Version "14" - effective from 2023-12-01

Compliance

We take the security of your data very seriously. We do realize that data is one of the most valuable assets you have these days. Therefore we follow industry standards to ensure your data is safe.

iso_iec_27001_badgeISO 27001
Information Security
Management System (ISMS)
gdpr_badgeGDPR
The General Data Protection
Regulation

Sendsteps Terms of Service(s)

Introduction

Welcome to Sendsteps! Sendsteps offers Customer a software as a service solution for the use of a web-based presentation creation and audience response system. The system allows the creation of presentations and documents through user input or via the use of artificial intelligence. It also provides real-time interaction between a presenter and its audience via devices as described on Sendsteps’ website such as laptops, tablets and smartphones. A general description of the different services that Sendsteps offers can be found on Sendsteps’ website. Sendsteps offers Customer the possibility to use its web based software services by providing Free Services and Paid Services. In these Terms of Service(s) Sendsteps sets out the terms and conditions that apply to its Services

About Sendsteps
Company name Sendsteps B.V.
Address Haarlemmerweg 321B
1051 LG, Amsterdam
The Netherlands
Phone +31 (0)20 716 3656
E-mail info@sendsteps.com
Account Number NL29 ABNA 0422721964
VAT Number NL8197.19.936.B01
BIC/SWIFT ABNANL2A
Dutch Chamber of Commerce registration number 34307436
1. Applicability
1.1

These Terms of Service(s) apply to and form an integral part of all Agreements with Sendsteps for the use of any Paid Services or Free Services and apply to every use of the Service(s) by Customer, End User(s) and/or Audience. Any general terms and conditions of Users are rejected and do therefore not apply.

2. Definitions
2.1

The capitalized terms used in these Terms of Service(s) are defined words that shall have the following meaning:

Account The portal, accessible with a username and password, that provides the Customer access to the Service(s) and that contains general information regarding the Customer and the applicable Service(s);
Agreement An Order Form and/or any other agreement with Sendsteps, including these Terms of Service(s);
Application A web-based presentation creation system that allows the creation of presentations and documents through user input or using artificial intelligence as described on Sendsteps’ website. The application also comprises an audience response system for real-time interaction during a presentation between an Audience and a presenter via devices as described on Sendsteps’ website such as laptops, tablets and smartphones, including an add-in software program and management portal;
Audience Each individual who makes use of the interaction functionalities of the Application under the License of a Customer;
Content All data, including pictures, data generated by artificial intelligence, surveys, user data (such as usernames) and personal information, submitted to the Application by a User of the Application;
Customer The individual or entity with whom Sendsteps has entered into (an) Agreement(s) for the use of a Paid Service or a Free Service(s);
End User(s) Each individual who makes use of a Paid Service or a Free Service under the License of a Customer, not including Audience;
Free Service A free service provided by Sendsteps whereby the Customer does not have to pay for the use of the Application;
License(s) A right of a Customer to have End User(s) and Audience use the Paid Service or Free Service;
Monthly Paid Service a Paid Service whereby the Customer pays a monthly fee
Order Form A registration form or any other document entered into by Sendsteps and Customer (online or offline) for the use of the Service(s);
Paid Service A paid service(s) provided by Sendsteps whereby the Customer has to pay for the use of the Application and/or other Service(s);
Paid Service Fun A one-off Paid Service for fun as described on Sendsteps’ website;
Sendsteps Sendsteps B.V.;
Service(s) Any Free Service or Paid Service and/or any other service(s) agreed between Customer and Sendsteps as specified in the Account;
Sub Account The portal, accessible with a username and password, that provides End User(s) access to the Service(s) under the License(s) of a Customer and that contains general information regarding the Customer and the applicable Service(s);
Terms of Service(s) These Terms of Service(s);
User(s) Customer(s), End User(s) and/or Audience
Yearly Paid Service A Paid Service whereby the Customer pays a yearly fee
3. Service(s)
3.1

The agreed Service(s) are specified in the Account.

3.2

Customer can choose for an upgrade of the Service(s), for example by upgrading from a Free Service to a Paid Service, by obtaining additional License(s) to a Paid Service or by obtaining additional functionalities within a Paid Service. Upgrades may be requested by Customer at any time.

3.3

Sendsteps also performs moderator services. Customer can contact Sendsteps if it wishes to make use of such moderator services. The Terms of Service(s), including but not limited to clause 6.2 regarding Customer’s obligations with respect to interoperability, also apply to such moderator services agreed upon between Sendsteps and Customer.

3.4

All obligations for Sendsteps including the Service(s) qualify solely as best efforts obligations and not as result obligations.

3.5

The Service(s) may only be used by User(s) for presentation creation and audience response purposes under the conditions as set out in the Terms of Service(s).

3.6

The Service(s) are intended for business use only. Customer warrants that it will use the Service(s) for business use only and not for consumer purposes. Customer must be at least 16 years old to use the Service(s). If Customer is under 18 Customer must have their parent or legal guardian’s permission to use the Service(s). If Customer uses the Service(s) on behalf of another person or entity, Customer must have the authority to accept the Terms on their behalf. Customer must provide accurate and complete information to register for an account. Customer may not make their access credentials or account available to others outside their organization, and they are responsible for all activities that occur using their credentials.

4. License(s) and intellectual property rights
4.1

Sendsteps grants a non-exclusive, non-transferable and revocable license to Customer to use the Paid Service or Free Service for the term of the Agreement subject to the terms and conditions of the Terms of Service(s).

4.2

Customer is responsible for allocating an individual End User to a License. End User(s) must be employees of Customer or the Customer’s group companies. Sendsteps preserves the right to not accept an End User(s) if to Sendsteps sole discretion there are reasonable grounds. Customer warrants that the number of End Users does not exceed the number of the License(s) under the Paid Service or Free Service and that not more than one individual End User uses a Sub Account under a License.

4.3

All intellectual property rights regarding the Service(s), including but not limited to the Application, knowhow, information, analysis, design and user manuals, remain exclusively with Sendsteps or its third party licensors. The Application is not sold or transferred to User(s) in any way.

4.4

A License does not include the right to a copy of the Application or the source code. A License does not include the right to, and Users are not allowed to:

  • (1) (partly or completely) copy or reproduce the Application;
  • (2) assign, lease, sub-license, encumber, disclose or otherwise make available (parts of) the Application;
  • (3) change or make error corrections to (parts of) the Application;
  • (4) reverse assemble, reverse engineer, decompile or otherwise attempt to derive the source code of (parts of) the Application.

5. Duration, upgrades and downgrades
5.1

Sendsteps will only provide a License to Customer and use of the Paid Service and/or Free Service is only allowed for the term of an Agreement and under the Terms of Service(s) and:

  • 5.1.1

    where it concerns a Paid Service after Customer submits the Order Form (if applicable) and has accepted the Terms of Service(s) and Sendsteps has received the fees for the Services as described in clause 8 of the Terms of Service(s);

  • 5.1.2

    where it concerns a Free Service: after Customer submits the Order Form and has accepted the Terms of Service(s);

  • 5.1.3

    where it concerns upgrades: after Customer submits its request for additional Service(s) and Sendsteps has received the fees for the additional Services and Customer has accepted the Terms of Service(s).

5.2

An Agreement is effective as of the date set out in clause 5.1, except for upgrades. An upgrade is considered an amendment of the existing Agreement.

5.3

An Agreement regarding a Yearly Paid Service, has an initial term of one (1) year, unless terminated earlier in accordance with the Terms of Service(s). Following the initial term of one (1) year, the Agreement is automatically extended for successive terms of one (1) year unless Sendsteps or Customer informs the other party in writing that it wishes not to extend the Agreement taking into account a notice period of one (1) month before the end of the then applicable term. If the Customer and Sendsteps agree to an upgrade before the end of the then applicable term of the Agreement, a new one-year-term within the existing Agreement commences as of the date set out in clause 5.1.3.

5.4

An Agreement regarding a Monthly Paid Service, has an initial term of one (1) month, unless terminated earlier in accordance with the Terms of Service(s). Following the initial term of one (1) month, the Agreement is automatically extended for successive terms of one (1) month unless Sendsteps or Customer informs the other party in writing that it wishes not to extend the Agreement taking into account a notice period of two (2) weeks before the end of the then applicable term. If the Customer and Sendsteps agree to an upgrade before the end of the then applicable term of the Agreement, a new one-month-term within the existing Agreement commences as of the date set out in clause 5.1.3.

5.5

Customer has the right to downgrade a Yearly Paid Service into a different Yearly Paid Service or to lesser functionalities within the chosen Service(s) by specifying in writing to Sendsteps the desired downgrade taking into account a notice period of one (1) month before the end of the then applicable term of the Agreement. This will not result in a refund.

5.6

If the event of termination of a Paid Service, the Agreement regarding a Paid Service will automatically revert into an Agreement regarding a Free Service under the Terms of Service(s).

5.7

An Agreement regarding a Free Service has an indefinite term, unless terminated by Sendsteps or Customer in accordance with clause 12.3 of the Terms of Service(s).

6. Customer and End User responsibilities
6.1

Customer and End User shall timely provide all assistance, data and information necessary for Sendsteps to provide the Service(s). Customer will deliver data and information in the form and manner set out by Sendsteps. Customer and End User shall act in accordance with Sendsteps’ instructions for the use of the Application.

6.2

Customer and End User are responsible for the internet connection, interoperability, web browser, updated Microsoft software and equipment that enables User(s) to access and use the Application. Customer shall:

  • (1) install the Application on Microsoft Windows computers with the most recent available Microsoft Windows software only;
  • (2) install and use the most recent version of (any part of) the Application;
  • (3) be responsible for a functioning internet connection;
  • (4) not use the Application via a VPN (Virtual Private Network) connection.

6.3

Customer and End User ensure that the Content, software and equipment used is free of viruses, worms, Trojan horses or other codes or instructions that are designed to disrupt or damage the Application or any communication and that it cannot damage or disrupt the Application or any communication in any other way.

6.4

Customer and End User use the Application at their own risk. Sendsteps does not guarantee that the Application meets Customer’s expectations.

6.5

Customer is responsible for the use of the Application by End User(s) and by Audience. All acts related to a License are considered to take place under the responsibility and supervision of Customer. Customer warrants that End User(s) and Audience comply with the Terms of Service(s) notwithstanding any independent obligations of End User(s) and Audience against Sendsteps under the Terms of Service(s). Customer will notify Sendsteps immediately if it suspects or becomes aware of abuse or unauthorized use of License(s) and/or the Application.

6.6

Customer procures that Customer and End User(s) keep log in information including but not limited to user name(s) and password(s) to the Application confidential. This includes but is not limited to the obligation not to share log in information with the Customer’s (other) employees.

7. Service availability, maintenance, updates and support
7.1

A Service is provided on an “as is” basis. Sendsteps will make reasonable efforts to provide Customer with continuous access to the Service(s). Sendsteps will also make reasonable efforts to correct any errors in the Application. Parties however acknowledge that the Service(s) may not always be accessible and that the Application may not always operate without interruptions, errors or defects.

7.2

Sendsteps is entitled to block access to the Application and to switch off certain functionalities of the Application in order to perform the necessary maintenance, updates or improvements to the Service(s) without prior notice. Sendsteps is not liable for any downtime as a result of this. Sendsteps strives to inform Customer in advance of planned maintenance that Sendsteps believes may temporarily affect the availability of the Service(s).

7.3

Sendsteps preserves the right to automatically add additional features or program adjustments, updates and upgrades to the Application. Customer agrees in advance to install and/or accept new version(s) of the Application.

7.4

Sendsteps does not warrant timely adjustment of the Service(s) to amended legislation or regulation.

7.5

Sendsteps offers different scopes of support, depending on the agreed Service(s). The applicable level of support is specified in the Account.

8. Payment
8.1

Customer shall pay to Sendsteps the fees specified in the Account, unless Customer has an Agreement regarding a Free Service. All fees and prices are increased with VAT and other taxes, levies or tolls if applicable.

8.2

Payment by Customer to Sendsteps must be made in advance of each term for the entire term. In case of an upgrade the prepaid fees will be settled on a pro rata basis with the fees for the new term.

8.3

Payment of the fees by Customer to Sendsteps for the initial term and payment of fees for upgrades must be made in accordance with the payment methods as described on the Sendsteps’ website, unless payment on an invoice basis is agreed upon. Invoices must be paid by Customer to Sendsteps within fourteen (14) days following the invoice date, or, if the desired commencement date of the Agreement lies within fourteen (14) days following the invoice date, before the desired commencement date of the Agreement. Payment terms are fatal terms as mentioned in article 6:83 sub a Dutch Civil Code.

8.4

If the Agreement is extended pursuant to clause 5.3 of the Terms of Service(s), Sendsteps will collect the fees from Customer due for the following term via the chosen payment method. If Sendsteps for whatever reason is unable to collect the fees from Customer or, if payment on an invoice basis is agreed upon, has not received full payment of the invoice within the agreed payment term, a five-day-grace period commences. During this period of five calendar days following Sendsteps’ first attempt to collect the fees, Sendsteps will make attempts to collect the fees due by Customer in accordance with the chosen payment method. If Sendsteps does not succeed in collection of the fees or, if payment on invoice basis is agreed upon, does not receive full payment by the end of this grace period, Sendsteps has the right to suspend the performance of its obligations notwithstanding any other rights. This includes, but is not limited to, the right to block Customer’s (including End User(s)’ and Audience’s) access to the Application. This will not affect Customer’s payment obligations. The fees will remain due and payable by Customer and Sendsteps will keep making attempts to collect the fees in accordance with the chosen payment method for at least 30 days (Monthly contracts) and 45 days (Yearly contracts).

8.5

Any right for Customer to suspend or settle any payment obligation is excluded.

8.6

Services and fees may be amended by Sendsteps from time to time. Sendsteps will give prior written notice to Customer of such amendments. Amendments will take effect as from the next one-year-term of an Agreement. If Customer does not agree with any amendment of the Service(s) or fees, Customer has the right to terminate an Agreement taking effect from the end of the then applicable one-year-term.

8.7

A Customer with an Agreement regarding a Paid Service has the right to terminate the Paid Service without cause within fourteen (14) days from the initial and each subsequent term by giving notice in writing to Sendsteps via legal@sendsteps.com. Sendsteps will repay to Customer the full amount of fees paid by Customer to Sendsteps within fourteen (14) days from receipt of this notice of termination. Customer is not entitled to a refund if Customer or its End User has used the Application with an Audience or has created a presentation using artificial intelligence during the aforementioned fourteen (14) days from the initial term and/or if the Customer or its End User has tested the functionalities of the Application by using the interaction functionalities.

8.8

Customer will immediately notify Sendsteps of any changes in its name, address, e-mail address, bank account number, credit card information and other relevant information regarding the chosen payment method by updating the information in its Account.

9. Content
9.1

Customer is responsible for the use of the Application and the submission of Content by End User(s) and Audience.

9.2

Customer is resposinble for Content generated using artificial intelligence through the Application.

9.3

In addition, Customer and End User(s) are prohibited to use the Application in an inappropriate manner and to submit Content that is generally considered inappropriate. This includes, but is not limited to, Content that is libelous, harassing, promotes violence or is discriminatory.

9.4

Sendsteps has the right to remove Content that, in the opinion of Sendsteps, does not meet the requirements of clauses 9.2 and 9.3. Sendsteps also has the right to remove Content that according to a third party is unlawful or constitutes an infringement of intellectual property rights. In such cases Sendsteps cannot be obliged to investigate and assess the validity of such claims.

9.5

Sendsteps is not obliged to perform data recovery in case of loss of or damage to Content. Sendsteps preserves the right, but is not obligated, to create back-ups of Content.

9.6

The rights relating to the Content submitted under the Agreement regarding a Paid Service remain with Customer.

9.7

The rights relating to the Content submitted under the Agreement regarding a Free Service remain with Customer. Sendsteps shall have a non-exclusive, perpetual, irrevocable and comprehensive right to copy, process and use Content submitted under an Agreement regarding a Free Service for purposes of analysis and promotion. This clause also applies to Content submitted under the Agreement regarding a Paid Service when such Agreement is converted to an Agreement regarding a Free Service as described in clause 5.5 of the Terms of Service(s).

10. Data processing
10.1

Sendsteps and Customer shall at all times comply with their respective obligations under the provisions of the General Data Protection Regulation and European Directive on Privacy and Electronic Communications and applicable law. References in this clause to "Processor", "Controller" and "Personal Data" shall have the meanings assigned to them in the General Data Protection Regulation (Regulation (EU) 2016/679) or any amendments thereto.

10.2

This clause 10.2 up to and including clause 10.12 applies only if and to the extent that Sendsteps or any of its subcontractors, as part of the fulfillment of its obligations under the Agreement, processes Personal Data as Processor on behalf of Customer acting as Controller. Customer agrees that Sendsteps may contract subcontractors. Sendsteps shall and shall procure that its subcontractors shall:

  • 10.2.1

    at all times take appropriate technical and organizational measures against unauthorized or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data;

  • 10.2.2

    as soon as possible notify Customer if it receives any complaint, notice or communication that relates directly or indirectly to the processing of Personal Data under the Agreement, provide co-operation and assistance in relation to any such complaint, notice or communication.

10.3

Sendsteps shall process Customer’s Personal Data for the benefit of Customer, in accordance with Customer’s instructions and for the purposes determined by Customer. In general the purposes of processing will consist of allowing people to vote and post question and enable them to have user accounts on Processor's services.

10.4

The Customer undertakes to use Sendsteps’ Services to process the following categories of (personal) data::

  • First name;
  • Last name;
  • E-mail addresses;
  • Phone numbers;
  • Names of employees;
  • IP addresses;
  • Chamber of Commerce registration numbers;
  • VAT number.

10.5

The permitted processing operations shall be semi-automated and performed under the control of Sendsteps. Sendsteps is solely responsible for the processing of Personal Data under this clause 10 in accordance with the instructions of Customer and under the (final) responsibility of Customer. Sendsteps is not responsible for any other processing operations involving personal data, including the gathering of Personal Data by Customer, processing for purposes that Customer has not reported to Sendsteps and processing by third parties and/or for other purposes not stated in this clause 10.

10.6

Customer represents and warrants that it has a valid legal basis to process the relevant Personal Data and to engage Sendsteps in relation to such processing of personal data. Furthermore, Customer represents and warrants that the processing by Sendsteps is not unlawful and does not infringe any rights of a third party. In this context, Customer indemnifies Sendsteps of all claims and actions of third parties related to the unlawful processing of Personal Data.

10.7

In case applicable privacy legislation requires a privacy impact assessment to be conducted before the intended processing under this clause 10, then Sendsteps shall provide Customer with assistance to the extent necessary and reasonable. Sendsteps may charge reasonable costs for the aforementioned assistance.

10.8

Where a data subject submits a request to Sendsteps regarding his/her personal data (for example, to inspect, correct or delete the data, or to receive a copy of the data), Sendsteps will forward the request to Customer and the request will then be dealt with by Customer. Sendsteps may notify the data subject hereof. On Customer’s request, Sendsteps will provide assistance with handling such request to the extent necessary and reasonable. Sendsteps may charge reasonable costs for such assistance.

10.9

In the event of a security breach, Sendsteps shall, to the best of its ability, notify Customer thereof without undue delay, after which Customer shall determine whether or not to inform the data subjects and/or the relevant regulatory authority. A ‘security breach’ is a breach of Sendsteps’ security, leading to (a significant chance of) severe negative consequences for the protection of Personal Data.

10.10

If required by law and/or regulations, Sendsteps shall cooperate in notifying the relevant authorities and/or data subjects. Customer remains the responsible party for any statutory obligations in respect thereof.

10.11

The duty to report a security breach includes in any event the duty to report the fact that a Personal Data breach has occurred, including details regarding:

  • 10.11.1

    the (suspected) cause of the breach;

  • 10.11.2

    the nature of the breach, including, where possible, the categories and approximate number of data

  • 10.11.3

    subjects concerned, and the categories and approximate number of data records concerned;

  • 10.11.4

    the (currently known and/or anticipated) consequences thereof;

  • 10.11.5

    the (proposed) solution;

  • 10.11.6

    the measures that have already been taken to address the personal data breach, including, where appropriate, to mitigate its possible adverse effects.

10.12

All Personal Data processed by Sendsteps (and/or its sub-processors) on behalf of Customer is subject to a duty of confidentiality vis-à-vis third parties. Sendsteps shall bind its employees and/ or sub-processors, who will perform processing activities, to an obligation of confidentiality. This duty of confidentiality will not apply in the event that Customer has expressly authorized the furnishing of such information to third parties, where the furnishing of the information to third parties is reasonably necessary in view of the nature of the instructions and the implementation of this data processing agreement, or where there is a legal obligation to make the information available to a third party.

10.13

Where Customer provides Personal Data to Sendsteps, the Personal Data remains the property of Customer.

10.14

Within thirty (30) days after termination of an Agreement Sendsteps will delete all (Personal) Data relating to an Agreement from its systems, except for data that Sendsteps is required under applicable legislation to keep. Within the aforementioned thirty (30) day period, Customer has the possibility to export its (personal) data in Excel format.

10.15

Customer can copy all Personal Data in CSV-format from its Account. Following termination of the Account, during the thirty-day-period set out in clause 10.14, on Customer’s written request Sendsteps shall send Customer a copy of all such Personal Data held by it under the Agreement, in the format and on the media reasonably specified by Customer, and shall promptly inform Customer if any such Personal Data is lost or destroyed or becomes damaged, corrupted, or unusable.

10.16

At the request of Customer, Sendsteps shall return any Customer’s Personal Data, without retaining any copies thereof.

10.17

Sendsteps has no access to the documents used by Paid Customers with regards to our Document Upload feature in order to create an AI- presentation based on the uploaded document. Sendsteps does not store these documents for Paid Customers.

11. Confidentiality
11.1

Sendsteps and Customer shall keep confidential and agree not to disclose to third parties any confidential information of the other party. Confidential Information refers to all commercial, technical and other information that is or may come into the other party’s possession during the term of the Agreement and that (1) regards the Service(s) (2) regards the Agreement between Sendsteps and Customer, (3) regards intellectual property rights of Sendsteps, Customer or any of their third party licensors and (4) is not public and must reasonably be expected to be confidential.

11.2

The obligation not to disclose confidential information shall not apply to any information that (1) is or generally becomes available to the public, (2) was already lawfully in the possession of Sendsteps or Customer prior to being furnished by the other party (3) becomes available to Sendsteps or Customer on a non-confidential basis, (4) that Sendsteps or Customer is required to disclose by law or by order of any judicial or regulatory body provided that the party will notify the other party of the disclosure requirement as soon as reasonable practicable after becoming aware of it and (5) that Sendsteps or Customer must disclose to be able to prosecute intellectual property right infringements.

12. Termination
12.1

If Customer has an Agreement regarding a Free Service:

  • 12.1.1

    Customer has the right to terminate the Agreement with immediate effect at any time by deleting its Account; and

  • 12.1.2

    Sendsteps has the right to terminate the Agreement at any time by written notice with observance of a one (1) month notice period and by written notice and with immediate effect in case of a breach of any obligations of Customer and, if the breach can be remedied, the Customer fails to remedy that breach within a reasonable remedy period specified in a written notice of default, providing full details of the breach, unless the breach taking into account the special nature or minor significance does not justify the termination and its consequences.

12.2

If Customer has an Agreement regarding a Yearly Paid Service both Sendsteps and Customer have the right to terminate the Paid Service:

  • 12.2.1

    at any time by written notice with observance of a notice period of at least one (1) month before the end of the relevant one-year-term, as described in clause 5.3; and

  • 12.2.2

    by written notice and with immediate effect in case of a breach of any obligations of the other party, and, if the breach can be remedied, the other party fails to remedy that breach after the receipt of a written notice of default which has to contain the full details of the breach and in which the other party is given a reasonable period (of at least ten (10) days) to remedy the breach, unless the breach taking into account the special nature or minor significance does not justify the termination and its consequences.

In addition, Customer has the right to terminate the Paid Service pursuant to clauses 8.6 and 8.7 of the Terms of Service(s).

12.3

If Customer has an Agreement regarding a Monthly Paid Service both Sendsteps and Customer have the right to terminate the Paid Service:

  • 12.3.1

    at any time by written notice with observance of a notice period of at least two (2) weeks before the end of the relevant one-month-term, as described in clause 5.4,; and

  • 12.3.2

    by written notice and with immediate effect in case of a breach of any obligations of the other party, and, if the breach can be remedied, the other party fails to remedy that breach after the receipt of a written notice of default which has to contain the full details of the breach and in which the other party is given a reasonable period (of at least ten (10) days) to remedy the breach, unless the breach taking into account the special nature or minor significance does not justify the termination and its consequences.

In addition, Customer has the right to terminate the Paid Service pursuant to clauses 8.6 and 8.7 of the Terms of Service(s).

12.4

Notwithstanding clauses 12.1, 12.2 and 12.3, Sendsteps has the right to terminate the Agreement and to block the access of Customer and/or the access of its End User(s) and Audience to the Service(s) or to suspend any obligations of Sendsteps under the Agreement with immediate effect and without a notice of default being required if one of the following circumstances occurs:

  • 12.4.1

    User(s) violate intellectual property rights of Sendsteps, Sendsteps’ third party licensors or other third parties or, to Sendsteps’ sole discretion, in any other way causes or may cause harm to Sendsteps, its third party licensors or other third parties;

  • 12.4.2

    User(s), to Sendsteps’ sole discretion, engages in fraudulent, immoral, illegal or unlawful activities, or if Content is inappropriate, including but not limited to Content that is libelous, harassing, pornographic, promotes violence or is discriminatory;

  • 12.4.3

    a request for insolvency of Customer has been filed, or Customer has been declared insolvent, or a suspension of payment of Customer has been granted or any other type of insolvency proceedings has been declared applicable to Customer; and/or

  • 12.4.4

    Customer’s business is (partially or completely) discontinued or wound up or (partially or completely) transferred to a third party, or if a direct or indirect change of control occurs in the decisive control of Customer’s company

  • 12.4.5

    if to Sendsteps’ sole discretion there are other serious grounds or changed circumstances whereby continuation of the Agreement in reason cannot be expected from Sendsteps.

12.5

The termination of an Agreement leaves any other Agreement(s) between Sendsteps and Customer unaffected.

12.6

Customer and Sendsteps have no termination rights other than the rights described in the Agreement.

13. Effects of termination
13.1

Upon termination of an Agreement by either Sendsteps or Customer any License(s) and any and all other rights under the Agreement shall end immediately as of the termination date. User(s) shall immediately stop using the obtained License(s) and Customer and End User(s) shall de-install the Application.

13.2

If Customer pursuant to clause 12.2.2 and 12.3.2. of the Terms of Service(s) validly terminates the Agreement regarding a Paid Service(s) before the end of the term due to a breach of an obligation by Sendsteps, the Customer is entitled to a refund of prepaid fees on a pro rata basis. The refund will concern the following period: the date of the breach or, if the breach can be remedied, the first day following expiration of the reasonable remedy period, until the end of the then applicable term. Customer is not entitled to a refund in case of a termination by Sendsteps pursuant to section 12.2.2, 12.3.2. or 12.3 of the Terms of Service(s).

13.3

A termination by Sendsteps for whatever reason shall under no circumstances result in a right to compensation of damages or financial compensation for Customer. A termination by Sendsteps leaves Sendsteps’ rights in connection with the termination, including but not limited to the right to claim damages, unaffected.

13.4

All clauses of the Terms of Service(s) or any Agreement which by their nature are destined to continue after termination shall remain in full force and effect following termination. Termination in any event does not release Sendsteps and Customer from their obligations regarding intellectual property rights, confidentiality, data protection, liability, applicable law and choice of forum.

13.5

In addition to clause 10.14 regarding Personal Data, within thirty (30) days after the termination of an Agreement Sendsteps will also delete User’s Content from its systems, except for data that Sendsteps is required under applicable legislation to keep. Within the aforementioned thirty (30) day period, Customer has the possibility to export its Content from the Account in Excel format.

14. Force Majeure
14.1

If Sendsteps cannot (partially or fully) fulfill its obligations under an Agreement due to circumstances beyond its control, a so-called force majeure event (overmacht), Sendsteps’ relevant obligation(s) shall be suspended for the term of such force majeure event. Sendsteps will not be liable for damages that result from such force majeure events.

14.2

A force majeure event on the part of Sendsteps includes but is not limited to: natural disasters, fire, wars, theft, strikes, measures by public authorities, power failures, failures of network, internet or telecommunication facilities, viruses or other disruptions of the Application caused by third parties, damage to servers, loss of data and a failure to perform by Sendsteps’ suppliers, subcontractors or any other party that is involved in execution of its obligations to Customer.

14.3

If a force majeure event continues for more than thirty (30) days, Customer has the right to terminate the Agreement by written notice. In case of a termination pursuant to this clause, Customer is entitled to a refund of prepaid fees on a pro rata basis. The refund will concern the following period: the first day of incomplete or non-performance by Sendsteps until the end of the then applicable term.

15. Limitation(s) of liability
15.1

Without prejudice to any other limitations of liability an attributable breach of Sendsteps in the performance of any obligations under an Agreement gives rise to liability only if, when the breach can be remedied, Sendsteps fails to remedy the breach, after the receipt of a written notice of default which has to contain the full details of the breach and in which Sendsteps is given a reasonable period (of at least ten (10) days) to remedy the breach.

15.2

Any and all liability of Sendsteps regarding an attributable breach in relation to any Free Service and/or in relation to the use of a Student Service is excluded, except in case of willful misconduct or gross negligence of Sendsteps.

15.3

Without prejudice to any other limitations of liability Sendsteps is not liable for damages, costs or losses of any kind caused by:

  • 15.3.1

    false and/or incomplete data provided by User(s) to Sendsteps;

  • 15.3.2

    the use of the Application by User(s) for other purposes than for which it was provided;

  • 15.3.3

    content submitted to the Application by User(s);

  • 15.3.4

    failure in network, Internet, telecommunication, software and/or hardware facilities of User(s);

  • 15.3.5

    a force majeure event (as defined in the Terms of Service(s)).

15.4

Without prejudice to clause 15.2 and except for liability for damage that is caused by willful misconduct or gross negligence of Sendsteps, the total and aggregate liability of Sendsteps for any and all claims arising from an attributable breach in the performance of any and all obligations under an Agreement or on any other legal basis is limited to:

  • 15.4.1

    15.4.1 direct damages; and

  • 15.4.2

    to a yearly maximum and total liability of 30 percent of the fees actually paid by a Customer to Sendsteps under an Agreement relating to the contract year in which the event(s) that give(s) rise to the claim has/have arisen.

15.5

Any and all liability of Sendsteps for indirect damages is excluded. Indirect damages in any event include but are not limited to consequential loss, loss of income, loss of savings, damage as a result of business interruption, damages as a result of claims of third parties and/or loss of data and/or any costs in relation to a system build up caused by a virus or hack or similar event.

15.6

Any right against Sendsteps to claim damages expires if Sendsteps has not received a written claim for damages within two (2) months following the event that gives rise to a claim.

15.7

Any and all obligations under an Agreement are solely entered into by Sendsteps. User(s) waive any and all rights (if any) against any third party other than Sendsteps involved in the performance of an Agreement. If despite the above a third party involved by Sendsteps in the performance of an Agreement would be liable such third party can invoke all limitations of liability that apply to Sendsteps in a similar manner.

16. Assignment and subcontracting
16.1

Customer is not permitted without Sendsteps’ prior written approval to assign the rights and obligations ensuing from an Agreement to third parties nor to provide third parties with any other rights regarding an Agreement.

16.2

Sendsteps has the right assign the rights and obligations ensuing from an Agreement to third parties. In addition, Sendsteps has the right to make use of the services of third parties in the performance of an Agreement. These parties can invoke rights under the terms and conditions that apply to Sendsteps in an Agreement.

17. Notices
17.1

If a written notice of a party is required under the Terms of Service(s) this shall mean a notice by e-mail.

17.2

Written notices to Sendsteps shall be considered valid notices under the Agreement if sent to:

17.3

All notices sent by Sendsteps to Customer’s registered e-mail address shall be considered valid notices under the Terms of Service(s).

18. Applicable law and choice of forum
  • The Agreement, including the Terms of Service(s), is governed exclusively by Dutch law, excluding any private international law.
  • Sendsteps and Customer agree to make maximum efforts to, to the extent possible, amicably resolve any dispute that may arise between them in connection with the Terms of Service(s) and any Agreement. If parties fail to reach an amicable settlement, the competent court in the district of Amsterdam will have exclusive jurisdiction regarding all disputes submitted by the Customer. All disputes submitted by Sendsteps shall be exclusively settled by the Dutch Arbitration Dispute
19. Miscellaneous
  • In case of a conflict between a translation and the English version of the Terms, for interpretation and explanation of these Terms, the English version shall prevail.
  • Sendsteps and Customer are and intend to remain independent contractors. There exists no agency, joint venture or partnership between Sendsteps and Customer.
  • If any part of the Agreement is invalid or unenforceable for any reason, the validity of the remaining part of the Terms of Service(s) shall not be affected and shall continue in full force and effect. Such an invalid or unenforceable provision shall be replaced or considered to be replaced by a valid provision that is acceptable and best approaches the scope of the invalid or unenforceable provision.
  • A failure to enforce a right or a remedy does shall not be deemed a waiver of such right or remedy
  • A verbal notification, agreement or commitment made by Sendsteps or Customer shall have no legal effect, unless explicitly conformed by Sendsteps and Customer in writing.
  • Sendsteps preserves the right to change the Terms of Service(s) unilaterally. Changes will then also apply to existing Agreements between Sendsteps and Customer, provided that in such event Customer is entitled to terminate the Agreement as of the commencement date of the changed Terms of Service(s) or within ten (10) business days following the Customer’s receipt of the changed Terms of Service(s) if the commencement date lies before the receipt date. If Customer does not enforce its right to terminate the Agreement within this term, the changed Terms of Service(s) will apply to any existing Agreement(s) between Sendsteps and Customer.

Sendsteps Privacy Statement

Contents of this Privacy Statement 1. General information

The protection of your privacy and personal data is important to us. We respect your privacy and we do what it takes to keep your personal data truly personal. On the basis of complete transparency, this privacy statement describes what personal data we process, on what legal basis we process it and for what purpose(s) we use your data. With this statement, we also inform you on how you can exercise your legal rights regarding privacy.

This privacy statement applies to all our services, the use of our website(s), application(s), contact form(s) and to other correspondence. In case you do not agree with this privacy statement, we advise you not to use our services. Please also take note of our Terms of Service(s), where definitions are given of words with capital letters used in this statement.

Moreover, we use cookies on our websites. For more information on what type of cookies we use and on how to delete or block them, please see our cookie statement.

If you require any additional information about the protection of your personal data, feel free to contact our Data Protection Officer via privacy@Sendsteps.com, or visit the website of the Dutch Data Protection Authority (Autoriteit Persoonsgegevens): www.autoriteitpersoonsgegevens.nl.

2. The data we gather

Sendsteps collects and processes personal data. We gather this data based on your input or by automated means. Not all data input is required to use our services, but some is. In the table below, we provide an overview of the data we gather, how and why we gather the data, and on what legal basis we do so.

We only collect personal data if and limited to what is necessary for the purposes listed below. In case we intend to further process your data, we will prior to that further processing provide you with information on what other purpose(s) we intend to process your data for. We do not use automated decision-making or personal-data processing techniques (such as profiling).

We are either Controller or Processor of the personal data we store, within the meaning of the EU General Data Protection Regulation. Regarding the types of data ‘behaviour data’, ‘content data’, ‘purchase date’, ‘technical data’ and ‘contact data’, we consider ourselves Controller of the personal data. This means it is Sendsteps that determines the purposes and means of the processing of personal data. Regarding ‘content data’, we consider our Customer the Controller of the personal data, which means Sendsteps merely processes the personal data on behalf of our Customer.

When our legitimate interests form the legal basis for the processing of your personal data, we use your data to improve the quality, stability and availability of our services. We make an explicit deliberation of the data we want to use for these purposes and we only use the data to the extent necessary. We also take specific security measures regarding this data: whenever we can pseudonymise or anonymise the relevant data, we will do so.

Description of (personal) data
Data subject
Why do we gather this data and on what legal basis?
Content data (as Processor/Controller)
Data in the presentation of an End User and in answers to questions asked by End User on a Free Service. Depending on the settings selected by the Costumer or End User, this may also include nicknames. The data is non-required user input.
Audience member
To be able to provide the audience response services, to display the answers to your questions on screen, to make analysis on your answers. Legal basis: not required, because we are not the Controller. To use your answers for business development purposes. Legal basis: our legitimate interests.
Data in the presentation of an End User and in answers to questions asked by End User on a Paid Service (also including the Student Service). The data is non-required user input. In case the Paid Service / Student Service ends or is terminated, the relevant data will - until the end of the applicable storage period - be processed as if it was data under a Free Service.
Audience member
To be able to provide the audience response services, to display the answers to your questions on screen, to make analysis on your answers. Legal basis: not required, because we are not the Controller.
Behavioural data (as Controller)
Anonymised statistical data on how our products, services, websites and tooling are used. This includes data on what users click on, the type of questions used, times at which our products are used, etc. The data gathering is automated.
Audience member, End User, Customer
To make analysis that helps us improve our services. Legal basis: not required, because we are not the Controller.
Profile data (as Controller)
First name, last name, username, email address and profile password. The data is required user input. If this data is not provided we cannot render our services properly.
End User, Customer
To supply you with an account, recognize you as a user and send you messages regarding our services (including direct marketing). Legal basis: performance of a contract, our legitimate interests.
Company information and information provided by the Customer and/or End User regarding the intended and potential usage of our services. The data is non-required user input.
End User, Customer
To identify what services we may provide you, to be saved with your customer profile. Legal basis: performance of a contract, our legitimate interests.
Phone number. The data is non-required user input.
End User, Customer
To be able to contact you, to complete your customer profile, to provide the requested service. Legal basis: performance of a contract.
Technical data (as Controller)
Device data (e.g. hardware model, operating system version, unique device identifiers). The data gathering is automated.
Audience member, End User, Customer
To improve quality and availability of our products and services. Legal basis: our legitimate interests, performance of a contract.
Log data (e.g. your search queries, details about your connection such as IP address, date, time, edge-location, ssl-protocol, ssl-cipher or time-taken to serve your requested site, device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL), browser local storage and application data caches. The data gathering is automated.
Audience member, End User, Customer
To improve quality and availability of our products and services. Legal basis: our legitimate interests, performance of a contract.
Location information (IP address), this may be personal data when used in conjunction with profile data but is not gathered as such. The data gathering is automated.
Audience member, End User, Customer
To safeguard and improve the quality and availability of our products and services. Legal basis: our legitimate interests, performance of a contract.
Contact data (as Controller)
Email address, messages. The data is non-required user input.
Anyone contacting Sendsteps through email or our contact form(s)
To be able to reply to you and provide the requested service. Legal basis: consent.
3. Period for which data will be stored

Sendsteps does not store your personal data longer than necessary for the purpose for which the data was collected. How long we store your data depends on the type of data and the purpose for which we use the data.

Profile and content data is stored as long as someone has an account/profile to access our services or applications. In case we store personal data relating to a contract with you, the data is erased within thirty days after termination of the contract, except for data that we are obliged by law to store for a longer period of time. Please also be referred to our Terms of Service(s). A storage period of one year also applies to contact data. Purchase data and certain profile data needs to be stored for a term up to seven years because of tax legislation. This data is deleted from our systems one year after the end of such a term, at the latest. Lastly, technical and behavioural data (in anonymised form) is kept for an undetermined period of time.

4. Sharing of the data we gather

Sendsteps will only share personal data with others when we are legally permitted to do so. When we share data with others, we put contractual arrangements and security mechanisms in place as appropriate to protect the data and to comply with our data protection and security standards.

We render our services globally and use services from partners located all over the world. As a result, personal data may be transferred outside the country where we are located or where you live. This includes the transfer of data to countries outside the European Union and to countries that may not have laws that provide sufficient protection for personal data, such as the United States of America. However, we have taken steps to ensure all personal data is provided with appropriate safeguards and adequate protection.

5. Sub-processors/recipients of the data

The personal data stored by us may be disclosed to/shared with other organisations. These organisations include third-party organisations that provide IT, marketing and sales services to us. We use these parties’ services to help us run and manage our internal and external IT systems, including cloud-based storage, software, website hosting, applications and security. We may also share personal data with our external auditor/accountant to the extent necessary for the audit(s) and to our insurance company regarding insurance claims. We use professional advisors, such as law firms, where necessary to establish, exercise or defend our legal rights and to obtain legal advice. Lastly, we may be obliged to provide personal data to law enforcement agencies or other government and regulatory agencies.

In the table below, the sub-processors and recipients of personal data we process are listed, as well as the purpose for disclosing data to them and the location in which the sub-processor or recipient (to our knowledge) processes the data. The mentioned locations indicate where your data is processed according to our agreement with the relevant sub-processor/recipient.

Sub-processor / recipient
Purpose
Location of data processing
Adyen
Payment processing
The Netherlands
Amazon Web Services Inc.
IT infrastructure
Germany
Atlassian Pty Ltd. Jira, Confluence, Trello
Internal communications and project planning
European Union
CM.com
Telecom services
Several locations within the EU
Cookiebot, Cybot A/S
Cookie notifications on our website
The Netherlands
Hotjar Ltd
User behaviour analytics
Ireland
Lodewijk van Rijn Consultancy
IT Testing and customer service
The Netherlands
Mailgun LLC
E-mail service
European Union
Microsoft Corporation
Office applications
European Union
New Relic Inc.
IT Analytics
Germany
Recruitee
Recruiting software
Google data centers in Germany, and Amazon data centers in Germany and Ireland
Stramark BV
Marketing analytics
The Netherlands
Vodafone Libertel B.V.
Telephony
The Netherlands
VOIPStudio, Level 7 Network Ltd.
VOIP Phone system
European Union
Vonage (Nexmo)
Telephony
European Union
World-Text
SMS services
United Kingdom
Yukiworks
Accounting
Germany, Ireland
Zoho corporation
Sales and marketing CRM, analytics and email service
The Netherlands
6. Security

In order to keep your personal data truly personal, we process your data in manner that ensures appropriate security. That is why we have put in place appropriate safeguards and policies, and have taken appropriate technical and organisational measures. We regularly review these policies and measures.

Regarding the locations where we store your personal data, our systems are designed in a way that your data is never stored in one place in full. This limits the risk of exposure in the unfortunate event of a security breach, and limits the impact thereof.

Sendsteps employees are instructed regarding organisational measures, for example regarding: our data-breach protocol, the content of the present privacy statement, the need to obtain consent before processing of certain data, and the need to protect their passwords and devices.

For more information regarding the security measures we took, please see this page.

7. Your rights

You have certain legal rights with regard to the processing of your personal data. We are responsible for fulfilling these rights. To make use of any of these rights you can contact us via the contact details listed in this statement and any other form of communication specified. Our aim is to respond to any requests for information or to take action as soon as possible, but in any case within four weeks. Your rights include the following.

1.
The right of free access to personal data You have the right to know whether we process data concerning you and to receive a free copy of your personal data held by us.
2.
The right to rectification of personal data You have the right to request for your personal data to be changed, updated or rectified. This right is applicable where your personal data, for example, changes over time, is incomplete or is inaccurate. In addition to contacting us via e-mail, you can (if applicable) directly change your personal details via the website(s) or application(s) with which you registered. We will make sure your data is updated as appropriate based on your request and as far as we are able to do so.
3.
The right to be forgotten You have the right to ask us to erase your personal data when one of the following circumstances occur:
  • when it is no longer necessary to store the data in relation to the purposes for which it was collected and processed;
  • when you withdraw the consent you previously gave and we have no other legal basis for the processing;
  • when you object to us processing your data based on certain legitimate interests pursued by us or a third party and we do not have overriding legitimate interests;
  • when you object to us processing your data for direct marketing purposes;
  • when your personal data has been unlawfully processed; or
  • when your personal data must be erased to comply with a legal obligation to which we are subject.
4.
The right to restrict processing of personal data You have the right to demand the restriction of processing your personal data during the period in which we assess your objection to accuracy or the use of your personal data, when we have unlawfully processed your data, and in case you require us to retain your data in light of legal claims.
5.
The right to object to processing of personal data You have the right to object to us processing your personal data if the processing is based on our (or a third party’s) legitimate interests or if we process your personal data for direct marketing purposes.
6.
The right to data portability You have the right to receive the personal data that we store of you. When requested, we will provide the information in a structured, commonly used and machine-readable format, that makes it is simple for you to transfer your data to another party.
7.
The right to withdraw your consent When you have given your consent to the processing of your personal data based, you can withdraw this consent at any time.
8. Contact & complaints

If you have any questions about this privacy statement or how and why we process personal data, please contact our Data Protection Officer via e-mail (privacy@Sendsteps.com.) or by regular mail: Sendsteps B.V., Haarlemmerweg 321B, 1051LG Amsterdam (the Netherlands). Sendsteps B.V. is registered with the Dutch Chamber of Commerce under number 34307436. More contact details can be found on www.sendsteps.com/en/contact/.

In the unfortunate situation you want to issue a complaint regarding our processing of your personal data, you may send your complaint to the abovementioned contact details. We will carefully investigate and respond to any complaints.

You also have the right to issue a complaint with the Data Protection Authority (DPA) in your country of residence, place of work or the country in which an alleged violation of your privacy took place. In the Netherlands, the Autoriteit Persoonsgegevens is the competent authority to issue your complaint to. For further information regarding your rights and how to issue a complaint with the DPA, we kindly refer you to the website of the Dutch DPA.

This privacy statement applies from 23 April 2020 on until further notice.

Sendsteps Security Standards

Contents of this Security Standards 1. Security Standards

Sendsteps handles your data and tries to do that in the most secure way possible. When speaking about data we discern the categories as described in our privacy statement.

As a company Sendsteps firmly believes in transparency both in a business as well as in a security context. We always try to be as open and clear as possible in the way we handle both security and (data) privacy. If you are looking for more information on how we treat your personal information or information about the third-parties we work with please have a look at our privacy statement.

In this document we give you a look into our organization and the way we put our security and privacy policy in practice.

2. Confidentiality

In our Terms and Conditions we guarantee to keep your account and personal data confidential. However, as also described in our Terms, if you use our “Free” version, all data we gather can be used for promotion purposes, on our website and can be shared with third parties. If you want your data to be handled in a more secure way we highly recommend using our of our paid plans.

Our staff and third parties, anyone of whom needs to work with your data is contractually obligated to keep that confidential.

3. Staff Practices

As a company we place the greatest amount of importance on making sure the highest possible level of security is in place. Our staff plays an important role in this, therefore we have placed strict controls over our staff and all our processes.

When hiring a new staff member we perform background checks during the hiring process. Including an official statement of good behaviour granted by the Dutch government. When hired each staff member is required to take a security and data privacy training with our Security Officer. During said training the focus is on how to work securely using both our own tools as well as the tools we use from third parties, handling sensitive information (including your personal data). Physical security as well as general security best practices are also covered.

Working at Sendsteps means for some employees that they need to have access to systems that store and process sensitive data. For example, if something went wrong with your payment we may need to access your personal data in order to diagnose the problem. Sendsteps and her employees are committed to making sure that sensitive data is never seen by anyone who doesn’t need access to it. We use restrictions on the application layer to make sure that each member of staff only has access to the data that is needed to perform their jobs. These employees are prohibited from using these permissions to view sensitive our personal data unless it is necessary to do so.

Sendsteps performs regular internal audits to make sure we adhere to our own high security standards. Additional checks are made when an employee leaves the company. Also we force every employee to use strong passwords that expire and disk encryption. Multi-factor authentication (MFA) is used wherever possible.

4. Data Export

When using Sendsteps, it is possible to export your data through our dashboards.

Upon request of our customers it is possible to delete the data of a specific event. We will process this request when it comes it, usually within 24 hours. Our customer support will happily provide you any sort of assistance necessary.

5. Infrastructure

Sendsteps is hosted on AWS (Amazon Web Services) infrastructure. Currently, our infrastructure is located in the EU (Germany).

Amazon Web Services maintains multiple certifications for its data centres, including ISO 27001 compliance, PCI Certification, and SOC reports. For more information about their certification and compliance, please visit the AWS security website and the AWS compliance website.

When it comes to our server architecture we use a tiered model that keeps services and functions as much as possible within the specific tier.

6. Data Encryption

Sendsteps uses the latest available suites and protocols to encrypt (SHA-256 with RSA Encryption) all traffic in transit. Your data on our servers is encrypted (AWS RDS Encryption - AES-256) as well, our infrastructure is accessible only by the development team and through VPN. All activity is logged and audited.

We closely monitor any changes in the cryptographic landscape work promptly to upgrade our products to respond to new cryptographic weaknesses as they are discovered and implement best practices as they evolve. For encryption in transit, we do this while also balancing the need for compatibility for older versions of commonly used browsers.

7. Availability and Disaster Recovery

Approximate availability of Sendsteps services is at 99.95%. Our infrastructure runs on systems that are fault tolerant of failures of individual servers. Sendsteps’ quality assurance team tests disaster recovery measures on an annual basis.

Your data is stored redundantly at multiple locations in our hosting provider’s data centres to ensure availability. We have well-tested backup and restoration procedures, which allow recovery from a major disaster. Both your data and our source code are automatically backed up on a regular basis.

8. Monitoring and Logging

We closely monitor both performance as well as security of our products and services. We use infrastructure as well as application monitoring tools. In combination with specialized tools for analysis and data visualization, it gives us strong insights about the condition our services are in. Sendsteps has an extensive, centralized logging environment in its production environment which contains information pertaining to security, monitoring, availability, access, and other metrics about our whole range of products.

9. Software Development Lifecycle

In development we follow our own implementation of Agile/Scrum methodology. We frequently release new versions of our products and continuously change our workflow based on evolving needs and the lessons drawn from the past.

All our software is tested extensively by our quality assurance team. These checks are performed both manually as well as automated. Newly created code is peer reviewed and only put live it meets a set of pre-defined requirements.

New code is deployed to our staging environment first. There a set of automated tests as well as manual test are run to ensure the best quality possible. If everything works as expected, the new feature is put live. In case of emergencies, serious bugs or if anything else goes wrong, we are able to release a fix for the problem within the hour.

In the unlikely event of a security breach, Sendsteps will promptly notify you personally of any unauthorized access to your data. We have incident management policies and procedures in place to handle such an event.

10. External Security Audits

On a regular basis Sendsteps’ systems are audited by respected external security firms to ensure that our practices stay on par with current security standards. On request we can provide you with the most recent report of these audits.