These General Terms and Conditions apply to all offers made by Ciwit B.V. (trading under the name Castor EDC for Ciwit’s products ‘Castor EDC’, ‘Castor SMS’ and ‘MyConsent’), with its registered office in Amsterdam and registered with the Dutch Chamber of Commerce under file number 54723655. These General Terms and Conditions apply to all agreements regarding Ciwit’s services between Ciwit B.V. and its Clients.
Terms and Conditions applied by the Client that deviate from or that are not included in these General Terms and Conditions only bind Ciwit B.V. if and to the extent such has been explicitly accepted in writing by Ciwit B.V.
Article 1. Definitions
The capitalised terms in the Agreement have the meaning set out below, unless a (different) meaning is assigned elsewhere in the General Terms and Conditions, the Agreement or in an Annex.
Agreement: any agreement between Ciwit and the Client that arises from an offer made by Ciwit and the valid acceptance thereof by the Client or any other agreement pursuant to which Ciwit provides Services to Client.
Annex: an annex to the Agreement.
Ciwit: Ciwit B.V., a private company with limited liability, with its registered office in Amsterdam and registered with the Dutch Chamber of Commerce under file number 54723655.
Client: the individual or legal entity with whom Ciwit has concluded an Agreement. It is also a reference to a party with whom Ciwit negotiates in respect thereof and Clients representative(s), agent(s), successor(s) in title or beneficiaries.
Data: the personal and other data concerning the Client, its business, its employees and/or its clients (or patients), which have been stored and can be accessed via the Service.
General Terms and Conditions: the provisions of the present document which form an integral part of every Agreement.
Intellectual Property Rights: all intellectual property rights and related rights, including but not limited to copyrights, database rights, rights to domain names, trade name rights, rights to know-how, trademark rights, model rights, neighbouring rights and patent rights.
Licence: the non-exclusive, non-transferable right to use the Service that cannot be sublicensed.
Medical Research Data: any Participant Data that could be considered sensitive personal data within the meaning of section 9 of the General Data Protection Regulation.
Module: specific (premium) modules within Ciwit’s online Services which allow for certain functionalities to be used by the Client.
Participant Data: any personal data of the participants of a Study (i.e. patients or subjects in Studies), which may be processed by Ciwit on behalf of the Client.
Personal Data Breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed as described in article 4 paragraph (12) GDPR.
Service(s): the service(s) Ciwit will perform on behalf of the Client as described in Ciwit’s offer, the Agreement or any other medium, including but not limited to: providing software as a service such as Castor EDC and Castor SMS.
Study: the (clinical) study or studies conducted by the Client using the Service.
Article 2. Scope and applicability
- These General Terms and Conditions apply to every offer made by Ciwit concerning the Services and form an integral part of every Agreement.
- The following ranking will apply in the event of inconsistencies between the provisions of the Agreement, the General Terms and Conditions or annexes thereto and any other agreed upon documents:
- the Agreement;
- any annexes to the Agreement;
- the terms in a data processing agreement;
- these General Terms and Conditions.
Article 3. Offers and formation of the agreement
- Ciwit draws up an offer in which Ciwit indicates what activities (the “Services”) Ciwit offers to perform, what is included in the Services and what amount will be owed in respect thereof. Only the description of the Services included in the offer will be binding.
- An offer is free of obligation and is valid for 30 days after dispatch, unless otherwise indicated in the offer. Ciwit can never be forced to agree to acceptance after this period, but if Ciwit decides to agree, the offer will be accepted.
- The agreement will be formed the moment Ciwit receives the notification of acceptance of the offer by the Client. The offer must be signed by the Client and returned in writing or by e-mail.
- If the Client does not explicitly indicate that it accepts the offer, but nevertheless agrees to it or creates the impression that Ciwit performs activities that are covered by the description of the Services, the offer will be deemed to have been accepted. This also applies in the event the Client requests Ciwit to perform certain activities without awaiting a formal offer.
- In addition to making an offer by means of a written quotation, Ciwit can also make an offer to the Client via the Service (i.e. enabling Client to purchase certain Modules through Ciwit’s Service). The prices stated in the Service are valid from the moment they are displayed, unless it concerns a clear programming or typing error.
Article 4. Performance of the Services
- Ciwit will perform the Services as soon as possible in accordance with the Agreement.
- The Client is required to do and/or omit all that is reasonably necessary and desirable to enable timely and correct performance of the Services. The Client will in particular ensure that all information (i.e. contact or invoice information) in respect of which Ciwit indicates that they are necessary or in respect of which the Client should reasonable understand that they are necessary for performance of the Services, are provided to Ciwit in a timely manner.
- The Client will grant Ciwit access to all locations, services and accounts under its control that Ciwit reasonably requires to perform the Services.
- Ciwit endeavours to provide its Services carefully, soundly and in accordance with industry standards. If so demanded for a proper performance of the Services, Ciwit will have the right to have certain activities performed by third-parties. Ciwit is and remains the responsible party towards the Client.
- If Ciwit considers that there is a danger to the functioning of its systems, network or Services, Ciwit will have the right to implement all measures it considers reasonably necessary to avert or prevent this danger. Ciwit will endeavour to take reasonable technical and organizational security measures which prevent the most common risks in respect of the Services.
- In the event the Client fails to comply with an obligation towards Ciwit under the Agreement or acts contrary to these General Terms and Conditions, Ciwit has the right to (temporarily) not provide the Services or to provide them on a limited basis, but only after giving the Client a reasonable notice in advance to remedy the situation. Ciwit will endeavour to respond to a request from the Client as quickly as possible, but it cannot make any commitments about response times, unless agreed otherwise. Furthermore Ciwit will make reasonable efforts to keep its Services available at all times, but does not guarantee uninterrupted availability unless agreed upon otherwise in writing.
- Ciwit actively maintains its Services, which may lead to the Services being temporary unavailable. When maintenance is expected to have a negative impact on the availability of the Service, Ciwit shall use its best efforts to perform such maintenance when use of the Services is averagely low. Emergency maintenance (i.e. updating essential security software) may be performed by Ciwit at any time.
- Ciwit may from time to change (the functionalities of) its Service. Client’s feedback and suggestions are welcome, but Ciwit ultimately decides which changes it shall implement in its Services.
Article 5. Intellectual Property Rights
- All Intellectual Property Rights to the works developed by Ciwit, including source codes, results, documentation, software, websites, databases, (promotional) materials as well as material to prepare the above, will expressly continue to be vested in Ciwit and/or its licensors. Nothing in these General Terms and Conditions is intended to transfer any Intellectual Property Rights.
- Client will not perform any act that could infringe the Intellectual Property Rights of Ciwit or its licensors, including but not limited to disclosing and/or reproducing the Service without approval, licensing the Service to third parties or selling the Service or registering domain names, brands or Google AdWords search terms (keywords) that are similar or identical to any sign in respect of which Ciwit or its Clients can exercise Intellectual Property Rights. Client acknowledges and accepts that any unauthorized use of the Service, documentation, look-and-feel, interfaces, lay-out or other materials subject to these Intellectual Property Rights constitutes an infringement of these General Terms and Conditions and the applicable legislation.
- Ciwit has the right to implement technical measures to protect the Service against unlawful use and/or against use in a manner or for purposes other than as agreed between the Parties. Client will not remove these technical measures or have them removed or circumvent them or have them circumvented. Client is not allowed to remove, render illegible, hide or change notifications or announcements concerning Intellectual Property Rights.
- Ciwit will never be obliged to provide Client with (a physical carrier containing) source codes or other software used for providing and further developing the Service.
Article 6. Client Data
- Data stored by Client or processed while using the Service is and remains the property of Client (or the property of Client’s suppliers, collaborators, licensors or the concerning data subjects). Client hereby grants Ciwit the perpetual right to use such Data in order to provide the Services, provide support with regard to its Services, provide recommendations regarding its Services and improving its Services.
- Client represents and warrants that any Data and contents stored by Client or processed while using the Services do not violate or infringe upon any rights (including Intellectual Property Rights) of any third party and are not libellous, defamatory or otherwise illegal. Furthermore, the Client represents and warrants that it has a valid legal basis to process the relevant (personal) Data and to engage Ciwit in relation to such processing of Data.
- Client shall defend and indemnify Ciwit and hold Ciwit harmless from and against all claims, actions, proceedings, losses, damages, expenses and costs (including without limitation court costs, reasonable legal fees and penalties) arising out of or in connection with Clients breach of the foregoing representations and warranties. Where a data subject submits a request to Ciwit regarding his/her personal data (for example, to inspect, correct or delete the data, or to receive a copy of the data), Ciwit will forward the request to the Client and the request will then be dealt with by the Client. Ciwit may notify the data subject hereof. On request of the Client, Ciwit will provide assistance with handling such request to the extent necessary and reasonable. Ciwit may charge reasonable costs for such assistance.
- After the termination of the Agreement Client may choose one of the following options:
- Ciwit deletes the Data;
- Ciwit transfers the Data to Client and deletes the Data in its possession, Ciwit is entitled to charge reasonable costs for such transfer;
- Ciwit will keep all Data for fifteen years on the servers (during this period Ciwit shall provide Client with access to the saved Data).
Article 7. Processing of personal data
- For the avoidance of doubt, all terms regarding the processing of personal data stated in these General Terms and Conditions are only applicable insofar not otherwise agreed upon between Ciwit and Client in a separate data processing agreement.
- The Client specifies the objectives and means of the processing of personal data under the Agreement and is therefore the ‘controller’ with regard to the applicable privacy legislation such as the General Data Protection Regulation (GDPR). Insofar required by applicable law, the Client shall request Ciwit to agree upon additional privacy related terms. Parties will then discuss such request in good faith.
- The Client shall notify Ciwit of the purposes of the processing to the extent not already specified in the Agreement. Insofar required by applicable law, the Client makes sure that both parties are familiar with the categories of personal data to be processed by Ciwit and the categories of data subjects from which the personal data is processed.
- In case applicable privacy legislation requires a Data Protection Impact Assessment (DPIA) or prior check of a regulatory body to be conducted before the intended processing under the Agreement may be carried out, then Ciwit shall provide the Client with assistance to the extent necessary and reasonable. Ciwit may charge reasonable costs for the aforementioned assistance.
- Ciwit may process the personal data in countries within the European Union. Processing of personal data in countries outside the European Union is only allowed when the legal requirements for such processing have been fulfilled. Notwithstanding the aforementioned, Participant Data will be stored by Ciwit in the country chosen by Client. However, to be able to offer certain Modules, Ciwit may engage third parties or subcontractors that process Participant Data in other countries. In the event the Client chooses to make use of these Modules, Ciwit is permitted to transfer the corresponding Participant Data to third countries, with due consideration of applicable laws. On request of the Client, Ciwit will inform the Client about which Modules result in the processing of Participant Data in countries outside of the country chosen by Client to store the Data.
- Notwithstanding the previous paragraphs, Medical Research Data will exclusively be processed by Ciwit in the country chosen by the Client and otherwise in the Netherlands.
- Within the framework of the Agreement, Ciwit is hereby authorised to engage third parties (sub-processors). On request of the Client, Ciwit shall inform the Client about which sub-processors are engaged by Ciwit. Ciwit shall inform the Client about any planned change in the used sub-processors, in which case the Client has the right to object to the proposed change in sub-processors. Such objection must be received by Ciwit in writing and within two weeks after the date on which Ciwit has informed Client about the proposed change in sub-processors. Furthermore, such objection must be supported by valid and reasonable arguments.
- Should the Client object to such change, then the Parties will jointly endeavour to find a reasonable solution. If Parties cannot come to a solution, then Ciwit is allowed to make the planned change in the used sub-processors and the Client is allowed to terminate the Agreement on the date that Ciwit will actually make the change in the used sub-processors.
Article 8. Security
- Ciwit will take appropriate technical and organisational measures with respect to the processing of the personal data against loss or against any form of unlawful processing (such as unauthorised disclosure, damage, alteration or transfer of personal data). These measures will provide a suitable level of protection, taking into account the state of technology, the costs of implementation, the risks associated with the processing and the nature of the information to be protected.
- During the term of the Agreement, Ciwit makes sure it is and stays ISO 27001 certified. Ciwit will provide proof of certification on request of the Client. Furthermore, Ciwit shall at least take the security measures as mentioned in its security statement, which is available at: https://www.castoredc.com/security-statement/. If additional or certain specific security measures or certifications are required in order to process the (personal) Data, then Client must inform Ciwit hereof.
- Parties acknowledge that technology is constantly improving, therefore Ciwit is allowed to change the technical and organisational measures (and its security statement) from time to time. Ciwit endeavours to only update the technical and organisational measures (and its security statement) for the better, taking into account article 8.1, innovations in the field of information security and the user experience. In the event of changes to the implemented technical and organisational measures, Ciwit will use its best efforts to update the aforementioned security statement as soon as possible.
- Ciwit will use its best efforts to inform the Client of a Personal Data Breach as soon as reasonably possible. If applicable laws so dictate, Ciwit will cooperate with the process of informing all relevant authorities and data subjects of the Personal Data Breach. However, the Client will remain responsible for reporting the Personal Data Breach in an appropriate and timely manner.
Article 9. Audits
- The Client has the right to have audits performed by an independent third party bound by confidentiality to check Ciwit’s compliance with its obligations regarding the processing of personal Data performed by order of the Client.
- Such audits may only take place after:
- the Client has requested (from Ciwit) the similar audit reports from independent third parties that are already in Ciwit’s possession; and
- the Client has reviewed the aforementioned audit reports and can still provide legitimate reasons to initiate an audit as mentioned in article 9.1.
- An audit may only be undertaken once per calendar year. The Client shall inform Ciwit of the audit at least four weeks before the audit shall take place.
- Ciwit shall cooperate with the audit and provide all information reasonably relevant for the audit, including supporting data such as system logs, and employees, as promptly as possible.
- The costs of the audit, including the costs that Ciwit has to make to cooperate with the audit, shall be borne by the Client. After definition of audit scope, Ciwit can provide an estimate of the associated costs.
- The findings further to the audit conducted will be assessed by the Parties in mutual consultation and, following on from this, may or may not be implemented by one of the Parties or by both Parties together.
Article 10. Backups and support
- Backups are made four times per day. Upon request of the Client and in emergency situations, Ciwit is authorized and will use its best efforts to restore such backup. Restoring a backup on request of the Client may reasonably be subject to an additional fee, unless such restore is necessary because of an attributable failure by Ciwit.
- Ciwit will make an online manual available on how to use Ciwit’s Services. Additional support may be requested by the Client through Ciwit’s website, where Client will also be able to submit support tickets.
Article 11. Liability
- Ciwit’s liability for direct damages sustained by the Client as a result of an attributable failure on the part of Ciwit to comply with its obligations under the Agreement, or on any grounds whatsoever, per event or series of related events, is limited to an amount that is equal to the compensation (exclusive of VAT) paid by the Client to Ciwit during the twelve (12) months prior to the event that caused damage. In any event, Ciwit’s liability towards Client will never surpass EUR 10,000 per calendar year.
- Liability on the part of Ciwit for indirect loss and consequential loss, such as: lost profits, lost savings, damage to or loss of company or other data, Data stored on Ciwit’s equipment and damage resulting from business interruption, is excluded.
- Any limitation of liability will not be applicable insofar the damages are a result of intentional misconduct or deliberate recklessness on the part of Ciwit’s management.
- Liability on the part of Ciwit for an attributable failure to comply with the Agreement only arises if the Client gives Ciwit proper notice of default in writing and without delay, while providing Ciwit a reasonable term to remedy the failure, and Ciwit remains in default as regards compliance with its obligations after that term as well.
Article 12. Force Majeure
- Neither party is obliged to comply with an obligation towards the other under the Agreement if it is prevented from doing so as a result of any anticipated or unanticipated outside cause that is beyond its reasonable control, and which causes the affected party to be unable to comply with the relevant obligation(s) (force majeure).
- This includes a circumstance that is not attributable to fault and that is not for Ciwit’s account pursuant to the law, a legal act or in common opinion. Force majeure includes in particular (but without limitation): domestic disturbances, mobilisation, war, transportation blocks, strikes, network attacks such as SYN (synchronous) floods or (distributed) denial of service attacks, business interruptions, supply stagnation, fires, floods, import and export obstructions and in the event Ciwit’s suppliers for any reason prevent it from being able to comply with the Agreement, which means that Ciwit cannot be expected to comply with the Agreement within reason.
- Each party has the right to suspend compliance with its obligations under the Agreement during the period of force majeure. If this period exceeds ninety (90) days, each of the parties will have the right to terminate the Agreement without being obliged to pay compensation to the other party.
- In the event Ciwit has already complied in part with an obligation under the Agreement at the time the situation of force majeure arises or will be able to comply with this obligation during this period of force majeure, Ciwit will have the right to separately invoice the part that has already been complied with or that will be complied with. The Client will be obliged to pay this invoice.
Article 13. Confidentiality
- The Parties commit that they will observe confidentiality concerning all confidential information concerning the business of the other party they receive, including the content of the Agreement. The parties also impose this obligation on their employees and on the third parties engaged by them in the performance of the Agreement.
- Information is considered confidential in any event if it has been designated as such by one of the parties.
- Each party is entitled to share any confidential information with a third party requesting such information to the extent that the party under the relevant confidentiality obligation can demonstrate that the relevant information is required to be disclosed by: (i) law; (ii) any regulatory authority to which the relevant party is subject or submits; or (iii) any court of competent jurisdiction.
- The obligation to treat confidential information as confidential will not be applicable insofar the recipient of such information can prove that this information:
- was obtained from sources available to the general public such as newspapers, patent databases or informative websites;
- was already in possession of the recipient prior to the date on which it was issued or made available by the other party;
- is available from a third party without this party being in default towards either party arising from a confidentiality clause by distributing the information to the recipient.
Article 14. Prices
- Client is obliged to pay for the provision of the Services. The fees to be paid by the Client are stated in Ciwit’s offer or the Agreement. If Client purchases (additional) Services via Ciwit’s website, then the fees are stated on the website. Unless otherwise agreed upon, all prices are in euros and exclusive of VAT.
- If the Agreement concerns a continuing performance contract, the amounts owed will be invoiced yearly and upfront.
- Every year in the month January, Ciwit has the right to change the agreed upon prices with a maximum of 5%.
- Ciwit has the right to adjust the price conditions in the interim and to send the Client an additional invoice if it becomes clear that the Client no longer satisfies the conditions it was assigned to when the Agreement was concluded as a result of organisational or other changes. (e.g. certain quantity discounts will cease to apply if the conditions for the discount are no longer met.)
Article 15. Payment conditions
- The Client agrees to electronic invoicing by Ciwit. Invoices will be sent in PDF or another suitable format to the email address of the Client that is known to Ciwit.
- Ciwit’s invoices have a payment term of thirty (30) days after the invoice date, unless a different payment term is stated on the invoice. Client is obliged to pay invoices within the stated payment term without deduction or set-off.
- In the event payment is not made on time, Ciwit will send a reminder with a payment term of fourteen (14) days. Should Client fail to pay the due amount(s) within the aforementioned fourteen (14) days, then the Client will be in default by operation of law without requiring any further formal notice of default. Ciwit will have the right as of that moment to limit or suspend its Services, for example by restricting access to the Services.
- In the event that limiting its Services doesn’t have an effect on Client or when Ciwit has reasonable doubts that Client will not pay the due amounts in time, then Ciwit will have the right to terminate, suspend or otherwise render inoperable the Agreement or the part thereof that has not yet been performed.
- Claims for payment are immediately due and payable if the Client is declared bankrupt, applies for a suspension of payments or a general attachment is levied against the Client´s assets, the Client dies and furthermore if Client goes into liquidation or is dissolved.
- If the Client considers an invoice to be incorrect, the Client will be required to notify its objections to Ciwit in writing within fifteen (15) days after the invoice date. The payment obligation will continue to exist at all times. Any amount paid in excess by Client will be set off by means of a credit invoice.
- If Ciwit has reasonable doubts that the Client is able to comply with its payment obligations, Ciwit has the right to demand additional financial security for the entire invoice amount or, if it concerns a continuing performance contract, for twelve (12) months of Service. If the Client is not able to provide financial security to the satisfaction of Ciwit, then Ciwit is entitled to suspend and/or terminate the Agreement.
Article 16. Term of the Agreement
- The Agreement commences at the moment Ciwit receives notification of acceptance by the Client or from the moment the Client creates the impression that it agrees to the offer, unless a different commencement date has been agreed in mutual consultation.
- The Agreement is concluded for the term that is needed to provide the Service(s). If the Agreement concerns a continuing performance contract, it will be concluded for an initial period of twelve (12) months unless otherwise agreed in writing. If Client keeps making use of the Service after the initial period, then the Agreement will keep being extended for three month periods for as long as Clients keeps making use of the Service.
- The Agreement can only be terminated prematurely as provided for in these General Terms and Conditions or with the approval of both parties. Each party may terminate the Agreement with due observance of a notice period of one (1) month by the end of the initial or extended term of the Agreement.
- Ciwit has the right to terminate the Agreement with immediate effect without being obliged to pay compensation in any way if:
- Client has failed to comply with its obligations and such failure has not been remedied by the Client within five (5) days after having received written notice of default;
- if the Client is declared bankrupt, applies for a suspension of payments or a general attachment is levied against the Client´s assets and furthermore if Client goes into liquidation or is dissolved.
Article 17. Amendment of the Agreement
- Ciwit has the right to change these General Terms and Conditions and/or the Agreement, provided it announces the proposed changes to the Client at least thirty (30) days in advance. Changes of minor importance or changes resulting from new legislation can be implemented at any time, without the Client having the right to terminate the Agreement.
- During the aforementioned 30-day period, the Client is entitled to object to the proposed changes. Should the Client objects to the changes, Ciwit will reconsider and withdraw the changes if it considers the objection well-founded.
- However, if Ciwit implements the changes despite the Client’s objection, the Client will have the right to terminate the Agreement as of the moment the changes enter into effect.
Article 18. Miscellaneous
- The Agreement is governed by Dutch law. Unless the rules of mandatory law provide otherwise, all disputes that may arise pursuant to the Agreement will be submitted to the competent Dutch court in the Amsterdam court district.
- During the term of the Agreement and for one (1) year thereafter, the Client shall not hire any employees of Ciwit, or have such employees work for them in any other way, directly or indirectly, without prior written consent of Ciwit.
- The version of any communication received or stored by Ciwit serves as authentic and binding proof, subject to evidence to the contrary provided by Client.
- Ciwit has the right to transfer its right and obligations arising from the Agreement to a third party that will take over the Service or the relevant business activity.
- Ciwit is allowed to use Client’s name, logo and the general agreement description as a reference, unless agreed otherwise in writing.
If any provision in the Agreement or in these General Terms and Conditions proves to be invalid or unenforceable, such will not impair the validity of the entire Agreement or these General Terms and Conditions. In such case, Ciwit is entitled to adopt (a) new provision(s) by way of replacement, which implement(s) the intention of the original provision as much as legally possible.