Legal

COOKIE POLICY

Millers use various technologies to collect information, such as cookies. We use cookies, and other technologies to improve and customize our products and websites (“the Services”) and your experience; to allow you to access and use the Services without re-entering your username or password, and to understand the usage of our Services and the interests of our customers.

1. COOKIES

We use different types of cookies, which all can be categorized into the following 

  • Necessary: These cookies and other technologies are essential in order to enable the Services to provide the feature you have requested, such as remembering you have logged in;

  • Functionality: These cookies and similar technologies remember the choices you make and are used to provide you with an experience more appropriate to your selections and to make your use of the Services more tailored; and

  • Performance and analytics: These cookies collect information on how users interact with the Services and enable us to improve how the Services operate

2. HOW TO OPT-OUT

To opt-out of our use of cookies, you can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from websites you visit. If you do not accept cookies, however, you may not be able to use all aspects of our Services. You will not be able to opt-out of any cookies or other technologies that are ‘strictly necessary’ for the Services.

3. UPDATES TO THIS NOTICE

This Cookies Policy may be updated from time to time. If you disagree with any changes to this Cookie Policy, you will need to stop using the Services.

DATA PROCESSING AGREEMENT

For the purposes of Article 28(3) of Regulation 2016/679 (the GDPR)

between

 

Millers A/S
CVR-nr.: 43351133
Innovations allé 3
7100 Vejle
Danmark

(the data controller)

 

and

 

Organization
CVR-nr.:
Address 1
Address 2
Country

(the data processor)

 

each a ‘party’; together ‘the parties’

HAVE AGREED on the following Contractual Clauses (the Clauses) in order to meet the requirements of the GDPR and to ensure the protection of the rights of the data subject.

1. PREAMBLE

These Contractual Clauses (the Clauses) set out the rights and obligations of the data controller and the data processor, when processing personal data on behalf of the data controller.

The Clauses have been designed to ensure the parties’ compliance with Article 28(3) of Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).

In the context of the provision of the service, the data processor will process personal data on behalf of the data controller in accordance with the Clauses.

The Clauses shall take priority over any similar provisions contained in other agreements between the parties.

Three appendices are attached to the Clauses and form an integral part of the Clauses.

Appendix A contains details about the processing of personal data, including the purpose and nature of the processing, type of personal data, categories of data subject and duration of the processing.

Appendix B contains the data controller’s instructions with regards to the processing of personal data, the minimum-security measures to be implemented by the data processor and how audits of the data processor and any sub-processors are to be performed.

Appendix C contains provisions for other activities which are not covered by the Clauses.

The Clauses along with appendices shall be retained in writing, including electronically, by both parties.

The Clauses shall not exempt the data processor from obligations to which the data processor is subject pursuant to the General Data Protection Regulation (the GDPR) or other legislation.

2. THE RIGHTS AND OBLIGATIONS OF THE DATA CONTROLLER

The data controller is responsible for ensuring that the processing of personal data takes place in compliance with the GDPR (see Article 24 GDPR), the applicable EU or Member State1 data protection provisions and the Clauses.

The data controller has the right and obligation to make decisions about the purposes and means of the processing of personal data.

The data controller shall be responsible, among other, for ensuring that the processing of personal data, which the data processor is instructed to perform, has a legal basis.

3. THE DATA PROCESSOR ACTS ACCORDING TO INSTRUCTIONS

The data processor shall process personal data only on documented instructions from the data controller unless required to do so by Union or Member State law to which the processor is subject. Such instructions shall be specified in appendices A and C. Subsequent instructions can also be given by the data controller throughout the duration of the processing of personal data, but such instructions shall always be documented and kept in writing, including electronically, in connection with the Clauses.

The data processor shall immediately inform the data controller if instructions given by the data controller, in the opinion of the data processor, contravene the GDPR or the applicable EU or Member State data protection provisions.

4. CONFIDENTIALITY

The data processor shall only grant access to the personal data being processed on behalf of the data controller to persons under the data processor’s authority who have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality and only on a need-to-know basis. The list of persons to whom access has been granted shall be kept under periodic review. Based on this review, such access to personal data can be withdrawn, if access is no longer necessary, and personal data shall consequently not be accessible anymore to those persons.

The data processor shall at the request of the data controller demonstrate that the concerned persons under the data processor’s authority are subject to the abovementioned confidentiality.

5. SECURITY OF PROCESSING

Article 32 of GDPR stipulates that considering the state of the art, the costs of implementation, and the nature, scope, context, and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the data controller and data processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk.

The data controller shall evaluate the risks to the rights and freedoms of natural persons inherent in the processing and implement measures to mitigate those risks. Depending on their relevance, the measures may include the following:

  1. Pseudonymization and encryption of personal data;
  2. the ability to ensure ongoing confidentiality, integrity, availability, and resilience of processing systems and services;
  3. the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
  4. a process for regularly testing, assessing, and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.

 

According to Article 32 GDPR, the data processor shall also – independently from the data controller – evaluate the risks to the rights and freedoms of natural persons inherent in the processing and implement measures to mitigate those risks. To this effect, the data controller shall provide the data processor with all information necessary to identify and evaluate such risks.

Furthermore, the data processor shall assist the data controller in ensuring compliance with the data controller’s obligations pursuant to Articles 32 GDPR, by inter alia providing the data controller with information concerning the technical and organisational measures already implemented by the data processor pursuant to Article 32 GDPR along with all other information necessary for the data controller to comply with the data controller’s obligation under Article 32 GDPR.

If subsequently – in the assessment of the data controller – mitigation of the identified risks requires further measures to be implemented by the data processor than those already implemented by the data processor pursuant to Article 32 GDPR, the data controller shall specify these additional measures to be implemented in Appendix B.

6. USE OF SUB-PROCESSORS

The data processor shall meet the requirements specified in Article 28(2) and (4) GDPR to engage another processor (a sub-processor).

The data processor shall therefore not engage another processor (sub-processor) for the fulfillment of the Clauses without the prior specific written authorization of the data controller.

The data processor shall engage sub-processors solely with the specific prior authorization of the data controller. The data processor shall submit the request for specific authorisation at least 30 days prior to the engagement of the concerned sub-processor. 

Where the data processor engages a sub-processor for carrying out specific processing activities on behalf of the data controller, the same data protection obligations as set out in the Clauses shall be imposed on that sub-processor by way of a contract or other legal act under EU or Member State law, in particular providing sufficient guarantees to implement appropriate technical and organizational measures in such a manner that the processing will meet the requirements of the Clauses and the GDPR.

The data processor shall therefore be responsible for requiring that the sub-processor at least complies with the obligations to which the data processor is subject pursuant to the Clauses and the GDPR. 

A copy of such a sub-processor agreement and subsequent amendments shall – at the data controller’s request – be submitted to the data controller, thereby giving the data controller the opportunity to ensure that the same data protection obligations as set out in the Clauses are imposed on the sub-processor. Clauses on business-related issues that do not affect the legal data protection content of the sub-processor agreement, shall not require submission to the data controller.  

The data processor shall agree on a third-party beneficiary clause with the sub-processor where – in the event of bankruptcy of the data processor – the data controller shall be a third-party beneficiary to the sub-processor agreement and shall have the right to enforce the agreement against the sub-processor engaged by the data processor, e.g. enabling the data controller to instruct the sub-processor to delete or return the personal data.

If the sub-processor does not fulfil his data protection obligations, the data processor shall remain fully liable to the data controller as regards the fulfilment of the obligations of the sub-processor. This does not affect the rights of the data subjects under the GDPR – those foreseen in Articles 79 and 82 GDPR – against the data controller and the data processor, including the sub-processor.

7. TRANSFER OF DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANIZATIONS

Any transfer of personal data to third countries or international organizations by the data processor shall only occur based on documented instructions from the data controller and shall always take place in compliance with Chapter V GDPR. 

In case transfers to third countries or international organizations, which the data processor has not been instructed to perform by the data controller, are required under EU or Member State law to which the data processor is subject, the data processor shall inform the data controller of that legal requirement prior to processing unless that law prohibits such information on important grounds of public interest.

Without documented instructions from the data controller, the data processor therefore cannot within the framework of the Clauses:

  1. transfer personal data to a data controller or a data processor in a third country or in an international organization
  2. transfer the processing of personal data to a sub-processor in a third country 
  3. have the personal data processed in by the data processor in a third country

 

The data controller’s instructions regarding the transfer of personal data to a third country including, if applicable, the transfer tool under Chapter V GDPR on which they are based, shall be set out in Appendix B.6.

The Clauses shall not be confused with standard data protection clauses within the meaning of Article 46(2)(c) and (d) GDPR, and the Clauses cannot be relied upon by the parties as a transfer tool under Chapter V GDPR.

8. ASSISTANCE TO THE DATA CONTROLLER

Considering the nature of the processing, the data processor shall assist the data controller by appropriate technical and organizational measures, insofar as this is possible, in the fulfilment of the data controller’s obligations to respond to requests for exercising the data subject’s rights laid down in Chapter III GDPR.

  1. This entails that the data processor shall, insofar as this is possible, assist the data controller in the data controller’s compliance with:
  2. the right to be informed when collecting personal data from the data subject
  3. the right to be informed when personal data have not been obtained from the data subject
  4. the right of access by the data subject
  5. the right to rectification
  6. the right to erasure (‘the right to be forgotten’)
  7. the right to restriction of processing
  8. notification obligation regarding rectification or erasure of personal data or restriction of processing
  9. the right to data portability
  10. the right to object 
  11. the right not to be subject to a decision based solely on automated processing, including profiling

 

In addition to the data processor’s obligation to assist the data controller pursuant to Clause 6.3., the data processor shall furthermore, considering the nature of the processing and the information available to the data processor, assist the data controller in ensuring compliance with:

  1. The data controller’s obligation to without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the competent supervisory authority, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons;
  2. the data controller’s obligation to undue delay communicate the personal data breach to the data subject when the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons;
  3. the data controller’s obligation to carry out an assessment of the impact of the envisaged processing operations on the protection of personal data (a data protection impact assessment);
  4. the data controller’s obligation to consult the competent supervisory authority, prior to processing where a data protection impact assessment indicates that the processing would result in a high risk in the absence of measures taken by the data controller to mitigate the risk.

 

The parties shall define in Appendix B the appropriate technical and organizational measures by which the data processor is required to assist the data controller as well as the scope and the extent of the assistance required. This applies to the obligations foreseen in Clause 9.1. and 9.2.

9. NOTIFICATION OF PERSONAL DATA BREACH

In case of any personal data breach, the data processor shall, without undue delay after having become aware of it, notify the data controller of the personal data breach.

The data processor’s notification to the data controller shall, if possible, take place within 24 hours after the data processor has become aware of the personal data breach to enable the data controller to comply with the data controller’s obligation to notify the personal data breach to the competent supervisory authority, cf. Article 33 GDPR.

In accordance with Clause 9(2)(a), the data processor shall assist the data controller in notifying the personal data breach the competent supervisory authority, meaning that the data processor is required to assist in obtaining the information listed below which, pursuant to Article 33(3)GDPR, shall be stated in the data controller’s notification to the competent supervisory authority:  

  1. The nature of the personal data including where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned; 
  2. the likely consequences of the personal data breach;
  3. the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects. 

 

The parties shall define in Appendix B all the elements to be provided by the data processor when assisting the data controller in the notification of a personal data breach to the competent supervisory authority.

10. ERASURE AND RETURN OF DATA

On termination of the provision of personal data processing services, the data processor shall be under obligation to delete all personal data processed on behalf of the data controller and certify to the data controller that it has done unless Union or Member State law requires storage of the personal data.

11. AUDIT AND INSPECTION

The data processor shall make available to the data controller all information necessary to demonstrate compliance with the obligations laid down in Article 28 and the Clauses and allow for and contribute to audits, including inspections, conducted by the data controller or another auditor mandated by the data controller.

Procedures applicable to the data controller’s audits, including inspections, of the data processor and sub-processors are specified in appendices B.7. and B.8.    

The data processor shall be required to provide the supervisory authorities, which pursuant to applicable legislation have access to the data controller’s and data processor’s facilities, or representatives acting on behalf of such supervisory authorities, with access to the data processor’s physical facilities on presentation of appropriate identification. 

12. THE PARTIES’ AGREEMENT ON OTHER TERMS

The parties may agree on other clauses concerning the provision of the personal data processing service specifying e.g. liability, as long as they do not contradict directly or indirectly the Clauses or prejudice the fundamental rights or freedoms of the data subject and the protection afforded by the GDPR.

13. COMMENCEMENT AND TERMINATION

The Clauses shall become effective on the date of both parties’ signature.

Both parties shall be entitled to require the Clauses renegotiated if changes to the law or inexpediency of the Clauses should give rise to such renegotiation. 

The Clauses shall apply for the duration of the provision of personal data processing services. For the duration of the provision of personal data processing services, the Clauses cannot be terminated unless other Clauses governing the provision of personal data processing services have been agreed between the parties.

If the provision of personal data processing services is terminated, and the personal data is deleted or returned to the data controller pursuant to Clause 11.1. and Appendix B.4., the Clauses may be terminated by written notice by either party.

 

Signature

On behalf of the data controller 

Name                        

Position                    

Date                         

Signature                  

 

On behalf of the data processor 

Name                       Dennis Møller 

Position                   CEO & Lead Architect 

Date                         

Signature

14. DATA CONTROLLER AND DATA PROCESSOR CONTACTS/CONTACT POINTS

The parties may contact each other using the following contacts/contact points:

The parties shall be under obligation continuously to inform each other of changes to contacts/contact points.

Name                        

Position                    

Telephone                 

E-mail                       

 

Name                       Nanna Bøllehuus 

Position                   Head of Marketing and Design 

Telephone                +45 52 30 76 54 

E-mail                       nb@millers.dk 

APPENDIX A: INFORMATION ABOUT THE PROCESSING

A.1. The purpose of the data processor’s processing of personal data on behalf of the data controller is: 

 

that the data processor can process information about the data controller’s users in connection with logging into the service  

 

 

A.2. The data processor’s processing of personal data on behalf of the data controller shall mainly pertain to (the nature of the processing): 

 

that the data processor, when using its IT systems, processes, including stores, personal data about the data controller’s users;  

 

 

A.3. The processing includes the following types of personal data about data subjects: 

 

Name, email address and photo 

 

 

A.4. Processing includes the following categories of data subject: 

 

Persons related to FashionBoard employed by the data controller as well as any relevant external (created by data controllers)  

 

 

A.5. The data processor’s processing of personal data on behalf of the data controller may be performed when the Clauses commence. Processing has the following duration: 

 

The processing is not limited in time and lasts until the agreement is terminated or terminated by one of the parties  

APPENDIX B: INSTRUCTION PERTAINING TO THE USE OF PERSONAL DATA

B.1. The subject of/instruction for the processing 

 

The data processor’s processing of personal data on behalf of the data controller takes place by the data processor giving relevant employees of the data controller access to the software. 

 

 

B.2. Security of processing 

The security level reflects the fact that there is little personal data that can potentially provide insight into essential business data of data controllers.   

 

The data processor is then entitled and obliged to make decisions on which technical and organizational security measures must be implemented to establish the necessary level of security.  

 

 

B.3. Assistance to the data controller 

 

Considering the nature of the processing, the Data Processor shall, as far as possible, assist the Data Controller by means of appropriate technical and organizational measures in fulfilling the Data Controller’s obligation to respond to requests for the exercise of data subjects’ rights, as laid down in Chapter 3 of the General Data Protection Regulation.  

 

 

B.4. Storage period/erasure procedures  

 

The processing is not limited in time and lasts until the agreement is terminated or terminated by one of the parties.  

 

Upon termination of the service regarding the processing of personal data, the data processor shall delete the personal data in accordance with clause 11.1, unless the data controller – after signing these provisions – has changed the data controller’s original choice. Such changes shall be documented and kept in writing, including electronically, in connection with the provisions. Data controllers’ information is not returned to the data controller.  

 

 

B.5. Processing location 

 

The processing of the personal data covered by the Provisions may not take place at locations other than the following without the prior written consent of the data controller:  

 

Millers A/S   

Innovation Allé 3  

DK-7100 Vejle  

Denmark   

 

 

 

B.6. Instruction on the transfer of personal data to third countries  

 

If the data controller does not provide documented instructions in these Provisions or subsequently regarding the transfer of personal data to a third country, the data processor is not entitled to make such transfers within the framework of these Provisions.  

 

 

B.7. Procedures for the data controller’s audits, including inspections, of the processing of personal data being performed by the data processor. 

 

The Data Processor shall annually obtain, at its own expense, an audit statement from an independent third party regarding the Data Processor’s compliance with the General Data Protection Regulation, data protection provisions of other EU law or Member States’ national law and these Provisions.  

 

The statement of assurance can be requested by contacting the data processor and sent without undue delay to the data controller for information.  

 

APPENDIX C: THE PARTIES’ TERMS OF AGREEMENT ON OTHER SUBJECTS

No other conditions are relevant.  

PRIVACY POLICY

This Privacy Policy covers the information we collect about you when you use our products or services or otherwise interact with us unless a different policy is displayed. “Millers”, “we” and “us” refers to Millers A/S. We refer to our products as “Services” in this policy. If you do not agree with this policy, do not access, or use our Services or interact with any other aspect of our business.

1. COLLECTED INFORMATION

We collect information about you when you provide it to us, when you use our Services, and when other sources provide it to us, as further described below. 

1.1 INFORMATION YOU PROVIDE TO US

We collect information about you when you input it into the Services or otherwise provide it directly to us. 

  1. Account and Profile Information: We collect information about you when you register for an account, create or modify your profile, set preferences, and sign-up for the Services. 

  2. The content you provide through our products: The Services include the Millers products you use, where we store content that you input and upload. This content includes any information about you that you may choose to include. 

  3. Information you provide through our support channels: The Services also include our customer support, where you may choose to submit information regarding a problem you are experiencing with a Service. Whether you designate yourself as a technical contact, speak to one of our representatives directly, or otherwise engage with our support team, you will be asked to provide contact information, a summary of the problem you are experiencing, and any other documentation, screenshots, or information that would help resolve the issue. 

1.2 INFORMATION COLLECTED WHEN YOU USE OUR SERVICE

We collect information about you when you use our Services, including browsing our websites and taking certain actions within the Services.     

  1. Your use of the Services: We keep track of certain information about you when you visit and interact with our Services. 

  2. Device and Connection Information: We collect information about your computer, phone, tablet, or other devices you use to access the Services. We also collect information through your device (g. operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data). We use your IP address and/or country preference to approximate your location to provide you with a better Service experience. 

1.3 HOW WE USE THE INFORMATION WE COLLECT

How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us.  

We use information about you to provide the Services to you, including authenticating you when you log in, operate, maintain, and improve the Services. We use the information and collect learnings about how people use our Services to troubleshoot, identify trends, usage, activity patterns, and areas for integration, improve our Services, and develop new products, features, and technologies that benefit our users and the public. We also test and analyze certain new features with some users before rolling the feature out to all users. We use your information to resolve technical issues you encounter, respond to your requests for assistance, analyze crash information, and repair and improve the Services.

 

2. SECURE INFORMATION STORAGE

We use industry-standard technical and organizational measures to secure the information we store. No security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, is safe from intrusion by others. 

3. HOW LONG DO WE KEEP INFORMATION?

How long we keep the information we collect about you depends on the type of information. After such time, we will either delete or de-identify your information or, if this is not possible, we will securely store your information and isolate it from further use until deletion is possible. 

We retain your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services. We also retain some of your information as necessary to comply with our legal obligations, resolve disputes, enforce our agreements, support business operations, and continue to develop and improve our Services.  

4. HOW TO ACCESS AND CONTROL YOUR INFORMATION

You have the right to request a copy of your information, to object to our use of your information to request the deletion or restriction of your information, or to request your information in a structured, electronic format.

5. CHANGES TO THE POLICY

We may change this Privacy Policy from time to time. By major changes to this Privacy Policy, we will notify you by email. If you disagree with any changes to this Privacy Policy, you will need to stop using the Services and deactivate your account(s). 

6. CONTACT INFORMATION

Your information is controlled by Millers A/S. If you have questions or concerns about how your information is handled, please direct your inquiry to Millers A/S, which we have appointed to be responsible for facilitating such inquiries. 

Millers A/S 
Innovations Allé 3, 7100 Vejle 
info@millers.dk 

Millers service TERMS OF SERVICE

These Terms of Service (these ‘Terms’) describe your rights and responsibilities as a customer of our products. These Terms are between you and the Millers entity (“Millers”, “we” or “us”) that owns the service that you are using. “You” means the entity you represent in accepting these Terms or, you individually. If you are accepting on behalf of your employer or another entity, you represent and warrant that you have full authority to bind on their behalf, and have read, understood, and agree to the Terms. These Terms cover software services developed by Millers.  

1. What these Terms cover

These Terms govern our Cloud Products, related Support, and Additional Services. These Terms include Our Policies (including our Privacy Policy), and your Orders.  

2. HOW SERVICES ARE ADMINISTRATED

Through the service, it is possible to specify end-users as administrators. You are responsible for whom you allow to become administrators and any actions they take. You agree that our responsibilities do not extend to the internal management or administration of the service for you.  

Please note that you are responsible for the activities of all your end-users including how end-users use your data, even if those end-users are not from your organization or domain. You must require that all end-users keep their user IDs and passwords for the service strictly confidential and do not share such information with any unauthorized person. User IDs are individual, named persons and may not be shared. You are responsible for actions taken using end-user accounts and passwords, and you agree to immediately notify us of any unauthorized use of which you become aware.  

Subject to your payment of applicable license fees, You are granted a time limited, non-exclusive, non-transferable, non-sub-licensable, worldwide right and license to a) run the Software modules for which You have purchased licenses using a cloud access; and b) allow Users to access and use the Software as permitted by Your License for the period in the contract. 

3. RESTRICTIONS

The Software is licensed, not sold. This Agreement only gives You rights to use the Software. Millers reserve all other rights. You may use the Software only as expressly permitted in this Agreement unless applicable law gives You more rights despite this limitation. You must comply with all technical protections in the Software that only allow You to use it in certain ways. No rights other than those expressly set forth herein shall pass to You. 

You will not (a) reproduce, modify, adapt or create derivative works of the service; (b) rent, lease, distribute, sell, sublicense, transfer or provide access to the service; (c) use the service for the benefit of any third party; (d) incorporate any Millers service into a product or service you provide to a third party; (e) interfere with or otherwise circumvent mechanisms in the service intended to limit your use; (f) reverse engineer, disassemble, decompile, translate or otherwise seek to obtain or derive the source code, underlying ideas, algorithms, file formats, or non-public APIs to any Millers service; (g) remove or obscure any proprietary or other notice contained in any Millers service; (h) use the Millers service for competitive analysis or to build competitive products; (i) publicly disseminate information regarding the performance of the service; or (j) encourage or assist any third party to do any of the foregoing.  

Millers do not provide support or maintenance under the terms of this Agreement. We refer to the Software License Agreement. Notwithstanding the above Millers will at its own discretion release Fixes, Updates, and new version occasionally. 

4. SECURITY AND DATA PRIVACY POLICIES

We collect certain data and information about you and your end-users in connection with your and your end-user’s use of the service, among others to improve the service. We collect and use all such data and information under our Privacy Policy, which you acknowledge.  

5. TERMS THAT APPLY TO YOUR DATA

5.1 YOUR DATA

You grant us a worldwide, limited-term license to access, use, process, copy, distribute, perform, export, and display your data. In case of the need, we may also access your accounts, end-user’ accounts, and your service with end-user permissions to respond to your support requests.  

5.2 YOUR DATA COMPLIANCE OBLIGATIONS

You and your use of Millers service must comply at all times with these Terms and all laws. You represent and warrant that (a) you have obtained all necessary rights, releases, and permissions to submit all your data to the service and to grant the rights granted to us in these Terms and (b) your data and its submission and use as you authorize in these Terms will not violate any laws or any third party intellectual property, privacy, publicity or other rights. You are solely responsible for your data and the consequences of submitting and using it with the service.  

5.3 YOUR INDEMNITY

You will defend, indemnify, and hold harmless us, from and against any claims, costs, damages, losses, liabilities, and expenses resulting from any claim arising from or related to any claims or breaches from you or your end-users. 

5.4 REMOVALS AND SUSPENSION

In case of violation of these Terms, we may remove your data from the service or suspend your access to the service. We have no liability to you for removing or deleting your data from our Service or suspending your access to our Service.  

6. USER NOTICE

By accessing or using a Millers service, you acknowledge and agree to be bound to the Millers Privacy Policy. You are responsible for all actions that are performed on or through your account. Accepting these Terms allows us to use your brand logo and mention you as our customer.  

7. BILLING, RENEWAL, PRICES, PAYMENT, AND TAXES

7.1 BILLING AND RENEWAL

All Millers services are offered on a subscription basis. Unless either party cancels your subscription, your subscription will automatically renew for another period equal to the initial subscription period. Canceling your subscription means that you will not be charged for the next billing cycle, but you will not receive any refunds or credits for amounts that have already been charged. All renewals are subject to the services continuing to be offered and will be charged at the then-current rates.  

7.2 PRICES

Prices are defined on the Price List. The prices can be updated from time to time due to surrounding circumstances such as inflation among others. Your price will be the one that was current by the time, the order was made.  

7.3 PAYMENT

The payment should be made according to the Payment Terms accepted when the Order was made. You have the current month plus 30 days to pay. We do not have any binding period, this means you can terminate the Agreement at any time. An unpaid bill for any upcoming period is considered a termination of the subscription. There will not be any further charges unless there are any other outstanding.  

7.4 TAXES

Your fees under these Terms exclude any taxes or duties payable in respect of the service in the jurisdiction where the payment is either made or received. To the extent that any such taxes or duties are payable by us, you must pay to us the amount of such taxes or duties in addition to any fees owed under these Terms. 

8. OUR RETURN POLICY

You may terminate your subscription to the service by providing notice of termination to us no later than 30 days after the order date. In that case, we will refund you the amount paid for such an order. This termination and refund right applies only to your initial order, and only if you exercise your termination right within the period specified above.  

9. RIGHTS

Millers services are made available on a limited access basis, and no ownership right is conveyed to you, irrespective of the use of terms such as ‘purchase’ or ‘sale’. We have and retain all rights, titles, and interests, including all intellectual property rights.  

Millers licenses the Software based on the acquired modules, number of stores, number of products, number of Users that directly or indirectly access the Software, and the functionality used by those Users in the Software.  

  1. User Licenses. You must acquire and assign User Licenses for each individual User that directly or indirectly accesses Instances of the Software. The User License required depends on the functionality that the User intends to access and use. You are not permitted to share User Licenses between users. However, You may permanently re-assign a User License from one User to another. You may also assign a User License to a temporary worker while the normally assigned User is absent. For any given User, You may make such temporary assignment once in each thirty-day period.

  2. Number of stores/products: You must pay a license fee per active store/number of products in the service. The number will be calculated on the first day of every new subscription period for the following subscription period and it will be automatically obtained through the production server.  

10. CONFIDENTIALITY

10.1 DEFINITION

Each party agrees that all code, inventions, know-how, and business, technical and financial information disclosed from one part to another is identified as confidential at the time of disclosure or should be reasonably known to be confidential or proprietary due to the nature of the information disclosed and the circumstances surrounding the disclosure. 

10.2 OBLIGATIONS

Either party will at all times hold in confidence and not disclose any confidential information to third parties, and not use confidential information for any purpose other than fulfilling its obligations and exercising its rights under these Terms. The receiving party may disclose the disclosing party’s confidential information to its employees, and other representatives having a legitimate need to know provided it remains responsible for their compliance. 

11. TERM AND TERMINATION

11.1 TERM

These Terms are effective as of the effective date and expire on the date of expiration or termination of the subscription. 

11.2 TERMINATION

Any party may terminate these Terms upon 30 days prior written notice. Millers may at all times terminate these Terms if it is necessary to comply with laws or avoid liability or harm to its services, reputation, or customers. 

11.3 EFFECTS OF TERMINATION

Upon any expiration or termination of these Terms, you must cease using all Millers services. You will not have access to your data after the expiration or termination of these Terms, so you should make sure to export your data. In case of termination, all confidential information will be destroyed or returned to the other party. 

12. WARRANTIES AND DISCLAIMER

We disclaim any warranties and representations of any kind, including any warranty of non-infringement, title, and functionality. We do not warrant that your use of the service will be uninterrupted or error-free, that we will review your data for accuracy, or that we will preserve or maintain your data without loss. You understand that use of the service necessarily involves the transmission of your data over networks that we do not own, operate or control, and we are not responsible for any of your data lost, altered, intercepted, or stored across such networks. We will not be liable for delays, interruptions, service failures, or other problems inherent in the use of the internet and electronic communications or other systems outside our reasonable control.  

13. LIMITATION OF LIABILITY

Neither party will not have any liability arising for any lost profits, interruption of business, loss of use, lost or inaccurate data, lost profits, failure of security mechanisms, costs of delay, or any indirect, special, incidental, or consequential damage of any kind, even if informed of the possibility of such damage in advance. Millers is not responsible for all direct or indirect loss and damages, including loss of revenue, production, turnover, or anticipated savings.  

14. DISPUTE RESOLUTION

14.1 CHOICE OF LAW

Any dispute arising from or related to the contract shall be governed by Danish law, both with regard to substantive and procedural matters, except for Danish choice of law rules and the United Nations Convention on the International Sale of Goods (CISG). 

14.2 NEGOTIATION BETWEEN THE PARTIES

In the event of a disagreement between the Parties regarding the Contract and its performance, each of the Parties may refer the matter to the Customer’s and the Supplier’s responsible parties for daily operations, who will then jointly resolve the disagreement. If an agreement cannot be reached between the daily responsible parties, the negotiations shall be escalated to the steering committee. If an agreement is not reached in the steering committee, the disagreement shall be escalated to a higher level within the Parties’ organizations. 

14.3 DISPUTE RESOLUTION BY EXPERT TECHNICAL AND/OR LEGAL OPINION

If the Parties cannot reach a resolution through negotiation within 5 business days, either of the Parties may request dispute resolution in accordance with the “Rules for Legal/Technical Opinion in IT Cases” provided by the Arbitration Institute. The process described therein shall be followed. 

14.4 MEDIATION

If neither of the Parties has opted for dispute resolution by expert technical and/or legal opinion, the dispute may be sought to be resolved through mediation, led by a mediator appointed by the Parties. If the Parties do not agree on the selection of a mediator within 10 business days after one of them has expressed a desire for mediation, either of the Parties may request the Danish IT Lawyers Association (DITA) to appoint a mediator. Mediation is conducted in accordance with DITA’s mediation procedure.  

Mediation commences when one of the Parties sends a written request for mediation to the other Party with a copy to DITA. The mediator shall be appointed by DITA no later than 10 business days after DITA’s receipt of the mediation request. 

At a minimum, one Party is obligated to participate in the first meeting called by the mediator. However, a Party is entitled to initiate arbitration if a delay in doing so could lead to the forfeiture of legal rights, e.g., due to the expiration of statutes of limitations. 

If a Party notifies that they do not wish to continue mediation after the first meeting or if the conflict is not resolved through mediation within 8 weeks after the written mediation request, either of the Parties may submit the dispute for final resolution through arbitration as described below. 

14.5 ARBITRATION

The venue for the arbitration is the municipality where the Customer is registered. 

If the total value of the dispute does not exceed 1 million DKK, the dispute will be resolved through arbitration in accordance with the “Rules for Simplified Arbitration Process of the Danish Institute of Arbitration” as applicable at the time of the initiation of the arbitration case. 

The arbitration panel is appointed by the Danish Institute of Arbitration in accordance with the “Rules for Simplified Arbitration Process of the Danish Institute of Arbitration.” The arbitrator is appointed by the Danish Institute of Arbitration. The Parties may, jointly and no later than the expiration of the deadline for the respondent’s response, propose an arbitrator. The Parties agree to jointly seek to appoint an arbitrator based on a recommendation from the Danish IT Lawyers Association (DITA). 

If the total value of the dispute exceeds 1 million DKK, the dispute will be resolved through arbitration according to the “Rules for the Handling of Arbitration Cases by the Danish Institute of Arbitration” as applicable at the time of the initiation of the arbitration case. 

The arbitration panel is appointed by the Danish Institute of Arbitration in accordance with the “Rules for the Handling of Arbitration Cases by the Danish Institute of Arbitration.” Unless the Parties agree otherwise, the arbitration panel is composed of three arbitrators. In cases where the dispute is to be decided by three arbitrators, the claimant may propose their arbitrator in the complaint, and the respondent may propose their arbitrator in the response. The third arbitrator, who serves as the chairman of the arbitration panel, is proposed by the Danish Institute of Arbitration, unless the Parties, jointly and before the expiration of the deadline for the respondent’s response, propose a chairman. The Parties agree to jointly seek to appoint a chairman based on a recommendation from DITA. 

15. CHANGES TO THE SERVICE

You acknowledge that the service is an online, subscription-based product and that we may update the service to provide improved customer experiences.  

16. GENERAL PROVISIONS

16.1 NOTICES

Any notice under these Terms must be given in writing. We may provide notice to you through your email address. You agree that any electronic communication will satisfy any applicable legal communication requirements, including that such communications be in writing.  

16.2 FORCE MAJEURE

Neither party will be liable to the other for any delay or failure to perform any obligation under these Terms if the delay or failure is due to events beyond its reasonable control, such as strike, blockade, war, an act of terrorism, riot, internet or utility failures, pandemic, or natural disasters.  

16.3 ASSIGNMENT

Neither party may assign or transfer these Terms without the other party’s prior written consent. As an exception for the foregoing, either party may assign these Terms in its entirety to an affiliate, or to its successor resulting from a merger, acquisition, or sale of all or substantially all of its assets or voting securities, provided that the assignee is financially and technically able to, and agrees in writing to, assume all of the assignor’s obligations under these Terms.