service and the processing-related services, Belvo shall erase all personal data, including any media or document regarding the personal data.

Notwithstanding the foregoing, Belvo may retain the personal data duly blocked during the period in which responsibilities may arise from its relationship with the Client, in compliance with the applicable regulations in force.

5. Sub-processors

Belvo requires subcontracting third parties who will process the personal data under the responsibility of the Client. Some of these subcontracts are necessary in order to provide the service, since the functioning and operativity of Belvo systems and the provision of certain services depend on them. Specifically, the services are listed as follows:

CompanyContracted service
AmazonAmazon AWS cloud services and products

With all of them, Belvo maintains an agreement in which data protection obligations are set out, providing sufficient guarantees to implement appropriate technical and organizational measures to the processing. The Client hereby authorizes those subcontracting and sub-processors in the current terms.

Belvo shall notify the Client, previously and in writing, if there’s an intention of replacing or engaging with a new sub-processor. Belvo shall indicate the processing activities that will be subcontracted and clearly identify the company which will be sub-processor. Subcontracting may be carried out provided that the Client has not objected to it within ten (1) working days after notification.

6. Liability

The Parties undertake to indemnify, keep indemnified and hold harmless each other from and against any type of administrative sanctions imposed by the corresponding authorities and third-party loss, harm, cost (including reasonable legal fees and expenses), expense and liability that may suffer, arise or incur as a result from the other Party’s non-compliance with its obligations under data protection regulation and/or its responsibilities under this Data Processing Agreement.

If one of the Parties has to pay an amount of money by way of penalty, sanction, indemnification and damages for the non-compliance of the other Party, the Party that hasn’t complied shall pay and/o reimburse to the other Party the corresponding amounts.

7. Term And Termination

This Data Processing Agreement is valid for as long as Belvo is processing personal data on behalf of the Client under the Main Agreement and this Data Processing Agreement.