General Terms and Conditions of IXLY BV.
These general terms and conditions apply to all agreements and offers for services and products, including subscriptions, between commercial clients and Ixly BV, established in Utrecht Ch. of Comm. Utrecht: 30204571, VAT no.: 8145.04.255.B.01.
The rates are excluding VAT. The payment term is 14 days. In the event of exceeding of the payment term, statutory interest can be charged. In the event of late payment we will have the right to deactivate the service without any right to refund.
Ixly BV retains the right to adjust the rates for tests and subscriptions in the interim. These rate changes will be notified at least one month in advance.
You can order online credits for an occasional subscription. These will be immediately made available following which you will receive an invoice. The use of tests and the subscription will be invoiced monthly in arrears for the other types of subscriptions (frequent and intensive subscriptions). In some cases Ixly BV may require that credits be made available only after payment has been received, by means of online payment, or after payment of the invoice.
Invoicing takes place automatically, on a monthly basis on the first working day of the month, whereby the use of tests during the previous month and the licences for the next month will be charged. You are, as the client/awarder of the contract, responsible for keeping the correct invoice data updated in the system.
An agreement will come into effect by registration through one of our websites where these terms and conditions can be read, or by signing an offer. The minimum contract period is 12 months, following which the contract can be cancelled monthly, with a notice period of one month. There is no right of refund of unused credits when cancelling the subscription.
Both parties can at any time terminate the agreement for any reason whatsoever. The original contract term and the notice period must be observed thereby. Refunds will not be issued.
You are not permitted to transfer advantages or obligations ensuing from the agreement in any manner whatsoever to third parties without prior permission in writing from Ixly BV.
If this agreement is terminated in conformity with the terms and conditions, neither Ixly BV nor you can be held liable for damage or loss suffered by the other party.
Ixly BV retains the right to refuse a request for an agreement without stating reasons.
The standard processor’s agreement forms part of the general terms and conditions and has been included as an appendix.
You acknowledge and will unconditionally take note of the fact that services, content, source codes and information on the website are protected by Ixly BV’s copyright, trademarks, service marks, or other property rights and laws. Neither the agreement nor the use of Ixly BV products will give you any right to copyright or trademark, and this will not affect in any manner whatsoever Ixly BV’s exclusive property rights to the copyright and trademark. You agree that you will not in any manner whatsoever change, copy, reproduce, rent out, give in loan, sell or redesign the content of the website. This applies also to the tests, the code and the software.
Guarantee provided by commercial users
If you use the website as a professional and use the product to advise other parties you will guarantee that:
You are competent, qualified, licensed, or authorised to use psychological tests for the various fields in which you are employed, such as assessment, coaching, providing training and Human Resource Management. All this is in accordance with the applicable legislation and regulations (in your country).
You will act and make use of the product in accordance with national and international professional standards and professional ethics.
You will act and make use of the product in accordance with the national and international legislation and regulations, instructions and guidelines and all other applicable government rules or rules of semi-public institutions.
Ixly BV can for specific services or products test your reliability and knowledge as a professional prior to providing you with access to this service. Ixly BV retains the right to refuse you access without stating reasons.
Privacy and information security
The protection of your privacy is of the utmost importance to us. We apply the following rules when dealing with your information:
We do not pass on any personal information to third parties.
All information is saved and processed in a secure environment.
At the expiry of your account all personal information will be removed from our database.
Your test results and other personal information will only be used in an anonymous form for statistical analysis.
The reports will be automatically removed after two years. A shorter period is possible if you deem this to be desirable.
Ixly BV retains the right to use the information related to professionals and their clients in a complete and anonymous form for the further development of the tests and its services. This applies – but is not limited – to research, for example for the development of norm groups and the conducting of statistical analysis. Ixly BV will never make direct contact in writing or in another manner with you or your clients, unless you have expressly requested this to ensure the correct provision of service.
Ixly BV has implemented an extensive information management system to safeguard information security. This management system describes all measures that have been taken to safeguard the confidentiality, the data integrity and availability of your details. This management system is annually assessed by an independent party.
Any liability with regard to the use of the product, or with regard to the termination of the agreement, in particular related to the interpretation and conclusion of test results and the loss of data, is excluded. The product contains information that can be used and can assist in making a decision, but can never be relied on as a sole source of information. Ixly BV cannot be held liable for misuse of your personal password or your candidates’ passwords.
Although Ixly BV spends a lot of time on ensuring the quality and availability of its online services we do offer our service on an “as it is” basis. This means inter alia that we do not provide any guarantee that our services and the content of the website will be available in an uninterrupted and timely manner, secure or free of errors. The current state of affairs on the internet and the speed and reliability of connections prevent the provision of guarantees. Over the past years we have achieved an availability of 99.5% or higher, however no rights can be derived from that.
It is important that users meet the system requirements, such as having Flash installed. The current system requirements are listed below:
- Internet Explorer (IE 8 or higher) or a recent version of Chrome, Firefox or Safari *. With IE8 the layout is sometimes not optimal because it does not support a number of layout functions.
- Java script enabled and Flash (8 or higher) installed.
- Sufficiently fast internet connection. As a guideline 2 Mbps for normal use and 4 Mbps for webcam tests.
- A minimum of 512 MB of RAM memory and sufficient free disk space. A minimum of 1024mb for webcam tests.
- Screen resolution of at least 1024×768 pixels.
- We only officially support an open internet connection. In practice it is usually only necessary that port 80, 443 and 1935 are open (for webcam tests).
- The system requirements can change for new releases.
Additional terms and conditions for API users.
The Test Toolkit offers the option to request tests through an API through other software systems and to integrate these in HR processes. It is conditional for this that tests will always be made available on an individual basis after login codes and will not be available to the public. The client must provide access in advance to the application within which the test will be conducted. Ixly BV can provide permission for making (specific) tests available through the API. Ixly BV has the right to monitor the use in accordance with the arrangements made and will be entitled to terminate the cooperation if the application is not in accordance with the arrangements made.
The party that requests tests through the API must have sufficiently competent IT personnel available and must have a sufficiently stable system available in order to be able to set up the API properly. Ixly BV exclusively offers for the provision of service through an API a helpdesk for those who are responsible for the proper functioning of the system and not directly to (end) users and candidates.
The helpdesk is available for questions from 08:30 hours until 18:00 hours, preferably by email: email@example.com. We will contact you within half an hour to answer questions and to start to resolve any problems.
No complaint whatsoever will be officially regarded as submitted unless the complaint is made in writing or by email to Ixly BV, within two weeks after you discovered the shortcoming or error, or reasonably could have discovered this, together with a specification of all details that are related to the subject and the nature of the complaint. Complaints can only be submitted in Dutch or English.
This agreement will be governed and interpreted in accordance with Dutch law. The Utrecht (the Netherlands) District Court has exclusive jurisdiction concerning claims ensuing from this agreement.
Appendix: Processor’s Agreement
This processor’s agreement is an appendix to the “General Terms and Conditions of Ixly” (hereinafter referred to as: the Main Agreement) between the client (hereinafter referred to as: the Controller and Ixly BV (hereinafter referred to as: the Processor). The processing in the context of the Main Agreement has been reported to the Personal Data Authority under number 1377845.
Article 1. Objectives of the processing
1.1 The Processor undertakes to process personal data subject to the terms and conditions of this Processor’s Agreement on the instructions of the Controller. The processing will exclusively take place in the context of the Main Agreement and this will be for the purpose of dealing with orders and payments for the products or services of the Controller, the storing of the Controller’s data in the ‘cloud’ and accompanying online services, management of the Controller’s customer administration, as well as for purposes that are reasonably related thereto, or that will be determined by further agreement.
1.2 The Processor will not process the personal data for any other objective than as recorded by the Controller. The Controller will inform the Processor regarding the processing purposes insofar as they are not already referred to in this Processor’s Agreement.
1.3 The personal data to be processed on the instructions from the Controller remain the property of the Controller and/or the data subjects concerned.
Article 2. Obligations of the Processor
2.1 The Processor will, with regard to the processing referred to in article 1, ensure compliance with the applicable legislation and regulations, including in any event legislation and regulations in the field of the protection of personal data, such as the Personal Data Protection Act.
2.2 The Processor will inform the Controller upon first request from the Controller of the measures taken by the Processor with regard to his/her obligations under this Processor’s Agreement.
2.3 The obligations ensuing for the Processor from this Processor’s Agreement also apply to those who process personal data under the responsibility of the Processor, including but not limited to employees, in the broadest sense of the word.
Article 3. Transfer of personal data
3.1 The Processor is permitted to process personal data in countries within the European Union. Transfer to countries outside the European Union is prohibited.
3.2 The Processor will inform the Controller of which country or countries this concerns.
Article 4. Assignment of responsibility
4.1 The permitted processing will be executed by fully automatic means under the control of the Processor.
4.2 The Processor is solely responsible for the processing of the personal data under this Processor’s Agreement, in accordance with the instructions from the Controller and subject to the express (ultimate) responsibility of the Controller. The Processor is expressly not responsible for any other processing of personal data, including in any event, but not limited to, the collation of personal data by the Controller, processing for purposes that have not been reported by the Controller to the Processor and processing by third parties and/or for other purposes.
4.3 The Controller guarantees that the contents, the use and the instructions for the processing of personal data, as referred to in this Agreement, is not unlawful and does not infringe any right of third parties.
Article 5. Security
5.1 The Processor will make endeavours to take sufficient technical and organisational measures with regard to the processing of personal data to be executed against loss or against any form of unlawful processing (such as unauthorised taking note of, impairment, change or provision of personal data).
5.2 The Processor has taken in any event the following measures:
- Appropriate access control, making use of: passwords
- Automatic logging of all actions concerning the personal data
- Physical measures for access security
- Organisational measures for access security
- Control on a random basis of compliance with the policy
- Security of network connections through Secure Socket Layer (SSL) technology
- Access restrictions related to purposes.
5.3 The Processor does not guarantee that the security will be effective under all circumstances. If an expressly described protection is absent from the Processor’s Agreement, the Processor will make endeavours to have the security meet a level that, having regard to the state of technology, the sensitivity of personal data and the costs attached to taking the security measures, will not be unreasonable.
5.4 The Controller will only make personal data available to the Processor for processing if the Controller has ascertained that the required security measures have been taken. The Controller is responsible for compliance with the measures agreed to by Parties.
5.5 The Processor will work in conformity with ISO 27001 / ISO 27002, which is deemed to meet the security requirements having regard to the state of technology. The Processor has in addition a Third Party Notification with regard to the measures taken by him/her for the protection of the personal data. This will be provided to the Controller upon request.
Article 6. Duty to report
6.1 The Controller is at all times responsible for reporting any security leak and/or data leak (including: any breach of the security of personal data that results in the chance of disadvantageous consequences, or as the case may be which has disadvantageous consequences, for the protection of personal data) to the supervisory authority and/or the data subjects. The Processor will inform the Controller within 48 hours after the leak has become known to the Processor of the security leak and/or data leak, in order to enable the Controller to fulfil this statutory duty.
6.2 A report only has to be made for incidents which result in a serious impact and only if the incident has actually occurred.
6.3 The duty to report contains in any event the reporting of the fact that there has been a leak. In addition the duty to report contains:
- What the (alleged) cause of the leak is
- What the consequence (for the time being known and/or to be expected) is
- What the (proposed) solution is.
Article 7. Dealing with requests from data subjects
7.1 In the event that a data subject addresses a request for access, as referred to in Section 35 of the Personal Data Protection Act, or for improvement, addition, change, or protection, as referred to in Section 36 of the Personal Data Protection Act, to the Processor, the Processor will forward this request to the Controller and the Controller will further deal with the request. The Processor is permitted to inform the data subject of this.
Article 8. Confidentiality and secrecy
8.1 A duty of confidentiality towards third parties is vested in all personal data that the Processor receives from the Controller and/or personally collates in the context of this Processor’s Agreement. The Processor will not use this information for an objective other than for which this has been received by the Processor, even if this has been provided in such a form that this is no longer traceable to the data subjects.
8.2 This duty of confidentiality does not apply insofar as the Controller has given express permission to provide the information to third parties, if the provisions of the information to third parties logically is necessary having regard to the nature of the instructions provided and the performance of this Processor’s Agreement, or if there is a statutory obligation to provide the information to a third party.
Article 9. Audit
9.1 The Controller does not have the right to conduct audits.
Article 10. Liability
10.1 Parties expressly agree that with regard to liability the usual statutory provisions apply.
Article 11. Duration and termination
11.1 This Processor’s Agreement comes into effect by the signing by Parties and on the date of the last signature.
11.2 This Processor’s Agreement is entered into for the duration as determined in the Main Agreement between Parties and in the absence thereof in any event for the duration of the cooperation.
11.3 As soon as the Processor’s Agreement is terminated, for whatsoever reason and in whatsoever manner, the Processor will delete and/or destroy all personal data and any copies thereof that are still present at the Processor’s location.
11.4 This Processor’s Agreement can be amended in the same manner as the Main Agreement.