en pl
en pl

Provision of Recruitify.ai Services


Service Agreement

1. Recruitify - Terms of Service

2. Data Processing Outsourcing Agreement

Recruitify - Terms of Service

§ 1. Recitals

These Terms, set forth on the grounds of Article 8(1)(1) of the Polish Electronic Services Act of 18 July 2002, lays down the terms and conditions of services provided by Recruitify Sp. z o.o. (hereinafter as “Recruitify”) to entities who signed the Service Agreement with Recruitify.

§ 2. Definitions

For the purposes of these Terms, the words below shall be defined as follows:

1. Service Provider or Recruitify - Recruitify Spółka z ograniczoną odpowiedzialnością with its headquarters in Warsaw, al. Jana Pawła II 61 /241/1.2, 01-031, entered into the National Court Register at the Regional Court for the Capital City of Warsaw in Warsaw, 13th Economic Division of the National Court Register under number 0000709889, NIP (Tax ID): 5252733667.

2. Customer or Client - Customer who signed the Contract with the Service Provider. Only an entrepreneur within the meaning of Article 431 of the Polish Civil Code can be a Customer.

3. Party - Service Provider or Customer.

4. Site - an Internet service available at the address recruitify.ai, where the Customer can use the Services having provided his login and password.

5. Account - the record in Site’s database, through which the Customer can use the Services.

6. Services - the Service Provider’s performance carried out through ICT systems at the individual request from the Customer, without the Parties being simultaneously present physically. The Service is provided on the basis of IT modules, which support processes facilitating recruitment process management. The scope of respective Services is activated depending on the selected price plan set out in the Price List.

7. Contract - the Service contract signed between the Service Provider and the Customer on such terms and in such manner as is set out in the Terms and - if applicable - on the terms set out in the Order or other documents specified by the Service Provider.

8. Terms - these terms of service.

9. Billing Period – a full calendar month, with the first day counted from the Contract date.

10. Order - the form specifying basic parameters of the Services.

11. Price List - information document which sets out the scope of provided Services, including the name of respective bundles and the amount of fee payable to the Service Provider for the readiness to provide the Services. Unless the Price List provides otherwise, all amount stated in the Price Lists are net amounts i.e. VAT excluded.

12. Data Processing Outsourcing Agreement – Annex to the Terms.

§ 3. Signing Contracts

1. The Contract can be signed:

a. by signing and sending the Order (as scan or in another form that meets the definition of document form within the meaning of Articles 77(2) and 77(3) of the Polish Civil Code) to the e-mail address provided by the Service Provider: contact@recruitify.ai. The Customer must select the Service option and the number of Billing Periods, in which the Services are to be provided;

b. by signing the Order and delivering it to the Service Provider’s representative - the Customer must select the Service option and the number of Billing Periods, in which the Services are to be provided; or

c. by filling in the Order online on the Site - when filling in the Order online on the Site, the Customer selects - by checking relevant boxes - the Service option and the number of Billing Periods, in which the Services are to be provided;

d. by placing the Order by phone.

2. Signing the Contact is tantamount to the approval of these Terms.

§ 4. Contract Terms

1. The Service Provider undertakes to be ready to provide the Services throughout the term of the Contract. The fee payable to the Service Provider is a fee for readiness to provide the Services. Once the Contract is signed, the Customer is under no obligation to use the Services, but this shall not exempt the Customer from the need to pay the fee payable to Recruitify.

2. Once the Contact is signed, the Customer must select the login and password for the Account.

3. The Service Provider will make it possible for the Customer to grant access to the Account to the persons selected by the Customer (e.g. his employees) within the scope of his choosing. The Customer undertakes to keep a list of persons who were granted access to the Account, with their respective authorisation scopes.

3.1. The Customer has access to the history of login sessions of system users to whom he has granted access. The Service Provider, upon request, may provide information on the scope of data to which the user has obtained access at a specific time.

4. By performing any operations in the Account, the Customer represents that those operations are performed at his knowledge and consent and are effective with respect to the Customer.

5. The basic scope of functionalities within a given service Package and the remuneration payable to the Service Provider shall be set out in the Price List.

6. During the term of the Contract, the Parties may change the Service Package selected by the Customer by way of an annex to the Contract.

7. In the event of a breach of these Terms, the Customer’s access to the Account can be restricted and this shall be notified to the Customer. The restriction of access to the Account shall not affect the Service Provider’s right to the remuneration for readiness to provide the Services.

8. In case of particularly gross breach of the Terms, the Service Provider - having first sent a demand to the Customer to cease the breach in form of a document or in writing - has the right to block the Customer’s access to the Account, which is equal to the termination of the Contract with immediate effect for reasons attributable to the Customer. In such a case, the Customer shall pay the Service Provider a contractual penalty in the amount equal to the fee for the Billing Period, in which the Contract was terminated.

9. The Service Provider shall not be liable in any way for:

a. correct legal grounds, which legalize personal data collected by the Customer or his clients,

b. the Customer’s or his client’s fulfilment of information duties stemming from personal data regulations with respect to subjects whose data is input in the Account by the Customer,

c. any unauthorized access to the Account granted by the Customer or persons acting on his behalf or for his benefit, in particular by disclosing the password or other data needed to log in to the Account,

d. any type of breach of the Account, when it resulted from the action or omission of the Customer or the persons acting on his behalf or for his benefit,

e. any use of the Services by the Customer or persons acting on his behalf or for his benefit in a manner inconsistent with the Service purposes or the Contract,

f. the manner, in which the Customer uses the Services,

g. any interruption in the access to the Site, caused by failure of the Internet or the Customer’s hardware or software.

10. Unless mandatory laws or the Terms provide otherwise, the Service Provider shall be liable to the Customer only for damages caused solely by the Service Provider’s wilful misconduct.

11. It is prohibited for the Customers to input any unlawful content, in particular, any vulgar, erotic, racist content or content inciting persecution for ethnic, cultural, or religious reasons or promoting or supporting criminal activities, activities violating third parties rights, including intellectual property rights or violating legally protected rights in any other form.

12. The Customer must keep his login and password to the Account confidential and not provide it or make it available to third parties. The Service Provider shall not be liable for unauthorized access to the Account when such access was gained by a third party as a result of the Customer’s action or omission. If the login or password ceases to be confidential, the Customer must notify the Service Provider immediately and change the password.

13. The Service Provider recommends changing the Account password on a regular basis and using the so-called “strong passwords”.

14. The Service Provider recommends that the Account password not to be saved in the browser used by the Customer to connect to the Site and not to be written on a paper note stuck to the screen or computer.

§ 5. Term of Contract

1. The contract is concluded for an indefinite period.

2. The Parties agree that the termination of the Contract, which was concluded for an indefinite period, may take place with one month's notice, subject to §4 sec. 6 of the Contract.

3. The termination notice must be in writing or in form of a document, i.e. by e-mail to billing@recruitify.ai, otherwise null and void.

§ 6. Fee and Methods of Payment

1. The fee for readiness to provide the Services is set out in the Price List applicable on the Contract date. The fee is payable for every Billing Period, in which the Service Provider remained ready to provide the Services.

2. The Service Provider is also entitled to remuneration for the services provided to the Client in excess of the limit indicated in the Price List for sending SMS and CV Parser services, unless the service parameters of this Contract provide otherwise. The Service Provider will inform the Client in the manner provided for in the Contract about the exhaustion of the limit of services covered by quantitative restrictions.

3. The payment will be made by bank transfer to bank account.

4. The Customer can make a single payment for the entire term of the Contract or make monthly payments in accordance with the Billing Periods.

5. Payment for the Services is made in advance. Invoices will be issued within 7 days of the end of the relevant Billing Period. The Customer agrees to receive VAT invoices electronically.

6. The Service Provider shall not be liable for the effectiveness of payment transactions made through Internet payment services. Any objections related to the course of payment transactions made in the manner specified in the precedent sentence must be submitted by the Customers directly to the relevant owner of Internet payment service.

7. The Parties agree that the date of payment is considered to be the day, on which the Service Provider’s bank account is credited.

8. In the event of delay in payment, the Service Provider is authorised to demand the payment of late interest for commercial transactions.

9. If the delay is greater than 14 days, the Service Provider shall block the Customer’s ability to answer the Users. If the delay is greater than 28 days, the Service Provider shall block the Customer’s access to the Account. While performing those activities, the Service Provider shall retain the right to the entire remuneration.

§ 7. Service Quality

1. The Service Provider undertakes to ensure the proper quality of the provided Services.

2. To use the Services, it is necessary to have an Internet connection and an Internet browser which makes it possible for hypertext (HTML) documents, made available on the Internet through the WWW service, to be displayed on the User’s screen. The Customer acknowledges that due to the technical configuration of the hardware used by the Customer to view Site pages, certain functions of the Site may not be accessible.

3. The Services will be available at 97% in a year, and the Service Provider shall not be liable for unavailability within the remaining scope. If the Site is not available for more than 3% in a year, the Service Provider will extend the Contract pro rata to the time of unavailability. In the above case, the Client is not obliged to pay remuneration for the extension of the Contract in proportion to the period of unavailability.

4. The Service Provider reserves the right to transfer all rights to the Site to a third party.

§ 8. Personal Data

1. The Customer may input personal data in the Account for the Services to be provided properly.

2. When the Customer inputs any personal data in the Account, independently or through its staff, the processing of such data is entrusted by the Customer to the Service Provider within the meaning of Article 28 GDPR.

3. For the avoidance of doubts, the Service Provider is not the data controller for the personal data input in the Account and processes the personal data input there by the Customer or through its staff at the Customer’s instruction, save that it is recognised that the Contract or the fact of placement of personal data in the Account constitutes the instruction to process.

4. The Customer represents that he is the controller of the personal data input by him in the Account or is the processor with respect to such data.

5. The Service Provider is entitled to process the entrusted personal data on the principles set out in detail in the Agreement on entrusting the processing of personal data, constituting Appendix No. 1 to the Regulations.

§ 9. Data storage

1. As part of provision of the Services, Recruitify provides the storage of data input on Site by the Client.

2. The access to stored data is provided through the Site.

3. In connection with the storage of data input by the Client on the Site, Recruitify is authorised to process the personal data entrusted under Section 8 of the Contract for the period, in which such data is stored.

4. The period of storage of data input on the Site by the Client is the same as the term of the Agreement.

5. No fee is collected for the storage of data input on the Site by the Client, other than the fee set out in the Order.

6. Recruitify may export, free of charge all data that is stored in the website by the Client upon request by the Client.

§ 10. Complaint Procedure

1. Any comments related to the functioning of the Site can be submitted by the Client in a complaint notice sent to: contact@recruitify.ai.

2. To be investigated, complaints must:

a. be submitted by the Client to the appropriate address,

b. contain the reason for the complaint submission and possibly determine the scope of actions expected by the Client,

c. contain the Client’s current particulars.

3. Complaint notices are investigated by the Service Provider within 30 days of their receipt if the Client formulates the notice in a clear and transparent manner. If there are gaps or ambiguities which prevent the complaint from being investigated within the above-mentioned time limit, the Service Provider shall request the Client to supplement the notice within 7 days. In the request referred to above is ineffective, the complaint shall remain uninvestigated.

4. The decision concerning the complaint is notified to the Client to his current e-mail address.

5. If the complaint is recognised, the Service Provider shall remove the established irregularities. If irregularities consisted in incorrect functioning of the Site, the Client will receive a refund of the relevant portion of the fee paid, to the bank account provided by the Client.

§ 11. Technical Requirements; Miscellaneous

1. To use the Site, it is necessary to use a computer with Internet access, equipped with Edge, Mozilla Firefox, Google Chrome browser, or another comparable browser updated to the latest version.

2. To use the full functionality of the Site, it may be necessary to configure the appropriate levels of cookies, SSL protocol, or JavaScript application handling in the browser settings.

3. These Terms form an integral part of the Order.

4. These Terms are available at the Service Provider’s registered office and at the electronic address https://recruitify.ai/terms/, in electronic version, which makes it possible to download, reproduce and record the Terms with the use of the ICT system used by the Client.

5. The Service Provider reserves the right to amend these Regulations. The changes come into force 14 days after their publication. The Service Provider will inform the Service Recipient of the planned amendment to the Regulations. In the event of subsequent changes to the regulations that would be effective for the Service Recipient, they will be previously provided to the Service Recipient for approval, providing him with the possibility of terminating the contract with immediate effect without financial consequences. If the Client is the initiator of the changes, the changes must be made in writing for their validity.

6. Polish laws, in particular the Polish Civil Code and the Polish Electronic Services Act of 18 July 2002, shall apply in all matters, which are not regulated in these Terms.

7. The Parties shall strive to resolve amicably any disputes which may arise from the performance of the provisions of these Terms. If no agreement is reached, disputes shall be resolved by the court of law having jurisdiction over the Service Provider’s registered office.

8. If any of the provisions of these Terms proves invalid, this shall not render the entire Terms invalid. The invalid provision shall be replaced by relevant statutory regulations.

§ 12. Trial Period

1. Service Provider will make it possible for the Client to sign a free Contract for a 14-day trial period.

2. During the trial period, the Client can use the Services within such scope as may be set out in the telephone conversation.

3. The Terms shall apply during the trial period, except for the provisions concerning remuneration and termination notice periods.

4. After the trial period the Contract shall terminate automatically, unless the Service Provider and the Client sign a paid Contract for the provision of Services.

Data Processing Outsourcing Agreement

Section 1 DEFINITIONS

For the purposes of the Agreement, the Administrator and the Processor agree upon the following meanings of the following terms:

1) Personal Data – data within the meaning of Article 4(1) of Regulation No 2016/679, i.e. any information relating to an identified or identifiable natural person;

2) Personal Data Processing – any operation or set of operations that is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction within the meaning of Article 4(2) of Regulation 2016/679;

3) Agreement – this agreement;

4) Main Agreement – agreement concluded by the Administrator with the Processor;

5) Regulation 2016/679 – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Polish Journal of Laws of 2016, No. 119, p. 1).

Section 2 REPRESENTATIONS

The Parties declare as follows:

1) The Parties declare that the Agreement has been concluded in order to perform the obligations referred to in Article 28 of Regulation 2016/679 in connection with the conclusion of the Main Agreement.

2) The Administrator declares that it is the controller of Personal Data within the meaning of Article 4(7) of Regulation 2016/679, i.e. an entity that alone or jointly with others, determines the purposes and means of the processing of Personal Data.

3) The Processor declares that it is a processing entity within the meaning of Article 4(8) of Regulation 2016/679 under the Agreement, which means that it will process Personal Data on behalf of the Administrator.

4) The Processor declares that it meets the requirements of Article 28 of Regulation 2016/679, and guarantees to implement appropriate technical measures.

Section 3 SUBJECT AND DURATION OF PROCESSING

1. The Administrator outsources Personal Data to the Processor for processing, and the Processor agrees to process them in accordance with the law and the Agreement.

2. The Agreement is concluded for the term of the Main Agreement and for the duration of the performance of all obligations arising under the Agreement and Main Agreement. For the avoidance of doubt, termination of the Main Agreement results in termination of the Agreement.

Section 4 PURPOSE AND BASIC RULES OF PROCESSING

1. The Processor may process Personal Data only in the scope and for the purpose provided for in the Agreement.

2. The purpose of the outsourcing of the Personal Data is the performance of the Main Agreement, including, in particular, the Processor’s performance of the services specified in the Service Provision Regulations.

3. The scope of the Personal Data processed by the Processor under the Agreement covers all personal data categories processed in the Administrator's IT systems.

4. The scope of the Personal Data processed by the Processor under the Agreement covers the data of job candidates that have been entered by the Administrator into systems developed by the Processor.

5. The Processor processes the Personal Data only at the documented instruction of the Administrator. A documented instruction shall mean an instruction to process personal data contained in the Main Agreement, as well as any directions or instructions provided by the Administrator during the term of the Agreement electronically or in writing.

6. In the processing of the Personal Data, the Processor shall follow the rules specified in the Agreement, including directions and instructions provided by the Administrator and in Regulation 2016/679.

Section 5 DETAILED PERSONAL DATA PROCESSING RULES

1. Prior to the commencement of the Processing of Personal Data, the Processor shall take the measures to secure the Personal Data referred to in Article 32 GDPR, in particular:

a) taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, it shall implement technical and organisational measures to ensure the security of the Personal Data, to ensure a level of security appropriate to the risk. The Processor should adequately document its application of these measures, and update these measures in consultation with the Administrator;

b) ensure that any natural person acting under the authority of the Processor who has access to personal data does not process them except on instructions from the Administrator, including in accordance with its directions and instructions, for the purposes and within the scope provided for in the Agreement;

c) maintain a record of all categories of processing activities carried out on behalf of the Administrator, as referred to in Article 30(2) of Regulation 2016/679, and make it available to the Administrator at its request, unless the Processor is released from this obligation pursuant to Article 30(5) of Regulation 2016/679.

2. The Processor declares that persons having access to the Processed Personal Data keep the data and the security measures secret, and the obligation of secrecy also continues after the execution of the Agreement and the cessation of employment with the Processor. To this end, the Processor shall allow processing to be carried out only by persons who have signed an obligation to keep the personal data and the methods of their protection secret.

Section 6 FURTHER OBLIGATIONS OF THE PROCESSOR

1. The Processor agrees to help the Administrator in meeting the obligations outlined in Articles 32-36 of Regulation 2016/679; in particular, the Processor agrees to provide the Administrator with information and carry out its instructions regarding the Personal Data protection measures used, and the Processor agrees to provide the Administrator with information about cases of a breach of Personal Data within 24 hours from the detection of an incident constituting a breach of personal data protection.

2. The Processor agrees to help the Administrator via appropriate technical and organisational measures in meeting the obligation of responding to the requests of data subjects as part of the exercise of their rights outlined in Articles 15-22 of Regulation 2016/679, in particular, the Processor agrees to inform the Administrator about data subject requests within five days of receipt of such request.

3. The Processor agrees to comply with any instructions or recommendations issued by the supervisory authority or an EU advisory body dealing with the protection of Personal Data, related to the Processing of Personal Data, in particular, in the application of Regulation 2016/679.

4. The Processor agrees to forthwith inform the Administrator (in accordance with the method of contact or sending notifications specified in the Main Agreement) about any proceedings, in particular, administrative or judicial proceedings, regarding the Processing of outsourced Personal Data by the Processor; about any administrative decision or judgement addressed to the Processor regarding the Processing of outsourced Personal Data; as well as any audits or inspections regarding the Processing of outsourced Personal Data by the Processor, in particular, those carried out by a supervisory authority.

Section 7 SUB-OUTSOURCING OF PROCESSING

1. The Processor may use the services of another processing entity (sub-processor).

2. The Administrator agrees to the sub-outsourcing of the processing of the outsourced Personal Data to the Processor's subcontractors.

3. If the processing of Personal Data is sub-outsourced, the sub-outsourcing of the processing will be based on the agreement.

4. The Processor shall ensure that the subcontractors (sub-processors) to which the processing of personal data has been sub-outsourced use at minimum a level of Personal Data protection equivalent to that used by the Processor.

5. If the subcontractors (sub-processors) to which the processing of Personal Data has been sub-outsourced do not perform their Data Protection obligations, the full liability of the Administrator for the performance of the obligations of these sub-processors shall be borne by the Processor.

Section 8 TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES

1. The Processor may not transfer the personal data to a third country outside of the European Economic Area (EEA), unless the Administrator grants it prior written (under pain of nullity) consent allowing such transfer.

2. If the Administrator grants the Processor prior consent for the transfer of personal data to a third country, the Processor may make such a transfer of these personal data only if:

a) the target country ensures a level of personal data protection adequate to that applicable in the European Union, or

b) the Administrator and Processor or sub-processor have concluded an agreement based on standard contractual clauses, or have implemented another mechanism that, in accordance with the law, legalises the transfer of data to the third country.

Section 9 AUDITS

1. The Processor:

a) shall enable the Administrator or authorised inspector to carry out an audit or inspections in a manner that does not disrupt ongoing operations,

b) shall provide the Administrator with all information necessary to demonstrate that the Administrator's activities comply with the provisions of the GDPR,

c) agrees to cooperate with the Administrator during the inspection.

2. If it is found that the Processor does not follow the rules for Personal Data Processing in relation to the data outsourced by the Administrator, the Administrator shall request that the Processor eliminates the violations within 14 days, subject to the consequences specified in Section 10 paragraph 6 subparagraph b).

Section 10 END OF THE OUTSOURCING OF PROCESSING

1. Once the provision of services related to the processing ends, the Processor, at the request of the Administrator and subject to paragraph 2, is required to cease the Processing of Personal Data and delete all Personal Data and existing copies thereof from its collections and IT systems.

2. Despite the cessation of the provision of services related to the outsourcing of Personal Data Processing, the Processor may process data concerning the confirmation of the performance of a service for the Administrator.

3. The deletion of personal data referred to in paragraph 1 shall mean the destruction of Personal Data or modification of Personal Data preventing identification of the data subject.

4. The deletion of the data shall be documented by way of a written statement signed by persons authorised by the Processor. The Processor agrees to provide the Administrator with statements about the deletion of the Personal Data within seven days of such a request being made by the Administrator.

5. Termination of the Main Agreement at any time and in any way by either Party shall result in the expiration of the Agreement.

6. The Administrator may terminate the Agreement with immediate effect, if:

a) a supervisory authority finds that the Processor is not following the rules for processing personal data in relation to data outsourced by the Administrator,

b) the Administrator, having conducted an audit referred to in Section 9, finds that the Processor is not following the rules for Processing Personal Data in relation to data outsourced by the Administrator, and the 14-day deadline for the elimination of the violations has lapsed ineffectively,

c) the Processor used the Personal Data contrary to the Agreement or legal provisions, processed the outsourced Personal Data incorrectly despite being requested to change the way in which they were processed, or outsourced the processing of Personal Data to another entity without the consent of the Administrator.

Section 11 FINAL PROVISIONS

1. The Agreement shall enter into force on the day the Administrator accepts the service provision regulations, and shall continue throughout the period of cooperation between the Parties.

2. To the extent not covered by the Agreement, the provisions of the Polish Act of 23 April 1964 – the Polish Civil Code (Polish Journal of Laws No. 2017, item 459, as amended) and the provisions of Regulation 2016/679 shall apply.

3. Any disputes arising under the performance of the Agreement shall be resolved by a court with jurisdiction over the seat of the Processor.