These general terms and conditions (the ”General Terms”) shall enter into force upon the date designated in the Service Agreement between Edenred Finland Oy, 00510 Helsinki, Business ID 1057825-2 (”Edenred”) and the client (the ”Client”). Each of the Client and Edenred shall hereinafter in these General Terms be individually referred to as a ”Party” and jointly as the ”Parties”.
These General Terms shall be applicable to the contractual relationship between Edenred and the Client, subject to the following order of priority:
1. Service Agreement
2. Data Processing Addendum
3. General Terms
4. Price List
Items 1 – 5 shall jointly form the agreement between Edenred and the Client (the ”Agreement”).
The following definitions are used in this Agreement:
’Edenred Lounas’ shall mean the Beneficiary’s personal Edenred Solution issued by PrePay Technologies Ltd, a company belonging to the Edenred Group, under a license granted by MasterCard International Incorporated. Edenred administers the Edenred Lounas solution, valid in Finland and that may only be used to purchase prepared meals in restaurants, cafeterias and other food establishments belonging to a limited network of food establishments that accept the Edenred Lounas solution.
’Edenred Virike’ shall mean the Beneficiary’s personal Edenred Solution issued by PrePay Technologies Ltd, a company belonging to the Edenred Group, under a license granted by MasterCard International Incorporated. Edenred administers the Edenred Virike Solution, valid in Finland and that may only be used to purchase cultural and sports services from service providers belonging to a limited network of establishments that accept the Edenred Virike Solution.
’Edenred Työmatka’ shall mean the Beneficiary’s personal Edenred Solution issued by PrePay Technologies Ltd, a company belonging to the Edenred Group, under a license granted by MasterCard International Incorporated. Edenred administers the Edenred Työmatka Solution that is valid in Finland and that may only be used to purchase commuting services from service providers belonging to a limited network of establishments that accept the Edenred Työmatka Solution.
’Edenred Card’ shall mean the Beneficiary’s personal Edenred Solution issued by PrePay Technologies Ltd, a company belonging to the Edenred Group, under a license granted by MasterCard International Incorporated. Edenred administers the Edenred Solution that is valid in Finland. The Edenred Solution combines the features of the Edenred Lounas and Edenred Virike Solutions.
’Edenred Mobile’ shall mean all the mobile application and/or online-based Edenred Solutions encompassed by the Agreement.
’Edenred Account’ shall mean the user account in which the Beneficiary’s information pertaining to the Edenred Solution is recorded and where the usable value of the Edenred Solution is loaded.
’Beneficiary’ shall mean the Client’s employee, entitled to utilise Edenred Solutions under the Agreement.
’Online Service’ shall mean any application offered by Edenred allowing the Client or Beneficiary to manage their Edenred Solution or matters or orders pertaining thereto.
’Instructions’ shall mean all rules, guidelines, regulations and other instructions provided by Edenred to the Client and/or Beneficiary from time to time and that pertain to the utilisation and functioning of the Edenred Solutions, such as instructions concerning technical details and guidelines published by the authorities, including the Finnish Tax Administration.
’Authorised Service Provider’ shall mean any service provider that has concluded an agreement with Edenred and that based on such an agreement is authorised to accept certain Edenred Solutions as payment for the provision of specified products or services.
3. BACKGROUND AND PURPOSE
These General Terms set out the conditions subject to which Edenred shall deliver and the Client shall order Edenred Solutions for the Beneficiaries, as well as the other general terms and conditions applicable to the Agreement.
The utilisation of Edenred Solutions must occur in compliance with authority´s decisions and guidelines in force from time to time, including the decisions and guidelines of the Finnish Tax Administration. The Client warrants that it is aware of the authority´s decisions and guidelines mentioned under this clause, and of the fact that any restrictions attributable to same or amendments to such decisions and guidelines may impact the utilisation of the Edenred Solutions, and the Services provided by Edenred under these General Terms. The Client shall be liable to ensure that the Beneficiaries are aware of the content of the authority´s decisions and guidelines, and of the impact of same upon the utilisation of the Edenred Solutions.
4. ORDERING OF EDENRED SOLUTIONS
Persons authorised by the Client manage the Client’s user account using credentials delivered by email to the address designated in the client details. Edenred shall only process orders and loading requests received from a legal representative of the Client, or from a person duly authorized by the Client in accordance with this Agreement. Edenred strives to process requests for the loading of usable value in one day, and to deliver the Edenred Solutions within 10 working days of the date of the order.
The Client agrees to provide Edenred with all requisite information regarding the Beneficiary. The Client shall be liable for the correctness of the information concerning the Beneficiary provided by it and for the Beneficiary being the Client’s employee. The Edenred Solutions shall be delivered to the address designated by the contact person in the Online Service. Edenred shall reserve the right to refrain from granting a new or replacement Edenred Solution to a person designated by the Client without indicating any reason for same.
5. USER NAME AND PASSWORD
The Client shall be solely responsible for the utilisation of the user name and password and for confidentiality. The user name and password shall be strictly confidential, and must not be disclosed to any third parties. The Client shall be liable for all use occurring under the user name and password, as well as for orders made based on same, until Edenred is requested to block access to the user account.
The Client shall forthwith notify Edenred, in case the Client detects unlawful signing-in into their user account, if a third party has become privy to the user name or password, or if it has been lost, or if for some other reason they must be changed or closed.
6. USAGE RESTRICTIONS
Edenred shall have the right to temporarily restrict the use of the Edenred Solutions at any time, or to prevent same permanently, in case Edenred has a justified cause to suspect that the Beneficiary or Client is utilising the Edenred Solution in violation of the terms and conditions.
The Client may restrict the utilisation of the Edenred Solution, in case it has negotiated upon an exceptional Edenred Solution usage restriction with Edenred.
7. UPDATE AND MAINTENANCE
Edenred shall have the right to discontinue the use of the service, without incurring any liability to indemnify the Client or Beneficiary, in case this is necessary due to the maintenance, repair or development of the services, or if there is other justified cause for the discontinuation. To the extent possible, Edenred shall inform the Client in advance of any outages in the service.
8. CLIENT COMMUNICATIONS WITH EDENRED AND CHANGES TO CLIENT DETAILS
The Client shall send notices to Edenred via the Website.
In the case of changes in the client details that could impact the Agreement between the Parties or the service provided by Edenred (including changes in the Beneficiaries), the Client shall promptly notify Edenred thereof by filling out a form on the Website intended for the purpose or by notifying the changes via the Online Service. The Client shall be liable for the correctness of the information it provides to Edenred, and Edenred shall not be obligated to verify or supplement any information provided to it.
9. EDENRED’S COMMUNICATIONS WITH THE CLIENT AND THE BENEFICIARY
Edenred shall provide the Client with notices pertaining to the Agreement and the service provided by it in the Online Service, or on the Website, or by email or mail, to the address notified to Edenred, the postal service or the authorities.
The Client shall be deemed to have received and understood the notices provided by Edenred to the Client latest on the seventh day of the notice being available to the Client in the Online Service or on the Website, or of being sent to the Client’s email, or an address notified to Edenred, the postal service or the authorities. Edenred may issue notices to the Beneficiary relating to the service offered by it and it may support the deployment of the service by email, SMS, on the Website or in the Online Service intended for the Beneficiaries. Via the Online Service, Beneficiaries may also monitor and manage their Edenred Solution and matters or orders pertaining thereto.
10. VALIDITY AND DURATION
The Edenred Solutions shall remain in force for 24 months of ordering the Edenred Solution. Should one wish to continue to use of the Edenred Solution beyond the expiration of the term of validity, or in case a Beneficiary requires a replacement Edenred Solution in place of a damaged, lost or stolen one, the Client must order the Beneficiary a new Edenred Solution. Edenred shall invoice the Client for the extension in accordance with the price list attached as Appendix 4. The terms of validity and price lists may vary depending on the Edenred Solution in question.
The usable value loaded onto an Edenred account shall remain in force for 24 months of the loading of the useable value. The Beneficiary cannot use any unused usable value after the expiration of the term of validity. In case the Beneficiary’s employment relationship with the Client ends, the Client decides to remove the Beneficiary from the scope of the benefit, or the Client terminates the Agreement with Edenred, the usable value of the Edenred account shall expire within thirty (30) days of the Client notifying Edenred of same. Under no circumstances shall Edenred reimburse any unused usable value on the Edenred account to the Client or Beneficiary (excluding Edenred Virike).
Funds loaded onto the Edenred Virike account shall be reimbursed to the Client upon its request, once the term of validity of 24 months has expired. For the purposes of the reimbursement, the Client shall confirm the payment details to Edenred within six (6) months. The funds will be reimbursed as soon as technically possible, only to Clients that have confirmed the payment details. The reimbursement fee and the reimbursement restrictions have been specified in the price list under Appendix 4. Any usable value remaining upon the expiration of the Agreement and the usable value expiring during the calendar month in question shall not be reimbursed.
The maximum amounts of the usable value of the Edenred Solutions, along with all other limitations, shall be determined based on the limits determined by the Finnish Tax Administration in its guidelines from time to time. The usable value of an Edenred Solution cannot be assigned to another Beneficiary or to any third party. The usable value found on the Edenred account cannot be exchanged into cash and no change is given for it in conjunction with payment.
The Client agrees to pay Edenred the payments specified in this Agreement during the term of validity of this Agreement.
In the case of the Client failing to effect a payment that is overdue, without committing to any other available right or remedy, Edenred Finland shall be entitled to postpone the fulfilment of its own operations until such payments have been effected and/or; to obligate the Client to effect interest on arrears in accordance with the Finnish Interest Act in relation to the outstanding amount as of the date following the due date, until the payment has been effected in its entirety and to declare the agreement voided, if the Client has not paid its outstanding payments within thirty (30) days of Edenred Finland issuing a written notice to the Client regarding the payment of the outstanding amount.
12. COLLECTION AND RETENTION OF INFORMATION
The Client acknowledges that the delivery and provision of Edenred Solutions to the Client involves the processing of the Client’s and the Beneficiaries’ personal data by Edenred, with the Client acting as the data controller and Edenred acting as the data processor. The Parties have agreed upon the processing of such personal data by means of a separate Data Processing Addendum (“DPA”), attached as part of the Service Agreement, Appendix 2. The aforementioned DPA Addendum shall be applicable as such to all of the personal data processing conducted by Edenred on account of the Client in conjunction with the provision of the Edenred Solutions.
13. INTELLECTUAL PROPERTY RIGHTS
The Parties undertake to maintain confidential all information pertaining to the Service Agreement or that has been indicated as being confidential or that should be understood as being confidential, unless otherwise provided by this Agreement or valid legislation. Neither Party shall have the right to disclose any confidential information to any third party, or to use such information for any purpose other than that set forth in this Agreement without the written consent of the other Party. Edenred shall have the right to express confidential information to its group companies, subcontractors and MasterCard International Incorporation, as well as to the authorities. The confidentiality obligation shall remain in force for the duration of this Agreement and for three (3) years after the expiration thereof, unless a longer confidentiality period is required under the legislation.
Under no circumstances shall Edenred be liable for the actions of the Authorised Service Providers, for the products or services provided by same, including the availability, usability or quality thereof, or for any damage incurred from the actions of the Authorised Service Providers, or for any other factors pertaining to the Authorised Service Providers.
The liability of each of the Parties under this Agreement shall be limited to a sum equivalent to the amount of service fees paid during the 12 months preceding the claim for compensation.
Neither Party shall be liable to the other Party for any indirect or consequential loss incurred by the other Party, such as loss of profit or data, or deterioration of goodwill, unless the damage was caused wilfully or with gross negligence or through a breach of the confidentiality provisions.
16. FORCE MAJEURE
Neither Party shall be liable for any delay or a failure to fulfil its obligations under this Agreement, if caused by a Force Majeure event. A Force Majeure event shall be deemed to comprise an event occurring after the conclusion of the Agreement, being an unforeseen event beyond the control of the Parties of which the Parties were not aware, which the Parties are not able to influence and that prevents or precludes the fulfilment of the obligations under the Agreement. Such events include, inter alia, fire, natural disaster, mobilisation, war, foreign exchange restrictions, import and export restrictions, strike, lock-out, cyber-attack, disruptions in or failure of telecommunications or payment terminal connection difficulties.
17. VALIDITY OF AGREEMENT
This Agreement shall enter into force upon the signing thereof by both Parties, and shall remain in force until further notice. Either Party shall have the right to terminate the Agreement in writing, subject to a termination notice period of thirty (30) days.
Either Party shall have the right to rescind this Agreement with immediate effect subject to a written notice, if:
a) the other Party has breached the terms and conditions of this Agreement and has failed to remedy such failure within thirty (30) days of receiving a written notice of the same from the other Party: or if
b) the other Party is declared bankrupt or placed in corporate restructuring proceedings, placed in liquidation or found otherwise insolvent, or in case all of the Client’s assets or a
material portion thereof are transferred to a third party.
Edenred shall have the right, without justifying its decision, to rescind the Agreement to end with immediate effect, in case there arises cause to suspect that the service, or the Edenred Solutions pertaining to the service are being used unlawfully, or in a manner potentially causing damage to Edenred.
The service shall close within thirty (30) days of the termination of the Agreement. Edenred shall have the right to block access to the Online Service, to delete all reports and other data, to prevent the utilisation of the Beneficiaries’ Edenred Solutions, as well as block access to the Online Service, once the termination notice period of the Agreement has expired.
The Service Agreement shall be deemed expired, if the Client has not placed an order for the last twenty-four (24) months.
This Agreement shall supersede any prior agreements between the Parties regarding the matters regulated by the Agreement.
18.2 Assignment of rights
Edenred shall have the right to assign its rights and obligations under this agreement without the Client’s prior approval to a company belonging to the same corporate group as Edenred. The Client shall not have the right to assign its rights and obligations under this agreement without Edenred’s written consent.
18.3 Invalidity of terms
In case one or several contract terms are found to be unlawful, void or unenforceable by a court of law or the mutual decision of the Parties, this shall not affect the validity or effect of the remaining contract terms.
18.4 Prevailing language
This Agreement was drafted both in Finnish and in English, but in the case of any discrepancies between the languages, the Finnish language version shall prevail.
18.5 Governing law and dispute resolution
This Agreement shall be governed by the laws of Finland. Any disputes arising from this Agreement shall be resolved in the Helsinki District Court.
Card products price list valid from 1.1.2017.
LUNCH BALANCE SERVICE COMMISSION (Edenred card and Ticket Lounas® -account)
• 2,5 % of the balance loaded
RECREATIONAL BALANCE SERVICE COMMISSION (Edenred card- and Ticket Virike® -account)
• 5 % of the balance loaded
COMMUTER BALANCE SERVICE COMMISSION (Ticket Transport®-account)
• 3 % of the balance loaded
STARTUP FEE (inc. dispatching costs)
• Edenred card: Web order €15/card (normal price €20)
• Ticket Virike®, Ticket Lounas®, Ticket Transport®: €15/card
• Card renewal before expiry (lost, stolen): €25/card
• E-invoice 0 €
• Email invoice 0 €
• Paper Invoice 8 €
• Separate Ticket-On-the-Web -training
• Separate work fee
• Return of unused Virike® - balances
200 €/2h + possible travel costs 50 € / half an hour
Return fee 10 € / beneficiary
(No return if balance is under 10 €)
All Services VAT 0 %.
Edenred Finland Oy | Asiakaspalvelu: 09 7594 2848, firstname.lastname@example.org
’Edenred Solution’ shall mean any personal prepaid solution administered by Edenred, including the Edenred Lounas Card, Edenred Virike Card, Edenred Työmatka Card, Edenred Card and MyEdenred Mobile. An Edenred Solution may only be used in the establishments of Authorised Service Providers for purchasing the products and services defined below. An Edenred Solution is a Prepaid card issued jointly by PrePay Technologies Ltd, a company governed by Edenred and belonging to the Edenred group of companies, and MasterCard International. The card is personal and valid in Finland.
’Edenred Lounas’ shall mean the Beneficiary’s personal Edenred Solution issued in collaboration with MasterCard. Edenred administers the Edenred Lounas Solution that is valid in Finland and that may only be utilised to purchase prepared meals in restaurants, cafeterias and other food establishments that are part of a restricted network of food establishments and accept the Edenred Lounas Solution (the ”Authorised Service Provider”).
’Edenred Virike’ shall mean the Beneficiary’s personal Edenred Solution issued in collaboration with MasterCard. Edenred administers the Edenred Virike Solution that is valid in Finland and that may only be used to purchase cultural and sports services from service providers that accept the Edenred Virike Solution and are part of a restricted network of service providers (the ”Authorised Service Provider”).
’Edenred Työmatka’ shall mean the Beneficiary’s personal Edenred Solution issued in collaboration with MasterCard. Edenred administers the Edenred Työmatka Solution that is valid in Finland and that may only be used to purchase commuting services from service providers that accept the Edenred Työmatka Solution and are part of a restricted network of service providers (the ”Authorised Service Provider”).
’Edenred Card’ shall mean the Beneficiary’s personal Edenred Solution issued in collaboration with MasterCard. Edenred administers the Edenred Solution that is valid in Finland. The Edenred Card combines the features of the Edenred Lounas and Edenred Virike Solutions.
’MyEdenred Mobile’ shall mean the Beneficiary’s personal mobile or online-based Edenred Solution. Edenred administers the MyEdenred Mobile Solution that is valid in Finland. The MyEdenred Mobile Solution contains the features of the Edenred Lounas and the Edenred Virike Solution.
’Edenred Account’ shall mean a user account where the information concerning the Beneficiary’s Edenred Solution is saved and where the usable value of the Edenred solution is loaded.
’Authorised Service Provider’ shall mean any Authorised Service Provider that has concluded an agreement with Edenred and that under such an agreement is authorized to accept certain Edenred Solutions as payment for the provision of specified products or services.
Edenred Solutions are granted by Edenred Finland Oy on the basis of this agreement and the Edenred Solution shall remain valid for 24 months.
Usable Value shall mean the value loaded onto an Edenred Solution that remains available for use. The Usable Value loaded onto an Edenred Solution must be utilised within 24 months of loading the same;
Beneficiary shall mean the holder of an Edenred Solution;
Company (or the “Employer”) shall mean your employer that is participating in the Edenred Solution Scheme. We, Us, Ours shall mean Edenred Finland Oy, a company registered in Finland (Business ID 1057825-2), operating at Xxxxxxxxxxx00, 00000 Xxxxxxxx;
’Website/Websites’ shall mean the Website found at xxx.xxxxxxx.xx, where the Beneficiary can review personal data pertaining to the Agreement and the Edenred Solution and manage the Edenred account.
’Online Service’ shall mean any application offered by Edenred allowing the Beneficiary to manage their Edenred Solution or matters pertaining thereto; You and Yours shall mean the Beneficiary, whose employer has entitled them to utilise the Edenred Solution.
An Edenred solution is a prepaid card administered by Edenred that a company belonging to the Edenred group, PrePay Technologies Ltd, has issued in collaboration with MasterCard International. The card is personal, valid in Finland and may be utilised in accordance with its intended purpose in establishments belonging to a restricted network (the ”Service Provider”).
1. UTILISATION OF THE EDENRED SOLUTION
An Edenred Solution may only be utilised by an employee (the ”Beneficiary”) to whom the employee’s employer (the ”Employer”) has designated the Edenred Solution. Edenred has concluded an agreement for the Edenred service with the Beneficiary’s Employer.
The guidelines of the Finnish Tax Administration in force from time to time shall be applicable to the utilisation of the Edenred Solution. The latest applicable guidelines are available on our Website, as well as on the Finnish Tax Administration’s website. An Edenred Solution may only be used to pay for services encompassed by the benefits indicated in the guidelines. Any restrictions and amendments thereto may impact the utilisation of the Edenred Solution. The Beneficiary shall be liable for utilising the Edenred Solution in accordance with the guidelines. Any breach of the terms and conditions may result in the deactivation of the Edenred Solution.
The maximum Usable Value of the Edenred Lounas Solution and all other restrictions are determined based on the thresholds defined by the Finnish Tax Administration in its guidelines from time to time. If the sales price of a prepared meal at a food establishment is below the minimum charge required under the guidelines of the Finnish Tax Administration, a difference charge equalling the difference between the minimum charge mentioned above and the purchase price shall be added to the sales price, and charged from the Edenred account in order to ensure that the minimum charge is always in accordance with the guidelines of the Finnish Tax Administration.
The Edenred Card contains two separate accounts onto which Usable Value has been loaded: the first one is intended for meal purchases; the second one is intended for sports and cultural events. Value cannot be transferred between the accounts.
The Edenred Solution cannot be used to pay for alcohol or tobacco products, and it cannot be used in an ATM. The Usable Value found on the account cannot be exchanged into cash, and no change is given for it in conjunction with paying. An Edenred Solution or its Usable Value cannot be transferred to another Beneficiary or a third party. In case the payment transaction is voided or cancelled, the benefit can only be reimbursed to the Edenred account used for the payment transaction in question. Authorised Service Providers do not accept an Edenred Solution that is damaged, cancelled, non-activated or the use of which has been prohibited. Edenred shall not reimburse the Usable Value found on an Edenred account to the Beneficiary to any extent or under any circumstances.
The Employer may impose certain restrictions upon the use of the Edenred Solution, which the Beneficiary should verify from their employer. The Beneficiary must sign the card prior to taking it into use by writing their name on the reverse side of the card.
The Beneficiary must activate the Edenred Solution in the Online Service in accordance with the instructions contained in the cover letter provided to the Beneficiary. Currently the guidelines of the Finnish Tax Administration stipulate that the primary affirmation method for payment transactions should be signing the payment receipt in lieu of utilising a PIN code.
The Beneficiary must show the Edenred Solution to the Service Provider prior to purchasing. The Beneficiary must affirm the payment transaction by signing the receipt, or, should the Authorised Service Provider so require and provided the Edenred Solution supports same in terms of its technical features, use the PIN code. Online payment transactions must be affirmed by utilising the standard-form 3-digit security code found on the reverse side of the card.
When utilising MyEdenred Mobile, transactions effected by the Beneficiary shall be verified by means of presenting the MyEdenred Mobile transaction to the Authorised Service Provider and should the Service Provider so require, by verifying the transaction with a personal identification document. When selecting the transaction, the Beneficiary must ascertain the affirmation of the correct information of the Authorised Service Provider, sum and transaction.
The Beneficiary cannot load value onto an Edenred Solution themselves, but, rather, the loading of Usable Value is carried out by the Employer. The Beneficiary can check the Usable Value by logging in to the Online Service, by loading the MyEdenred mobile application (available for iPhone, Android and Windows phones), or by contacting Edenred’s customer service.
The Edenred Solution shall remain valid for 24 months from ordering the Edenred solution, and the expiration month and year have been indicated on the front of the card, or stated separately in the Online Service. The Edenred Solution cannot be utilised after the expiration of the term of validity. The Usable Value of the card may be utilised for 24 months after loading the Usable Value onto the Edenred account.
In case the Beneficiary’s employment relationship with the Employer ends, the Employer decides to remove the Beneficiary from the scope of the benefit, or the Client Agreement between the Employer and Edenred terminates, the Usable Value of the Edenred Solution shall expire within thirty (30) days of the Employer notifying Edenred of same.
Should the Beneficiary require a new Edenred Solution, for instance, on account of losing the Edenred Solution, the Beneficiary must order it through their Employer. Edenred reserves the right to refrain from issuing a new Edenred Solution, if based on the Employer’s declaration, the Beneficiary is no longer entitled to receive a new Edenred Solution.
3. CAREFUL RETENTION OF THE EDENRED SOLUTION AND SECURITY RESTRICTIONS
The Edenred Solution is personal. The PIN code of an Edenred Solution, should one be provided together with the card, must be maintained in strict secrecy and must not be disclosed to anyone. The Beneficiary must not allow any third party to utilise the Edenred Solution.
4. DEACTIVATION OF THE EDENRED SOLUTION
In case the Beneficiary wishes to prevent the utilisation of the Edenred Solution, or in case the Edenred Solution is lost or stolen, the Beneficiary may also request the prevention of utilisation by notifying Edenred’s customer services or via their Online Service user account. The utilisation of the Edenred Solution shall be prevented during the same day that Edenred has received the request. The Beneficiary may also be in contact with their Employer, who shall contact Edenred in order to prevent the utilisation of the Edenred Solution via the Online Service, and to replace the Edenred Solution. Under no circumstances shall Edenred reimburse the Beneficiary for the costs incurred from the deactivation of the Edenred Solution.
The Beneficiary shall be solely liable for the retention and use of the Edenred Solution issued to them. Edenred shall not be liable for any loss or theft of the Edenred Solution, or for any other factor beyond its control.
Edenred shall provide the Beneficiary with an Edenred Solution with which the Beneficiary can use the Service Providers’ services. Edenred shall only be liable for the functioning of the Edenred Solution. Edenred’s liability pertaining to the Edenred Solutions shall be determined in accordance with the agreement concluded between Edenred and the Employer. The Beneficiary should contact their Employer with any problems related to the use of an Edenred Solution.
Under no circumstances shall Edenred be liable for any disruptions in telecommunications or any other factors beyond its control. Edenred shall also not be liable for the actions of the Authorised Service Providers, for the services offered by same, including the availability, usability and quality of the service, any damage incurred as a result of actions of the Authorised Service Providers, or any other factors pertaining to the Authorised Service Providers.
6. PERSONAL DATA AND PRIVACY
The Beneficiary’s Employer shall act as the data controller of the Beneficiary’s Personal Data. The Beneficiary shall have the right to review their Personal Data via their Employer, and to rectify same when necessary.
7. GOVERNING LAW AND DISPUTE RESOLUTION
DATA PROCESSING ADDENDUM
This Data Processing Addendum (“DPA”) is an appendix to the Service Agreement between Edenred and the Customer, and is subject to its terms and conditions to the extent not otherwise agreed herein. It is legally binding only in connection with the Service Agreement between Edenred Finland and Customer. The Service Agreement together with all its appendices (including this DPA) are jointly referred to as the “Agreement”.
1 DEFINITIONS OF THE DPA
The definitions of the Service Agreement apply to this DPA. In addition, the following definitions apply for the purposes of this DPA:
Personal Data means any information relating to an identified or identifiable natural person (the data subject), whether such identification is or can be done directly or indirectly.
Customer Personal Data means the personal data of the Customer or otherwise related to the Customer’s operations.
Processing means operations and actions that concern or include Personal Data such as collection, recording, organization, storage, adaptation or alteration, retrieval or use.
Data Controller means the entity who alone or jointly with others determines the purposes and means of the Processing of personal data.
Data subject means the natural person, who’s Personal Data is processed.
Processor means the entity who processes Personal Data on behalf and under the instructions of the Controller.
Data Breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.
Applicable Laws means the laws of and practice arising from the General Data Protection Regulation, national legislation implementing or complementing the General Data Protection Regulation, the regulations and statements of regulatory authorities, including the European Data Protection Board, and acts of the Commission.
Subcontractor means an entity who processes Personal Data in accordance with the instructions of the Processor as a sub-processor of the Processor.
Edenred provides Services to Customer as identified in the Service Agreement. In the course of providing the Services to the Customer pursuant to the Service Agreement, Edenred may process Personal Data on behalf of the Customer. The purpose of this DPA is to agree the terms and conditions applicable to the Processing of Customer Personal Data in connection with the Services.
3 CUSTOMER OBLIGATIONS
3.1 Data Controller
Customer is the Data Controller in relation to any Customer Personal Data processed under this DPA and the Service Agreement, and shall be responsible for the lawful collection, Processing and use, and for the accuracy of the Customer Personal Data, as well as for fulfilling other legal obligations of a data controller. The Customer shall be responsible for informing the Data Subjects of disclosures of their Personal Data to and shall obtain their consent for such disclosures if necessary.
Customer acknowledges that the Processor cannot control and has no obligation to verify the Customer Personal Data disclosed or transferred to the Processor for Processing on behalf of the Customer when the Customer uses the Services. Customer ensures and is liable for having the appropriate legal basis to transfer and disclose the Customer Personal Data to the Processor so that the Processor may lawfully process the Customer Personal Data as agreed between the Parties.
Customer confirms that Customer’s instructions on Processing the Customer Personal Data (“Instructions”) are exhaustively set out in the Agreement. In case Customer subsequently wants to modify its Instructions, it shall primarily use the functions offered by the Services. If such functions would however not be sufficient for implementing such new Instructions, Customer shall contact the Processor in writing. If the scope of such new Instructions is beyond the Services, the Processor shall be entitled to charge the Customer for any additional costs incurred in relation to the Processor implementing such new Instructions. Instructions must be commercially reasonable, compliant with Applicable Laws and consistent with the Agreement.
4 EDENRED OBLIGATIONS
4.1 Data Processor
Edenred is the Processor in relation of the Customer Personal Data Processed under the Agreement. Edenred undertakes to abide by the Applicable Laws and the Customer’s Instructions in relation to all its Processing of the Customer Personal Data. The Processor may not copy or reproduce the Customer Personal Data or in any way Process the Customer Personal Data for purposes other than those agreed on any Processing in the Agreement.
Processor shall notify the Customer if it reasonably believes that any new Instruction issued by Customer violate the Applicable Laws. Processor may suspend the implementation of such new Instruction until it is modified or confirmed by the Customer. The Customer is always ultimately responsible for any and all of its Instructions complying with the Applicable Laws. The Processor shall only be obligated to notify the Customer if it detects any imminent incompliances with the Applicable Laws in the Instructions, but is not otherwise obligated to inspect or verify the Instructions compliance with the Applicable Laws.
Edenred agrees to reasonable assist the Customer in performing its obligations as a Data Controller in relation to the Customer Personal Data Processed by Edenred hereunder. These obligations may include assisting the Customer in answering to requests or inquiries made by competent supervisory authorities, performing data protection impact assessments and requesting prior consultation with the supervisory authorities, as well as assisting the Customer in realizing requests made by Data Subjects in relation to their rights under the Applicable Laws.
When it comes to assistance in responding requests made by a Data Subject exercising her/his rights under the Applicable Laws (such as the right of access and the right to rectification or erasure), the Customer shall first use the corresponding functions of the Services. Where and to the extent the Customer cannot respond to such request by using the Services’ functions, Edenred shall otherwise provide Customer with commercially reasonable assistance. Edenred has the right to invoice any reasonable additional costs incurred due to such assistance and the Customer shall be obligated to pay such additional costs as invoiced by Edenred,
In case any Data Subject, other individual or supervisory authority makes a request for assistance directly to Edenred concerning the Customer Personal Data (such as a request for access, rectification or erasure, delivering any information or executing any other action), Edenred shall inform Customer on such request as soon as reasonably possible and as allowed by Applicable Law.
4.3 Transfers of Personal Data
Edenred mainly processes Customer Personal Data within the European Economic Area (“EEA”). However, in order to provide the Services, Edenred may from time to time have to disclose or transfer the Customer Personal Data also outside the EEA. These situations may include cases, where Edenred’s Subcontractors’ or their systems are located outside EEA. In such cases, Edenred shall always implement necessary legal safeguards to ensure the security and confidentiality of Customer Personal Data in accordance with Applicable Laws. The Customer acknowledges and accepts such disclosures and transfers in connection with the Services. Edenred shall, upon the Customer’s request, provide the Customer further information on such transfers and the applied legal safeguards.
Edenred’s right to use Subcontractors is further described below in section 6.
4.4 Data protection officer
If required under Applicable Laws, Edenred appoints a data protection officer, and shall communicate the relevant contact details to Customer upon request.
Edenred familiarizes, instructs and trains its employees who participate in Processing Personal Data (including Customer Personal Data) of the data protection and privacy requirements under Applicable Laws, and ensures that these employees have committed themselves to appropriate confidentiality or are under an appropriate statutory obligation of confidentiality. Where the Customer has issued specific Instructions on Processing the Customer Personal Data, Edenred shall also instruct its employees participating in the Processing of the Customer Personal Data on the contents of any such Instructions.
Edenred implements and maintains appropriate technical and organizational security measures to protect all Personal Data (including the Customer Personal Data) it Processes. Edenred chooses such security measures at its sole discretion based on e.g. industry standards, market practice and specific requirements under Applicable Laws. Edenred may modify its security measures from time to time, but will not decrease the overall level of security during the term of the DPA.
Edenred shall at all times ensure the confidentiality, integrity, availability and resilience of the systems it uses for Processing of Personal Data. Edenred shall regularly test, investigate and evaluate the effectiveness of the technical and organizational security measures Edenred has implemented. Edenred undertakes to comply with regulatory decisions concerning appropriate security measures for the Processing of Personal Data.
In the event of any security incident leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, the Customer Personal Data Processed by Edenred (“Security Incident”), Edenred shall notify Customer without undue delay of such Security Incident.
Such notification of a Security Incident shall include at least and as required under the Applicable Laws:
a) a description of the nature and extent of the Security Incident, including, where feasible, the categories of and the approximate number of Data Subjects affected by the Security Incident as well as the categories of and the approximate amount of Customer Personal Data affected by the Security Incident;
b) name of and contact details of Edenred’s data protection officer (if appointed) or other points of contact where more information can be obtained;
c) a description of the estimated consequences of the Security Incident; and
d) a description of the measures which Edenred has taken or intends to take to address and amend the Security Incident, including measures for mitigating its potential negative effects.
The above mentioned information on the Security Incident may also be provided in phases if Edenred cannot provide them all simultaneously when informing the Customer of the Security Incident. Edenred shall document any and all Security Incidents it has suffered in accordance with Applicable Laws.
Edenred shall maintain appropriate records of or otherwise document its Processing concerning the Customer Personal Data where and to the extent required under Applicable Laws. Upon request, Edenred shall present to Customer a copy of the relevant part of such documentation or records relating to the Processing of Customer Personal Data by Edenred
The Customer or a third party auditor appointed by the Customer may audit Edenred’s compliance with this DPA and Applicable laws in relation to Processing of the Customer Personal Data in accordance with the terms of this DPA. The Customer must notify Edenred of any intended audit on the premises of Edenred in writing and always at least twentyone (21) days in advance. Edenred will create a test platform where the Customer can perform the audit in relation to Edenred’s Services. Such Audits must primarily be carried out by an independent third party auditor and always during normal business hours of Edenred without causing significant disturbances to the business operations of Edenred.
Edenred will provide a copy of its records of Processing of Customer Personal Data and any other existing documentation relevant to the audit and by request of the Customer, and agrees to provide the Customer reasonable assistance in the audits. For any additional documentation, support or service requested by Customer, Edenred reserves the right to invoice the effort and arising reasonable cost from Customer. This shall also include adequate compensation for the working hours of Edenred personnel while they are supporting the Customer in its audit. The Customer shall be responsible for its own costs (including the costs of any third party auditor used) in connection with such audits.
Edenred also agrees to allow audits initiated and performed by competent supervisory authorities in relation to Edenred’s Processing of Customer Personal Data, and agrees to provide necessary information on its Processing activities to such competent supervisory authorities. If Edenred receives a notice from any competent supervisory authority on an intended audit concerning Processing of the Customer Personal Data, Edenred shall promptly notify the Customer of such intended supervisory authority audit.
Edenred uses Subcontractors in connection with its Services, some of which will also participate in the Processing of Customer Personal Data. The Customer gives its general authorization and consent to allow Edenred to involve and use its´ affiliated companies and other Subcontractors to process the Customer Personal Data in connection with the provision of the Services, to the extent such appointment does not lead to non-compliance with the Applicable Laws or Edenred´s obligations under this DPA. Edenred ensures that the involved Subcontractors are properly qualified, will enter into a data processing agreement with Edenred, and will comply with data processing and confidentiality obligations at least as extensive as the ones agreed under this DPA. Edenred regularly monitors the performance of its Subcontractors and is liable for their work towards the Customer as it is of its own. Edenred agrees to provide the Customer a list of its Subcontractors used in relation to the Services upon the Customer’s request.
Edenred is free to choose and change Subprocessors in accordance with the terms of this DPA and Applicable Laws Edenred shall nonetheless inform the Customer of any material changes in its Subcontractors. If the Customer justifiably considers that such change in Edenred’s Subcontractors would result in a risk concerning the Customer Personal Data, the Customer shall have the right to state its objection to such change of Edenred’s Subcontractors.
In relation to the Processing of Customer Personal Data in connection with the Agreement, both Parties shall be liable towards one another for direct loss and damage caused by their breaches of this DPA or the Applicable Laws to the non-breaching Party (including, but not limited to any administrative sanctions imposed by competent supervisory authorities). Neither Party shall be liable for any indirect or consequential loss or damage, including but not limited to any loss of profits, revenue, reputation or goodwill.
The Parties’ liability hereunder shall be subject to the liability cap agreed in the Agreement.
This DPA enters into force on the same date as the General Data Protection Regulation shall apply and shall remain valid until the Agreement is terminated
During the period of thirty (30) days of the termination of the Agreement, Edenred makes the Customer Data available to the Customer without undue delay upon Customer’s request. After termination of the Agreement, Edenred shall without undue delay either destroy or return to the Customer all Customer Personal Data (as well as any copies thereto), unless Edenred is obligated to retain the Customer Personal Data due to requirements of any laws applicable to Edenred.