Fyma provides an information society service that enables to analyze video data uploaded by the Client. The service is offered as SaaS (Software as a Service).
In consideration of Client use of any of the paid services, Client agrees to pay the fees set forth on the applicable service description.
Fees for any new service or new service feature shall be effective upon posting by Fyma on the website for the applicable service. Fyma may increase or add new fees for any existing service or service feature or implement a fee for any previously free service or free service feature, by giving Client thirty (30) days’ advance notice. Such notice shall be posted on the website on the service description page for the affected service.
Client agrees that it is responsible for checking the website each month to confirm whether there are any new fees and their effective date(s).
All fees payable by Client are exclusive of applicable taxes and duties, including, without limitation, VAT and applicable sales tax. Client shall provide such information to Fyma as reasonably required determining whether Fyma is obligated to collect VAT from Client, including without limitation Client’s VAT identification number.
2.1 Payment. Fyma may specify the way Client shall pay any fees, and any such payment shall be subject to Fyma general accounts receivable policies from time to time in effect.
Fyma provides the Platform with the functionality and technical level made available to the Client at the time of entering into these Terms. If the Client wants additional Platform features, the development work will be performed under a separate agreement.
Fyma has the right to change the functionality of the Platform, among other things, in connection with the technical or substantive development of the service, the development of additional functions or the need to change the technical parameters. Significant changes in the functionality of the Platform will be notified to the Client in writing in a reproducible form, or the changes will be integrated into the Platform.
The intellectual property of the Platform, including software, databases, algorithms, text, and graphics, belongs to Fyma. The Client receives the right to use the Platform to the extent necessary to use the functionality of the Platform. The Client may not copy or make available to the public any software, algorithms, databases, or other works on the Platform without Fyma’s consent.
The data is systematized on the Platform. It is a database within the meaning of the Copyright Act, and the exclusive right of the maker of the database belongs to Fyma. The Client receives the right to use the database to the extent necessary to use the Platform. The right to use the data (database) generated on the Platform is valid until the database rights are exhausted. The license fee for using the database is considered to be paid with the Platform service fee.
Fyma ensures the secure storage of confidential data and personal data processed through the Platform. Fyma is not responsible for the situation when confidential information and personal data disclosed through a Client account become known to third parties due to the actions of the Client account manager (e.g., disclosure of a username and/or password to a third party).
Neither party may disclose confidential information that came to its knowledge in the course of the performance of the contract without the prior written consent of the other party. The obligation of confidentiality applies during the term of the contract and for three years after the termination of the contract.
By using Fyma Platform and accepting these Terms, the Client as a legal entity agrees to this Personal Data Processing Agreement between the Parties, hereinafter referred to as the DPA. This DPA applies to the extent where data is regarded as personal data by EU General Data Protection Regulation (EU) 2016/679 (GDPR).
For private persons, this section 5 does not apply; instead, the personal data processing is described in Fyma Privacy Notice.
Client, as a personal data controller, hereby instructs Fyma as a personal data processor to process the data as described in this DPA.
6.1. The personal data concerns any individual who is captured on the Client's uploaded video file or any vehicle that is captured on the Client's uploaded video file and is directly or indirectly relatable to an identifiable person.
6.2 Categories and Purposes of Data Processing
6.2.1. Video file for data analytics - In order to carry out the data analytics by Fyma, only certain data points are used. These data points are not fragments of the video but numerical values generated by the algorithms.
6.2.2. Vehicles for data analytics - Vehicles are not identified (registration numbers are not detected).
6.2.3. Video files (individuals and vehicles) for training and improvement of the AI tool - the service by Fyma to meet the quality requirements and high standard, the AI tool used needs data for improving the analytics outcome. During the training process, only random screenshots are stored without directly identifiable information.
6.2.4. No biometrics or other type of special categories of data is processed to provide the service or training the AI tool.
6.2.5. The analytics output - the number of objects and heatmaps, moving trajectory, and moving patterns. Based on this data, a general statistical report is provided by Fyma to the Client.
6.3 Client Obligations
6.3.1. The Client is responsible for having valid legal grounds for the video file upload to the Fyma Platform that contains individuals' personal data.
6.3.2. The Client is responsible for sufficient notifications and transparency in place for data subjects to be informed of such activity and the use of Fyma as a data analytics service provider.
6.3.3. The Client is responsible for the legality of the origin of the video file and the data quality provided by such a file.
6.4 Fyma Obligations
6.4.1. Fyma processes the Client's data only for the purpose of providing, supporting, and improving Fyma's services, using appropriate technical and organizational security measures. Fyma will not use or process the Client's data for any other purpose.
6.4.2. Fyma ensures that its employees and any sub-processors are required to comply with, acknowledge, and respect the confidentiality of the Client's data.
6.4.3. If Fyma intends to engage sub-processors to help it satisfy its obligations in accordance with this DPA or to delegate all or part of the processing activities to such sub-processors, Fyma will enter into contractual arrangements with such sub-processors binding them to provide the same level of data protection and information security as provided herein. This includes also the Standard Contractual Clauses (SCC) where necessary.
6.4.4. Fyma obtains the prior written consent of the Client to such subcontracting, such consent not to be unreasonably withheld if parties have agreed upon. The consent shall not be required for those sub-processors (service providers) listed on the Fyma's website.
6.4.5. Fyma will inform Client if Fyma becomes aware of any legally binding request for disclosure of Client's data by a law enforcement authority unless Fyma is otherwise forbidden by law to inform Client.
6.4.6. Any complaint or request (in particular, requests for access to, rectification or blocking of Client's data) received directly from data subjects of Client, Fyma will not respond to any such request without Client's prior written authorization.
6.4.7. Fyma will provide reasonable assistance to Client regarding the investigation of personal data breaches and the notification to the supervisory authority and Client's data subjects regarding such personal data breaches.
6.4.8. Fyma will provide reasonable assistance to Client where appropriate, for the preparation of data protection impact assessments and, where necessary, carrying out consultations with any supervisory authority.
6.4.9. Fyma will maintain appropriate organizational and technical security measures (including with respect to personnel, facilities, hardware and software, storage and networks, access controls, monitoring and logging, vulnerability and breach detection, incident response, encryption of Client's data to protect against unauthorized or accidental access, loss, alteration, disclosure or destruction.
6.4.10. Fyma will notify Client of any personal data breach by Fyma, its sub-processors, or any other third parties acting on Fyma's behalf without undue delay and in any event within 48 hours of becoming aware of a breach.
6.5.1. Fyma shall have no liability to the extent that a claim has arisen due to any act or omission not attributable to Fyma.
6.5.2. Fyma shall be liable for damage caused in the course of processing if it has not complied with the requirements of the applicable legislation specifically addressed to Fyma, or if it has not complied with or acted against the lawful instructions of the Client by this DPA.
6.5.3. If the processing is determined by Fyma, then Fyma shall be considered as a data controller in respect of that processing and be liable for infringements under the applicable laws.
6.5.4. Any person who has suffered material or non-material damage as a result of an infringement of this DPA shall have the right to receive compensation from the Client or Fyma for the damage suffered.
6.5.5. Client involved in processing shall be liable for the damage caused by processing which infringes this DPA. Fyma shall be liable for the damage caused by processing only where it has not complied with obligations of this DPA specifically directed to Fyma or where it has acted outside or contrary to lawful instructions of the Client.
6.5.6. Client or Fyma shall be exempt from liability if it proves that it is not in any way responsible for the event giving rise to the damage.
6.5.7. Where both Client and Fyma are responsible for any damage caused by processing, they shall be held liable for the entire damage in order to ensure effective compensation of the data subject.
6.5.8. Where a Client or Fyma has paid full compensation for the damage suffered, it shall be entitled to claim back from the other liable party involved in the same processing that part of the compensation corresponding to their part of the responsibility for the damage.
6.6 Data return and deletion
6.6.1. On the termination of the service agreement or upon Client’s reasonable request, Fyma shall, and shall cause any sub-processors to, at the choice of Client, return all the Client personal data and copies of such data to Client or securely destroy them and demonstrate to the satisfaction of Client that it has taken such measures unless data protection requirements prevent Fyma from returning or destroying all or part of the Client personal data disclosed. In such a case, Fyma agrees to preserve the confidentiality of the Client personal data retained by it and that it will only actively process such Client Personal Data after such date in order to comply with applicable laws.
6.6.2. If the Client selects freemium version, uploaded files will be deleted by Fyma automatically 30 days after file upload. No backup copies will be available for Client.
6.6.3. Fyma will not delete or return some of the screenshots that are necessary to continuously train the Fyma’s AI tool for the high standard analytical output. In such a case, the data is not directly identifiable and will be deleted after the purpose is achieved.
6.7. This DPA shall remain in effect as long as Fyma carries out personal data processing on behalf of the Client or until the termination of the service agreement and all personal data has been returned or deleted in accordance with this section.
Fyma aims to provide the best quality and security service, but Fyma cannot guarantee that the Platform will be uninterrupted, timely, or error-free at all times. Fyma shall not be liable for any technical obstacles or damages arising out of the use of the Platform, including those caused by the actions or omissions of the web hosting, internet service provider, or other service providers.
Fyma shall not be liable for any damages incurred by the Client in connection with the choices made by artificial intelligence. The Client understands and acknowledges the fact that the output of the Platform is data analysis. Business decisions and their consequences are made and borne by the Client. Therefore, Fyma is not responsible for any business decisions made by the Fyma based on data analysis.
Fyma indemnifies the Client for direct damage caused by non-performance or improper performance of the damage, which has occurred as a result of Fyma’s intentional actions. Fyma shall not be liable for consequential damages to the Client and shall not be liable for any loss of income, business expenses, loss of profits, or other similar damages. The maximum rate of compensation for Fyma damages shall not exceed the total amount of EUR 500.
The Platform, content, and functionality are provided on an "as is" and "as available" basis, and, to the fullest extent permitted by law, Fyma makes no promises, whether express or implied, with respect to the Platform, content, or functionality.
The Client must notify Fyma in writing of the amount of the damage and the basis for compensation for the damage within ninety (90) calendar days of becoming aware of the damage. Fyma has the right to demand the submission of documents proving the existence and amount of damage and other necessary information.
The Client represents and warrants:
To exercise any of the abovementioned rights, please contact email@example.com. We will respond to your requests within 30 days.
Disputes arising from or related to these Terms shall be resolved through negotiations. In case of failure of negotiations, disputes will be settled in Harju County Court on the basis of legislation in force in the Republic of Estonia.