Terms and Conditions

1. Introduction

Thanks for using Hidden Gem’s products, services and websites which are branded as "UserBooking" & "UserLab". We refer to those products, services and websites collectively as the "Services" in these Terms & Conditions of Use ("Terms").

These are the terms under which Hidden Gem and its affiliates provide their Services to you and describe how the Services may be accessed and used.

You indicate your agreement to these Terms by clicking or tapping on a button indicating your acceptance of these Terms, by executing a document that references them, or by using the Services.

If you will be using the Services on behalf of an organization, you agree to these Terms on behalf of that organization and you represent that you have the authority to do so. In such case, "you" and "your" will refer to that organization.

As we are located in Denmark and are operating from EU, we happily fulfill and follow the guidelines and rules as defined in the General Data Protection Restriction (GDPR).

2. Prices and fees

Fees for Services

You agree to pay to Hidden Gem any fees for each Service you purchase or use (including any overage fees), in accordance with the pricing and payment terms presented to you for that Service. Where applicable, you will be billed using the billing method you select through your account billing page. If you have elected to pay the fees by credit card, you represent and warrant that the credit card information you provide is correct and you will promptly notify Hidden Gem of any changes to such information. Fees paid by you are non-refundable, except as provided in these Terms or when required by law.

Subscriptions

Some of our Services are billed on a subscription basis (we call these "Subscriptions"). This means that you will be billed in advance on a recurring, periodic basis (each period is called a "billing cycle"). Billing cycles are typically monthly or annual, depending on what subscription plan you select when purchasing a Subscription. Your Subscription will automatically renew at the end of each billing cycle unless you cancel your subscription through your online account management page, or by contacting our customer support team. While we will be sad to see you go, you may cancel Subscription at any time, in which case your Subscription will continue until the end of that billing cycle before terminating. You may cancel your Subscription immediately after the Subscription starts if you do not want it to renew.

Taxes

Unless otherwise stated, you are responsible for any taxes (other than Hidden Gem's income tax) or duties associated with the sale of the Services, including any related penalties or interest (collectively, "Taxes"). You will pay Hidden Gem for the Services without any reduction for Taxes. If Hidden Gem is obliged to collect or pay Taxes, the Taxes will be invoiced to you, unless you provide Hidden Gem with a valid tax exemption certificate authorized by the appropriate taxing authority or other documentation providing evidence that no tax should be charged. Hidden Gem will not charge you value-added tax ("VAT") if you provide us with a VAT number issued by a taxing authority in the European Union. If you are required by law to withhold any Taxes from your payments to Hidden Gem, you must provide Hidden Gem with an official tax receipt or other appropriate documentation to support such payments.

Price Changes

Hidden Gem may change the fees charged for the Services at any time. For Services billed on a subscription basis, the change will become effective only at the end of the then-current billing cycle of your Subscription. Hidden Gem will provide you with reasonable prior written notice of any change in fees to give you an opportunity to cancel your Subscription before the change becomes effective.

Overage Fees

Unless otherwise stated, we will bill any overage fees you incur in arrears. We consider overage fees that remain unpaid for 30 days after we bill them as overdue. If you fail to pay overage fees when due, this may result in the applicable Service being limited, suspended, or terminated (subject to applicable legal requirements), which may result in a loss of your data associated with that Service.

3. Changes and updates

Changes to Terms

Hidden Gem may change these Terms at any time for a variety of reasons, such as to reflect changes in applicable law or updates to Services, and to account for new Services or functionality. The most current version will always be posted on the Hidden Gem website. If an amendment is material, as determined in Hidden Gem's sole discretion, Hidden Gem will notify you by email. Notice of amendments may also be posted to Hidden Gem's blog or upon your login to your account. Changes will be effective no sooner than the day they are publicly posted. In order for certain changes to become effective, applicable law may require Hidden Gem to obtain your consent to such changes, or to provide you with sufficient advance notice of them. If you do not want to agree to any changes made to the terms for a Service, you should stop using that Service, because by continuing to use the Services you indicate your agreement to be bound by the updated terms.

Changes to Services

Hidden Gem constantly changes and improves the Services. Hidden Gem may add, alter, or remove functionality from a Service at any time without prior notice. Hidden Gem may also limit, suspend, or discontinue a Service at its discretion. If Hidden Gem discontinues a Service, we will give you reasonable advance notice to provide you with an opportunity to export a copy of your Content from that Service. Hidden Gem may remove content from the Services at any time in our sole discretion, although we will endeavor to notify you before we do that if it materially impacts you and if practicable under the circumstances.

Downgrades

Downgrading your account plan may cause the loss of content, features, functionality, or capacity of your account.

4. Privacy

Privacy

In the course of using the Services, you may submit content to Hidden Gem (including your personal data and the personal data of others) or third parties may submit content to you through the Services (all of the above will be referred to as your "Content"). We know that by giving us your Content, you are trusting us to treat it appropriately. Hidden Gem's Privacy Policy, together with these Terms and any Service-specific privacy notices or statements, such as end user license agreements or other agreements with Hidden Gem related to a particular Service (collectively, "Hidden Gem Privacy Policies"), detail how we treat your Content (including your personal data).

You, in turn, agree that Hidden Gem may use and share your Content in accordance with the Hidden Gem Privacy Policies and applicable data protection laws. You also agree that you are responsible for complying with all applicable data protection laws and notifying any third parties who submit Content to you through our Services about the Hidden Gem Privacy Policies. If you are a customer who is operating as "data controller" as defined in the European General Data Protection Regulation 2016/679 ("GDPR") we have added some additional terms below in Section "How we comply with GDPR to address your obligations under this law.

Confidentiality

Hidden Gem will treat your Content as confidential information and only use and disclose it in accordance with the Hidden Gem Privacy Policies and applicable data protection laws. However, your Content is not regarded as confidential information if such Content:

• is or becomes public (other than through breach of these Terms by Hidden Gem);
• was lawfully known to Hidden Gem before receiving it from you;
• is received by Hidden Gem from a third party without knowledge of breach of any obligation owed to you; or
• was independently developed by Hidden Gem without reference to your Content.

Hidden Gem may disclose your Content when required by law or legal process, but only after Hidden Gem, if permitted by law, uses commercially reasonable efforts to notify you to give you the opportunity to challenge the requirement to disclose.

Security

Hidden Gem will store and process your Content in a manner consistent with industry security standards. Hidden Gem has implemented appropriate technical, organizational, and administrative systems, policies, and procedures designed to help ensure the security, integrity, and confidentiality of your Content and to mitigate the risk of unauthorized access to or use of your Content. For more information, please review the Hidden Gem Security Statement.

5. Your content and responsibilities

You Retain Ownership of Your Content

You retain ownership of all of your intellectual property rights in your Content. Hidden Gem does not claim ownership over any of your Content. These Terms do not grant us any licenses or rights to your Content except for the limited rights needed for us to provide the Services, and as otherwise described in these Terms.

Limited License to Your Content

You grant Hidden Gem a worldwide, royalty free license to use, reproduce, distribute, modify, adapt, create derivative works, make publicly available, and otherwise exploit your Content, but only for the limited purposes of providing the Services to you and as otherwise permitted by the Hidden Gem privacy policies. With respect to aggregate and de-identified data derived from your Content and any residual backup copies of your Content made in the ordinary course of Hidden Gem's business, this license for such limited purposes continues even after you stop using our Services. This license also extends to any trusted third parties we work with, to the extent necessary to provide the Services to you. If you provide Hidden Gem with feedback about the Services, we may use your feedback without any obligation to you.

Customer Lists

Hidden Gem may identify you (by name and logo) as a Hidden Gem Services customer as a reference for marketing or promotional purposes on our website and in other public or private communications with our existing or potential customers, subject to Customer's Brand and Trademark Use Policy. The Customer may send us an email to legal@UserBooking.io stating that it does not wish to be used as a reference.

Copyright Claims (DMCA Notices)

Hidden Gem ApS. responds to notices of alleged copyright infringement in accordance with the U.S. Digital Millennium Copyright Act (DMCA). If you believe that your work has been exploited in a way that constitutes copyright infringement, you may notify Hidden Gem for claims of copyright infringement by emailing legal@UserBooking.io.

Other IP Claims

Hidden Gem respects the intellectual property rights of others, and we expect our users to do the same. If you believe a Hidden Gem user is infringing upon your intellectual property rights, you may notify Hidden Gem. Claims of copyright infringement should follow the DMCA process outlined in these Terms, or any equivalent process available under local law.

6. Your users content and consent

User Content

The Services display content provided by others that is not owned by Hidden Gem. Such content is the sole responsibility of the entity that makes it available. Correspondingly, you are responsible for your own Content and you must ensure that you have all the rights and permissions needed to use that Content in connection with the Services. Hidden Gem is not responsible for any actions you take with respect to your Content, including sharing it publicly. Please do not use content from the Services unless you have first obtained the permission of its owner, or are otherwise authorized by law to do so.

Consent of Research Participants

The Service is used as a tool to assist in the collection of information from participants in research and focus group activities. You are solely and completely responsible for obtaining any and all consents from the participants prior to using the Software in relation to such participants.

Content Review

You acknowledge that, in order to ensure compliance with legal obligations, Hidden Gem may be required to review certain content submitted to the Services to determine whether it is illegal or whether it violates these Terms (such as when unlawful content is reported to us). We may also modify, prevent access to, delete, or refuse to display content that we believe violates the law or these Terms. However, Hidden Gem otherwise has no obligation to monitor or review any content submitted to the Services.

7. Responsibility for your data

General

You must ensure that your use of the Services and all your data is at all times compliant with our Acceptable Use Policy and all applicable local, state, federal and international laws and regulations ("Laws"). You represent and warrant that:

1. you have obtained all necessary rights, releases, and permissions to provide all your data to Hidden Gem and to grant the rights granted to Hidden Gem in this Agreement,
2. you have provided all legally required notices to process and share the data with Hidden Gem, and
3. your data and its transfer to and use by Hidden Gem as authorized by you under this Agreement does not violate any Laws (including without limitation those relating to export control and electronic communications) or rights of any third party, including without limitation any intellectual property rights, rights of privacy, or rights of publicity, and any use, collection and disclosure authorized herein is not inconsistent with the terms of any applicable privacy policies. Other than its security obligations under the Section "Security", Hidden Gem assumes no responsibility or liability for your data, and you shall be solely responsible for your data and the consequences of collecting, using, disclosing, storing, or transmitting it.

Sensitive Data

You will not submit to the Services (or use the Services to collect):

1. any personally identifiable information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health, or data concerning a natural person's sex life or sexual orientation, except as necessary for the establishment of your Hidden Gem account and your use of the Services;
2. any patient, medical or other protected health information regulated by HIPAA or any similar federal or state laws, rules or regulations; or
3. any other information subject to regulation or protection under specific laws such as the Gramm-Leach-Bliley Act (or related rules or regulations) (1 through 3, collectively, "Sensitive Data"), unless your submission to the Services or use of the Services to collect the Sensitive Data complies with all applicable laws and Hidden Gem Privacy Policies. You also acknowledge that Hidden Gem is not acting as your Business Associate or subcontractor (as such terms are defined and used in HIPAA) and that the Hosted Services are not HIPAA compliant. "HIPAA" means the Health Insurance Portability and Accountability Act, as amended and supplemented. Notwithstanding any other provision to the contrary, Hidden Gem has no liability under these Terms for Sensitive Data.

8. How we comply with GDPR

Right of Withdrawal

In countries within the European Union, you have a legal right to cancel Subscriptions within a certain period of time.

GDPR Terms for Customers in Europe

Effective Date and Definitions
These additional terms will apply to you from May 25, 2018, where you are a customer of Hidden Gem and are operating as a "data controller" (as that term is defined in the GDPR) in your use of the Services. The terms "personal data", "data subject", "processing" and "processor" shall have the meanings given to those terms respectively in the GDPR.

Processing Instruction
By requesting the Services and agreeing to these Terms and the Hidden Gem privacy policy, you are providing us with instructions to process any personal data collected by you through the Service, on your behalf.

Customer Obligations
You shall ensure and hereby warrant and represent that you are entitled to transfer personal data to Hidden Gem so that Hidden Gem may lawfully process and transfer the personal data in accordance with these Terms. You shall ensure that relevant data subjects have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable data protection laws and have sole responsibility for the accuracy, quality and legality of personal data processed by Hidden Gem in the provision of the Services.

Hidden Gem Obligations
Where Hidden Gem is processing personal data on your behalf, it will:

1. only do so on your documented instructions and in accordance with applicable law, including with regard to transfers of personal data to a third country or an international organization, and the parties agree that these terms and the Hidden Gem privacy policies constitute such documented instructions;
2. ensure that all Hidden Gem personnel involved in the processing of personal data have committed themselves to confidentiality;
3. where applicable to you and where it is technically feasible, make available information necessary for you to demonstrate compliance with your obligations under Article 28 of the GDPR, where such information is held by Hidden Gem and is not otherwise available to you through your account and user areas or on Hidden Gem websites, provided that you provide Hidden Gem with at least 14 days’ written notice of such an information request;
4. promptly notify you of all requests received directly from a data subject in respect of that data subject's personal data submitted through the Services;
5. upon deletion by you, not retain personal data from within your account other than in order to comply with applicable laws and regulations and as may otherwise be kept in routine backup copies made for disaster recovery and business continuity purposes;
6. and to the extent reasonably able, assist you as reasonably required (at your expense) where you wish to conduct a data protection impact assessment involving the Services.

Hidden Gem sub-processors

Hidden Gem uses trusted partners in facilitating certain elements of our Services ("sub-processors"). By agreeing to these Terms, you provide a general authorization to Hidden Gem to engage onward sub-processors, subject to compliance with the requirements set out here. If you wish to receive a list of sub-processors who handle personal data for Hidden Gem please see our list below. If you object to a particular sub-processor, who we cannot disassociate from your Services, your sole remedy will be to terminate your subscription relating to the Services that cannot be reasonably provided without the objected-to new sub-processor. Such termination will be without a right of refund for any fees prepaid by you for the period following termination.

List of sub-processors

1. AWS S3 Storage
2. AWS Cloudfront
3. Heroku Cloud Platform

Liability

Hidden Gem will be liable for the acts and omissions of its sub-processors to the same extent Hidden Gem would be liable if performing the services of each of those sub-processors directly under these Terms, except as otherwise set forth in these Terms and Hidden Gem ensures that all sub-processors on the sub-processor list are bound by contractual terms that are in all material respects no less onerous than those contained in these Terms.

Security Measures

Hidden Gem has, taking into account the state of the art, cost of implementation and the nature, scope, context and purposes of the Services and the level of risk, implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk of unauthorized or unlawful processing, accidental loss of and/or damage to your personal data and as specified in our Security Statement which is incorporated by reference into these Terms. At reasonable intervals, Hidden Gem tests and evaluates the effectiveness of these technical and organizational measures for ensuring the security of the processing.

Security Incident

If Hidden Gem becomes aware of any unauthorized or unlawful access to, or acquisition, alteration, use, disclosure, or destruction of, personal data ("Security Incident"), Hidden Gem will take reasonable steps to notify you without undue delay, but in any event within 72 hours of becoming aware of the Security Incident, to the extent Hidden Gem is required to do so under GDPR. Hidden Gem will also reasonably cooperate with you with respect to any investigations relating to a Security Incident with preparing any required notices, and provide any other information reasonably requested by you in relation to any Security Incident, where such information is not already available to you in your account or online through updates provided by Hidden Gem.

Audits

You will allow one month for Hidden Gem to respond to any audit request that you make. No person/party conducting an audit on your behalf (an "Auditor"), shall be, or shall act on behalf of, a competitor of Hidden Gem. You will only be entitled to conduct an audit once per year (during the course of a 12 month subscription) unless otherwise legally compelled or required by a regulator with established authority over you to perform or facilitate the performance of more than 1 audit in that same year (in which circumstances you and Hidden Gem will, in advance of any such audits, agree upon a reasonable reimbursement rate for Hidden Gem’s audit expenses). The scope of an audit will be as follows (unless you are compelled by a regulator with authority over the processing activities involving the Services to vary this format for audit):

Hidden Gem agrees, subject to any appropriate and reasonable confidentiality restrictions, to provide evidence of any certifications and compliance standards it maintains and will, on request, make available to you an executive summary of Hidden Gem's most recent penetration tests, which summary shall include remedial actions taken by Hidden Gem resulting from such penetration tests.

The scope of the certifications and penetration tests provided will be limited to Hidden Gem systems, processes, and documentation relevant to the processing and protection of personal data undertaken for the Services obtained by you, and Auditor will conduct audits subject to any appropriate and reasonable confidentiality restrictions requested by Hidden Gem.

You will promptly notify and provide Hidden Gem with full details regarding any perceived non-compliance or security concerns discovered during the course of an audit.

The parties agree that, except as otherwise required by order or other binding decree of a regulator with authority over you, this section sets out the entire scope of your audit rights as against Hidden Gem.

Liability for Data Processing

The parties' respective aggregate liability whether in contract, tort (including negligence), breach of statutory duty, or otherwise for any and all claims arising out of or in connection with this Section EU2 shall be as set out in these terms, unless otherwise agreed in writing.

9. Contracting Entity

Who you are contracting with

Unless otherwise specified in relation to a particular Service, the Services are provided by, and you are contracting with, Hidden Gem ApS.

For any Service provided by Hidden Gem ApS, the following provisions will apply to any terms governing that Service:

Contracting Entity. References to "UserLab", "UserBooking", "we", "us", and "our" are references to Hidden Gem ApS, CVR: 41465999, located at Tordenskjoldsgade 87, 5. tv., 8200 Aarhus N, Denmark.