Last updated November 14, 2025
1. INTRODUCTION
These general terms and conditions (“Terms“) governs ProptechOS AB’s (“ProptechOS”) provision of ProptechOS services and the Customer’s access to and use of ProptechOS services. Idun and the Customer are collectively referred to as the “Parties” and individually as a “Party“.
By signing the Order Form, the Customer acknowledges and agrees to be bound by the Agreement.
2. DEFINITIONS
“Agreement” means the applicable Order Form, these Terms, the SLA, the DPA and all additional appendices to the applicable Order Form, if any.
In this Agreement, capitalised terms shall have the following meaning. In this Agreement, save where the context otherwise requires, words in the singular shall include the plural, and vice versa.
“Contact Person” refers to a person appointed by either Party to facilitate the contact with the other Party.
“Customer” means the legal entity defined as Customer on the applicable Order Form
“Customer Data” means any data and information transmitted or submitted by the Customer, including but not limited to any data submitted by its Users and personal data. For the avoidance of doubt, any data submitted by a User shall be considered as having been submitted by the Customer.
“Fee” shall mean the fees for the ordered Services, Professional Services and/or Support to be paid by the Customer which are initially regulated in the applicable Order Form and thereafter, with regard to fees for the Services, in accordance with what ProptechOS has informed the Customer of in accordance with these Terms.
“Order Form” means the order form between the Parties stating details and applicable Fees.
“Services” refers to the ProptechOS services provided on the Platform and outlined in the Order Form.
“Service Specification” refers to the specification of the Services that appears on the Order Form.
“Subscription Period” refers to the period specified in the Order Form.
“Third-Party Products” means products not owned by ProptechOS but that are a part of the Services used by the Customer or that are specifically labelled as third-party products.
“User” shall mean a natural person who has been granted authorization and access by the Customer to use the Services ordered by the Customer. Users can for example be employed by the Customer.
“Platform” refers to ProptechOS as an operating system which collects real-time data through Edge Connectors from building management systems, BIM, business and IoT devices, unifies it and makes it available for building managers and Apps running on top of the OS.
“Professional Services” refers to the consultancy services as set out in the Order Form.
“Support” shall mean the support services provided by ProptechOS, as described in section 10.
3. CONTRACTUAL DOCUMENTS
3.1 In case of any conflict or inconsistencies between the contractual documents, the documents shall prevail in the following order:
(i) Order Form
(ii) Terms
(iii) SLA
(iv) DPA
3.2 The foregoing order shall apply with the exception for the DPA which shall prevail over all other parts of the Agreement with regards to the processing of personal data.
4. PERMISSION TO USE THE SERVICES
4.1 In accordance with the terms of the Agreement, including all license restrictions set forth in these Terms, the Customer is granted a non-exclusive, non-transferable, and limited right to access and use the Services ordered within the Customer’s business during the term of the Agreement.
4.2 Notwithstanding the provisions of section 4.1 above, ProptechOS’s obligation to deliver the ordered Services to the Customer and the Customer’s right to use the Services in accordance with section 4.1 is conditional upon the Customer’s continuous fulfilment of its obligations under the Agreement.
4.3 The ordered Services may only be used by the number of Users for whom the Customer, from time to time, has ordered the Services for in accordance with the terms of the Agreement.
4.4 The number of Users is ordered in the applicable Order Form and can be increased by the Customer in accordance with an agreement between the Parties applicable from time to time.
5. PROPTECHOS’S OBLIGATIONS
5.1 ProptechOS will:
(a) from the start of the Subscriptions Period make the ordered Services available to the Customer in accordance with the Agreement;
(b) make the Services available in all material respects in accordance with the Service Specification; and
(c) ensure that the Services comply with applicable laws and regulations (provided that the Services are used in accordance with the Agreement and in accordance with ProptechOS instructions provided from time to time).
5.2 Notwithstanding what is stated in section 5.1, ProptechOS reserves the right to independently amend the Services at any time, as long as functionality of the Services is not materially impaired or that such change is otherwise to the detriment of the Customer for reasonable reasons.
5.3 ProptechOS will perform the Professional Services with due care and skill in a professional manner.
6. CUSTOMER’S RESPONSIBILITY, USE AND THE SERVICES FUNCTIONALITY
6.1 The Customer will:
(a) be responsible for all the User’s compliance with this Agreement;
(b) only use the Services in accordance with the Agreement, ProptechOS’s instructions from time to time and applicable laws and regulations;
(c) make commercially reasonable efforts to prevent unauthorised access to or use of Services and immediately inform ProptechOS about such unauthorised use;
(d) not make the Services available to anyone other than Users in accordance with the Agreement and not to lease, sublicense, rent or distribute the Services or use the Services for the benefit of others;
(e) not permit direct or indirect access to, or use of, the Services in a manner that circumvents an agreed restriction of Users;
(f) not use the Services to store or transmit malicious code;
(g) have access to up-to-date protection against viruses and intrusions as may normally be required in the professional use of IT services;
(h) except as permitted by applicable law, decipher, decompile, disassemble, or reverse engineer any of the software comprising or in any way making up a part of Services; and
(i) not reproduce the Services or use the Services to take advantage of ProptechOS intellectual property rights (other than what is permitted by the Agreement or mandatory legislation).
6.2 The Customer shall appoint a Contact Person, with an agreed level of competence, who shall be responsible for, including but not limited to, facilitating the contact with ProptechOS. The Customer shall provide ProptechOS’s with contact information to the Contact Person.
7. AVAILABILITY AND LIMITED ACCESS TO THE SERVICES
7.1 ProptechOS shall when providing the Services comply with the service level agreement (“SLA”) in Schedule 1 which forms a part of the Agreement. Notwithstanding herein, ProptechOS take no responsibility regarding Third-Party Products availability.
7.2 In the event the provision of the Services causes damage or risk damaging ProptechOS or ProptechOS’s customers, including but not limited to an attack on the computer system, ProptechOS (without obligation to compensate the Customer) shall have the right to restrict the Customer’s access to the Services. ProptechOS shall promptly notify the Contact Person of such limitation and shall only take measures justified by the circumstances of individual cases.
8. THIRD-PARTY PRODUCTS
8.1 ProptechOS may be dependent on Third-Party Products in order to be able to provide the Service. The Customer may only use the Third-Party Products in accordance with the third-party provider’s license terms, as from time to time referenced by ProptechOS. ProptechOS’s liability for defects or IP-infringement regarding such Third-Party Products is limited to immediately reporting the defect/infringement to the third-party supplier. ProptechOS shall install solutions provided by the third-party supplier, if any, if this can be made without affecting the Service negatively. ProptechOS shall take commercially reasonable measures to ensure that the third-party supplier complies with its obligations under its agreement with ProptechOS. Except what is stated in this section, ProptechOS has no other liability in relation to defects and IP-infringements caused by Third-Party Products. If it is finally concluded that there is an IP-infringement or if ProptechOS in its reasonable opinion considers it to be likely that it is an IP-infringement and the third-party supplier does not take reasonably required measures, ProptechOS may terminate the Agreement.
9. FEES AND PAYMENT
9.1 The Customer shall pay the Fees in accordance with the applicable Order Form and pricing applicable from time to time.
9.2 The quantity of the purchased Services cannot be reduced during the Agreement period. Paid Fees are non-refundable.
9.3 ProptechOS reserves the right to annually adjust the Fees. Adjustments of the Fees in addition to the producer price index (Sw. producentprisindex för tjänster (PPI) issued by SCB shall be notified to the Customer no later than thirty (30) days before such price increase takes effect.
9.4 All Fees will be invoiced in accordance with the applicable Order Form. Fees shall be paid by the Customer within thirty (30) days from the date of the invoice.
9.5 In the event of late payment, the Customer must pay interest on the outstanding amount in accordance with the Swedish Interest Act (1975: 635). ProptechOS reserves the right to charge legal fees for payment reminders and collection costs in the event of late payment.
9.6 In the event of late payment, ProptechOS reserves the right to (i) upon written notice to the Customer, limit or suspend the Customer’s access to the Services until outstanding payments, including any default interest and other applicable fees, have been paid in full, or (ii) cancel the Agreement in its entirety.
10. SUPPORT AND MAINTENANCE
10.1 ProptechOS provides Support via email (using the email address specified in the Order Form) or via the support function on the Platform
10.2 ProptechOS shall perform all support with due skill and care, in a professional manner and in accordance with the methods and standards normally used by ProptechOS.
10.3 Support is provided weekdays, except for public holidays in Sweden, between 9 am and 4 pm CET.
10.4 ProptechOS shall make reasonable efforts to ensure that the Services are available and fully functioning. However, some technical difficulties or maintenance may, from time to time, result in temporary disruptions to the Services. ProptechOS reserves the right to periodically, and at any time, change or terminate, temporarily or permanently, functions and content of the Services, without liability to the Customer. For the avoidance of doubt, the presence of said disturbances, changes or terminations shall never result in ProptechOS being regarded to have breached its obligations to the Customer in accordance with the Agreement.
11. PROPRIETARY RIGHTS
11.1 Subject to the limited rights granted to Customer hereunder, ProptechOS reserves all right and title to the Service, the result of the Service and/or the Professional Services provided hereunder, including but not limited to any intellectual property rights related thereto and any feedback and ideas regarding the Service and/or the Professional Services provided by Customer and any development in relation thereto, including specific customization. This does not include any of Customer’s or its licensor’s pre-existing intellectual property that is used in connection with the Service and/or the Professional Services, if any. No rights are granted to Customer other than as expressly set forth in these Terms.
11.2 With the exception of any Third-Party Products and any Customer Data, ProptechOS or its licensors own all rights, including intellectual property rights, in and to the Service, and all parts thereof as well as in any results arising out of ProptechOS’s provision of the Service and/or the Professional Services.
11.3 The Customer grants ProptechOS a worldwide, perpetual, non-exclusive, fully paid and transferable right to possess, process, store, publish, distribute, modify, reformat, stream, transmit, playback, transcode, copy, present, display and otherwise use the Customer Data to provide the Service, the Professional Services, or any of ProptechOS’s current or future products or services to the Customer.
11.4 ProptechOS shall furthermore have the right to collect and analyse data and other information relating to the provision, use and performance of various aspects of the Service and related systems and technologies (including, without limitation, information concerning Customer Data and data derived therefrom), and ProptechOS is free (during and after the term hereof) to (i) use such information and data to improve and enhance the Service and for other development, diagnostic and corrective purposes in connection with the Service and other ProptechOS offerings, and (ii) disclose such data to third parties in aggregate or other de-identified form in connection with its business.
12. PERSONAL DATA
12.1 The Parties undertake to comply with their respective and applicable obligations under the Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (the “GDPR”).
12.2 To the extent the provision of the Services involves ProptechOS processing personal data on behalf of the Customer in connection with this Agreement (as a data processor), the data processing agreement (the “DPA“) set out in Schedule 2 which forms a part of the Agreement shall apply and govern such processing.
13. MARKETING
13.1 ProptechOS shall be entitled to use the Customer’s trademarks and information related to the subject matter of the Agreement for marketing purposes. Such marketing shall always be subject to the Customer’s reasonable instructions as well as the Customer’s prior written approval (e-mail is sufficient). Such approval is not to be unreasonably withheld or delayed.
14. CONFIDENTIALITY
14.1 The Parties undertake not to disclose to any third party any information received from the other Party without the consent of the other Party. This includes information about the Parties’ activities that can reasonably be deemed to be of confidential nature, including trade secrets, know-how, information of commercial, financial, commercial and technical nature including information regarding products and development and information that may otherwise reasonably be deemed confidential information of the revealing Party. Information declared by either Party to be confidential shall always be deemed to constitute confidential information.
14.2 The Parties’ obligations under this section 14 shall be valid during the term of the Agreement and for a period of three (3) years after the Agreement has been terminated.
15. WARRANTIES AND LIMITATIONS
15.1 ProptechOS warrants that the Services during the Agreement shall in all material respect function in accordance with the SLA and Service Specification.
15.2 In addition to what is expressly stated in these Terms, ProptechOS makes no warranties of any kind, express, implied or otherwise. The Customer hereby waives, to the extent permitted by law, all implied warranties such as implied warranty of fitness for a particular purpose, merchantability, marketability, non-infringement and that the Services are without defects and bugs.
16. LIMITATION OF LIABILITY
16.1 Unless expressly stated in these Terms, ProptechOS shall only be liable to the Customer for direct damage caused by negligence and ProptechOS’s liability shall be limited to an amount corresponding to the total compensation paid by the Customer for the use of the Services during the six (6) months before the incident that caused the loss occurred.
16.2 ProptechOS shall not be liable to the Customer for (i) loss due to reduction or loss of production or sales, (ii) loss of data, (iii) loss due to loss of profit as a result of an agreement with a third party is lost or has not been correctly fulfilled, (iv) loss of use, (v) loss of goodwill, or (vi) the obligation to compensate a third party for similar indirect damages.
16.3 The above limitations shall not be applied in the event of damage caused by ProptechOS gross negligence, intent or breach of the confidentiality obligations in these Terms.
17. INDEMNIFICATION
17.1 Customer shall indemnify ProptechOS against any and all claims, demands, suits or proceeding made or brought against ProptechOS by a third party alleging that the Customer Data or Customer’s use of any Service in breach of this Agreement infringes such third party’s intellectual property rights or violates applicable law, and will indemnify ProptechOS from any cost or damages which ProptechOS may be obligated to pay in accordance with a judgment, arbitral award or settlement.
17.2 Notwithstanding the foregoing, ProptechOS reserves the right, at the Customer’s expense, to assume the exclusive defence and control of any matter subject to indemnification by the Customer, and the Customer agrees to cooperate, at the Customer’s expense, with ProptechOS’s defence of such claim. ProptechOS shall use reasonable efforts to notify the Customer of any such claim, action or proceeding subject to indemnification as soon as it becomes aware thereof.
18. TERM AND TERMINATION
18.1 The Agreement shall remain in force during the Subscription Period. Unless the Agreement is terminated in writing to the other Party’s Contact Person with ninety (90) days prior notice before the end of the Subscription Period, the Agreement shall remain in force for (1) year consecutive periods with a ninety (90) day notice period before the end of each then applicable subscription period. In the event of such an extension, ProptechOS’s then current price list for the Services shall apply.
18.2 Each Party may, by written notice to the other Party, terminate the Agreement with immediate effect if (i) the other Party has committed a material breach of the Agreement and the breach has not been remedied within thirty (30) days after the Party has received written notice thereof, or (ii) the other Party is wound up or declared bankrupt, submits an application for corporate reorganization, enters into liquidation, cancels its payments or may otherwise be presumed to be insolvent.
18.3 Notwithstanding the above, ProptechOS shall have the right to terminate the Agreement with immediate effect if the Customer is non-compliant with the Agreement.
19. MISCELLANEOUS
19.1 Notices
19.1.1 All notices necessary under the Agreement must be in writing and may be delivered either by courier or in person, by registered letter or by e-mail to the addresses specified in the Order Form. The notice shall be deemed to have reached the recipient:
(a) if delivered by courier, on the day of delivery to the recipient; or
(b) if delivered by registered letter, five (5) days after the date it was handed over to postal service; or
(c) if sent by e-mail, the day after the e-mail was sent provided that the sending Party did not receive an error message and that the sending e-mail account indicates that the e-mail was sent to the correct address.
19.2 Force majeure
19.2.1 A Party is exempted from sanction for failure to fulfill a certain obligation under the Agreement, to the extent that the failure is based on circumstances outside the Party’s reasonable control, such as lightning, internet interruptions, labor disputes, fire, acts of war, pandemic, epidemic, requisition, seizure, amendments to statutes issued by authorities, interventions by courts or authorities or defects and/or delays in deliveries by the Party’s subcontractors as a result of the reasons set forth herein (each referred to as a “Force Majeure Event”). A party who is prevented from fulfilling the Agreement due to a Force Majeure Event shall be excused for its failure as long as the Force Majeure Event exists, this does not include the Party’s obligation to make payments under the Agreement.
19.2.2 A Party wishing to invoke a Force Majeure Event shall immediately notify the other Party thereof. If the Party fails to make such notice, the Party is not exempt from penalties for its failure to fulfil a certain obligation, even if the failure is based on a Force Majeure Event. The failing Party is always obliged to make reasonable efforts to reduce the effects of Force Majeure Events.
19.2.3 If an obstacle for a Party due to a Force Majeure Event lasts for more than three (3) months, the other Party has the right to terminate the Agreement or part thereof with immediate effect.
19.3 Assignment
19.3.1 ProptechOS may at any time transfer any of the rights and/or obligations under this Agreement to any legal entity who (a) directly or indirectly is owned or controlled by ProptechOS, (b) directly or indirectly owns or controls ProptechOS, or (c) is part of the same corporate group as ProptechOS (including subsidiaries).
19.4 Entire agreement and amendments
19.4.1 The Agreement constitutes the Parties’ entire agreement and settlement regarding the subject matter of the Agreement. The Agreement shall supersede, without exception, any prior discussions, communications, agreements and arrangements of any kind between the Parties relating to the subject matter of the Agreement.
19.4.2 ProptechOS reserves the right to make amendments to the Terms. Amendments to the Terms will come into force thirty (30) days after the Customer has been informed of the amendment.
19.5 Validity of the provisions
19.5.1 All provisions of the Agreement which by their nature are intended to remain in valid after termination of the Agreement will continue to be valid and remain in force without limitation in time.
20. APPLICABLE LAW AND DISPUTES
20.1 Swedish substantive law shall apply to this Agreement and any non-contractual obligations in connection therewith.
20.2 Any dispute, controversy or claim arising out of or in connection with this contract, or the breach, termination or invalidity thereof, shall be finally settled by arbitration administered by the Arbitration Institute of the Stockholm Chamber of Commerce (the “SCC”). The Rules for Expedited Arbitrations shall apply, unless the SCC in its discretion determines, taking into account the complexity of the case, the amount in dispute and other circumstances, that the Arbitration Rules shall apply. In the latter case, the SCC shall also decide whether the Arbitral Tribunal shall be composed of one or three arbitrators. The language to be used in the arbitral proceedings shall be Swedish.
20.3 The Parties undertake and agree that all arbitral proceedings conducted with reference to this arbitration clause will be kept strictly confidential. This confidentiality undertaking shall cover all information disclosed in the course of such arbitral proceedings.
SCHEDULE 1 Service level agreement
ProptechOS is responsible for ensuring with all required reasonable and normal kind of technical measures the uninterrupted functioning of the Services and data security. ProptechOS is always responsible for the making of backup copies of data. ProptechOS, however, shall have the right to suspend Customer’s access to the Services due to change or maintenance work of general data network or due to data security risk to the Services or if required by law or regulation by authorities.
The Service Level Agreement is applicable only for paid usage of the Services.
The service availability (“Service Availability”) is defined as uptime.
ProptechOS commits to the availability targets of monthly uptime in excess of 99.5%.
If ProptechOS fails to meet the Service Availability targets defined above, ProptechOS will credit the Customer with the following service credits (“Service Credit”):
| Availability | Service credit |
| 97.00 – 99.49% | 10 % |
| 95.00 – 96.99% | 25 % |
| <95.00% | 50 % |
In addition to the Service Credits, the Customer may terminate the Agreement with immediate effect, if the Service Availability falls under 96,00 % for two (2) consecutive calendar months.
Each Service Credit shall be determined by multiplying the Service Credit percentage, as set forth in the table above, with the fees paid by the Customer to ProptechOS in accordance with the Agreement during the month in which ProptechOS failed to achieve the applicable service level.
Furthermore, it is agreed that the Service Credit applies only to licence fees, and not to onboarding fees or any other fee.
ProptechOS shall credit the Customer on the following month’s fees, as determined at the time of the failure.
This service level agreement and any applicable Service Availability do not apply to any performance or availability issues:
- Planned downtime for maintenance or installation;
- Due to factors outside our reasonable control (for example, natural disaster, war, acts of terrorism, riots, government action, or a network or device failure external to ProptechOS’s data centers, including at the Customer’s site or between the Customer’s site and ProptechOS’s data center);
- That result from the use of services, hardware, or software not provided by ProptechOS, including, but not limited to, issues resulting from inadequate bandwidth or related to third-party software or services;
- Caused by the Customer’s use of a service after we advised the Customer to modify the use of the service;
- During or with respect to preview, pre-release, beta or trial versions of a service, feature or software (as determined by the ProptechOS);
- That result from the unauthorized action or lack of action when required, or from the Customer’s employees, agents, contractors, or vendors, or anyone gaining access to the ProptechOS’s network by means of the Customer’s passwords or equipment, or otherwise resulting from the Customer’s failure to follow appropriate security practices;
- That result from the Customer’s failure to adhere to any required configurations, use supported platforms, follow any policies for acceptable use, or use of the Services in a manner inconsistent with the features and functionality of the Services (for example, attempts to perform operations that are not supported) or inconsistent with our published guidance;
- That result from faulty input, instructions, or arguments (for example, requests to access files that do not exist);
- That result from attempts to perform operations that exceed prescribed quotas or that resulted from our throttling of suspected abusive behaviour;
SCHEDULE 2 Data processing agreement
A Data Processing Agreement and its Addenda (“Agreement”) lays out technical requirements for the controller and processor to follow when processing data. This includes setting terms for how data is stored, protected, processed, accessed, and used. The agreement also defines what a processor can and cannot do with data.
The purpose of this Data Processing Agreement is to fulfill the requirements of a written agreement pursuant to Article 28 of the GDPR.
1. Definitions and Interpretation
1.1 Unless otherwise defined herein, capitalized terms and expressions used in this Agreement shall have the following meaning:
1.1.1 “Agreement” means this Data Processing Agreement and all Addenda;
1.1.2 The Parties acknowledge and agree that for the purposes of this Agreement and as between them:
a. Customer is, or shall be regarded as, a “Controller” of the Personal Data and
b. ProptechOS is, or shall be regarded as, a “Processor” of the Personal Data; and
c. Customer will comply with its obligations as a Controller under this Agreement and the Data Protection Laws and
d. ProptechOS will comply with its obligations as a Processor under this Agreement, the Data Protection Laws and Customer’s written instructions.
1.1.3 ProptechOS means the corporate entity Idun Real Estate Solutions AB (Swedish organization number 559016-1245)
1.1.4 “Customer Personal Data” means any Personal Data Processed by ProptechOS on behalf of Customer pursuant to or in connection with the Principal Agreement;
1.1.5 “Sub-processor” means any person appointed by or on behalf of a ProptechOS to process Personal Data on behalf of the Customer in connection with the Agreement.
1.1.6 “Data Protection Laws” means EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other country;
1.1.7 “EEA” means the European Economic Area;
1.1.8 “EU Data Protection Laws” means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to time, including by the GDPR and laws implementing or supplementing the GDPR;
1.1.9 “GDPR” means EU General Data Protection Regulation 2016/679;
1.1.10 “Data Transfer” means:
1.1.10.1 a transfer of Customer Personal Data from the Customer to a Sub-processor; or
1.1.10.2 an onward transfer of Customer Personal Data from a Sub-processor to a Subcontracted Processor, or between two establishments of a Sub-processor, in each case, where such transfer would be prohibited by Data Protection Laws (or by the terms of data transfer agreements put in place to address the data transfer restrictions of Data Protection Laws);
1.1.11 “Services” means the content, tools, services, software (platform) application and products provided by ProptechOS and described in the Principal Agreement.
1.2 The terms, “Commission”, “Controller”, “Data Subject”, “Member State”, “Personal Data”, “Personal Data Breach”, “Processor”, “Processing” and “Supervisory Authority” shall have the same meaning as in the GDPR, and their cognate terms shall be construed accordingly.
2. Processing of Customer Personal Data
2.1 ProptechOS shall:
2.1.1 comply with all applicable Data Protection Laws in the Processing of Customer Personal Data; and
2.1.2 not Process Customer Personal Data other than on the relevant Customer’s documented instructions.
2.2 The Customer instructs ProptechOS to process and retain Customer Personal Data as specified in the Personal Data and Data Subjects Addendum.
2.3 Customer acknowledges that due to the nature of the Services, ProptechOS cannot control and has no obligation to verify the Personal Data Customer transfers to ProptechOS for processing when Customer uses the Services.
2.4 Customer accepts that ProptechOS may have personal Data processed and accessible by its Sub-processors to any country or territory, all as reasonably necessary for the provision of the Services in accordance with Applicable Laws.
2.5 ProptechOS will retain Personal data according as specified in the Retention period of Personal Data addendum
3. Processor Personnel
ProptechOS shall take reasonable steps to ensure the reliability of any employee, agent or contractor of any Sub-processor who may have access to the Customer Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know / access the relevant Customer Personal Data, as strictly necessary for the purposes of the Principal Agreement, and to comply with Applicable Laws in the context of that individual’s duties to the Sub-processor, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.
4. Security
4.1 Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, ProptechOS shall in relation to the Customer Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in Article 32(1) of the GDPR.
4.2 In order to ensure that the Personal Data are protected as much as possible, ProptechOS takes measures to secure Personal Data against loss or any form of unlawful processing. If additional measures are desired by Customer, it can be discussed with ProptechOS whether the desired measures are possible and/or effective and at what cost the additional measures can be offered. If one of the security measures of ProptechOS is changed, this will become part of the policy of ProptechOS for the protection of personal data processed on behalf of Customer, which can be provided to Customer on request. In this respect, ProptechOS will at least take the following technical and organisational measures, as set out in Data security Addendum.
4.3 ProptechOS shall ensure that any person who is authorized by ProptechOS to process Customer Data (including its staff, agents, and sub-processors) shall be under an appropriate obligation of confidentiality (whether a contractual or statutory duty).
4.4 Customer agrees that except as provided by this Agreement, Customer is responsible for its secure use of ProptechOS, including securing its account authentication credentials, protecting the security of Customer Data when in transit to and from the Service, and taking any appropriate steps to securely encrypt or backup any Customer Data uploaded to the Service.
4.5 The Customer acknowledges that the security measures are subject to technical progress and development and that ProptechOS may update or modify the security measures from time to time, provided that such updates and modifications do not degrade or diminish the overall security of the Services.
5. Sub-processing
5.1 Customer agrees that ProptechOS may engage Sub-processors to process Customer Personal Data on Customer’s behalf. The Sub-processors currently engaged by ProptechOS and authorized by Customer are listed in the Sub-processors addendum or at this link (https://proptechos.com/proptechos-sub-processors-and-affiliates/). ProptechOS will: (i) enter into a written agreement with each Sub-processor imposing data protection terms that require the Sub-processor to protect the Customer Personal Data to the standard required by Applicable Data Protection Laws (and in substance, to the same standard provided by this Agreement); and (ii) remain responsible to Customer for the performance of such Sub-processor’s data protection obligations under such terms.
5.2 ProptechOS is entitled to hire new Sub-processors and to replace existing Sub-processors.
5.3 When ProptechOS intends to hire a new Sub-processors or replace an existing one, ProptechOS shall verify the Sub-processor`s capacity and ability to meet their obligations in accordance with the Data Protection Legislation. ProptechOS shall notify Customer if it adds or removes Sub-processors at least 10 days prior to any such changes if Customer opts in to receive such notifications by clicking here (https://proptechos.com/sub-processor-notifications/).
6. Data Subject Rights
6.1 Taking into account the nature of the Processing, ProptechOS shall assist the Customer by implementing appropriate technical and organizational measures, insofar as this is possible, for the fulfillment of the Customer obligations, as reasonably understood by Customer, to respond to requests to exercise Data Subject rights under the Data Protection Laws.
6.2 ProptechOS shall:
6.2.1 promptly notify Customer if it receives a request from a Data Subject under any Data Protection Law in respect of Customer Personal Data; and
6.2.2 ensure that it does not respond to that request except on the documented instructions of Customer or as required by Applicable Laws to which ProptechOS is subject, in which case ProptechOS shall to the extent permitted by Applicable Laws inform Customer of that legal requirement before the Sub-processor responds to the request.
7. Personal Data Breach
7.1 ProptechOS shall notify Customer of any personal data breach involving the Personal Data that it becomes aware of without undue delay, and in any case, never later than 72 hours after ProptechOS becomes aware of the personal data breach. All such notifications shall be made by email to the Customer representative that ProptechOS regularly liaises with, or such privacy contact person notified to ProptechOS by the Customer.
7.2 ProptechOS shall cooperate with the Customer and take reasonable commercial steps as are directed by Customer to assist in the investigation, mitigation and remediation of each such Personal Data Breach.
8. Data Protection Impact Assessment and Prior Consultation
ProptechOS shall provide reasonable assistance to the Customer with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Customer reasonably considers to be required by article 35 or 36 of the GDPR or equivalent provisions of any other Data Protection Law, in each case solely in relation to Processing of Customer Personal Data by, and taking into account the nature of the Processing and information available to, the Sub-processors.
9. Deletion or return of Customer Personal Data
9.1 Subject to this section 9 ProptechOS shall promptly and in any event within 10 business days of the date of cessation of any Services involving the Processing of Customer Personal Data (the “Cessation Date”), delete and procure the deletion of all copies of those Customer Personal Data.
Upon termination of this Agreement, ProptechOS shall, in the discretion of the Customer,
- either delete or facilitate the process of returning the Customer Data; and
- delete existing copies thereof
Unless ProptechOS is obligated by law to further store the Customer Data.
ProptechOS may keep documentations which serve as evidence of the orderly and accurate processing of Customer Data, also after the termination of this Agreement.
10. Audit rights
10.1 Subject to this section 10, ProptechOS shall make available to the Customer on request all information necessary to demonstrate compliance with this Agreement, and shall allow for and contribute to audits, including inspections, by the Customer or an auditor mandated by the Customer in relation to the Processing of the Customer Personal Data by the Sub-processors.
10.2 Information and audit rights of the Customer only arise under section 10.1 to the extent that the Agreement does not otherwise give them information and audit rights meeting the relevant requirements of Data Protection Law.
10.3 ProptechOS acknowledges that Customer’s third-party independent auditors may enter its premises for the purposes of conducting this audit, provided that ProptechOS is given reasonable prior notice of Customer’s intention to audit, the audit is conducted during normal business hours, and takes all reasonable measures to prevent unnecessary disruption to ProptechOS’s operations. Customer will not exercise its audit rights more than once in any twenty-four (24) calendar month period, except if, and when, required by instruction of a competent supervisory authority.
11. Data Transfer
11.1 ProptechOS may not transfer or authorize the transfer of Data to countries outside the EU and/or the European Economic Area (EEA) without the prior written consent of the Customer. If personal data processed under this Agreement is transferred from a country within the European Economic Area to a country outside the European Economic Area, the Parties shall ensure that the personal data are adequately protected. To achieve this, the Parties shall, unless agreed otherwise, rely on EU approved standard contractual clauses for the transfer of personal data.
12. General Terms
12.1 Confidentiality. Each Party must keep this Agreement and information it receives about the other Party and its business in connection with this Agreement (“Confidential Information”) confidential and must not use or disclose that Confidential Information without the prior written consent of the other Party except to the extent that:
a. disclosure is required by law;
b. the relevant information is already in the public domain.
12.2 Notices. All notices and communications given under this Agreement must be in writing and will be delivered personally, sent by post or sent by email to the address or email address set out in the heading of this Agreement at such other address as notified from time to time by the Parties changing address.
13. Governing Law and Jurisdiction
13.1 This Agreement is governed by the laws of Sweden.
13.2 Dispute Resolution. All disputes arising out of or relating to this Agreement shall be finally settled by arbitration in accordance with the Arbitration Rules of Central Chamber of Commerce of Sweden, by one (1) arbitrator. The arbitration proceedings shall take place in Stockholm, Sweden. Notwithstanding the above, each Party shall be entitled to seek equitable and/or injunctive relief to prevent or stop a violation of the terms and conditions contained in the Agreement, and the Service Provider may take legal actions concerning overdue payments in any appropriate court of law.
Personal Data and Data Subjects Addendum
ProptechOS will, under the Agreement, process the following personal data on behalf of Customer:
- Effigy;
- Name and address information;
- Phone number;
- Email address;
- Job title;
- Order history;
- Contact moments;
- Internet protocol address (IP address);
- Identification Cookie;
- Ad ID of phone;
- Other relevant data shared by the data subject.
Of the categories of Data Subjects:
- Employees of Customer;
- Principals of Customer;
- Employees of ProptechOS;
- Sub-processors of ProptechOS;
- Other Data Subjects connected Customer;
Retention period
ProptechOS will retain the Personal Data in accordance with the overview below.
| Category of Data Subjects | Data | Purpose | Retention period |
| Employees of Customer;Principals of Customer; Employees of ProptechOS;Sub-processor of ProptechOS;Other Data Subjects connected to Customer. | Effigy;Name and address information;Phone number;Email address;Job title;Order history;Contact moments;Internet protocol address (IP address);Identification Cookie;Ad ID of phone;Other relevant data shared by the data subject. | Execution of the Agreement | Duration of the Underlying Agreement |
Sub-processors Addendum
| Authorized Sub-processors | ||
| Sub-processor | Purpose | Location |
| Microsoft Azure | Platform for digital twins, device management, data processing etc. | EU, USA |
| HubSpot | CRM | EU, USA |
| Authorized ProptechOS Affiliates | ||
| Affiliate | Purpose | Location |
| Mautics LCC | Technical development, maintenance, research, support and upgrade the Service | Ukraine |
If you would like to receive an email when we make updates to this Sub-processors Addendum, please complete our Sub-processor Updates Form at: https://proptechos.com/sub-processor-notifications/