These Terms and Conditions govern the access to, and use of the m-Path Services provided by m-Path Software bv, with registered seat at Diestsesteenweg 327, 3010 Leuven, Belgium with company number 1010.164.730 (hereinafter “m-Path”). Before using the m-Path Services, you should carefully read these Terms and Conditions. By using and/or downloading the m-Path Services, you agree to be bound by these Terms and Conditions. If the Services are used on behalf of a legal entity, m-Path assumes that you are authorized and entitled to accept these Terms and Conditions on behalf of the legal entity you represent. The m-Path Services consist of the Application and Dashboard as defined below.
For any questions regarding the Terms and Conditions, you can contact us via e-mail at merijn.mestdagh@m-path.io.
1.1. “Agreement” means these Terms and Conditions together with all their annexes.
1.2. “Application” means the mobile m-Path application. The application allows Clients and Participants to search for a Practitioners or Researcher, connect with them, receive surveys assigned to them and respond to survey questions.
1.3. “Bespoke Services” refers to specific services that may be agreed in a Delivery Form.
1.4. “Client” shall mean the client who uses the m-Path Application(s) and has been linked to a Practitioner.
1.5. “Confidential Information” means the information disclosed by m-Path to the User or vice-versa for the purposes of this Agreement, which is (i) disclosed in tangible form, whether or not marked “Confidential” or “Proprietary” or similarly marked as such before disclosure; or (ii) disclosed in intangible form such as electronically, orally or by visual inspection, identified as confidential at the time of disclosure; or (iii) obviously confidential in nature.
1.6. “Dashboard” means the online webtool for creating and managing surveys and accessing survey results.
1.7. “Delivery Form” means the contractual document forming part of this Agreement describing a subscription by the Practitioner or Researcher, including any Bespoke Services ordered by that Party.
1.8. “Force Majeure” means any circumstance not attributable to the fault in the subjective sense of m-Path which makes it impossible or practically too inconvenient for m-Path to fulfil or continue to fulfil its obligations or a part thereof. This includes, but is not limited to, strikes or other concerted acts of workers, pandemics, fires, floods, explosions, riots, wars, rebellions, terrorism and sabotage.
1.9. “Intellectual Property Rights” means any and all patents, utility models, registered designs, unregistered design rights, copyrights (including rights related to software), database rights, trademarks, trade names, brands, logos, rights in respect trade secrets and Confidential Information, rights under unfair competition laws, extensions of the terms of any such rights, applications for and the right to apply for any of the foregoing registered property rights, independent from whether or not they have been registered, and similar or analogous rights anywhere in the world.
1.10. “m-Path Services” or “Services” means the provision of the Application and Dashboard, the storage by m-Path of the Respondent Information and the provision to the access to the Respondent Information.
1.11. “Participant” means the research participant who uses the Application and has been linked to a Researcher.
1.12. “Party” means the party to the Agreement, being m-Path or a User.
1.13. “Practitioner” means the user who primarily uses the Dashboard (and Application) and who provides survey(s) to the Clients via the Application.
1.14. “Researcher” means the researcher who primarily uses the Dashboard (and Application) and who provides survey(s) to the Participants via the Application.
1.15. “Respondent Information” means the information, including survey responses or other input given by Clients and Participants which is made available to the Practitioner or Researcher through the Dashboard.
1.16. “Subscription” refers to the subscription that Practitioners and Researchers can conclude subject to ARTICLE 5.
1.17. “User” shall mean the Client, Participant, Practitioner or Researcher using the m-Path Services.
2.1. Subject to the terms and conditions of this Agreement, m-Path grants the User an access and use right to the Services.
2.2. The m-Path Services for Practitioners are intended only as a communication tool between a Client and a Practitioner. It is not a diagnostic tool for psychopathology or any other condition, nor a tool for the prevention, alleviation or cure of any condition. Any information you receive or access on the m-Path Services cannot be considered medical or therapeutic advice, and you acknowledge and agree that m-Path does not provide medical services. If you have mental health problems, please consult a physician or therapist. If you need urgent medical attention, call emergency services.
3.1. Minors under and between the ages of 13 and 16, taking in consideration national data protection legislation can only use the m-Path Services with the consent and under the supervision of a parent or legal guardian who holds the parental authority over the minor.
3.2. If we become (or are made) aware that the m-Path Services are used by a minor without consent of a parent or legal guardian, the account and data of such minor will be removed.
4.1. Access to the m-Path Services requires registration of a personal account. Except when registering on behalf of a legal entity, it is not allowed to register an account for anyone but oneself. Nor is it permissible to create an unauthorized account, including but not limited to the use of any machine, script, bot, spider, crawler or scraper.
4.2. The User shall provide accurate and complete information when registering the personal account and using the m-Path Services and shall update this information in case of any changes. The User is responsible for safeguarding and keeping the account, account name and password secret.
4.3. The Client or Participant is advised not to use identifying information, including name or surname, when determining the nickname, they may assign to themselves. They are responsible for safeguarding and keeping the account and nickname secret.
4.4. The User agrees not to attempt to discover or use anyone else’s personal account.
4.5. m-Path shall not be liable for any loss or damage arising from the User’s failure to comply with the above. m-path reserves the right to disable access to the account at its own discretion.
5.1. The use of the m-Path Services is free. However, Practitioners or Researcher may agree to a paid Subscription for the use of the specific functionalities of the Dashboard and related Services, as well as Bespoke Services. Such Subscription will always be subject to the conclusion of a Delivery Form between the Parties.
5.2. Except as otherwise agreed, the Subscription fee will be invoiced by m-Path on a yearly basis. The invoice shall contain a detailed description of the Services covered by the paid Subscription.
5.3. Except as otherwise agreed, all invoices shall be payable by the Practitioner or Researcher within thirty (30) days of the invoice date and via bank transfer. In case of late payment, m-Path is entitled, without prior notice, to interests at the rate of 12 % per year, without prejudice to m-Path’s right to apply any other remedies.
5.4. The Subscription fee is paid in EUR. All taxes of any type relating to the remuneration shall be paid by the Practitioner or Researcher.
6.1. If applicable, m-Path will provide the Bespoke Services described in the Delivery Form and its annexes (if any) with reasonable care and skill.
6.2. The parties agree that delays in the performance of the Bespoke Services cannot give rise to compensation or dissolution of the Agreement.
6.3. M-Path shall remain the owner of all results generated in the course of the performance of the Bespoke Services. The Practitioner or Researcher shall have the right to use such results for the purposes of this Agreement. Except as otherwise agreed between the Parties, m-Path shall be allowed to make use of the results in relation to any other customers.
7.1. The m-Path Services are constantly being updated and their format or content may change without prior warning. m-Path shall make all reasonable efforts, in accordance with market standards, to ensure the accessibility to the m-Path Services. However, the access may be temporarily suspended without prior warning, in case of any technical errors, maintenance work or for any other reason. The m-Path Services or parts thereof may also be suspended for all or some Users without prior warning. m-Path reserves the right to interrupt any access to the m-Path Services, if the conditions of use are breached. m-Path shall not be held liable for any damage or loss if for any reason the m-Path Services are temporarily or permanently unavailable, or access is restricted.
7.2. The User shall be responsible for use of the m-Path Services and for any content the User provides on the Services. The User cannot send any unsolicited, commercial, offensive or harmful communication to another User of the m-Path Services and the User cannot share any confidential, illegal, harmful or libellous content, or any content infringing third party rights on the m-Path Services. m-Path does not endorse, support, represent or guarantee the accuracy, completeness or reliability of any content provided by the User on the m-Path Services. m-Path does not monitor or control the content that a User provides and shall not be liable for any content the User has provided on the m-Path Services. m-Path reserves the right to remove any content at its own discretion and without prior warning.
7.3. The User cannot use the m-Path Services for any illegal or unauthorized purposes and shall comply with all applicable laws and regulations. The User shall not try to restrict another User in the use of the m-Path Services shall not enable or encourage another User to violate the Terms and Conditions or any other conditions of the m-Path Services. The User shall not hinder or disrupt the provision of the m-Path Services by using spyware, malware, viruses or any other destructive code. m-Path reserves the right to disable access to the account at its own discretion if the User does not comply with the Terms and Conditions or if the use of the m-Path Services forms a legal risk to m-Path.
8.1. m-Path shall make all reasonable efforts to ensure that the information it provides on the m-Path Services is correct. m-Path may change the content or features or functionalities offered on the Application or Dashboard at any time, without prior warning. m-Path has but no obligation to make any updates to the Services.
8.2. The User understands that the information we provide on the Application may not always be accurate, complete or fit for the purpose intended by the User. m-Path cannot be held responsible for any deterioration of existing condition of the User or any new condition that may occur.
9.1. After you have agreed to the Terms and Conditions, m-Path shall provide to you the necessary files and information to use the m-Path Services (if any).
9.2. m-Path gives no guarantee of continuity of availability of the m-Path Services. Without prejudice to article 6, m-Path reserves the right to discontinue m-Path Services at any time without prior notice.
10.1. m-Path processes Clients’ or Participants’ personal data on behalf of the Practitioner or Researcher. m-Path acts as a processor on behalf of the controller (the Practitioner or Researcher) for the processing activities mentioned in the data processing agreement (annex 1).
10.2. When the Practitioner or Researcher is not established in the European Economic Area, the Standard Contractual Clauses of the European Commission (“SCC”) apply to the transfer of Respondent Information outside of the EEA, if the country in which they are established is not covered by an existing adequacy decision adopted by the European Commission. Where m-Path acts as a data processor, the SCCs in annex 2 apply.
10.3. m-Path also processes the personal data of Clients or Participants and Practitioners or Researcher for its own purposes, linked to the registration for uses, such as the use of the Services and the improvement of the Services. More detailed information on the processing of your personal data can be found in our privacy statements https://m-path.io/LegalPage/legal.html.
11.1. All rights, including Intellectual Property Rights, rights relating to Confidential Information, trade secrets and other intellectual and industrial property rights, whether registered or unregistered, and all similar rights protecting the m-Path Services, including the Application, the Dashboard and documentation, are the exclusive property of m-Path or its licensor(s). None of the provisions contained in these Terms and Conditions may be construed to result in a (partial) assignment of those rights to the Users.
11.2. By using the m-Path Services, you agree to the Terms and Conditions, and you obtain a personal, revocable, non-exclusive, non-transferable right to access and use the m-Path Services in accordance with these Terms and Conditions.
11.3. The User may not transfer the license in whole or in part or reproduce, modify, distribute, sell, loan, broadcast, license, reverse engineer, decompile, disassemble or otherwise exploit the content or software code of the m-Path Services or create derivative works therefrom without our prior written consent from m-Path. The User may not use or register any trademark, design, logo or domain name of m-Path or any similar name or sign, in any jurisdiction, anywhere in the world, without our prior written consent from m-Path.
11.4. The access and use right for the m-Path Services does not include the right to incorporate the m-Path Services or parts thereof into (software) products that are sold or otherwise transferred to third parties. The grant of this access and use right does not include the right to use the m-Path Services to provide services for the benefit of third parties or to provide clinical or medical services.
11.5. The User shall inform m-Path promptly if it becomes aware of any infringement or potential infringement of m-Path’s Intellectual Property. The User shall not be allowed to commence any infringement or enforcement proceedings on behalf of m-Path.
11.6. If any warning letter or other notice of infringement is received by the User, or legal suit or other action is brought against the User, alleging infringement of third-party Intellectual Property, that Party shall promptly provide full details to m-Path, and the Parties shall discuss the best way to respond.
11.7. The User retains ownership of all content it provides but grants m-Path a worldwide, irrevocable, non-exclusive, royalty-free license to use the content for any purpose, including to provide and enhance the m-Path Services.
11.8. Nothing in these Terms and Conditions shall prevent m-Path from entering into agreements with third parties with respect to the m-Path Services.
12.1. Practitioners and Researchers agree that any survey questions submitted through the Dashboard are not Confidential Information and may be used by m-Path for any purpose, including providing these questions to other Dashboard users for their own surveys. Practitioners and Researchers warrant that their survey questions do not infringe on any third-party rights and that they have obtained any necessary approvals from third parties to grant m-Path the right to use these survey questions.
12.2. Practitioners and Researchers are encouraged to provide m-Path with feedback on the Dashboard as used in compliance with the Terms and Conditions. m-Path is permitted to use any information provided by the User in this context for any purpose including but not limited to making changes to the m-Path Services or for further research purposes. All feedback shall be sent to: contact@m-Path.io.
13.1. Neither Party shall distribute, disclose or disseminate, in any form, any Confidential Information, except for own employees or engaged third parties who have a reasonable need to know the Confidential Information for the purposes of this Agreement and who shall be bound by the confidentiality obligations, at least as stringent, as the one provided for in these Terms and Conditions.
13.2. Both parties shall take all reasonable measures to comply with their confidentiality obligations, and they shall ensure that their employees and third parties engaged shall compliance. Both Parties agree for a period of five (5) years following receipt of the Confidential Information, to keep confidential all Confidential Information.
13.3. The confidentiality obligations in this article do not apply to the extent that the Confidential Information:
14.1. The User acknowledges that the m-Path Services do not provide medical advice and may not be used as a substitute for medical advice, diagnosis, prevention, monitoring or treatment of any health condition or problem. The User acknowledges that m-Path is not responsible for any interpretation, clinical or otherwise, of the responses to the survey questions.
14.2. The User acknowledges that m-Path is not responsible for the accuracy or veracity of the professional credentials or qualifications of the Practitioners or Researchers. The User agrees to be solely responsible for verifying the professional credentials or qualifications of any Practitioner or Researcher with whom the User is connected.
14.3. The User acknowledge and agrees that the license does not constitute ethical approval of any kind for academic or clinical use and that the Practitioner or Researcher is solely responsible for obtaining prior ethical approval for the use of the m-Path Services.
14.4. The m-Path Services are provided “as is” and m-Path makes no representations and extends no warranties of any kind, either express or implied with respect to the Services. There are no express or implied warranties of merchantability or fitness for a particular purpose or warranties that the use of the m-Path Services will not infringe any patent, copyright, trademark, or other proprietary rights. You shall indemnify and hold harmless m-Path from all losses, damages, expenses, costs and other liabilities in connection with your use of the m-Path Services and the personal data.
14.5. m-Path shall not be liable for any failure in performance hereunder arising out of causes beyond its control or for any direct or indirect damages caused to the User or third parties arising out of the User’s or m-Path’s use of the m-Path Services or the personal data, unless caused by the wilful misconduct of m-Path. The total and aggregate liability of m-Path shall in any event be limited to EUR 500,00.
14.6. Notwithstanding the foregoing, the liability of m-Path shall not be limited to the extent such limitation is not permitted by law or to the extent that damages are caused by wilful misconduct of m-Path.
15.1. In case of Force Majeure, m-Path is entitled to suspend the fulfilment of its obligations or a part thereof for which no fulfilment or damages can be claimed. If the period of Force Majeure lasts longer than 3 months, each of the Parties is entitled to terminate the Agreement in whole or in part without being obliged to pay damages, provided that m-Path shall always be entitled to a proportionate share of compensation if it has its obligations before the Force Majeure occurred partially fulfilled.
16.1. These Terms and Conditions are applicable to the User from the date you download or start using the m-Path Services.
16.2. This Agreement will remain in effect until you fully delete your account on the Application or Dashboard or upon termination by m-Path.
16.3. When you conclude a Subscription, your subscription will have the duration indicated in the Delivery Form. The termination of the Agreement will result in the automatic termination of the Subscription. However, the termination of the Subscription will leave the duration of the Agreement unaffected.
16.4. m-Path may terminate the Agreement and/or Subscription without further liability at any time with immediate effect and without judicial intervention, in whole or in part, by means of (electronic) notice, if the User fails to (correctly) comply with the Terms and Conditions or any of its obligations under the Agreement and, after written notice by m-Path, does not remedy such failure or non-compliance within a reasonable time after such notice.
16.5. No Party shall upon termination of this Agreement be relieved of its obligations under these Terms and Conditions that arose prior to the date of termination, nor shall such termination affect the rights of any Party that arose prior to the date of termination. The obligations of the Parties outlined in these Terms and Conditions that are intended to survive the termination of this Agreement will remain in effect after the Agreement ends.
16.6. Upon termination of this Agreement, the User shall immediately cease using the m-Path Services.
16.7. Upon termination of the Agreement, in no event will m-Path be liable for payment of any damages resulting from such termination.
17.1. Any notice authorized or required to be given to m-Path under the Agreement shall be in writing and shall be deemed to be duly given if sent by registered post at:
Name: m-Path Software
Address: Diestsesteenweg 327, 3010 Leuven, Belgium
17.2. m-Path may assign, transfer or sublicense the Agreement wholly or partially to any third party without your prior written consent.
17.3. Delay or failure by m-Path to enforce against the User of the m-Path Services any right under the Agreement or the Terms and Conditions shall not constitute a waiver of rights.
17.4. The Terms and Conditions herein contained constitute the entire Agreement between the Parties and supersede all previous agreements and understandings, whether oral or written, between the Parties hereto with respect to the subject matter hereof.
17.5. Should any provision of the Agreement or these Terms and Conditions be null and void, in whole or in part, or be contrary to law, the Agreement or other Terms and Conditions shall remain in full force and effect and that provision shall be interpreted in a manner consistent, to the extent possible, with the intent of the parties.
18.1. m-Path reserves the right to update these Terms and Conditions at any time. Any changes will apply prospectively.
18.2. We will notify you of any updates thirty (30) days in advance via the Application or the Dashboard. By continuing to use m-Path Services after the thirty-day (30) notification period, you agree to the updated Terms and Conditions.
18.3. The most current version of the Terms and Conditions are available here https://m-path.io/LegalPage/legal.html.
19.1. The Terms and Conditions are governed by the laws of Belgium, to the exclusion of any conflict-of-laws rules which would cause the laws of another jurisdiction to apply.
19.2. In the event of disputes concerning the validity, interpretation, enforcement, performance and termination of the Terms and Conditions, the Parties shall first undertake to settle their differences amicably. If negotiations fail, all disputes will be resolved exclusively by the competent courts of Brussels, Belgium, unless mandatory law requires otherwise.
1.1. With regard to the processing of personal data (as mentioned in this annex) by the data processor on behalf of the data controller (“personal data”), the data controller is either the Practitioner or the Researcher (the “Controller”) and m-Path is the data processor (the “Processor”).
1.2. The data subjects are respectively the Clients and Participants who are the natural persons filling out the specific questionnaires.
1.3. This processing concerns the following categories of personal data (depending on the m-Path Services provided by the Processor): user identification information, connection codes, content data, sense data, pictures and audio.
1.4. Such processing will be carried out for the following purposes: to comply with the provisions of the Agreement, in particular to obtain consent from the Client or Participant, to transfer the results of the surveys and questionnaires to the Controller, and to perform analyses or store the User’s personal data.
1.5. The Processor will only process the personal data on the Controller’s written instructions, including in relation to the transfer of the personal data to a third country or an international organisation, unless required by Union or Member State law to which the Processor is subject, in which case the Processor will notify the Controller of such legal obligation prior to processing, unless such notification is prohibited by law for important reasons of public interest.
1.6. The Controller will ensure that its instructions always comply with applicable data protection laws and acknowledges that the Processor is not responsible to determine (i) which laws or regulations are applicable to the Controller's business and (ii) whether the Processor’s instruction(s) comply with applicable law. The Processor will inform the Controller if it becomes aware or reasonably believes that the Controller’s instructions infringe applicable data protection laws.
1.7. Unless the Controller is established in a third country, the m-Path Services shall be provided exclusively in the EU or EEA.
2.1. The Controller hereby grants the Processor a general authorisation to engage other processors (“sub-processor”). The Processor will in that case inform the Controller about the identity of these sub-processors, any changes thereto and any intended changes with respect to the addition or replacement of other sub-processors. A list of sub-processors can be found at https://m-path.io/LegalPage/legal.html.
2.2. The Controller may object to the appointment or replacement of other processors on reasonable grounds of which the Controller will inform the Processor in writing. If the Controller reasonably objects to the appointment or replacement of other processors and the Controller's objections cannot be resolved in a commercially acceptable manner within one (1) month, either Party may terminate this data processing agreement, without judicial intervention and without compensation, with effect from the date on which the appointment or replacement takes effect.
2.3. Where the Processor engages a sub-processor for carrying out specific processing activities on behalf of the Controller the same data protection obligations as set out in the agreement between the Processor and Controller apply. The Processor shall remain fully liable to the Controller for the performance of the sub-processor’s obligations.3.2. The Processor will only disclose or make available the personal data of the Controller to its employees or sub-processors who are directly involved in the performance of this agreement on a strict need-to-know basis.
3.3. The Processor will ensure that persons, subcontractors and any third parties authorised to process the Controller’s personal data on the Processor's behalf or at its request have committed themselves in writing to confidentiality or are under an appropriate statutory obligation of confidentiality.4.1. The Processor ensures that it provides sufficient guarantees to implement appropriate technical and organisational measures in such a manner that the processing will meet the requirements of the GDPR and ensure the protection of the rights of the data subject. The Processor takes all measures required by virtue of the Article 32 GDPR and complies with the conditions referred to in the Articles 28.2 and 28.4 GDPR for engaging a sub-processor. At the Controller's first request, the Processor will communicate these measures as well as such measures taken by its sub-processor to the Controller in writing without delay.
4.2. The Processor will inform the Controller immediately if, in its opinion, an instruction violates the GDPR or any other Union or Member State law provision on data protection. In this case, the Processor has the option of suspending the implementation of the instruction concerned until it is confirmed or amended by the Controller.
5.1. The Processor will make available to the Controller all information necessary to demonstrate compliance with the Article 28 GDPR and will allow audits including inspections, by the Controller or any other auditor authorized by the Controller and cooperate with them as meant in Article 7.
6.1. The Processor will, considering the nature of the processing, assist the Controller with appropriate technical and organizational measures, to the extent reasonably possible, to fulfil the obligation of the Controller to comply with requests for the exercise of the data subject's rights laid down in Chapter III GDPR.
6.2. The Processor will reasonably assist the Controller in complying with the obligations of the Articles 32 to 36 GDPR, to the extent reasonably possible, considering the nature of the processing and the information available to the Processor.
6.3. The Controller will inform the Processor in writing of the name and contact details of its data protection officer or the Controller's employee(s) responsible for data protection.
6.4. The Processor will inform the Controller immediately if, in its opinion, an instruction violates the GDPR or any other Union or Member State law provision on data protection. In this case, the Processor has the option of suspending the implementation of the instruction concerned until it is confirmed or amended by the Controller.
6.5. Additional Controller requests that fall outside the scope of such reasonable assistance will require prior written agreement of the Processor and the Controller, including agreement on any additional fees related to such requests.
7.1. The Controller has the right to have audits carried out by an independent third party who is bound to confidentiality to check compliance with all the points in this agreement. This audit only takes place after the Controller has requested, assesses and makes reasonable arguments to the similar audit reports available at the Processor, which justify an audit initiated by the Controller. Such an audit is justified when the similar audit reports present at the Processor give no or insufficient information about the compliance by the Processor to this agreement.
7.2. The Controller acknowledges and agrees that (i) the Processor will only provide existing documents as evidence in support of the audit, (ii) the audit cannot interfere with individual rights and data protection requirements under applicable data protection laws, (iii) if interviews are required, the Processor will have sole discretion to select its personnel to be interviewed.
7.3. The audit initiated by the Controller shall take place at the earliest one (1) month after prior notification by registered letter by the Controller. An audit can be carried out (i) no more than two (2) times per contract year, (ii) only on business days (between 9 a.m. and 6 p.m.) except Saturdays, Sundays, days which are a bank holiday in the country where the Processor is established, and days on which the Processor is collectively closed due to holidays, (iii) only in a manner that causes minimal disruption to the Processor's business and (iv) at the expense of the Controller.
7.4. Unless expressly agreed otherwise, the costs of the Processor and the time spent by its staff on an audit or on assisting the Controller in ensuring compliance with the obligations under the Articles 32 to 36 GDPR will be invoiced to the Controller at an hourly rate of 125 EUR per staff member.
8.1. The Processor will delete the above personal data immediately as soon as the provision of services to the Controller has ended. The Controller will have the right to object to such deletion. If the Controller wishes the personal data to be returned instead of being deleted, it must notify the Processor in writing at least five (5) days before the end of the provision of the services. In this case, the Processor will provide the personal data in the following file format immediately after the termination of the services: csv.
8.2. The Processor reserves the right not to delete the personal data if EU or Member State law requires storage of the personal data.
9.1. In the event of a data breach within the meaning of the Article 4.12 GDPR with respect to personal data processed by the Processor or its sub-processors within the scope of this agreement, the Processor will without undue delay inform the Controller and will provide all information necessary to enable the Controller to fulfil its obligations under the Articles 33 and 34 GDPR.
9.2. The Processor will immediately take all measures necessary to limit and remedy the breach and will assist the Controller, at its first request, and supervisory authorities in investigating the breach. These measures are taken in consultation with the Controller unless in cases of extreme urgency which require the immediate intervention of the Processor.
9.3. Unless required by law or expressly instructed in writing by the Controller, the Processor will not pass on any information regarding a personal data breach to any third party.
9.4. The Processor and its sub-processor will appoint among their staff a single point of contact who will be responsible for all communication between the Processor, the sub-processor and the Controller in the event of an incident which has led or may lead to an accidental or non-authorized destruction or loss, or a non-authorized access, alteration or transmission of the personal data processed on behalf of the Controller.
m-Path invokes Module 4 of the Standard Contractual Clauses (“SCCs”) for the transfer of Personal Data to a data controller in a third country. The SCCs refer to Module 4 of the Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council. Module 4 of the SCCs forms an integral part of this Agreement and by agreeing to this Agreement, the Parties shall be deemed to have concluded SCCs as described in this annex. The terms used in this annex shall have the same meaning as in the SCCs.
For the purposes of these SCCs:
Use m-Path in different settings:
