READY2WASH MOBILE APP TERMS OF USE

1. Agreement

1. Agreement. In order to use the MobileApp, the User must agree to these Ready2Wash Mobile App Terms of Use (the “Terms”) when the option is made available to him. User shall read these Terms carefully before doing so. Once the User starts using the MobileApp or clicks the box agreeing to these Terms, the User is entering into an Agreement with the Provider to use the MobileApp.

2. Other documents. The User should also read other documents referenced herein, such as those describing features, system requirements, instructions for use or privacy policy rules.

2. Definitions

1. “Affiliates” of a person is any person that controls, is controlled by, or is under common control with, such person. The term “control” (“controlled by”) means the power to direct or cause direction of management and policies of a person, whether through the ownership of voting securities, by contract, or otherwise.

2. “Client” is a client of the Customer. Client can be either a legal entity, entrepreneur or a consumer who is of legal age.

3. “Customer” refers to legal entity or entrepreneur, who is a using Ready2Wash services and who ordered the services of the MobileApp and Ready2Pay.

4. Documentation” are documents, non-exhaustive list of which is available on the Website and which, regarding the MobileApp contain especially:

1. list of main features and functions of the MobileApp,

2. minimal technical requirements and configurations for use of the MobileApp.

5. “Order” refers to an order for Ready2Wash services, including Ready2Pay, MobileApp etc. which is concluded upon signature by the Customer and the Provider or through Provider’s Website.

6. “Platform” or “MobileApp” is a mobile application platform of the Provider which is operated as a marketplace where different Customers can offer services of their car wash sites so that Clients can order such services from them. It is available for download at Google Play for Android and available at Apple App Store for iOS and iPadOS.

7. “Price List” is the price list available at https://www.ready2wash.com/ready2pay/price_list/ which will tell the Customer the amount of any imposed fee in regard to use of Ready2Pay and/or MobileApp, if any.

8. “Provider” refers to Ready2Wash s.r.o., with registered office at Rybná 682/14, Staré Město, 110 00 Praha 1, ID number: 05335507, incorporated under the laws of the Czech Republic, registered in the Commercial Register at the Municipal Court in Prague under file no. 261957.

9. “Ready2Pay” is an integrated payments solution, inter alia, for MobileApp provided by a third party, which enables the Customer’s Clients to manage all their payment for services of the Customer.

10. “Ready2Wash services” refer to services which are available to Customers and full list of which can be found on the Website.

11. “Tokens” refers to digital tokens that the Client can buy from the Customer and use it for services of that Customer’s car wash sites.

12. “User” refers to the Customer and to the Client.

13. ”User Content” refers to service offerings, photos, text, reviews and other information that User may upload to the Platform.

14. “Website” refers to Provider’s website available at www.ready2wash.com.

3. platform

1. Nature of Provider’s services. The Provider’s services are described in detail in Documentation and consist mainly of providing an environment and functionalities on the Platform which Customer uses to present its service offers and enables the Client to order services from the Customer. However, neither Provider nor its Platform promotes any Customer or its services. Provider provides and is responsible only for its Platform, not for the services that the Client may order from the Customer through the Platform.

2. Contractual relationships. When the Client orders any service from the Customer, the Client enters into a contract for its provision directly with that Customer (for example when the Client places order for Tokens, a contract is concluded between the Client and the Customer; when the Client uses Tokens for different car wash services of the Customer, such contract is concluded between the Client and the Customer). Provider is not a party to the contract between Client and Customer, and such contract is governed by the specific terms and conditions negotiated between them. The Provider is not an employer and employment agency. The Users concerned are solely responsible for the correct identification of the legal relationship created between them and for complying with all obligations that the law imposes on such relationship. Provider does not control or monitor the proper performance of Users' legal obligations in any way.

3. Responsibility. The Customer who offers the services to the Client is solely responsible for the services provided to the Client. This means that any and all deficiencies, "claims" and other claims that Client may have in connection with such services shall be brought solely against the respective Customers that provide such services. It is the Client's responsibility to verify that the services provided by Customer are of adequate quality and that Customer is a suitable and trustworthy to provide the services. A Customer's user profile may help to enhance credibility, but is not an exhaustive source of guaranteed information about Customers. Provider is not responsible for Customer's service defects, non-payment, or the consequences of Customer's or Client's wrongful acts.

4. Certification of legality. By entering into the Agreement, the Customer certifies that services, which the Customer offers on the Platform, are in compliance with the applicable laws of European Union.

5. Payments for Customer's services. Payment for the Customer's car wash services is made by use of digital Tokens which the Client can purchase from the Customer and which are always useable for all of the respective Customer's car wash sites (one Customer may operate multiple car wash sites). However, Tokens purchased from one Customer cannot be used for services of a different Customer. If the Provider imposes any fee on purchases of Tokens by Clients from Customers, such currently effective fee shall be listed in the Price List together with a frequency, method and due date of its payment. Any possibility to refund purchased Tokens (for example in the event of termination of the Agreement) would have to be granted by the Customer, the Provider does not grant any such refunds.

6. Adyen and Ready2Pay. Payments between Clients and Customers are processed through company Adyen N.V., with registered office in the Netherlands, Simon Carmiggeltstraat 6-50, 1011 DJ, Amsterdam, registration number: 34259528 with terms and conditions available at www.adyen.com which is being used by Ready2Pay services.

4. Access to the PLATFORM and warranties

7. User Account. In order to use the Platform, the User must create a User account. User must provide all required information correctly and truthfully when creating the account, as it will be relied upon as accurate and truthful. User shall update required information without delay if they change. User shall keep the account access details confidential and protect them from misuse by third parties. Should the User suspect that the account access details have been stolen or misused, they should be immediately changed.

8. Access. Access to the Platform is free of charge for all Clients. For Customers, the access fee may be included in their subscription fee for Ready2Wash services and in that case, it will be specified in their Order; if there are any other fees imposed on the Customer, they will be listed in the Price List.

9. Reservation of Rights. User obtains from the Provider a non-exclusive right to use the Platform, which is limited solely to internal use of the User in accordance with the Terms. The Provider does not grant any license or other intellectual property right in the software or other works that are part of the Platform. All rights in such software belong and shall remain vested solely in the Provider. Any use of third party applications or any other software (if applicable) is subject to the license agreement or terms and conditions of such third party. User does not acquire any rights or licenses other than those expressly set forth in this paragraph. Upon the creation of any data related to the use of the Platform, including statistical and performance information related to the operation of the Platform, the User assign to the Provider all rights relating to such data.

10. Changes. The Provider reserves the right to make changes to the Platform that the Provider deems necessary or useful to improve its quality, efficiency or performance or to comply with applicable law.

11. Non-accessibility. Beyond the circumstances described in the Terms, the Provider may terminate or suspend access to the Platform to the User without further liability if:

1. the Provider receives a judicial or governmental request or order that requires the Provider to do so, or the Provider become aware that a governmental authority or other authority with legal authority has enacted a new, or modified an existing, law, rule, regulation, interpretation, or decision that would make the Provider’s performance of any part of the Agreement unlawful or otherwise illegal,
2. the User violates the Terms or the law, use the Platform for a purpose the Provider do not authorize, or engage in fraudulent or illegal activities,

1. the Customer doesn't pay the requested amount when due. The Provider reserves the right to immediately and without notice suspend access to the Platform in the event that the Provider receive a Chargeback Notice. Contacting the bank or credit/debit card provider and refusing, cancelling, or disputing the charge of any amount due in connection with the use of the Platform (“Chargeback”) will be considered a breach of payment obligations. The Provider also reserves the right to dispute any Chargeback received. The Provider may take reasonable steps to restrict the Customer’s future access to the Platform if the Provider believes that the Customer has requested a Chargeback in bad faith.

12. Free access and availability. As stated above, for all Clients the Platform is available by the Provider free of charge. The availability and proper functioning of the Platform depends on several factors, some of which are beyond Provider’s control. Therefore, the Users agree that the Platform may be unavailable and access to use it may be impaired without this being considered a defective performance on Provider’s part. Therefore, the Provider cannot promise any User anything other than "best efforts" in relation to proper functioning of the Platform. This means that the Provider provides and the User accept the use of the Platform "as is" and "as available". Any bugs or other issues with the Platform itself shall be reported to the Provider’s e-mail address info@ready2wash.com.
13. No prejudice to warranties of the Customer. All warranty disclaimers of the Provider are without prejudice to warranties that Customers grant to their Clients according to the law or as a voluntary act of the Customer, especially regarding quality of their car wash services or regarding a purchase of the Tokens. If the Client reports any issue to the Customer, that the Customer deems to believe it should be solved by the Provider (therefore that it relates to the Platform itself), it shall be reported by the Customer to the Provider’s e-mail address info@ready2wash.com for the Provider’s assessment.
14. DISCLAIMER OF WARRANTIES. EXCEPT FOR THE EXPRESS WARRANTIES SET FORTH IN PRECEEDING PARAGRAFS, ALL SERVICES OF THE PROVIDER ON THE PLATFORM ARE PROVIDED “AS IS” AND “AS AVAILABLE”. TO THE MAXIMUM EXTENT PERMITTED UNDER THE APPLICABLE LAW, THE PROVIDER SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT, AND ALL WARRANTIES ARISING FROM COURSE OF DEALING, USAGE, OR TRADE PRACTICE. WITHOUT LIMITING THE FOREGOING, THE PROVIDER MAKES NO WARRANTY OF ANY KIND THAT THE SERVICES, OR ANY PRODUCTS OR RESULTS OF THE USE THEREOF, WILL MEET CUSTOMER’S OR ANY OTHER PERSON’S REQUIREMENTS, BE AVAILABLE OR OPERATE WITHOUT INTERRUPTION, ACHIEVE ANY INTENDED RESULT, BE COMPATIBLE OR WORK WITH ANY SOFTWARE, SYSTEM, OR OTHER SERVICES, OR BE SECURE, ACCURATE, COMPLETE, FREE OF HARMFUL CODE, OR ERROR FREE. ALL THIRD-PARTY MATERIALS ARE PROVIDED “AS IS” AND ANY REPRESENTATION OR WARRANTY OF OR CONCERNING ANY THIRD-PARTY MATERIALS IS STRICTLY BETWEEN THE CLIENT AND/OR CUSTOMER AND THE THIRD-PARTY OWNER OR DISTRIBUTOR OF THE THIRD-PARTY MATERIALS. Services do not replace the need for the User to maintain regular data backups or redundant data archives. THE PROVIDER HAS NO OBLIGATION OR LIABILITY FOR ANY LOSS, ALTERATION, DESTRUCTION, DAMAGE, CORRUPTION, OR RECOVERY OF CUSTOMER’S DATA.

5. USER CONTENT

1. User Content. User is responsible for its User Content. By uploading the User Content to the Platform, the User represent its authorization to do so, and that the User may grant the Provider the licenses set forth in the following paragraphs, and that the uploading, posting or subsequent use of the content will not violate any third party rights or laws.

2. Provider’s role. Provider takes a passive and neutral approach to the User Content. This means that the Provider generally does not monitor nor actively searches for facts or circumstances that would indicate that it is illegal. The Provider may on its own initiative conduct voluntary investigations or take other measures to detect, identify, remove or disable access to illegal content. The Provider may also take necessary measures to ensure compliance with legal requirements or orders from regulatory authorities. However, the Provider is not responsible for the illegality, accuracy or truthfulness of the User Content.

3. License. The User Content may be protected by copyright or other intellectual property rights. These rights remain to the User and the Provider does not take them away in any way. By uploading the User Content to the Platform, the User grants the Provider and its Affiliates a royalty-free, non-exclusive, territorially and quantitatively unrestricted license to use it for the term of the User’s proprietary rights. Provider and its Affiliates may use the User Content for its marketing, promotional and other materials, in particular to share it on social media.

4. Content guidelines. User may not upload or otherwise distribute the User Content to or through the Platform that is illegal, infringes the rights of third parties, or violates the Terms. In particular, the User may not:

1. distribute User Content that could be considered unsolicited, inappropriate or harassing advertising, and in particular no offers for products or services that are unrelated to the purpose of the Platform shall be made,
2. distribute the User Content that infringes intellectual property rights, personality rights, disrespects dignity or creates a sense of danger (for example, language that threatens, intimidates, excludes or silences someone).

5. Notifications. Provider accepts notifications about the appearance of content on the Platform that Users (or any other third party) considers to be illegal. Such notification may be sent to support@ready2wash.com. The notification must include at least the following information:

1. a sufficiently substantiated explanation of why the content in question is supposed to be illegal,

2. an unambiguous indication of the exact electronic location of the content, such as identification of specific Customer in the MobileApp and its offers and descriptions, and, if necessary, additional information to identify illegal content depending on its type,

3. the name of the person making the notification and its email address, except if notification is about content that is believed to constitute an offence referred to in Articles 3 to 7 of Directive 2011/93/EU,

4. a statement confirming that a person or an entity making the notification believes in good faith that the information and allegations contained in the notification are accurate and complete.

6. Mechanism of remedy. If the notification contains the electronic contact information of the person submitting it, the Provider will send an acknowledgement of receipt of the notification without undue delay. The Provider will also inform such person without undue delay of its decision with respect to the information to which the notification relates and provide information on further legal remedies available to such person in relation to that decision. If the Provider become aware of unlawful activity, illegal content or content that is inconsistent with the Terms, the Provider may take action to remove or disable access to it. Alternatively, the Provider may impose restrictions on the User by assigning a lower search ranking to the content, suspending, terminating, or otherwise limiting monetary payments, suspending, or terminating service to such User, or suspending or terminating the User’s account. In such case, the Provider will provide all affected Users (if the Provider has the respective electronic contact information) with a clear and specific justification for such restriction. However, if the Provider assess the content to be compliant with the law and the Terms, the Provider may also decide not to act against such content.

7. Internal Complaints Management System. Complaint may be lodged against the notification received or against the decisions referred to in the preceding paragraph within 6 months by sending an e-mail to support@ready2wash.com. If the complaint contains sufficient grounds for the Provider to conclude that the decision not to take any action on the basis of the notification is unjustified, or that the information to which the complaint relates is neither unlawful nor incompatible with the Terms, or if it contains information which shows that the complainant’s conduct does not justify the action taken, the Provider will cancel the decision referred to in the preceding paragraph without undue delay. The Provider will communicate the reasoned decision on the information to which the complaint relates, including information on the possibility of an out-of-court settlement and other available remedies, to the complainants without undue delay.

8. Precautions and protection against abuse. If the User frequently provides apparently illegal content, the Provider may suspend services and access to the Platform for a reasonable period of time and after giving the User prior notice. In addition, if the User frequently provides apparently unwarranted notifications or complaints, the Provider may suspend handling of notifications and complaints after issuing prior notice to the User. In making such determinations, the Provider will take into account the number of items of apparently unlawful content or apparently unfounded notifications or complaints submitted in a particular period, their proportion in relation to the total number of information or notifications, the seriousness of the misuse, the nature of the unlawful content, the consequences of such misuse, and the intent of the recipient of the service, person, entity or complainant, if it can be deduced.

9. Out-of-Court Dispute Resolution. Any of the out-of-court dispute resolution entities that have been certified for this purpose can be chosen to settle disputes relating to these decisions, including complaints that have not been resolved through the internal complaints management system.

6. Transparency

1. Referral systems. Car wash sites of Customers are primarily shown on the Platform based on distance from the Client. Other (if any) main parameters used in the Provider’s referral systems and the possibility to change or influence these parameters are described on the following address: ready2wash.com. For example, The Provider, its Affiliates, and Customers controlled by the Provider may have access to personal or other information that Users provide for purposes of using the Platform. Their services may have a preferential ranking in a referral system or other setting that the Provider applies which affects consumers’ access to services offered through the Platform by other Customers.

2. Limitation of Services. If the Provider decides to restrict or suspend the provision of the MobileApp services to the User other than a consumer, the Provider will provide such User with the reasons for the decision on a durable medium no later than the time the restriction or suspension takes effect. In the case of termination of all MobileApp services, the Provider will provide such User with this justification at least 30 days before it takes effect. This does not apply if the Provider is subject to a legal or regulatory obligation requiring him to terminate the provision of MobileApp services in a manner that does not allow him to meet this notice period, if the Provider do so for a compelling legal reason, or if the Provider can demonstrate that the affected user has repeatedly violated the Terms.

3. Internal Complaint Management System. In the event of a restriction, suspension or termination of services, the Provider will allow the User to clarify the facts and circumstances through the internal complaint management system. Complaint may be submitted via email sent to support@ready2wash.com. If, following a complaint, the Provider revokes the restriction, suspension or termination, the Provider will without undue delay reinstate the respective User’s services and provide such User with access to the data that arose as a result of the business User’s use of the services in question before the restriction, suspension or termination took effect.

4. Mediation under P2B. In case of a dispute of the Provider and the User (with exception of consumers), the Provider is prepared to undergo mediation in Czech or English language with these mediators:

1. Veronika Vrábel Porteš, ID no. 072 77 181, with registered seat at Antala Staška 1859/34, ZIP code 140 00, Prague 4, Czech Republic,

2. Mgr.Tereza Hanajová, ID no. 038 45 061, with registered seat Jablonec nad Nisou, Komenského 2466/15a.

5. Changes to the Terms. The Provider will give the Users a least 1 month notice of any proposed changes to the Terms on a permanent medium. This does not apply if the Provider must change the Terms based on a legal or regulatory obligation in a way that makes it impossible for the Provider to meet the notice period, or if the Provider do so exceptionally to address an unexpected and imminent danger related to protecting online intermediary services, the Users from fraud, malware, spam, data breaches or other cyber risks. The affected User may terminate the Agreement by written notice sent to support@ready2wash.com prior to the effective date of the change. The termination will take effect within 15 days of receipt of the notice but no later than on the last day of the effect of the Terms.

6. Cooperation. The Customer acknowledges, that the Provider may have certain legal obligations in connection with the operation of the Platform. These may include that the Provider must collect certain information about the Customers and provide it to the tax authority. If these obligations occur, such Customer agree to provide the Provider with the cooperation necessary to investigate and ascertain information about the respective Customer and its services. If such Customer fails to provide the Provider with the necessary cooperation, even though the Provider has requested it, the Provider may close the respective Customer’s account on the Platform and prevent such Customer from re-registering or not to pay him fees, if any occur.

7. Terms of use

7. Restrictions on Use. Users are prohibited from using the Platform in any manner or to any extent not expressly permitted by the Terms. In particular, the Users may not:

1. make false bookings (i.e. bookings in someone else's name or bookings where the User do not intend to use the services booked),

2. perform an unreasonable amount of searches or any other activity that places an increased burden on the Platform or may damage, block or disrupt the Platform (e.g. by scripting),

3. use services or software to research prices or other information, monitor, copy, scrape/crawl, download, reproduce or otherwise use any part of the Platform (including the databases contained therein) or information obtained therefrom for commercial purposes, for the purpose of inputting such data into any other database,

4. circumvent or violate the Platform's security measures or use the Platform other than as an authorised user using its own valid credentials,

5. attack the Platform, including but not limited to, inserting malware (computer viruses, Trojan horses, ransomware, etc.) or other malicious code (software or other technology that has the purpose or effect of allowing unauthorized access to or disrupting or otherwise damaging a computer, software, or network or preventing another user from accessing or using the Platform), altering, blocking or circumventing any process built into the Platform,

6. disclose any false information about the Platform, as well as truthful information that is misleading in light of the circumstances of the disclosure,

7. cause any other inconvenience or damage to other Users or treat other Users in an inappropriate manner,

8. use the Platform for the purpose of competitively analysing a service, developing, providing or using a competing service or product, or for any other purpose that is competitive with the Provider or its Affiliates,

9. otherwise use the Platform in a manner or for a purpose that infringes any intellectual property rights, other third party rights or the law.

2. User's responsibility. Users are solely responsible for:

1. the lawfulness of the processing of data the Provider receives from the User through the Platform. In particular, the User is responsible for ensuring that is entitled to transmit data to the Provider and that the Provider’s use and processing of User’s data does not infringe the rights of third parties, in particular intellectual property rights or privacy rights or obligations imposed by law or regulation. The User is obliged to inform the persons whose personal and other data transfers to the Provider of such transfer of data to the Provider as a processor, or to obtain consent to such transfer of personal data, if necessary,

2. User’s access data, in particular for its use and protection against unauthorised use,

3. User’s systems, in particular mobile phones, mobile software and network, whether operated by the User or through third party services, and for complying with the requirements set out in the Documentation,

4. all access to and use of the Platform through the User’s systems or access credentials, including any results obtained from such access or use and all conclusions, decisions and actions based thereon.

8. EXCLUSION OF DIGITAL SERVICES

1. Exclusion of digital services laws. Concerning Customers, Sections 2389g to 2389u of the Czech Civil Code do not apply. Use of the Platform is without a charge for the Clients, therefore, these sections do not apply to them either.

2. Relationship between Clients and Customers. The previous paragraph is without prejudice to possible legal obligation between the Customers and their Clients which are determined by their specific terms and conditions and according to applicable laws of their relationship.

3. CONSUMER DISPUTE RESOLUTION

4. Consumers. As some of the Clients might be so called consumers (physical person who is not an entrepreneur) sections below are describing a possibilities of out-of-court dispute resolutions for them.

5. Czech Trade Inspection. The Czech Trade Inspection Authority, with its registered office at Štěpánská 44, 110 00 Prague 1, Czech Republic reg. no.: 000 20 869, webpage: http://www.coi.cz. is competent authority for out-of-court settlement of consumer disputes. The online dispute resolution platform located at  http://ec.europa.eu/consumers/odr can be used to resolve disputes between the Provider and a Client who is a consumer under a contract concluded by electronic means.

6. ECC. The European Consumer Centre Czech Republic, with registered office at Štěpánská 567/15, 120 00 Prague 2, Czech Republic, webpage: http://www.evropskyspotrebitel.cz is the contact point under Regulation (EU) No 524/2013 of the European Parliament and of the Council on online dispute resolution for consumer disputes.

9. PROVISIONS REQUIRED BY THE STORE OPERATOR

1. Store Operator. The Platform can be used through an application that can be downloaded from the Google Play online store operated by Google LLC and the AppStore online store operated by Apple Inc (collectively, the "Store Operators"). These Terms do not apply to the relationship with the Store Operators. The Provider is solely responsible for the MobileApp, the Store Operators are not responsible for the MobileApp or User Content. In the event of a conflict between a provision of the Terms and a provision of the Store Operators' terms and conditions (such as Apple Media Services Terms and Conditions) that cannot be waived, the provisions of the Store Operators' terms and conditions will apply.

2. Device. If the User downloads the MobileApp from the AppStore, it may only be used on Apple-branded devices that the User owns or controls or through accounts linked by Family Sharing to the account from which the MobileApp was downloaded. The User must follow the terms of use set out in the Apple Media Services Terms and Conditions.

3. Responsibilities. If the Provider agrees to provide any support and maintenance services in relation to the MobileApp, the Provider will only provide such support and maintenance services to the User. The User agrees that the Store Operators are under no obligation to provide any support and maintenance services in relation to the MobileApp. To the extent that the Provider has not excluded any warranty, whether arising by law or under the Terms, it is the Provider who grants it, not the Store Operators. If any warranty is breached, the User may contact the Store Operator who may refund the price of User’s download of the MobileApp (if there was a fee). However, the Store Operators shall have no obligation to settle any of User’s warranty claims or any other claims, injury, liability, damages, costs or other expenses related to a breach of warranty, all of which shall be the Providers sole responsibility. The Provider, and not the Store Operators, shall be solely responsible for settling any claims the User may have relating to the MobileApp and/or use of the MobileApp, including, without limitation, claims arising from product liability, product defects, damages caused by defects, or failure to comply with legal requirements, whether relating to personal data, consumer rights or any other similar area, including the HealthKit and HomeKit legal framework.

4. IP. Should a third party claim that the MobileApp or User’s use of the MobileApp infringes its intellectual property rights, User and the Provider will be solely responsible for investigating, defending, settling and prosecuting such claim. User will indemnify the Provider against any damages and costs incurred by the Provider in such action at Provider’s request.

5. Sanctions. The User represent that the User is not located in a country that is subject to a U.S. government embargo or has been designated by the U.S. government as a "state sponsor of terrorism"; nor User is listed on any U.S. government list of "prohibited or restricted parties".

6. Other terms. User must comply with the relevant third party terms and conditions (for example, those of User’s internet provider) when using the MobileApp. Store operators and their affiliates are third party beneficiaries of the Terms and have the right to enforce the Terms against the Users.

10. Limitation of Liability

1. EXCLUSION OF DAMAGES. TO THE MAXIMUM EXTENT PERMITTED UNDER THE APPLICABLE LAW, IN NO EVENT WILL THE PROVIDER OR ANY OF PROVIDER’S AFFILIATES, LICENSORS, SERVICES PROVIDERS, OR PROVIDERS BE LIABLE UNDER OR IN CONNECTION WITH THE AGREEMENT OR ITS SUBJECT MATTER UNDER ANY LEGAL OR EQUITABLE THEORY, INCLUDING BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, AND OTHERWISE, FOR ANY: (a) LOSS OF PRODUCTION, USE, BUSINESS, REVENUE, OR PROFIT OR DIMINUTION IN VALUE; (b) IMPAIRMENT, INABILITY TO USE OR LOSS, INTERRUPTION, OR DELAY OF THE SERVICES; (c) LOSS, DAMAGE, CORRUPTION, OR RECOVERY OF DATA, OR BREACH OF DATA OR SYSTEM SECURITY; (d) COST OF REPLACEMENT GOODS OR SERVICES; (e) LOSS OF GOODWILL OR REPUTATION; (f) CONSEQUENTIAL, INCIDENTAL, INDIRECT, EXEMPLARY, SPECIAL, ENHANCED, OR PUNITIVE DAMAGES, REGARDLESS OF WHETHER THE CUSTOMER WAS ADVISED OF THE POSSIBILITY OF SUCH LOSSES OR DAMAGES OR SUCH LOSSES OR DAMAGES WERE OTHERWISE FORESEEABLE, AND NOTWITHSTANDING THE FAILURE OF ANY AGREED OR OTHER REMEDY OF ITS ESSENTIAL PURPOSE.

2. CAP ON MONETARY LIABILITY. TO THE MAXIMUM EXTENT PERMITTED UNDER THE APPLICABLE LAW, IN NO EVENT WILL THE COLLECTIVE AGGREGATE LIABILITY OF THE PROVIDER AND ITS AFFILIATES, LICENSORS, SERVICES PROVIDERS, AND PROVIDERS ARISING OUT OF OR RELATED TO THE AGREEMENT, WHETHER ARISING UNDER OR RELATED TO BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR ANY OTHER LEGAL OR EQUITABLE THEORY, EXCEED 100 % THE TOTAL AMOUNTS PAID TO THE PROVIDER UNDER THIS AGREEMENT IN THE 12 MONTH PERIOD PRECEDING THE EVENT GIVING RISE TO THE CLAIM OR $ 500, WHICHEVER IS LESS. THE FOREGOING LIMITATIONS APPLY EVEN IF ANY REMEDY FAILS OF ITS ESSENTIAL PURPOSE.

11. Privacy policy

1. Data Protection. Personal data of Users will be processed when using the MobileApp. Privacy policy terms, including details of this processing are available at the following Ready2Wash mobile app or ready2wash.com. If any technical and contractual access of Customers to any personal or other data provided by Users for the purposes of using the services concerned or generated in the provision of those services it will be listed in the relevant scope in the Privacy terms as well. Otherwise it will be indicated in them that such technical and contractual access does not exist.

12. Termination of the agreement

1. Termination. Clients can terminate the Agreement by deleting their account. Uninstalling the MobileApp does not constitute a deletion of the account. Customers can terminate the contract without the reason with 2 (two) months notice from the delivery of such notice to the Provider. In the last month of the notice period no Tokens can be purchased from the Customer. Customer will make all reasonable effort to inform all its Clients about closure of its service and possibility to use the remaining Tokens during the notice period.
2. Inactivity. If the User’s account is inactive for 2 (two) years, the Provider may delete such account.

13. TRANSITIONAL PROVISION

1. Old Global Tokens. As a part of the transition to new model of Tokens (purchasable only for a specific Customer), some Client’s may still possess old version of “Global Tokens” which was possible to use at any car wash site of any Customer. During the period of 6 months from the date of force of these Terms, Clients can designate their remaining Global Tokens to specific Customer. During the same time period, Customers can request a refund from the Provider for tokens which that Client designated to use at Customers site but did not need to pay for them to the Customer. The Provider will grant such refund based on invoice of the Customer to the extent of standard market price of respective services which can be covered by the respective amounts of Tokens. From the day of force of these Terms, no Global Tokens can be sold or purchased.

14. Closing provisions

2. Jurisdiction. All matters relating to the Platform and the Terms, and any dispute or claim arising therefrom or related thereto, is governed by and construed in accordance with the internal laws of Czech Republic without giving effect to any choice or conflict of law provision. Any legal suit, action, or proceeding arising out of or related to the Platform and the Terms will be instituted exclusively in the courts of the Czech Republic. If the dispute is with the Customer, the locally competent court shall be determined based on the Provider’s registered office.

3. Partial invalidity. The invalidity, ineffectiveness, apparent invalidity or unenforceability of any part of the Terms shall not affect the remaining parts of the Terms. Parties mutually agree to replace any invalid, ineffective, void, voidable or unenforceable part of the Terms with a valid, effective, non-void and enforceable part of the Terms with the same commercial and legal effect within 14 days of receipt of a request from the other party.

4. Communication. All communication shall be done mainly electronically via the emails. Emails of Clients and Customers are listed in respective User accounts. Contact information of the Provider is listed at the Platform in a corresponding contact section. If any message or meeting requires a written form, an e-mail with a simple electronic signature is sufficient.

5. Set off. No party may unilaterally set off any claim arising under or in connection with the Agreement and/or Terms against a claim of the other party without the prior written consent of the other party.

6. Force majeure. Any unforeseeable circumstances beyond reasonable control, in particular natural disasters, embargoes, strikes (including planned strikes), war, epidemics and cyber-attacks (e.g. DDoS), are considered to be a case of force majeure. If a default occurs due to force majeure, this does not constitute a material breach of Agreement.

7. Deferral of effect. Sections 5.5. to 5.9. and Sections 6.1. to 6.3. of this Terms and Conditions will come to force as of February 17, 2024.

8. Entirety of the Agreement. The Terms constitutes entire agreement in relation to its subject matter and supersedes all previous agreements in relation to the subject matter of the Terms.

9. Effective date. These Terms are in force as of March 2024.

READY2WASH PRIVACY POLICY

Personal data controller: Ready2Wash s.r.o., with registered office at Rybná 682/14, Staré Město, 110 00 Praha 1, ID number: 05335507, incorporated under the laws of the Czech Republic, registered in the Commercial Register at the Municipal Court in Prague under file no. 261957 (“we”). We provide our customers and their clients with marketplace and POS Terminal Devices (“MobileApp”) to provide services according to the concluded agreement with our distributors/car wash operators or according to the terms concluded when you create your profile in the MobileApp.

We process personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”).

1. PERSONAL DATA PROCESSED

In particular, we process data that you have provided to us or that we have obtained from your use of the MobileApp, during KYC process, communication with us, etc., as well as data derived from these data. Personal data are processed by us and gathered mainly through MobileApp, website or while providing services. Personal data are directly gathered from data subjects or through customer to which you are contractual party.

For the sake of clarity, we have divided the data processed by us into several categories, to which we refer in this document:

• Contact details. E-mail.
• User information in MobileApp. Identification of user, technical data gathered through MobileApp about user during usage of MobileApp. These information are required to maintain your account in MobileApp.
• Data in connection with fulfilment of the agreement. Payment data, information about persons stipulated on invoices, requests, statistical data about fulfilment of agreement, range of provided services under the agreement if connected with specific natural person acting on behalf of the Customer.
• Communication data. Personal data provided by contacting us through our website.
• Ready2Pay data (for KYC process). Information about Ultimate Beneficial Owners (UBO) such as identification data, address, contact details, bank account details, title, residence, ID number, date of birth, photo of ID if revenue of the Customer is above specific amount, and other data required as stipulated in Ready2Pay onboarding form attached to the Agreement and in Onboarding Data Requirements required by Adyen.
• Personal data processed during provision of Ready2Pay services. We process information such as a method of use of the services (including chargebacks, etc.), the chosen frequency of disbursement of funds, statements of payments made, information on any discounts granted, details of our joint communications, the amount of remuneration for arranging these services, details of tax documents issued and information on the due date and payment or non-payment of invoices.
• Payment data. If we provide payment for our services as providers, we also process information about purchase, payment information, chargebacks, information necessary to prevent frauds, scoring etc.

2. PURPOSES OF THE PROCESSING OF PERSONAL DATA

We process your personal data as a data controller for the processing purposes set out below, on the basis of the legal bases set out here, for a limited period of time and only to the extent described here.

1. Provision of services, launching Ready2Pay services

We primarily process personal data to provide you with our services, to provide you with MobileApp and requested services, in particular when you register in the MobileApp, create a user account, contact us for further information, ensure KYC process when providing Ready2Pay services, launch of the Ready2Pay service, ensuring payment through our MobileApp. As part of this, we may also send you messages about the conclusion and performance of a contract, new product and service releases, payment reminders, etc.

For this purpose, we process your Contact details, User information in MobileApp, Data in connection with fulfilment of the agreement, Ready2Pay data (for KYC process), Personal data processed during provision of Ready2Pay services.

Payments are made via services of Adyen which is described in part C of this privacy policy. With Adyen, you information may also be shared due to the fact that separate agreement with Adyen is also concluded when Ready2Pay services are provided.

The legal basis for this processing is the performance of the contract between you and us and the need to take steps at your request before entering into the contract or, where you are not directly party to the contract (if you are, for example, an employee of our customer or person acting on behalf of customer), our legitimate interest in the performance of any contract entered into.

The data are processed for the duration of the concluded contract and for the period necessary for the performance of the obligations under such contract, or until the expiry of 10 years from last transaction according to mutual agreement concluded.

2. Ensuring payments in the MobileApp

We need to process personal data to fulfil our service - to enable payment for services we provide. We will also process personal data for possible assistance with solving problems regarding payment or complaints. We also have access to some data for the billing of our remuneration. Adyen will process personal data to comply with its obligations under the law (mainly for anti-money laundering purposes).

For this purpose, we process Payment data.

The legal basis for this processing is performance of contract (provision of service) and fulfillment of legal duties. Data are processed for the duration of the service and thereafter for 3 years from the individual transaction. Personal data processed for compliance with legal obligations (anti-money laundering legislation) is processed for 10 years from the last provision of the service or transaction.

3. Protection of rights and duties and protection against frauds and misuse

We may also process your data to protect us from frauds, money laundering and unauthorized use of our MobileApp and services and your services to ensure their safe use. Also, we may use personal information to protect our own claims.

For this purpose, we process your Contact details, User information in MobileApp, Data in connection with fulfilment of the agreement, Ready2Pay data (for KYC process), Personal data processed during provision of Ready2Pay services, Payment data.

The legal basis for this processing is our legitimate interest in protecting our rights and duties and protection against frauds and misuse.

We process the data until a maximum of 10 years after the end of the concluded contract. This period may be changed according to the current state and also according to the specific findings and caused frauds.

4. Support and promotion of our products and services

We may process the data you provide when you review, register, or purchase our services to inform you about our other products, services or promotions, news, announcements, new releases, etc.

For this purpose, we process your Contact details, User information in MobileApp, Data in connection with fulfilment of the agreement.

The legal basis for this processing is our legitimate interest in supporting and promoting our products and services. The data is processed until a maximum of 2 years after the termination of the contract concluded with you.

In addition to objecting to the processing of data for this purpose, you may opt out of receiving any newsletter at any time by using the unsubscribe links provided in the footer of each message sent.

5. Fulfilling legal obligations

We may also process your personal data in order to comply with our legal obligations, particularly in the area of taxes, accounting, AML and fraud detection. At the same time, we need to be prepared to provide cooperation to state authorities if we are required to do so by law.

For this purpose, we process your Contact details, User information in MobileApp, Data in connection with fulfilment of the agreement, Ready2Pay data (for KYC process), Personal data processed during provision of Ready2Pay services, Payment data.

The legal basis for this processing is the fulfilment of our legal obligations. Those data are processed for the period of time required by law.

Processing related to the use of the MobileApp

6. Site operation and security (necessity)

We process your personal data for the operation of the MobileApp and its security, i.e. for the presentation of information on the MobileApp, the internal functioning of the MobileApp, your identification as a Creator or Customer when browsing and repeated visits to the MobileApp, and for ensuring your security.

For this purpose, we process technical data when using MobileApp that may be stored in your browser.

The legal basis for this processing is our legitimate interest in the proper functioning and safe operation of our MobileApp. Data are processed, as a rule, for the duration of your visit to the MobileApp, for a maximum of 1 year from the date of collection.

3. SHARING OF PERSONAL DATA

At the same time, we may share personal information with third parties who help us provide our products and services to you. These parties act as our data processors and will only process personal data for us, within the scope of our processing purposes set out above. Specifically, this includes:

• Adyen N.V., a company registered in Amsterdam under number 34259528 and having its seat at Simon Carmiggeltstraat 6-50, 1011 DJ in Amsterdam, the Netherlands to secure payments.
• Amazon Web Services Emea Sarl providing Amazon Web Services where personal data from MobileApp are stored. Amazon company is registered under Data Privacy Framework: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000TOWQAA4&status=Active.
• Car wash operators to which we provide services.

In addition to this, we may share your personal data with certain third parties as data controllers for the purpose of "Fulfilling Legal Obligations" where we are obliged to do so under applicable legislation (in particular, administrative authorities, police authorities and judicial authorities). Similarly, we may be obliged to share your data with persons who claim to have been harmed by your conduct.

We also share your personal data with third parties as data controllers to help us process your payments for the services you have ordered as part of the purpose of "Provision of services and related information". These partners include Adyen company.

Moreover, your personal data can only be accessed at Ready2Wash by persons who are authorised to do so, and even then, only to the extent required in connection with the aforementioned purposes. Encryption is always used for transmitting data that is collected during registration or access to the Ready2Wash services.

Where we share your personal data with controllers and processors in third countries (outside the EEA), we only do so where there is a decision by the European Commission that a particular country outside the EEA provides an adequate level of data protection, including where controllers or processors have adopted additional data protection measures such as Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs).

4. YOUR RIGHTS IN PROCESSING AND THE POSSIBILITY OF EXERCISING THEM

Just as we have rights and obligations when processing your personal data, you have certain rights when processing your personal data as set out in the following paragraphs. You have the right to (i) request access to your personal data; (ii) withdraw your consent; (iii) request rectification of your personal data; (iv) request erasure of your personal data; (v) request restriction of the processing of your personal data; (vi) request portability of your personal data; (vii) object to the processing of your personal data; or (viii) lodge a complaint with the relevant supervisory authority.

In all matters related to the processing of your personal data, whether it is a question, the exercise of rights, sending a complaint to our hands, etc., you can contact us at support@ready2wash.com.

Your request will be processed without undue delay, at most within 1 month. In exceptional cases, in particular due to the complexity of your request, we are entitled to extend this period by a further 2 months. We will, of course, always inform you of any such extension and the reason for it.

You also have the right to lodge a complaint with the supervisory authority as described below.

7. Right of access

You have the right to obtain confirmation from us as to whether or not we are processing your personal data. If we process your personal data, you also have the right to request access to information about the purpose and scope of the processing, the recipients of the data, the duration of the processing, the right to rectification, erasure, restriction of processing and to object to the processing, the right to file a complaint with a supervisory authority and the sources of the personal data (this information is already provided in this document). You can also ask us for a copy of the personal data we process. We provide the first copy free of charge; further copies may be subject to a fee. The scope of the data provided may be limited so as not to interfere with the rights and freedoms of others.

8. Right to withdraw consent

You have the right to withdraw your consent to the processing of personal data at any time. However, the withdrawal of consent does not affect the lawfulness of the processing prior to such consent, nor does it lead to the termination of the processing of personal data that has already been anonymized.

9. Right to repair

You have the right to request us to correct inaccurate personal data concerning you. Depending on the purpose of the processing, you may also have the right to have incomplete personal data completed, including by providing an additional declaration.

10. Right to erasure (right to be forgotten)

You have the right to request the deletion of your personal data in cases where:

• We no longer need your personal data for the purposes for which it was collected or processed;
• you withdraw the consent on the basis of which the personal data was processed and there is no further reason for processing it:
• you object to processing and there are no other overriding reasons for processing, or you object to processing for direct marketing purposes;
• personal data are processed in violation of the law.

However, you cannot exercise this right where the processing is necessary for compliance with our legal obligations or tasks entrusted to us in the public interest or for the establishment, exercise, or defense of legal claims.

11. Right to restriction of processing

You have the right to request restriction of the processing of your personal data in cases where:

• you contest the accuracy of your personal data; in this case, you may request a restriction of processing until the accuracy of the personal data has been verified;
• the processing is contrary to the law and instead of erasure, you request a restriction of the processing of personal data;
• We no longer need your personal data for the purposes for which it was collected or processed, but you require it for the establishment, exercise, or defense of legal claims;
• you have objected to the processing of your personal data; in this case, you may request a restriction of processing until it is verified that our legitimate interests prevail.

1. Right to portability

You have the right to obtain a copy of your personal data that we process by automated means on the basis of your consent or for the performance of a contract. We will transmit this data in a commonly used and machine-readable format to you or to a controller designated by you, if technically feasible. The scope of the data provided may be limited so as not to interfere with the rights and freedoms of others.

2. Right to object

You have the right to object to the processing of your personal data that we process on the basis of our legitimate interest. We will stop processing your data if there are no other overriding reasons for processing or if the processing is not necessary for the establishment, exercise, or defense of legal claims or if you object to processing for direct marketing purposes.

5. RIGHT TO FILE A COMPLAINT

In addition to the possibility of exercising your rights with our company, you can also file a complaint with the relevant supervisory authority, which is the Office for Personal Data Protection located at Pplk. Sochora 27, 170 00 Prague 7.

6. CHANGES TO THIS INFORMATION

This processing information is effective as of 01.01.2024.. We are entitled to change this processing information from time to time, so please check it regularly. We will post any changes to this document on our website.

ANNEX 2: DATA PROCESSING TERMS

1. The Provider and the Customer have agreed on the basis of the Service order form and attached documents (the "Agreement") to mutual relationship where Customer provides Ready2Wash services as defined in Terms of services (the “Services”). Part of Services is also provision on MobileApp. These data processing terms (hereinafter as the "Processing Terms") are attached as Annex 2 to the Agreement. Words starting with capital letters shall have the same meaning as set out in the Terms or the Agreement or any other annex referred to in the Terms or the Agreement, unless otherwise stated in these Processing Terms.
2. The following Processing Terms are in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter as "GDPR"), and with Act No. 110/2019 Coll., on the processing of personal data.
3. During provision of Services, the Provider acts in both ways – as a personal data controller and a personal data processor. In Part A – Provider informs Customer about how the Provider process personal data according to the Article 13 of the GDPR and in Part B – the Provider stipulates terms of data processing where the Provider acts as personal data processor according to the Article 28 of the GDPR.

PART A – THE PROVIDER AS PERSONAL DATA CONTROLLER

1. PERSONAL DATA PROCESSED, PURPOSE, LENGTH AND RECIPIENTS

1. Types of personal data. In accordance with subscription details specified in the Agreement, the Provider may process following personal data about the Customer or its natural persons acting on behalf of the Customer:

1. Contact details. E-mail.
2. User information in MobileApp. Identification of user, technical data gathered through MobileApp about user while using MobileApp.
3. Data in connection with fulfilment of the Agreement. Payment data, information about persons stipulated on invoices, requests, statistical data about fulfilment of Agreement, range of provided services under the Agreement if connected with specific natural person acting on behalf of the Customer.
4. Ready2Pay data. Information about Ultimate Beneficial Owners (UBO) such as identification data, address, contact details, bank account details, title, residence, ID number, date of birth, photo of ID if revenue of the Customer is above specific amount, and other data required as stipulated in Ready2Pay onboarding form attached to the Agreement and in Onboarding Data Requirements required by Adyen.

Personal data are processed by the Provider and gathered through MobileApp, during KYC process, while providing Ready2Pay services. Personal data are directly gathered from data subjects or through the Customer as contractual party.

2. Purpose of processing. The Provider will process personal data for the purpose of fulfilment of Agreement (and Terms) under legal basis set out in the Article 6 paragraph 1 letter b) of the GDPR and personal data should be provided to conclude and fulfil Agreement. Personal data will also be processed for the purpose of fulfilment of legal duties (tax, accounting) under legal basis set out in the Article 6 paragraph 1 letter c) of the GDPR. Personal data may also be used by the Provider to protect rights and duties (and ensure KYC, onboarding process etc.) under legitimate interest set out in the Article 6 paragraph 1 letter f) of the GDPR. Specific details about purposes are stipulated in Privacy Policy available at kconnect.ready2wash.net, ready2wash.net, ready2wash.com..
3. Length of processing. Personal data will be stored for the duration of mutual relationship between the Provider and the Customer and then for the period stipulated by law or for the period of 10 years (to protect claims of the Provider).
4. Recipients. Personal data may be shared with:

1. Adyen N.V., a company registered in Amsterdam under number 34259528 and having its seat at Simon Carmiggeltstraat 6-50, 1011 DJ in Amsterdam, the Netherlands in cases where Ready2Pay Services are provided.
2. Amazon Web Services Emea Sarl providing Amazon Web Services where personal data from MobileApp are stored. Amazon company is registered under Data Privacy Framework: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000TOWQAA4&status=Active.

1. Other information. Other information about personal data processing, including rights are available here:  kconnect.ready2wash.net, ready2wash.net, ready2wash.com

PART B – THE PROVIDER AS PERSONAL DATA PROCESSOR

2. INTRODUCTORY PROVISIONS

1. Processing of personal data as a processor. As the Provider may process personal data on behalf of the Customer on the basis of the provision of the Services ordered by the Customer, the Provider acts as a processor of personal data in relation to the Customer.
2. Authorisation to process personal data. The Customer hereby authorizes the Provider to process the personal data of the data subjects provided by the Customer within the framework of the provision of the Services, to the extent set out in these Processing Terms. The Provider will process personal data for the Customer based on the Customer's instructions and to the extent necessary for the proper performance of the Provider's obligations under the Agreement. For avoidance of any doubt, the Customer will also conclude separate contract with Adyen where separate data processing terms shall apply. The Provider is not liable for any fulfilment under such contract with Adyen.
3. Customer responsibility. If the Provider acts as the personal data processor, the Customer is responsible for fulfilling all obligations in relation to the processing of personal data, in particular for properly informing data subjects about the processing of personal data, obtaining consent to the processing of personal data, if necessary, handling requests from data subjects regarding the exercise of their rights (such as the right to information, access, correction, erasure, restriction of processing, objection, etc.). The Provider will assist the Customer in fulfilling these obligations via MobileApp functionalities and settings. However, the Provider is not responsible at any way for the accuracy and legality of the activities carried out by the Customer.

3. SUBJECT MATTER OF PROCESSING, CATEGORY OF DATA SUBJECTS AND TYPE OF PERSONAL DATA

1. Types of personal data. Under the subject matter of fulfilment of duties under Agreement, those personal data may be processed in accordance with this Processing Terms:

1. identification data (name, surname);
2. contact details (e-mails);
3. car plate numbers;
4. Ready2Pay data (if the Provider acts as processor for provision of support services according to Ready2Pay terms);
5. information about transactions made through MobileApp;
6. other personal data uploaded to MobileApp by the Customer or other data subjects (Client) while providing Services.

1. Categories of data subjects. Personal data will be processed about these categories of data subject:

1. the Customer (their employees and other natural persons cooperating with the Customer);
2. the Affiliate (their employees and other natural persons);
3. end users of MobileApp;
4. the Customer’s Clients while using Ready2Pay Services (if the Provider is acting as personal data processor for support services);
5. other persons about whom the Customer has provided personal data to the Provider and whose personal data has been recorded or will be provided or otherwise processed in accordance with the provision of the Services to the Customer.

4. NATURE AND PURPOSE OF PROCESSING

1. Nature of the processing of personal data. The Provider will process personal data in an automated, electronic manner, whereby the processing will consist of accessing the personal data as part of the provision of the Services, viewing the personal data, storing personal data, transferring personal data, accessing personal data to the Customer and their workers on demand and other activities which by their nature correspond to the provision of the Services to the Customer.
2. Purpose of processing. The purpose of the processing is to provide the MobileApp and Ready2Pay services (support and account linking MobileApp and POS) to the Customer, troubleshooting of the MobileApp and other may arise from the scope of provision of the Services to the Customer.

5. PROCESSING TIME

1. Duration of processing of personal data. The processing of personal data will be carried out for the duration of the Agreement, or for as long as the Customer instruct the Provider, in connection with the performance of the Agreement. The Provider undertakes to comply with the obligations set out in the data protection laws for the entire duration of the Agreement, unless it is clear from the Agreement that they are to continue after its termination. The Provider may also process personal data for the duration stipulated by purposes where the Provider acts as personal data controller.

6. OTHER RIGHTS AND OBLIGATIONS OF PROVIDER

1. Summary of obligations. In processing personal data, the Provider is obliged to:

1. process personal data solely on the basis of documented instructions of the Customer; for the avoidance of doubt, the processing of personal data in accordance with the Provider's obligations under the Agreement shall be deemed to be carried out in accordance with the Customer's instructions;
2. follow the Customer's instructions regarding the transfer of personal data to a third country or an international organisation, unless such processing is already required by European Union or Member State law to which the Provider is subject, in which case the Provider shall inform the Customer of this legal requirement prior to processing, unless such legislation prohibits such information for important reasons of public interest;
3. ensure that persons authorised to process personal data are bound by an obligation of confidentiality or are subject to a legal obligation of confidentiality;
4. taking into account the nature of the processing, assist the Customer through appropriate technical and organisational measures, where possible, to comply with the Customer's obligation to respond to requests to exercise the rights of data subjects;
5. assist the Customer in complying with the Customer's obligations to (i) ensure the level of security of the Processing, (ii) report personal data breaches to the Data Protection Authority and, where applicable, to Data Subjects, (iii) assess the impact on the protection of personal data and (iv) carry out prior consultation with the Data Protection Authority, all taking into account the nature of the Processing and the personal data held by the Provider;
6. in accordance with the Customer's decision, delete all personal data upon termination of the provision of performance under the Agreement, and delete existing copies, unless the law of the European Union or a Member State requires the storage of the personal data in question;
7. allow the Customer or a person authorised by the Customer to check (including audit or inspection) compliance with these Processing Terms, in particular the obligations for processing personal data arising therefrom, and shall contribute to such controls as reasonably instructed by the Customer or the authorised person; the specific rules for audits are set out in Articles 7.3 and 7.4 of these Processing Terms; and
8. provide the Customer with all information necessary to prove that the obligations set out in the GDPR and other data protection legislation have been met.

1. Termination of cooperation. In the event of termination of Agreement, the Provider will delete or transfer back all personal data that were processed under Part B of these Processing Terms. The Provider will keep by default personal data for the 2 months after notification of termination by the Customer. The Provider will not delete personal data if required by law or by purposes stipulated by the Provider as personal data controller.
2. Audits. The Customer shall send any request for an audit (check) exclusively to the Provider’s e-mail address info@ready2wash.com. Upon receipt of an audit request, the Provider and the Customer shall agree in advance on (a) the possible date of the audit, security measures and how to ensure compliance with confidentiality obligations during the audit, and (b) the expected start, extent and duration of the audit. If no agreement is reached within 30 days of the date of the request, the Provider shall determine the terms of the audit.
3. Auditor. The Provider may object in the written form to any auditor (authorised person) appointed by the Customer if, in the Provider's opinion, the auditor is not sufficiently qualified, is not independent, is in a competitive position with the Provider or is otherwise manifestly unsuitable. Following an objection, the Customer shall be obliged to appoint another auditor or to carry out the audit itself.
4. Requests from data subjects. The Provider undertakes, in the event of receipt of any request from a third party (in which the Provider acts as a processor of personal data) concerning the processing of personal data, in particular a request from the Customer's data subject concerning the exercise of his/her rights, to inform the Customer immediately, but no later than within 14 days of receipt, of such information and to provide him/her with the necessary assistance for its processing in accordance with the GDPR. The Provider will provide assistance as far as reasonably possible and taking into account the nature of the processing of personal data, the information available to the Provider, industry practices and costs.
5. Involvement of other processors. The Customer gives general consent to the involvement of other processors in the processing of personal data. Depending on the type of the Services provided, the Provider may use other processors. The Customer hereby agrees that the Provider will involve:

1. Amazon Web Services Emea Sarl providing Amazon Web Services where personal data from MobileApp are stored. Amazon company is registered under Data Privacy Framework: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000TOWQAA4&status=Active.
2. Workers of the Providers that act on cooperation or any other agreement.

1. Objections to involvement of other processors. The Provider shall inform the Customer in written form set by the Provider about the involvement of the additional processor before the involvement of the additional processor, and the Customer may object to the involvement of the additional processor within 14 days. If the Customer does not object within the time limit, the Provider will engage the additional processor. If the Customer objects, the Provider will assess the objection and, if it finds it justified, it will not engage the additional processor, or may terminate the contractual relationship with the Customer (or part of it) or not provide the part of the Service to which the additional processor is linked, without being in default or in breach of any obligation.
2. Obligation to other processors. If the Provider engages another processor to process personal data, this other processor must contractually commit to the same obligations to protect personal data as those agreed between the Customer and the Provider, in particular to implement appropriate technical and organisational measures.
3. Costs related to the performance of the Processing Terms. Unless otherwise agreed in written form between the Provider and the Customer, the Customer shall bear their own costs associated with the performance of the Processing Terms.

7. SECURITY OF PERSONAL DATA

1. Obligation to secure personal data. The Provider has adopted and maintains technical and organizational measures to prevent unauthorized or accidental access to, modification, destruction or loss of personal data, unauthorized transmissions, other unauthorized processing or other unauthorized misuse of personal data.
2. Specific measures. In particular, the Provider has adopted and maintains the following measures to ensure an adequate level of security:

1. pseudonymisation and encryption of personal data;
2. the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services - the measures in place and their correct functioning will be regularly controlled;
3. the ability to restore the availability of and access to personal data in a timely manner in the event of physical or technical incidents;
4. a process for regularly testing, assessing and evaluating the effectiveness of the technical and organisational measures in place to ensure the security of processing;
5. prevention of unauthorised persons from gaining access to personal data and prevention that personal data will be used without authorization;
6. persons authorized to process personal data have access only to those personal data they need and are authorized to access, and that personal data cannot be read, copied, altered or removed without authorisation during processing;
7. personal data cannot be modified or deleted without authorisation during electronic transmission, transport or storage, and that the recipient entities for any transfer can be established and verified;
8. all accesses to personal data are logged (entry control);
9. personal data are processed only in accordance with instructions;
10. personal data are not exposed to the Customer by default in the MobileApp, but only on request from the Customer.

3. Security incidents. If the Provider discovers a personal data breach, it shall report it to the Customer without undue delay and within 48 hours at the latest, and shall use reasonable efforts to provide the Customer with all information known about the incident, in particular to the extent provided for in Article 33 (3) GDPR. The Provider will respond to any request from the Customer to provide assistance in the event of a security breach within the period set out in this Article 8.3 of the Processing Terms.
4. Unlawful instructions. In the event that the Customer instructs the Provider in such a way that a breach of obligations under the GDPR or other legislation occurs, and the Provider is sanctioned by a supervisory authority or other regulatory body on the basis of such instruction, or is required to compensate data subjects, the Customer agrees to compensate the Provider and pay for any damages incurre.
5. Limitation of compensation. In the event that the Provider is obliged to pay the Customer any compensation, this obligation shall be limited to the amount 20 EUR.

**Imprint
**
Ready2Wash is a self service car wash software solution provided by:

Ready2Wash s.r.o (for EU region countries)

Ready2Wash s.r.o., with its registered office at Rybná 682/14, Staré Město, 110 00 Praha 1, identification number: 05335507, registered in the Commercial Register kept by the Municipal Court in Prague under File No. C 261957 VAT Registration No.:CZ05335507

**
Sempra d.o.o. (for Serbia)**

Postal address:

Nikole Tesle 42, 2100 Novi Sad, Serbia

Country court of Belgrade

VAT Registration No.: 109374723

**
CONTACT**

Private and business seller and support:

+420 490 000 030 (Mo. - Fr.: 10:00 - 16:00h)

support@ready2wash.com

Dealers:

+420 490 000 030 (Mo. - Fr.: 10:00 - 16:00h)

info@ready2wash.com

Email: support@ready2wash.com

Last revised in Prague on March 2024. (c) 2024 Ready2Wash s.r.o. All rights reserved.