(the “site”), as well as the legal agreement between Smadex S.L. (“Smadex” or “us”), and the Customers of this site or of the services provided by Smadex (the “Customer”). Smadex is a Spanish company with seat in 08029 -Barcelona, c/ Rosselló 33 sobreàtic, with Spanish Tax Number B-65322034, registered in the Commercial Registry of Barcelona at page B-399036.
2.Content of the site
2.1.Ownership over the site.The site is owned and managed by Smadex.
2.3.Services modification. Smadex may modify without prior notice the design, layout and/or configuration of this site, as well as some or all of its functionalities. Smadex reserves the right to modify or discontinue the service with or without notice to the Customer. Smadex shall not be liable to the Customer or to any third party should Smadex exercise its right to modify or discontinue the services provided by means of the site.
2.4.No guarantee of technical availability. The Customer acknowledges that it is not technically possible that the site is 100% available 100% of the time. However, Smadex will strive to keep the site available and functioning as much as possible. Brief anomalies or temporary suspension may affect Smadex services, especially due to site maintenances, security reviews, or capacity issues, and because of events that may not be controlled or influenced Smadex (e.g. anomalies in public communication networks, power shortages, etc.).
3. Insertion orders
4. Customer obligations
4.2.Information provided by the Customer. All information provided by the Customer through the site shall be truthful. Customer guarantees the authenticity of all data communicated as a result of completing the forms necessary for the subscription and use of the services provided by Smadex.
Customer shall be held responsible for keeping constantly updated all information provided to Smadex, so that said information is at all times accurate. Customer will be solely responsible for any false or inaccurate information provided to Smadex, as well as for the damage caused to Smadex or to third parties due to such unreliable information.
4.3.Registry. Smadex may require at any moment that the Customer is registered in order to have access to any of the services provided by the site. In such case, the Customer password may not be transferred or assigned, even temporarily, to any third person. In the event that the Customer knows or suspects that his or her password is being used by any third party, the Customer shall inform Smadex of such undue use.
4.4. Use of the site. Unless previous authorization is granted by Smadex, the Customer may not incur in the following behavior:
a) To use software or scripts in connection with site usage.
b) To block, overwrite, modify or copy the site code, unless such action is necessary for the proper use of the services offered at the site.
c) Any action that may impair the correct functioning of the site, especially overloading its servers.
d) To use any of the materials and information contained in this site for illegal aims, or by any aim expressly prohibited by these terms and conditions.
Smadex retains the right to terminate, at its sole discretion, any accounts involved with botnets and related activities.
4.5.Payment terms. Invoices issued by Smadex shall become net and payable within 30 natural days since date of issuance. In case of late payment, Smadex shall apply different levels of penalties, including (i) stopping AdOps activities (quoting, reporting, launching new campaigns), (ii) stopping current campaigns, and (iii) a 1% daily default interest. Smadex shall have the right, but not the obligation, to seek payment of past due amounts directly from the applicable advertiser represented by the Customer (if there be one), without reducing or limiting Customer’s obligation in any way.
4.6.Ad standards. Smadex, at its own discretion, may refuse to run any ad or campaign if it determines that such ad or campaign does not comply with Smadex ad quality standards, mobile advertising good practices or applicable regulations, or would otherwise be inappropriate or damaging to Smadex or its partners.
User shall refrain from submitting, and Smadex shall refuse to run, among others, (i) ads that promote or depict illegal content or activities, violence; (ii) ads that contain advocacy against any protected group (e.g., racial or ethnic origin, sexual orientation/gender identity, age, disability, sex, religion, color, national origin, or veteran status); (iii) ads that depict offensive content or activity; (iv) ads that infringe third party intellectual property; (v) ads that are deceptive or resemble Customer interface elements (e.g. text boxes) or feature excessive animation, shaking or smileys; (vi) ads that mislead the end user insofar as the ad doesn’t match with the final product; (vii) ads that include rotating or auto-expanding rich media creative; (viii) deceptive ads that replicate the Customer interface of OS notifications; (ix) ads that contain creative with iframes; or (x) ads that include applications such as viruses, spyware, and malware.
4.7.Update of ad standards. Smadex may set forth at any time (for instance, in its IO) further restrictions on ad content and creative attributes.
4.8.Fraudulent campaigns. Customer shall refrain from submitting campaigns that Smadex regards as deceptive, malicious, or fraudulent (“fraudulent campaigns). A campaign shall be regarded as fraudulent when it generates queries, impressions, click-throughs, conversions, subscriptions, and/or other actions through any automated, deceptive, fraudulent or other invalid means (including click spam, robots, macro programs, and internet agents), or encourage or require end users to click on ads through offering incentives or any other methods that are manipulative, or attempt to create a substitute or similar service through access to any of the Smadex services or proprietary information related thereto. A campaign shall also be regarded as fraudulent when it starts any kind of action (such as a download, a subscription or a call), without the end user’s informed consent and engagement.
Customer acknowledges that fraudulent campaigns may result in a direct damage to Smadex (including costs, penalties or loss profit, as well as Smadex’ exclusion from real time bidding markets). Customer shall fully indemnify and hold Smadex (including its affiliates, directors, agents or employees), harmless of any such damage caused by a fraudulent campaign, including income lost due to Smadex’ exclusion from a real time bidding market.
4.10. Brand safety. Smadex offers customers brand safety tools and processes that are described in the [Smadex Brand Safety Policy].
5. Disclaimer. Warranties and liability
5.2.No warranty. The site is provided by Smadex on an “as is” and on an “as available” basis. To the fullest extent permitted by applicable law, Smadex makes no representations or warranties of any kind, express or implied, regarding the use or the results of this site and the services provided by means of this site, in terms of its correctness, accuracy, reliability, or otherwise. Smadex shall have no liability for any interruptions in the use of this site. Smadex disclaims all warranties with regard to the information provided, including the implied warranties of merchantability and fitness for a particular purpose, and non-infringement.
5.3.No liability. Smadex excludes any liability for damages of any kind (including any special, indirect, consequential, or incidental damages, or damages for lost profits, loss of revenue, or loss of use) that may be due to lack availability, continuity, or accuracy of the site, and the services rendered through the site.
5.4.Third party information. While Smadex makes every effort to ensure that the information on the site is accurate, no representations or warranties are made as to the accuracy or reliability of any information provided on this site, specially the information provided by publishers or third parties of any kind.
6. Links to third party websites
6.1.Inclusion of third party links. Smadex may include in the site links to third party sites with the aim of facilitating access to relevant information available on the Internet. Smadex shall not be held responsible for the contents of the links between the site and third party sites not managed by Smadex. Such links or references are for informational purposes only and in no way imply an endorsement, approval, or commercial relationship of any kind between Smadex and the persons who manage or own the said third party sites.
7. Intellectual Property Rights
7.1.Copyright. The IP contents of this site, including its code, are subject to Copyright © 2014 – Smadex S.L. Consequently, all economic and/or exploitation rights in connection with the contents of the site are held by Smadex, unless they have been licensed to Smadex by a third party. The reproduction, transmission, adaptation, translation, modification, public communication or any other use of all or part of the contents of this site, in any form and by any means, is strictly prohibited unless it has been authorized in written form by Smadex.
7.2.Content of the site. The text, graphics, images, audio, databases, logos, structure, brands and other elements of this site protected by intellectual property rights are held by Smadex and/or by any third party owners who have duly authorized their inclusion on the site by means of the corresponding agreement with Smadex.
7.3.Trademark. Smadex, the Smadex logo, and all related marks and logos, are registered trademarks of Smadex. All other marks are the property of their respective owners. Such use of trademarks or links to the web sites of third parties is not intended to imply, directly or indirectly, that such third parties endorse or have any affiliation with Smadex.
8. Privacy and personal data protection
8.4. Personal Data Protection. Smadex informs Customer of the existence of personal data files concerning the personal data of Customer and/or its team, created and managed by Smadex as data controller. The Customer has the right to access, rectify, erase or block the personal data controlled by Smadex. These rights can be exercised by means of an email addressed to the address info@Smadex.com, quoting the above subject, or by regular mail addressed to Smadex SL, CIF: B65322034, Carrer Roselló, Barcelona 08029 (Spain).
8.5. Data Processing Addendum concerning digital identifiers. The parties will enter a separate Data Processing Addendum following the contractual model provided by Smadex, concerning the processing of digital identifiers such as device identifiers, cookie identifiers, and IP address, by Smadex as data processor, following the instructions of Customer as Data Controller. This Data Processing Addendum contains the whole agreement between the parties as to the processing of such digital identifiers .
8.6. Additional Data Processing Agreement. Besides the digital identifiers whose processing is the object of the Data Processing Addendum described in section 8.5, , the Parties acknowledge that in some instances either of them (the ‘Controller Party’) may transfer to the other (the ‘Processor Party’), or the Processor Party may independently collect, certain personal data concerning the Controller Party’s employees, collaborators o contacts, that is necessary for the purposes of executing the advertising campaigns entrusted by Customer to Smadex, and to fulfill the obligations of both Parties under this agreement (“Controller Personal Data”). For what concerns such processing of Controller Personal Data, the Parties agree as follows:
(i). Controller Personal Data shall be processed by the Processor Party exclusively for the purpose of fulfilling its obligations under the IO and this Agreement, and under the instructions of the Controller Party. In no event shall Controller Personal Data be transferred to any third party, unless such transfer is necessary for fulfilling this Agreement.
(ii). When Processing Controller Personal Data, the Processor Party shall ensure that it implements and maintains appropriate technical and organizational security measures, in accordance with the standards in force in the online advertising sector, and with GDPR. The Processor Party shall provide to the Controller Party any information it may reasonably require concerning the security measures taken in order to protect Controller Personal Data.
(iii). In no event shall the Controller Party transfer, orto the Processor Party process, any personal data that may fall into the categories of data envisaged in Articles 9 and 22 GDPR.
(iv). The control of Personal Data remains with the Controller Party. The Controller Party is responsible for compliance with its obligations as data controller under data protection laws, shall inform any and all data subjects of their rights as envisaged in the GDPR and any other applicable data protection regulation,. It shall provide the means for effectively exercising such rights. In particular, Customer must provide visible notice to, and where necessary, obtain consent from, its employees, collaborators and contacts, regarding the scope of Customer’s and Smadex’s collection, sharing, and use of data in the context of the services provided by Smadex to Customer.
(v). Smadex is hereby authorized to engage third party subprocessors that will assist Smadex in the provision of the Smadex services.In particular, Customer is hereby informed that Customer Personal Data will be processed by providers of cloud services such as Amazon Web Services, Google, and Dropbox. Customer is entitled to ask for any additional information concerning such subprocessors, as it may be reasonably necessary.
Customer shall only be entitled to engage third party subprocessors if it receives a prior written authorization by Smadex.
(vi). Following the termination of the Smadex services, the Processor Part will promptly delete or otherwise render inaccessible all copies of the Controller Personal Data, except as may be required by law.
(vii). Smadex is entitled to transfer to and store, Customer data in the United States, and in certain countries where data protection laws may be different from the EU regulations, provided that in every case it will be obliged to enter into the relevant Standard Contractual Clauses for data exportation, as approved by the European Commission at the time. Customer shall provide its customers with sufficient notice thereof, and when necessary obtain their consent for such transfer, storage and use.
(viii) The Processor Party shall ensure that every person that is granted access to Controller Personal Data as an employee, agent or contractor of the Processor Party, has contractually committed to or is under a statutory obligation of confidentiality.
(ix) Taking into account the nature of the processing, the Processor Party shall assist the Controller Party in implementing appropriate technical and organisational measures in order to ensure the fulfilment of the Controller Party’s obligation to respond to requests concerning the exercise of data subject rights. The Processor Party shall: (i) cooperate with the Controller Party in order to ensure that the rights of data subjects are fully respected, and promptly follow the Controller Party’s instructions concerning their exercise (instructions such as deleting, transferring, or processing the data of Data subject); and (ii) in case that a data subject contacts the Processor Party, such party will immediately notify the other Controller Party and will refrain from responding to the relevant data subject except on the documented instructions of the Controller Party or as required by applicable laws.
(x) Each Processor Party will provide to the relevant Controller Party any reasonable information it may demand, concerning the processing of personal data controlled by such Controller Party. In addition to that, it will provide any evidence that is reasonably requested by the Controller Party concerning the fulfillment of the Processor Party’s obligations under the applicable data protection regulations.
(xi) The Processor Party will immediately notify the Controller Party in case it suspects or becomes aware of a Personal Data Breach affecting Controller Party Data, and will immediately provide Controller Party with sufficient information and evidence to allow Controller Party to meet any obligations to report or inform Data Subjects of the personal data breach. In addition to that, the Processor Party will immediately take any action required in order to put an end to such data breach, and will provide to the Controller Party evidence of such action.
8.7. Data processing by third parties. In the context of the services provided by Smadex to Customer, Customer may instruct Smadex to transfer certain data to third parties such as ad serving or tracking companies (hereinafter “third party data processors”). In such event, Customer warrants to Smadex that it has entered into a data processing agreement with the relevant third party data processor that fulfills all the requirements set in the GDPR and any other applicable data protection regulation, and that such third party data processor will use the transferred data (i) in compliance with all applicable laws; (ii) exclusively for the purpose of providing services to the Customer related to the ad campaigns run by Smadex; (iii) that the third party data processor will neither store nor share such data with a third party; and (iv) that the third party shall implement appropriate technical and organizational measures to protect the data against destruction or loss, alteration, unauthorized disclosure or access. Smadex will be entitled to refrain from executing such data transfer if it reasonably believes that these requirements have not been met.
9. Governing law and dispute resolution
9.1.Applicable law and competent jurisdiction. These terms and conditions are governed by Spanish law. Any dispute arising from the use and/or contents of this site shall be submitted to the exclusive jurisdiction of the courts of Barcelona (Spain).