Terms and conditions of service for "Sensitive Data" application

Version 8/1/2024 

These Terms and Conditions establish a legally binding agreement between you (hereinafter the "Client"), who through HubSpot Marketplace, acquires the “SensitiveData” Application and Tiralíneas Digital SL, in relation to the use that the Client makes of it. By purchasing, downloading, installing or making use of the "Sensitive Data" Application and/or related services (collectively referred to as the "Service"), which are provided by or owned by Tiralíneas Digital S.L. (hereinafter, "Tiralíneas"), you agree and consent to be bound, without reservation or modification, to these Terms of Service (hereinafter, "Terms").

These Terms have been drafted in the Spanish language, which shall be considered the official and legally binding text for all parties involved. Any translation of these Terms into another language is provided solely for the convenience of the parties and shall have no legal effect. In the event of any discrepancy or conflict between the English version and its translations, the English version shall always prevail.

Tiralíneas reserves the right to modify or replace these Terms at any time and at its sole discretion. In the event of any modification, the Client will be informed via email or through the Services themselves. By accessing or using the Service, the Client agrees to comply with the version of the Terms that is in force and published on the HubSpot Market or on the Tiralíneas website (www.tiralineas.digital) at that time. If the Client does not agree to these Terms, in whole or in part, Customer must refrain from accessing, downloading or using the Service. The access to or use of the Service, in any form, implies the Client's full and unreserved acceptance of these Terms.

At all times, the Client and Tiralíneas shall be considered as independent entities or companies from each other. Tiralíneas will provide the Service subject to these Terms, without any dependency relationship regarding the organizational, hierarchical, and especially labor structure of the Client. The Service is intended solely for business customers. Nothing in these Terms is or can be considered an offer or an agreement with a consumer.

1. DEFINITIONS.
   1."Personal Data" means any information concerning identified or identifiable natural persons that is considered as such by the Applicable Law.
   2."GDPR" is the EU Regulation 2016/679 of April 27, 2016, General Protection of Personal Data, and corresponding legislation, in the current wording it may have at any given time.
   3."HubSpot" refers to the marketing and sales suite developed by HubSpot, Inc. in its complete or "pro" version. "HubSpot Marketplace" is an online platform where users can find and purchase applications, integrations, and templates to extend and customize the functionalities of HubSpot.
   4."Applicable Law" is any legal norm applicable in Spain or resolution issued by a Spanish administrative, judicial, or arbitral authority, of mandatory compliance.
   5."Service Levels" or "SLA ́s", for the Services as determined, are the values that Tiralíneas must achieve to accredit the fulfillment of the provision of the Services.
   6."Application Service Provider or ASP" is the company (Tiralíneas) that offers access to software or services over the Internet.
   7."Digital Assets" are defined as all forms of digital information processed, stored, transmitted, or managed through the Service by the Client. This includes, but is not limited to, numerical, textual, graphic data, and any other type of digital content susceptible to computer processing. "Digital Assets" are subject to applicable laws and regulations on intellectual property, data protection, and confidentiality.
   8."Software as a Service or SaaS", as the software distribution model where the software and the respective data it handles are hosted on a provider's servers, accessed through the Internet.
   9."Service" is defined as (a) the provision and download from HubSpot Marketplace; and (b) the provision on a Software-as-a-Service (SaaS) basis of an application (“Sensitive Data” Application) specialized in data synchronization and information processing. This application is designed to interact, associate or relate to the Customer Relationship Management (CRM) functions offered by HubSpot under its own terms of service. The Service includes, but is not limited to, providing access to the application, its maintenance, updates and corresponding technical support.
   
   
2. SERVICE DESCRIPTION.
   1. "Sensitive Data" Application: This is a solution created by Tiralíneas for the Business to Business (B2B) environment, aimed at expanding the data management capabilities of HubSpot. It integrates and displays data or information located in the Client's information systems, which, due to HubSpot's data storage policies, cannot be visualized. However, with the "Sensitive Data" Application, the adaptability of HubSpot is enhanced and enriched, adjusting to the specific demands of the Client. To use the Sensitive Data Application, it is essential that the Client previously has user access to HubSpot's CRM software. Access to the "Sensitive Data" Application must be made through a web browser with an Internet connection and operate on an API/SaaS application server provided by Tiralíneas.
      
      
   2. The data synchronized through the use of the "Sensitive Data" Application are not stored or processed on HubSpot's servers, and the "Sensitive Data" Application does not have any access to such servers for these purposes. The storage of the data (in the corresponding database) and its processing (using the software of the "Sensitive Data" Application) are carried out exclusively on servers operated by Tiralíneas at the Azure Data Processing Center (DPC), identified as "France Central", and located in the Paris region.
      
      
3. SUBSCRIPTION PLANS. The "Sensitive Data" Application is offered under different modalities or subscription plans, as well as with different properties or capabilities and which are determined and visible at all times in the HubSpot Marketplace.
   
   
   1. Free Model/Plan: Limited access to certain functionalities of the Service. The duration of this modality will be indefinite, subject to these Terms of Use and at the discretion of Tiralíneas.
      
      
   2. Subscription or Paid Model/Plan: Full access to the Service, with the functionalities or properties determined in each case on the HubSpot Marketplace. The duration of this subscription modality will be monthly or annual and may be automatically renewable, unless canceled by the Client. At the end of the stipulated period of the Subscription Plan, it will automatically renew for an additional period, unless explicitly terminated by the subscriber. Cancellation requests must be formalized at least 15 days prior to the end of the current period. Valid payment information is required to access this modality.
      
      
   3. Change of Subscription Plan: The Client has the ability to modify their Subscription Plan to the Service, being able to opt for either an upgrade or a downgrade to any of the available plans that Tiralíneas offers. In the event that the Client selects a Subscription Plan of lesser economic value, billing will adapt to the new plan once the validity period of the previously contracted Subscription Plan has concluded. Conversely, if the Client chooses a plan of higher economic value, the modification in the Subscription Plan will take effect immediately, proceeding with the additional charge in accordance with the new selected plan. Changing from a free Subscription Plan to a paid one will always entail the acceptance of a recurring charge, which will be governed according to the applicable rates in force at the time of the modification.
      
      
4. ACCESS AND ACTIVATION OF THE SERVICE.
   
   1. To use the Service, the Client must be previously registered on the HubSpot Marketplace and provide Tiralíneas with the following information: (i) Name; (ii) Company; and (iii) Email address.
      
      
   2. By providing this necessary information for registration, the Client declares and guarantees: (i) if representing a commercial entity upon registration, they declare that they have the authority to bind such commercial entity and that their acceptance of these Terms will be considered acceptance by that commercial entity; (ii) that they provide accurate, current, and complete information about themselves and the commercial entity they represent, as requested by the registration forms for the Service; (iii) to maintain the security of any login, password, or other credentials they select or that are provided to them for the use of the Service.
      
      
5. SERVICE PRICING, BILLING, AND PAYMENT METHOD.
   1. Subscription Rates: The prices and rates of the Service will be subject to the figures published on the HubSpot Marketplace at each specific time. Users or providers of the Service must refer to this platform to know the current prices applicable to the service. All amounts are denominated in euros (€) and do not include Value Added Tax (VAT) or any other applicable sales tax.
      
      
   2. Rate Changes: Tiralíneas may unilaterally modify the rates at any time or impose additional fees or charges for the Service. Such changes will always be announced or published on the HubSpot Marketplace. Changes in rates will in any case be applicable for the next billing cycle of the subscription plan that each Client has contracted. If you do not agree with the modified rates, you must cancel your subscription before the new billing cycle. If you upgrade or downgrade to a new subscription plan, you will be charged according to the current rate for that subscription plan, as indicated on the HubSpot Marketplace pricing page, unless otherwise agreed between you and Tiralíneas.
      
      
   3. Payment Processing: The Client expressly accepts that billing and payment for the Service will be made exclusively through Stripe, an electronic payment platform. The Client must complete the payment of the services using the options available on the Stripe platform. The use of Stripe as a payment method implies the Client's acceptance of Stripe's terms and conditions, including, but not limited to, payment processing policies and applicable fees.
      
      
   4. Tax Information for EU Clients: For clients registered in the European Union, it is imperative to provide, through the options available on the Stripe platform, the tax identification number (VAT Identification Number), and, depending on the Client's Member State of residence, the corresponding VAT charges will be applied to the total amount. For Clients registered in the United States of America, it is necessary to indicate, through the options available on the Stripe platform, the postal code, and, depending on the Client's tax jurisdiction, the relevant sales taxes will be applied to the total amount.
      
      
   5. Payment Terms: Payment must be made in advance at the start of each billing cycle with the acquisition of the Service on the HubSpot Marketplace and is nonrefundable. Similarly, a billing cycle begins immediately after the transition from the free version of the product to the paid version. Fees will be automatically charged according to the option chosen on the HubSpot Marketplace until you decide to explicitly cancel them. No refunds will be made nor credits granted for partial periods of Service, upgrade/downgrade changes, or for months or periods not used.
      
      
   6. NonPayment: Tiralíneas reserves the right at all times to deactivate the Client's access to the Service for nonpayment of the applicable fees at any time.
      
      
6. CLIENT'S DIGITALASSETS.
   1. Responsibility and Authorization: The Client is solely responsible for any Digital Assets of any kind processed through the Service, expressly authorizing Tiralíneas to use these Digital Assets only to the extent strictly necessary to provide the Service. The Client declares and guarantees to Tiralíneas that they possess the necessary rights or are legally authorized to use the Digital Assets through the Service. The Client also declares and guarantees to Tiralíneas that the Digital Assets processed by the Service do not violate or infringe any third-party rights, including, but not limited to, copyrights, trade secrets, and privacy rights, assuming direct responsibility for any liability arising from the breach of this warranty.
      
      
   2. Compliance with Laws and Regulations: The Client is solely responsible for complying with all laws, regulations, agreements, procedures, or other obligations related to the Digital Assets processed through the Service, including, but not limited to, those related to trade secrets and the processing of personal data.
      
      
   3. Prohibited Use of Digital Assets: The Client agrees not to use in connection with the Service any Digital Asset that (a) is defamatory, obscene, abusive, or threatening; (b) promotes or encourages behavior that could constitute a criminal offense, lead to civil liability, or violate any local, state, national, or foreign law or regulation. Tiralíneas reserves the right to suspend or terminate the Service and, if appropriate, remove such material from its servers. Tiralíneas has a legal obligation to fully cooperate with any law enforcement body or authority in the investigation of any violation of these Terms or Applicable Law.
      
      
7. LICENSE OF USE.
   1. Intellectual and Industrial Property Rights Warranty: Tiralíneas guarantees the Client peaceful use of the "Sensitive Data" Application software. Therefore, Tiralíneas declares and guarantees that the software has been developed, (a) without incorporating content in which third party Intellectual and Industrial Property Rights exist, or (b) in case of incorporating them, prior granting to Tiralíneas of all necessary licenses or rights, licenses and rights that include all extensions, improvements, or updates of said software.
      
      
   2. License Conditions: Subject to the payment of applicable fees and compliance with these Terms, Tiralíneas grants the Client a limited, nonexclusive, nontransferable, and revocable license to access and use the software associated with the Service (hereinafter, "the Software") during the validity of these Terms. The Client is responsible for the access and use of the Software by persons, employees, or collaborators to whom they have provided access to the Service.
      
      
      1. This license does not allow the Client to modify, transform, decompile, or use reverse engineering techniques on the Software. The Software may only be used to work with information and/or equipment owned by the Client, expressly prohibiting its use in providing services to third parties, as well as the resale of this Software by the Client.
         
         
      2. The license does not allow the Client to distribute or publicly communicate the Software, nor does it grant any type of right, title, or ownership over the trademarks, logos, or trade names of Tiralíneas or its distributors. The Client may not modify or remove any sign, trademark, or any other element included in the Software related to or referring to the copyright and intellectual or industrial property rights of Tiralíneas over the Software.
         
         
      3. The Client may not assign, sublicense, or transfer in any other way the granted license nor allow third parties to use the Software on their behalf, except with the prior written consent of Tiralíneas. The Client commits to using the Software only in accordance with the specifications and characteristics established in these Terms and any other document or additional information displayed on the HubSpot Marketplace or on the Tiralíneas website.
         
         
      4. The Software must be used by the Client only in their own internal business operations and by those employees of the Client who have authorized access to the Software. The use of the Software for the provision by the Client to any third parties of rental, sharing, subscription, hosting, or outsourcing services is prohibited. Also, the Client may not make the Software available in any form to any third party for use in the business operations of that third party. In case of identifying possible misuse of their account or authentication credentials, as well as any security incident related to the Service, it must be immediately notified to Tiralíneas (service and technical support team).
         
         
      5. This license does not permit or cover the use of the Software for purposes that directly or indirectly imply, among others: infringing the intellectual property rights or any other rights of a third party; producing or storing any illegal, defamatory material or inappropriate for any other circumstance; harming third parties or attempting to do so; inciting or provoking illegal, injurious, privacy invasive, racially, ethnically, religiously, or sexually discriminatory behaviors, or inappropriate for any other circumstance; promoting or providing information about illegal activities, promoting physical harm or injury to any group or individual, collaborating in any fraud or theft; or damaging, disabling, or impairing the operation of any property, devices, software, services, networks, or data; infringing, in any way, all applicable local, national, or international laws or regulations.
         
         
   3. Rights of Tiralíneas in Case of Breach: Tiralíneas reserves the right to suspend or cancel the Client's access to the Service and the automatic cancellation of this License, without prior notice and at its sole discretion, in case of breach by the Client of these Terms, without prejudice to the legal actions that may arise. Tiralíneas will not be responsible for any damage or harm that the Client may suffer as a result of such cancellation, suspension, or cancellation.
      
      
8. PERSONAL DATA POLICY
   1. Processing of Personal Data Derived from the Provision of the Service: For the provision of the Service, Tiralíneas might have access, for reasons of application service provision (ASP/SaaS), to personal data for which the Client is responsible. For the purposes of this clause, the following definitions apply: (i) Data Controller or "controller": the Client, a natural or legal person, public authority, service, or other body which, alone or jointly with others, determines the purposes and means of the processing; (ii) Data Processor or "processor": Tiralíneas, a natural or legal person, public authority, service, or other body which processes personal data on behalf of the controller.
      
      
   2. Operational Context of the "Sensitive Data" Application: The operational context of the "Sensitive Data" Application involves the provision of a SaaS service by Tiralíneas. Under this circumstance, it is determined that the Client acts as the Data Controller of the personal data that may be handled, collected, processed, or stored in the course of using the said Application and/or by providing the Service. As such, the Client assumes full responsibility for ensuring that the processing of personal data is carried out in strict conformity with the provisions established in the GDPR and other applicable data protection legislation.
      
      
   3. Client's Commitments: The Client commits to establish and maintain all necessary measures, both technical and organizational, to protect the rights and freedoms of the data subjects, ensuring that any processing of personal data is carried out with due respect to legality, fairness, and transparency. This includes, but is not limited to, the obligation to inform data subjects about the collection and use of their personal data, obtain appropriate consent when necessary, and respond to requests for access, rectification, erasure, or restriction of processing of personal data.
      
      
   4. Role of Tiralíneas as Data Processor: Tiralíneas, in its role as Data Processor, will act only under the documented instructions of the Client, ensuring that all persons authorized to process personal data commit to respect confidentiality or are subject to a statutory obligation of confidentiality.
      
      
   5. Physical Location of Servers: Generally, Tiralíneas declares that its servers, systems, and facilities are located within the European Union and carries out all data processing in accordance with the General Data Protection Regulation, offering sufficient guarantees to apply appropriate technical and organizational measures. In particular, the storage (database) and processing of data (software application) synchronized by the "Sensitive Data" Application are carried out in the Azure DPC
      known as "France Central", located in the Paris region.
      
      
   6. DATA PROCESSING AGREEMENT (DPA).
      1. Purpose of Data Processing: The Controller authorizes the Processor to process personal data on their behalf, which is incorporated into the resources assigned by the Processor under the use of the Service by the Client. The authorized processing operations will be strictly necessary to achieve the purpose of the contracted Service, involving hosting and data transmission over a telecommunications network, without conducting any other processing such as collection, structuring, dissemination, etc., of the Controller's personal data.
         
         
      2. Identification of Affected Information: The Controller, in the resources assigned by the Processor for the provision of the service, processes data and categories of personal data derived from the operation of the contracted Service, always according to their own instructions, being solely responsible for determining the purposes, objectives, and means of the processing performed.
         
         
      3. Special Categories of Data: The Controller declares and guarantees to the Processor that, if personal data processed through the Service falls under Article 9(1) of the GDPR (data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for unique identification, health data, or data concerning a person's sex life or sexual orientation), such processing is legitimized under the conditions stipulated in Article 9(2) of the GDPR, expressly exempting the Processor from any liability arising from noncompliance with this guarantee.
         
         
      4. Duration of Data Processing: The duration of this data processing assignment will be the same as that of the Service provision, of which this assignment is an inseparable part. Upon its conclusion, the Processor must return or transfer to another processor designated by the Controller, the personal data, and delete any copies in their possession. However, data may be retained to address potential administrative or jurisdictional responsibilities.
         
         
      5. Controller's (Client's) Obligations: In addition to the general obligations under data protection legislation, the Controller is responsible for ensuring that the technical and security conditions of the hosting service offered by the Processor are suitable for the nature, context, scope, and/or purposes of the data or processing for which they are responsible, as per their own data protection impact assessments and/or risk analyses. The Controller must also inform data subjects about the processing of their data, obtain their lawful consent, and provide mechanisms for them to exercise their rights under data protection regulations.
         
         
      6. Processor's (Tiralíneas) Obligations: The Processor commits to use the personal data only for the purpose of this assignment. They must process the data according to the Controller's instructions and inform the Controller if any instruction infringes the GDPR or other data protection provisions. The Processor shall not communicate the data to third parties unless expressly authorized by the Controller.
         
         
      7. Data Communication: The Processor may communicate the data to other processors of the same Controller according to their instructions. The Controller must identify the entity to which the data should be communicated, the data to be communicated, and the security measures to be applied. If the Processor must transfer personal data to a third country or international organization under EU or Member State law, they will inform the Controller of this legal requirement in advance.
         
         
      8. Security Measures: The Processor has implemented measures to ensure the security of the processing, including regular verification, evaluation, and assessment of the effectiveness of technical and organizational measures. They ensure that any person acting under their authority and having access to personal data can only process those data following the Controller's instructions.
         
         
      9. Controller's Acceptance: It is understood that the Controller, prior to formalizing this data processing assignment, has evaluated and accepted as compliant with the purposes and means of the processing, the level of security measures implemented by the Processor in their organization and facilities.
         
         
      10. Notification of Data Security Breaches: According to the GDPR, it is the Controller's responsibility to communicate data security breaches to the Data Protection Authority and/or the data subjects. The Processor will notify the Controller without undue delay of any data security breaches they become aware of, along with all relevant information for the documentation and communication of the incident.
          
          
      11. Information to be Provided in Case of a Breach: If a breach occurs, the following information should be provided: the nature of the personal data breach, the categories and approximate number of data subjects and data records affected, contact details of the data protection officer, the possible consequences of the breach, and the measures taken or proposed to address the breach.
          
          
      12. Gradual Provision of Information: If it is not possible to provide all the information at once, it should be provided gradually without undue delay.
          
          
      13. Collaboration with the Controller: The Processor will collaborate with the Controller in conducting data protection impact assessments, supporting the Controller in prior consultations with the supervisory authority, providing all necessary information to demonstrate compliance with obligations, and assisting in responding to the exercise of data subjects' rights.
          
          
      14. Exercise of Data Subjects' Rights: If data subjects exercise their rights directly with the Processor, the Processor must immediately communicate this to the Controller.
          
          
      15. Subcontracting: The Processor declares, and the Client expressly accepts, that they have subcontracted the processing capacity and storage of data synchronized through the "Sensitive Data" Application to the Azure DPC known as "France Central", located in the Paris region.
          
          
9. SERVICE LEVEL AGREEMENT (SLA)
   1. Definitions:
      1. "Availability" means the Service's ability to be accessible and functional for the Client, as measured by Tiralíneas. Availability is calculated by dividing the Service's total uptime in a monthly period by the total duration of that period, excluding scheduled maintenance time and any downtime not attributable to Tiralíneas.
      2.  "Downtime" refers to the time during which the Service is unavailable to the Client due to technical or maintenance issues attributable to Tiralíneas. Downtime is measured in minutes and accumulates over a monthly period. It does not include periods of unavailability caused by force majeure, third party infrastructure issues, malicious attacks, or Client’s connection interruptions.
      3. "Scheduled Maintenance" refers to maintenance and update work planned by Tiralíneas to maintain the Service's stability, security, and optimal performance. This may include security patch applications, software updates, infrastructure improvements, and other activities necessary for proper Service operation.
      4. "Monthly Period" is a consecutive 30 day period, starting on the first day of the calendar month and ending on the last day of the calendar month.
      5. "Business Hours" refer to the established hours for providing technical support and other related services, typically Monday to Friday, 9:00 am to 6:00 pm, excluding public holidays.
      6. "Incident" is an event that negatively affects the Availability, performance, or functionality of the Service and requires Tiralíneas's intervention for resolution.
      7. "Response Time" is the time elapsed from when the Client notifies Tiralíneas of an Incident until Tiralíneas acknowledges receipt of the notification and begins addressing the issue.
      8. "Resolution Time" is the time elapsed from when Tiralíneas acknowledges receipt of an Incident notification until the Incident is resolved, and the Service is restored to availability and functionality.
      9. "Third Parties" are legal or natural persons other than Tiralíneas and the Client, who may be involved in providing the Service, such as infrastructure providers, technical support, or related services.
      
      
   2. Purpose. This Agreement establishes the performance commitments and standards agreed between Tiralíneas and the Client regarding metrics, service levels, responsibilities, monitoring and problem resolution processes, penalties, and compensations. It aims to ensure quality and transparency in providing Outsourcing Services and/or SaaS Application Service of the software developed and provided for the Client and their associated professionals or merchants (hereinafter, “the Service”) under the main contract of which this Annex is an integral part.
      
      
   3. Duration. This service level agreement's validity is defined within the commercial relationship between the Client and Tiralíneas, ceasing to be applicable when that relationship is interrupted for any of the reasons stated in the main contract. This agreement may be reviewed during the renewal periods of the main contract (usually annually) or when either Party expressly requests it.
      
      
   4. Service Provision Modality. The service will be provided using virtual server(s) under Tiralíneas's control, running in a Cloud Computing environment, which may include, but is not limited to, access to the SaaS Application, data storage and management, and related Application support.
      
      
   5. Availability and Service Downtime.
      1. Guaranteed Availability Level: Tiralíneas guarantees a Service Availability level of 98% in a monthly period, excluding scheduled maintenance and any downtime not attributable to Tiralíneas. This percentage is calculated using the following formula:
         
         
      2. Availability (%) = [(Total time of the monthly period Total downtime) / Total time of the monthly period] * 100
         
         
      3. Total downtime is the cumulative sum of all periods when the Service was unavailable or nonfunctional for the Client during a monthly period. It is measured in minutes and calculated by adding the intervals when the Service experienced interruptions or failures affecting its Availability.
         
         
      4. Downtime Not Attributable to Tiralíneas: Downtime does not include that caused by factors beyond Tiralíneas's control, such as third-party infrastructure failures, malicious attacks, natural disasters, Client’s connection interruptions, or any other force majeure event.
         
         
      5. Downtime Recording and Communication: Tiralíneas will maintain a detailed record of the Service's downtime and provide information to the Client about any downtime through the online control panel or written communication.
         
         
      6. Contingency Measures: Tiralíneas commits to implementing appropriate contingency measures to minimize the impact of downtime on the Service. These measures may include implementing redundant systems, regular backups, and disaster recovery procedures.
         
         
      7. Downtime Notification: The Client must notify Tiralíneas of any downtime experienced within 24 hours of its onset. The notification should include detailed information about the downtime, including the start time, duration, and any additional relevant information. Tiralíneas will investigate the downtime and take steps to resolve the issue as soon as possible.
         
         
      8. Service Restoration: If the Service is unavailable due to downtime attributable to Tiralíneas, Tiralíneas commits to restoring the Service within a reasonable time, considering the nature and complexity of the problem. Tiralíneas also commits to keeping the Client informed about the progress of the problem resolution and Service restoration.
         
         
   6. Compensations.
      1. If Tiralíneas fails to meet the guaranteed Availability level of 98% in a monthly period, the Client may opt to receive compensation from Tiralíneas. To do so, the Client must notify Tiralíneas of the failure to meet the guaranteed Availability level within 10 business days following the end of the relevant monthly period.
         
         
      2. Compensation Calculation: Compensations will be calculated based on the actual Availability percentage achieved during the monthly period in which the failure occurred. The compensation will be expressed as a percentage of the total billed to the Client for the Service during the monthly period in which the failure occurred and will be determined according to the following table:
         
         
      3. Availability below 98.0% but equal to or greater than 97.5%: 5% compensation
         
         
      4. Availability below 97.5% but equal to or greater than 97.0%: 10% compensation
         
         
      5. Availability below 97.0%: 15% compensation
         
         
   7. Compensations will be applied as credit to the Client's account and can be used to pay future Service invoices.
      Compensations are nonrefundable and nonexchangeable.
      
      
   8. Limit: The total amount of compensations awarded in a monthly period shall not exceed the total amount billed to the Client for the Service during the same monthly period. Additionally, compensations will not accumulate from one monthly period to another and must be used within 12 months from the date they were granted.
      
      
   9. Compensation Exclusions: The Client will not be entitled to compensations if the failure to meet the guaranteed Availability level is caused by factors outside Tiralíneas's control, such as Client’s Internet connection interruptions, third-party infrastructure failures, force majeure events, or scheduled maintenance.
      
      
   10. Exclusive Remedies: The compensations set forth in this section constitute the Client's sole and exclusive remedy in case of failure to meet the guaranteed Availability level. The Client expressly waives any other right or remedy they may have under applicable law or this Service Level Agreement in relation to such failure.
       
       
   11. Maintenance Scheduling
       
       
       1. Right to Scheduled Maintenance: Tiralíneas reserves the right to conduct scheduled maintenance on the Service to ensure its proper functioning, security, and updating. Tiralíneas will endeavor to plan and schedule maintenance during periods of lower Service activity, thereby minimizing the impact on the Client.
          
          
       2. Advance Notice: Tiralíneas will notify the Client at least 72 hours in advance of any scheduled maintenance that may affect the Availability of the Service. The notification will include information about the date, time, estimated duration, and description of the work to be carried out during the maintenance.
          
          
       3. Maintenance Window: The maintenance window refers to the period during which Tiralíneas will perform maintenance tasks on the Service. Tiralíneas will strive to complete the maintenance within the time window specified in the notification and, as far as possible, avoid extending the maintenance beyond the estimated duration.
          
          
       4. Exclusion from Availability Calculation: The time spent on scheduled maintenance will not be considered downtime in calculating the Service's Availability, provided that Tiralíneas has adequately notified the Client and has carried out the maintenance within the specified time window.
          
          
       5. Emergency Maintenance: In exceptional cases, Tiralíneas may need to perform emergency maintenance to address critical issues related to the security, performance, or stability of the Service. In such situations, Tiralíneas reserves the right to conduct maintenance without prior notice to the Client. However, Tiralíneas will inform the Client as soon as possible about the nature of the emergency maintenance and the estimated duration.
          
          
   12. Technical Support.
       
       
       1. Support Availability: Tiralíneas will provide technical support to the Client via email during normal business hours (8:00 am – 3:00 pm, Monday to Friday, excluding holidays).
          
          
       2. Response Commitment: Tiralíneas commits to responding to technical support requests within 4 hours during business hours.
          
          
   13. Response Time.
       
       
       1. Rapid and Efficient Responses: Tiralíneas commits to providing rapid and efficient responses to the Client's technical support requests. To ensure appropriate and timely handling of requests, Tiralíneas will implement a classification and prioritization system based on the urgency and impact of the reported issue.
          
          
       2. Classification of Requests: Support requests are classified into different priority levels, such as critical, high, medium, and low, based on the severity of the problem, the number of users affected, and the impact on the Service's operation.
          
          
       3. Target Response Times: For each priority level, and in accordance with the incident response schedule set in the Communications clause, Tiralíneas will establish specific response time objectives, such as:
          1. Critical: initial response within 1 hour
          2. High: initial response within 6 hours
          3. Medium: initial response within 60 hours
          4. Low: initial response within 72 hours.
          
          
       4. Resource Allocation: Tiralíneas will allocate appropriate resources and provide the appropriate level of support based on the priority of the request. For critical or high priority issues, Tiralíneas will mobilize a team of experts and dedicate additional resources, if necessary, to address and resolve the issue quickly and effectively.
          
          
       5. Followup and Updates: Tiralíneas commits to keeping the Client informed about the progress of problem resolution and to providing regular updates on the status of the request. Additionally, Tiralíneas will work with the Client to establish an appropriate action plan and resolution timeline, depending on the complexity and impact of the issue.
          
          
       6. Adjustment of Priorities: If circumstances change or new information is obtained that affects the urgency or impact of the issue, Tiralíneas will adjust the priority of the request and reallocate resources as necessary to ensure a timely and effective resolution.
          
          
10. GENERAL PROVISIONS.
    
    
    1. Non Waiver of Rights: The non exercise by one of the Parties of any right derived from this Contract shall not be interpreted as a waiver of that right.
       
       
    2. Partial Invalidity: If a provision of this Contract is declared null, voidable, or inapplicable for any reason, the remaining provisions shall subsist on their own terms. If the nullity is declared on a substantial matter, the Parties will negotiate in good faith to find a lawful solution, always in consideration of the spirit of this Contract.
       
       
    3. Legal Advice: The Client declares that they have had the opportunity to review these Terms and that, to the extent they have deemed it appropriate, they have sought legal advice to understand and interpret the obligations they assume here.
       
       
11. LEGISLATION – ARBITRATION AGREEMENT
    
    
    1. This Contract is of a commercial nature and shall be interpreted and governed by the substantive law of the Kingdom of Spain. In case of any controversy between the Parties related to the interpretation, execution, or termination of this Contract, the Parties commit to try, in good faith, to resolve such controversy amicably. For this purpose, they will have a period of thirty (30) calendar days from the formal notification of the controversy by one of the Parties to the other. During this period, the Parties will strive to reach an agreement that allows the satisfactory resolution of the controversy in question.
       
       
    2. Submission to Arbitration Agreement: If they are unable to do so within the specified period, the intervening Parties agree that any controversy, discrepancy, question, or claim resulting from the execution or interpretation of this contract or related to it, directly or indirectly, will be definitively resolved before the Court of Arbitration of the Official Chamber of Commerce, Industry, and Navigation of Gipuzkoa, to which the administration of the arbitration and the designation of the arbitrators are entrusted in accordance with its Statute and Regulations in force at the date of submission of the arbitration application.