GENERAL TERMS AND CONDITIONS

WEEDEV (ORIAS number : 19005582), a simplified joint-stock company (société par actions simplifiée) with a share capital of 50,000 euros, registered with the Nanterre Trade and Companies Register under number 820 561 538, having its registered office at 114, rue Gallieni 92100 Boulogne-Billancourt (hereinafter referred to as "Weedev")

Version: 5.08.24

1. Definitions

1.1. “General Terms and Conditions” means this document and the Appendices attached hereto.

1.2. “Agreement” means these General Terms and Conditions and the Order(s) signed by the Parties.

1.3. “Customer” means the company having subscribed to the Services offered by Weedev under the conditions set out in the Contract and identified in the Order.

1.4.”Order” means the document(s) signed by the Parties, incorporating and subject to these General Terms and Conditions, setting out the characteristics of the Services subscribed to by the Customer, where applicable, the estimated delivery times and the specific pricing conditions applicable. In the event of any contradiction between these General Terms and Conditions and the Order, the provisions of these General Terms and Conditions shall prevail.

1.5. “Prospect Data” or “Leads” mean the data (identity, telephone and/or electronic contact details, qualification information according to the need expressed by the Customer within the Order) collected by Weedev concerning a Prospect for the needs of a Customer, which may be Hot Leads or Cold Leads.

1.6. “Confidential Information” means any legal, scientific, technical, commercial and financial information or knowledge, know-how, commercial or trade secrets, , data, software, files, plans, studies, tests, diagrams, drawings, protocols, formulas, specifications, design work, systems, algorithms, databases, proposals, concepts, ideas and/or any other type of secret data of any nature whatsoever, in particular legal, scientific, technical, economic, commercial, accounting and financial data, in any form whatsoever, whether patentable or not, exchanged by the Parties in connection with the negotiation and performance of the Agreement.

1.7. “Hot Lead” means a Lead concerning a Prospect who has expressed the wish to be recontacted by the Customer by telephone within a limited period of time prior to its transmission to the Customer, under the conditions set out in article 4 “Lead Compliance and Quality”.

1.8. “Cold Lead” means a Lead concerning a Prospect, transmitted to the Customer without any deadline, under the conditions set out in article 4 “Lead Compliance and Quality”.

1.9. “Party(ies)” means, individually and collectively, Weedev and/or the Customer.

1.10. “Red Period” means the periods defined in the Order during which Lead acquisition costs may require an increase in fees, within the limits set out in article 6 “Payment terms”.

1.11. “Services” refers to Lead provision services, enabling the Customer to establish contact with Prospects, with a view to concluding a contract or selling a product or service, as well as any other corollary services provided by Weedev hereunder, such as any ancillary consulting services and assistance with commercial prospecting for the purpose of improving the contact techniques developed by the Customer.

1.12. “Prospect” means a natural person who constitutes or represents a potential customer of the Customer and whose Leads are intended to be made available to the Customer under this Agreement. Prospects are qualified according to the Customer’s needs as expressed in the Order.

1.13. “Personal Data Regulation” means any provision of a legislative or regulatory nature, whether European or national, resulting in particular from Regulation 2016/679/EU of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and Directive 2002/58/EU of July 12, 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector, any national law transposing these texts, as well as any other regulations applicable in this area, subsequently added to or substituted for them.

2. Ordering Services The Services subscribed to by the Customer are specified in the Order, to which these General Terms and Conditions are appended. The Order is sent to the Customer by any means. The Agreement is concluded by the Customer’s acceptance of the Order, manifested by sending Weedev the signed Order by any means (including e-mail). The Customer undertakes to have = fully understood the characteristics of the Services to which the Customer has subscribed, their possible limitations and that they are suited to the Customer’s needs. If the signed Order is not received within seven (7) calendar days from the date it is sent, the Order will be deemed lapsed.
Acceptance of the Order constitutes a firm commitment to an order for a specific volume and date. Weedev is entitled, after informing the Customer, to increase its prices and/or not to deliver the Services ordered on the date indicated in the Order in cases where the Customer wishes to modify the scope of the Services ordered, after acceptance of the Order.

3. Performance of Services Weedev undertakes to exercise all reasonable care and diligence in the performance of the Services.
Unless otherwise stipulated in the Order, in the context of Hot Lead acquisition, volumes may vary by plus or minus ten (10) % from one day to another. A flow may only be cut off if the Customer sends a notice to this effect by e-mail to its privileged Weedev contact with forty-eight (48) hours’ notice.

4. Lead Compliance and Quality 4.1. Regulatory compliance. Weedev undertakes to ensure that Leads correspond to Prospects who have given their express consent to commercial prospecting and which may benefit the Customer, in accordance with the conditions set out in article 8 “Personal data protection”.
Weedev undertakes to ensure that Hot Leads correspond to a Prospect who has agreed, within a maximum period of forty-eight (48) hours prior to their transmission to the Customer, to be recontacted by telephone by a Weedev partner such as the Customer, identified as such in Weedev’s general terms and conditions of use accepted by the Prospect.
Weedev undertakes not to transmit to the Customer any Cold Lead registered on the “Bloctel” list of opposition to telephone canvassing established by article L. 223-3 of the French Consumer Code.

4.2.Contractual compliance. Weedev gives the Customer no guarantee as to the accuracy or veracity of personal data. The categories of data to be collected and the criteria for qualifying and non-qualifying Leads are defined in the Order. The compliance of Leads in this respect is guaranteed within the following limits and subject to the Customer providing of qualification feedback to Weedev.

4.2.1.Off Target Leads Leads that do not meet the qualification criteria (“Off-Target Leads”) will be replaced. These criteria may be modified with the agreement of both parties. These criteria must be mentioned in the Customer’s feedback.

4.2.2.Qualification feedback for billing purposes Following any delivery of Leads, the Customer must send an e-mail to facturation@hipto.com listing the Leads that have not been validated and the reason for their invalidation.
Leads already sent by Weedev since less than thirty (30) days (“Duplicate Leads”) will be replaced. Please note that Leads that are duplicate because they were sent by another Lead supplier will not be replaced.
Leads whose numbers are found to be unassigned (“Unassigned Number Leads”) will be suppressed from billing at a rate of five (5)%.
From the last day of each calendar month, the Customer has ten (10) working days to submit a claim to Weedev.
This claim should be addressed to
facturation@hipto.com and to Weedev’s privileged contact.
This claim must be made no later than ten (10) days following delivery of the last Lead in the order. After this date, no Lead will be replaced.

4.2.3.Qualification feedback for quality of service purposes
The Customer undertakes to share with Weedev, on an automated and daily basis via API return, data relating to the exploitation of Leads, and at a minimum, the Lead’s Hipto ID, the Lead qualification and its date and time of qualification. This data will only be used to improve the Lead’s operation (reachability and conversion).

5.Cooperation of the Parties The Parties undertake to cooperate actively and regularly to ensure the proper performance of the Services. The Customer undertakes to provide Weedev, as soon as possible after the conclusion of the Agreement, with all documentation and accurate, exhaustive and up-to-date information, and to put Weedev in contact with any person within the Customer’s organization who can contribute to the proper performance of the Services. Weedev will seek to advise and/or propose to the Customer the measures required to ensure the proper operation of the Leads.
As soon as the Agreement is signed, the Parties undertake to each designate the privileged contacts responsible for coordination with the other Party, and to set up bodies to monitor and maintain relations between the Parties, i.e. a Steering Committee to be organized either on a weekly or monthly basis.

6.Payment terms
6.1. Fees
The Customer undertakes to pay Weedev the fees indicated in the Order. Payment is an essential obligation of the Agreement. Fees are exclusive of taxes and are payable in Euros. Applicable duties and taxes, as well as any exchange rate charges or charges relating to international transfers, will be additionally invoiced to the Customer on the basis in force at the time of invoicing.
Any decision to grant a discount, reduction or application of degressive rates, based on a percentage or a fixed price, remains at the sole discretion of Weedev. Any discounts or rebates which may potentially be granted to the Customer shall under no circumstances create an acquired right for subsequent Orders.

6.2. Terms of payment
Invoices are sent electronically at the end of each month, to the customer’s e-mail address indicated in the Order. Any change to the Customer’s invoicing details, in particular to the Customer’s contact details, must be notified without delay to facturation@hipto.com. The invoice takes into account the validations carried out between the Customer and Weedev in accordance with article 4 “Lead Compliance and Quality” no later than ten (10) calendar days following delivery of the Leads.
The invoice must be paid by bank transfer within a maximum of thirty (30) calendar days from the date indicated on the invoice, unless otherwise specified in the Order. The Customer has ten (10) calendar days to contest the invoice.

6.3. Late payment
Any sum due but not paid by the due date is automatically subject to late payment penalties equal to the interest rate applied by the European Central Bank to its most recent refinancing operation, plus ten (10) percentage points, plus a flat-rate indemnity for collection costs of forty (40) euros. If the collection costs incurred exceed the amount of this fixed indemnity, Weedev may request additional compensation, upon presentation of any supporting document.

6.4. Revision of fee structure and surcharges
Weedev may revise the amount of fees (i) for fixed-term contracts: at each expiry of the Agreement or annually for contracts of one (1) year or more, subject to giving the Customer one (1) month’s notice of such revision; (ii) for indefinite term contracts: annually, subject to giving the Customer one (1) month’s notice of such revision. If the Customer does not accept the revised fees, the Customer may withdraw from or terminate the Agreement under the conditions set out in article 10 “Duration – Termination”.

Under the conditions set forth in the Order, the amount of fees may also be increased by a maximum of twenty (20) % during the Red Periods defined in the Order, provided that the Customer is given one (1) month’s notice of such increase.

7. Intellectual property As part of the performance of the Services, Weedev provides the Customer with certain services that may consist of and/or give rise to the creation or production of documents, analyses, developments, notes, reports, specifications, marketing creations, databases, software, including chatbots, scripts, interfaces, as well as any method or technique, whatever their nature or medium, whether or not they are covered by intellectual or industrial property rights (hereinafter collectively referred to as the “Results”).
Weedev’s Confidential Information and Results remain the property of Weedev and their use by the Customer is limited to the scope of the Agreement unless expressly agreed otherwise in writing by Weedev. The fact that they are made available to the Customer in the course of the Agreement does not confer on the Customer the right to use them for other purposes and for the benefit of third parties to the Agreement.

8. Personal data protection
8.1. The Parties acknowledge that they are fully aware of the obligations arising from the Personal Data Regulation, which apply to them in their capacity as independent data controllers, concerning (i) the processing of their business contacts, for the purposes of managing their commercial relationship; (ii) the processing of any personal data within the Leads, for which Weedev is the initial data controller at the stage of collection and transmission, and for which the Customer is the subsequent data controller from the time of receipt of the Leads. In this respect, the Parties respectively undertake to:

8.1.1.include this processing in their record of processing activities kept under their responsibility, indicating in particular the object and duration of the processing, its nature and purpose, as well as the type of personal data and the categories of data subjects in accordance with the Personal Data Regulation;
8.1.2. to respond to any request from a data subject to exercise his or her rights of access, modification, erasure, where applicable to restriction of processing, to object or to portability, or consent withdrawal, and to inform the other Party thereof within seven (7) calendar days for consent withdrawal and fifteen (15) calendar days for other rights;
8.1.3. inform the other Party in writing and without delay of any violation of personal data relating to the Leads transmitted, which it may have discovered during the term of the Agreement;
8.1.4. take all appropriate technical and organizational precautions, in particular in view of the nature of the personal data that each of the Parties processes and the risks presented by the processing, in order to maintain the highest level of security and confidentiality of such data and, in particular, to prevent it from being distorted, damaged or, above all, accessed by unauthorized third parties in any way whatsoever;
8.1.5. ensure that the transfer of personal data to a country outside the European Union/EEA is subject to the appropriate safeguards provided by the Personal Data Regulation, where applicable by concluding the standard contractual clauses referenced in the Appendix hereto, as well as, where necessary, conducting an analysis of the impact and capacity of the third country’s legislation to ensure the effectiveness of the rights of the data subjects.
8.2. In particular, Weedev undertakes:
8.2.1. to collect Leads transmitted to the Customer under conditions that comply with Personal Data Regulation;
8.2.2. to have informed and, if necessary, obtained the express consent of Prospects to commercial prospecting, which may benefit the Customer;

8.2.3. to implement appropriate security and confidentiality measures when transmitting Leads to the Customer.
8.3. In particular, the Customer undertakes:
8.3.1. to use Leads in accordance with the Personal Data Regulation, and specifically, with regard to Hot Leads, to contact these Leads within a reasonable period of time;
8.3.2. not to modify, assign or transfer to a third party, in whole or in part, whether in exchange for payment or free of charge, the Leads transmitted by Weedev.
8.4. Any notification or information to be sent to the other Party under this article must be sent to dpo@hipto.com for Weedev and to the address indicated in the Order for this purpose for the Customer.

9. Confidentiality The Parties undertake to guarantee the confidentiality of the Confidential Information. The Parties shall refrain from using and/or exploiting the Confidential Information, directly, indirectly or through an intermediary, for any purpose not directly related to the proper performance of the Agreement. This obligation does not prevent the transmission to a subcontractor of all or part of the Confidential Information, provided that it is essential for the proper performance of the Agreement and that the subcontractor is bound by an obligation of confidentiality similar to that stipulated in this article. Confidential Information does not include information (i) which is known to the Party for whom it is intended before it is disclosed to that Party by the other Party; (ii) which has entered the public domain prior to its disclosure; (iii) which is developed independently, unrelated to the performance of the Agreement.

10. Duration – Terminationn
10.1. Duration
The Agreement takes effect on the date of signature by the Customer of the Order and remains in force for the duration stipulated in the Order, unless terminated in accordance with the conditions set out herein. The term specified in the Order shall be for a minimum of three (3) months.

10.2. Termination
In the event of a fixed term specified in the Order (with a minimum and firm term of three (3) months), and unless otherwise specified in the Order, at the end of its initial term, the Agreement will be automatically renewed for successive periods, of a duration indicated in the Order, unless terminated by one Party, informing the other Party of its intention not to renew the Agreement, by registered letter with acknowledgement of receipt sent no later than seven (7) calendar days before the expiry date.

In the event of an indefinite term stipulated in the Order, the Agreement may be terminated without having to bring the case before the competent court after a period of three (3) months by either Party, by informing the other Party of its intention not to continue the Agreement, by registered letter with acknowledgement of receipt, subject to one (1) month’s notice.

10.3. Termination for breach.
If either of the Parties fail to meet its essential obligations under this Agreement, the Agreement will be terminated without having to bring the case before the competent court thirty (30) calendar days after formal notice has been delivered by registered letter with acknowledgement of receipt and has remained without effect, without prejudice to any damages that may be claimed from the defaulting Party as a result of the non-performance of its obligations.

10.4. Consequences of termination The Customer is liable for payment of any outstanding monthly fees until the end of the Agreement.

Provisions which by their nature or context are intended to survive termination of the Agreement, in particular the provisions of the articles “Confidentiality”, “Liability” and “References”, shall not be affected by the termination or withdrawal denunciation hereof.

11. Suspension In the event of non-payment or late payment by the Customer, Weedev reserves the right to suspend the Services until all sums due have been paid in full.

12. Liability
Neither Party shall be liable for damages resulting exclusively from the act of a third party or from a case of force majeure as defined in article 15 “Force Majeure”, as well as for indirect damages as defined by French case law, resulting from a breach on the part of one of the Parties and/or a malfunction of the Services, such as commercial or financial damage, loss of clientele, loss of brand image, loss of profit, any commercial disturbance whatsoever, loss or partial or total destruction of data.

To the extent permitted by applicable law, Weedev’s total liability under or in connection with the Agreement, all damages together, shall not exceed the sum of the fees, exclusive of taxes, paid by the Customer to Weedev during the six (6) months preceding the occurrence of the damage.

13.Audit
The Customer shall provide Weedev, on first request, with all documents evidencing the conditions of use of the Leads. Weedev may, after giving the Customer at least two (2) weeks’ written notice, and informing the Customer of the purpose of the mission and the names of the mandated experts, conduct an on-site audit, during working hours and no more than once every six months, of the conditions of use of the Leads, in particular by the Customer’s partners.

14. Subcontracting
Weedev may subcontract all or part of the Services covered by the Agreement to a third party of its choice, provided that the subcontractor is submitted to similar obligations, as relevant, as those imposed on Weeded under this Agreement. In any event, Weedev remains entirely responsible for the services it subcontracts.

15. Force majeure Neither Party may be held liable for a breach of any of its obligations under the Agreement resulting from the occurrence of an event of force majeure, having all the characteristics defined by article 1218 of the French Civil Code and by French case law, provided however that the Party invoking such an event notifies the other Party of its existence as soon as possible, that it does its utmost to limit the consequences and, finally, that it resumes performance of the Agreement immediately after the event of force majeure has ceased.
Should such an event last for more than one (1) month, the Parties agree to initiate discussions in order to take it into account.
Should they fail to reach an agreement within a maximum period of ten (10) working days, the Agreement may then be terminated immediately and without having to bring the case before the competent court, without compensation on either side, by either Party, by simple written notification sent to the other Party.

16. Insurance
Weedev undertakes to maintain, at its own expense, for the entire duration of the Agreement, an insurance policy covering the pecuniary consequences of its professional civil liability due to damage that may be caused in the performance of this Agreement.

17. References
The Customer authorizes Weedev to use, mention, represent or reproduce, on any communication medium, and for promotional, advertising, commercial or referencing purposes, the nature of the Services performed for the Customer, the Customer’s name, logo and brand free of charge, for the entire duration of the Agreement and for a period of two (2) years following the end of the Agreement.

18. Miscellaneous
18.1. Transfer

Weedev may assign and/or transfer, in whole or in part, the rights and obligations associated with the Agreement to any third party, including in particular in the context of a merger, acquisition, partial contribution of assets and/or demerger, or total or partial sale of goodwill.

18.2. Entire Agreement
The Agreement constitutes the entire agreement between the Parties concerning the Services. It supersedes all prior or current proposals or agreements, whether oral or written, and all prior or current communications between the Parties, relating to the subject matter of the Agreement, including any general terms and conditions of purchase of the Customer.

18.3. Modification
Weedev reserves the right to modify these General Terms and Conditions at any time, subject to notifying the Customer of the new version in writing at least one (1) month before it comes into force. In the event of modification during the term of the Agreement, the General Terms and Conditions will apply (i) in the case of a fixed term as specified in the Order, as from the renewal of the Agreement; (ii) in the case of an indefinite term as specified in the Order, one (1) month after the entry into force of the new version of the General Terms and Conditions.

18.4. Severability
If one or more of the stipulations of the Agreement are held to be invalid or considered as such in application of a law, regulation or decision of a competent court, they shall be deemed null and void and the other stipulations hereof shall remain in force. In this case, Weedev shall propose in good faith a replacement provision as close as possible from a legal and economic point of view to the invalidated provision.

18.5. No waiver
The fact that either Party does not invoke a breach by the other Party of any of its obligations under the Agreement shall not be construed as a waiver of such obligation.

18.6. Independence of the Parties
The Agreement is concluded between independent Parties. Consequently, none of its provisions may be interpreted as giving any of the Parties the power or mandate to act on behalf of the other Party or constituting any association or partnership between the Parties.

18.7. Headings
In the event of difficulty of interpretation of any of the headings or intertitles placed at the top of a stipulation herein, with any of these stipulations, the headings will be declared non-existent.

19. Competent court / Applicable law
The Agreement, and all disputes and claims arising therefrom, shall be interpreted and governed by French law, without regard to principles of conflicts of law. All disputes arising between the Parties concerning or resulting from the existence, validity, interpretation, performance or termination of this Agreement (or any of its provisions) which the Parties are unable to resolve amicably within thirty (30) days of notification of the dispute by one of the Parties, shall be subject to the exclusive jurisdiction of the Commercial Court of Nanterre.

20. Electronic signature
The Parties agree to use an electronic signature process, by means of a single-use electronic certificate constituting a reliable identification process guaranteeing its link with the act to which this electronic signature is attached, in accordance with articles 1366 and 1367 of the French Civil Code and their implementing provisions.

APPENDIX – TRANSFER OF PERSONAL DATA

Standard Contractual Clauses (decision (EU) 2021/914 of June 4, 2021)

The parties (i) Weedev, as identified in the header of the General Terms and Conditions (the Data Exporter) and (ii) the Customer, as identified in article 1 of the General Terms and Conditions (the Data Importer), have agreed to the Standard Contractual Clauses as made available by the European Commission on its website in unmodifiable pdf format, which can be consulted at https://eur-lex.europa.eu/legal-content/FR/TXT/HTML/?uri=CELEX:32021D0914&from=FR (hereinafter the “Clauses”). The purpose of these Clauses is to ensure compliance with the Personal Data Regulation in the event of the transfer of personal data to a third country.

The parties agree that all the provisions of the present Clauses are applicable to them as such, according to the scope for which they are concerned and for which they have defined the conditions below by mutual agreement.

  • (a) These Clauses apply to the transfer of data outside the EU, as detailed in Annex I.
  • (b) With regard to the Docking clause (Clause 7), the parties agree to opt out from the application of this clause.
  • (c) The nature of the data transfer outside the EU is a transfer Controller to Controller (Module 1).
  • (d) With regard to the security of processing in the Data protection safeguards (Clause 8), the parties have agreed to the technical and organizational measures set out in Annex II.
  • (e) With regard to Redress (Clause 11), the Parties do not accept the option provided for in the second paragraph of Clause 11 (a).
  • (f) Concerning Supervision (Clause 13), the competent supervisory authority is the French data protection authority, the CNIL (Commission Nationale de l’Informatique et des Libertés).
  • (g) Concerning Governing law (Clause 17), the present clauses are governed by the law of a country recognizing the rights of the third party beneficiary. The parties agree that this is French law.
  • (h) With regard to the Choice of forum and jurisdiction (Clause 18), any dispute arising from the present Clauses shall be settled by the French courts.

ANNEX I

A. PARTIES

The Parties to these Clauses are those specified in “General Conditions” (b) of these Clauses.

1. Data Exporter

Name, position and contact details of contact person

dpo@hipto.com

Activities relating to data transferred under these Clauses

Provision of Services

Signature and date

By reference to the date and validation of the Order, under the conditions set out in the General Terms and Conditions.

Role

Data controller

2. Data importer

Identity and contact details of data importer(s)

As indicated in the Order

Identity and contact details of any person acting as data protection contact

As indicated in the Order

Activities relating to data transferred under these Clauses

Acceptance and use of Services

Signature and date

By reference to the date and validation of the Order, under the conditions set out in the General Terms and Conditions.

Role

Data controller

B. DESCRIPTION OF THE TRANSFER

Categories of data subjects whose personal data are transferred

Prospects
Data exporter personnel

Categories of personal data transferred

Identity, telephone number and e-mail address, as specified if applicable in the Order

Sensitive data transferred (if applicable) and restrictions or safeguards applied

No sensitive data

Transfer frequency

For the duration of the relationship between the Parties under the Agreement

Type of processing

Transmission and storage

Purpose(s) of data transfer and further processing

Performance of Services

Personal data retention period, or if that is not possible, the criteria used to determine this period.

3 years from completion of form.

C. COMPETENT SUPERVISORY AUTHORITY

See Supervision clause (Clause 13) above.


ANNEX II

TECHNICAL AND ORGANIZATIONAL MEASURES, INCLUDING TECHNICAL AND ORGANIZATIONAL MEASURES TO ENSURE DATA SECURITY

Weedev establishes an information security management framework to identify, assess and manage the company’s information security risks. Weedev therefore ensures that the following technical and organizational measures are in place for the processing of Customer data.

1.1 Physical access control
Access to information within Weedev’s company is strictly limited to those who need it to perform their professional duties. Company facilities are protected against unauthorized access by the following measures:
– Authentication mechanism for access to premises (badge access, video surveillance camera);
– Protection of physical equipment (fire doors, alarms);
– Additional access protection measures for critical technical areas: physical access to server rooms and IT equipment is secured (key access).

1.2 Logical access control Weedev undertakes to prevent unauthorized access to its company’s information systems. To this end, it implements the following measures:
– Access to information managed by an individual authentication and access control system(connection history);
– Raising users’ awareness of password security policy when they join the company (long and complex passwords, with a combination of letters, numbers and special characters for all devices connecting to the wireless network or for remote connections);
– Users must immediately report any unauthorized access to their information;
– Obligation for users to change passwords every quarter;
– Raising users’ awareness on the need to regularly update computers, telephones and software;
– Monitoring of the activity of the wireless network, the delivery platform and the various software programs used;
– Third parties and suppliers with access to the company’s information systems are subject to verification and security control procedures before being authorized to access the systems;
– No unlicensed software or hardware, and no illegal downloads;
– Encryption, backup and password policies for the use of mobile devices (such as laptops, smartphones and tablets).

1.3 Data protection To protect data against loss, destruction or unauthorized modification, Weedev undertakes to take the following data protection measures:
– Data minimization and pseudonymization ;
– Access to data limited to those with an operational need;
– Data access logging.

1.4 Data transmission – Weedev’s network uses strong encryption (WPA2).

1 .5 Data integrity To be able to identify the persons responsible for inserting, modifying or deleting data in data processing systems, Weedev takes the following measures:
– Activity logging for system administrator activity;
– Activity logging for data processing tools users.

1 .6 Data availability To prevent the accidental loss or destruction of data, Weedev takes the following measures:
– Data backup on a regular basis;
– Emergency and recovery procedure;
– Secure technical facilities;
– Business continuation plan;
– Disaster recovery plan.

1.7 Organizational measures To maintain the security of the computer system and data, Weedev undertakes to take the following organizational measures:
– Security incident management plan (such as data breaches);
– Management plan for computer viruses and hacker attacks ;
– Informing employees of the procedure to follow in the event of a safety incident ;
– Raising information system users’ awareness of information security, security policies and procedures (training, access to procedures on the shared drive) through (1) training for new employees and (2) regular reminders for existing employees;
– Regular communication of security information bulletins, practical tips and security alerts;
– Appropriate security clauses in contracts with third parties and suppliers.